Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/II4nsa6JClzlGU39G6LCIj2cth8.roa
File: II4nsa6JClzlGU39G6LCIj2cth8.roa (raw, json)
Hash identifier: roJsVtNUTcMhxfs14LaG8sABoLGJ8/4BobWVxbIft+A=
Subject key identifier: 20:8E:27:B1:AE:89:0A:5C:E5:19:4D:FD:1B:A2:C2:22:3D:9C:B6:1F
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 0190CC9E35DFF25F19237598E38A2DD1C771
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/II4nsa6JClzlGU39G6LCIj2cth8.roa
Signing time: Fri 19 Jul 2024 20:10:38 +0000
ROA not before: Fri 19 Jul 2024 20:10:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44654
IP address blocks: 37.252.208.0/23 maxlen: 23
37.252.208.0/24 maxlen: 24
37.252.209.0/24 maxlen: 24
37.252.210.0/23 maxlen: 23
37.252.210.0/24 maxlen: 24
37.252.211.0/24 maxlen: 24
37.252.212.0/23 maxlen: 23
37.252.212.0/24 maxlen: 24
37.252.213.0/24 maxlen: 24
37.252.215.0/24 maxlen: 24
109.205.8.0/21 maxlen: 24
109.205.8.0/24 maxlen: 24
109.205.9.0/24 maxlen: 24
185.36.124.0/22 maxlen: 24
185.36.124.0/23 maxlen: 23
185.36.124.0/24 maxlen: 24
185.36.125.0/24 maxlen: 24
2a02:d8::/32 maxlen: 48
2a02:d8:8::/48 maxlen: 48
2a02:d8:9::/48 maxlen: 48
2a02:d8:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jul 2024 11:57:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cc:9e:35:df:f2:5f:19:23:75:98:e3:8a:2d:d1:c7:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Jul 19 20:10:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=208e27b1ae890a5ce5194dfd1ba2c2223d9cb61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:28:a8:0a:7b:bb:88:cb:db:53:5a:f2:05:f8:
d9:3e:51:20:47:70:1f:8e:5b:eb:aa:3e:b9:f8:9b:
54:2a:07:af:6a:dc:4c:35:62:8e:90:29:0c:b9:ff:
3e:d4:1f:39:50:e1:62:de:92:d0:40:b2:4c:c3:91:
9a:ec:ce:2d:94:16:af:10:f3:52:a4:82:29:b4:bf:
81:f4:36:c9:9a:b4:64:dc:56:56:fe:85:87:41:ef:
f1:88:69:1e:85:64:f1:2b:9a:d2:ed:9f:a0:32:f5:
6b:24:0d:80:a0:96:aa:c3:d6:99:39:93:13:44:11:
c2:35:e6:1b:a6:34:e5:1e:1a:cf:60:c4:e1:5b:c7:
4b:85:8a:c7:60:a3:65:fa:5b:38:65:e3:b6:e5:0e:
fe:6d:7f:c2:51:65:6f:a3:b6:90:ca:e6:3a:58:82:
24:1d:fc:9b:9f:2f:0d:41:0f:cf:ff:b1:cf:48:4c:
f6:1a:ed:22:c6:8a:66:0e:1c:b2:cd:32:d4:db:77:
c6:a1:33:19:a7:11:fd:e1:38:a0:4d:73:70:84:3b:
6c:01:b7:38:33:fa:58:a2:c9:c1:a1:d3:f1:e0:19:
ad:26:f5:b8:29:b2:dd:88:42:6f:fd:7f:1b:44:1d:
17:c2:8b:9e:02:62:68:99:4a:0d:13:fd:c9:e1:b6:
f7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8E:27:B1:AE:89:0A:5C:E5:19:4D:FD:1B:A2:C2:22:3D:9C:B6:1F
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/II4nsa6JClzlGU39G6LCIj2cth8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.208.0-37.252.213.255
37.252.215.0/24
109.205.8.0/21
185.36.124.0/22
IPv6:
2a02:d8::/32
Signature Algorithm: sha256WithRSAEncryption
8e:cc:74:10:9f:e0:50:3f:18:ad:f7:fa:ff:67:5b:88:6f:fa:
c0:82:17:e9:1d:9d:11:04:5b:30:a0:0c:ae:39:e7:86:77:41:
80:89:21:7e:2f:d9:bc:12:12:9d:f3:21:d7:8b:ba:3c:3a:02:
a0:d7:ea:2a:4a:69:57:29:67:49:14:f9:30:75:5a:e7:6f:d8:
00:67:e9:58:7e:17:78:7b:90:28:00:e2:e4:d3:8a:d5:55:20:
27:a3:89:2d:e6:d9:a9:66:72:9c:0b:7b:9c:6d:27:f1:2b:28:
03:2d:2a:77:e0:d6:18:d7:9f:3a:da:d0:23:59:a9:7b:29:d1:
3d:23:77:1f:5c:14:e6:d7:74:53:0d:3a:35:e0:a4:9f:ce:18:
bc:b8:26:a2:3c:c4:a3:35:cc:4d:f0:de:85:4b:f1:98:36:f4:
e1:01:cd:fa:ae:e6:ad:78:95:c6:61:7d:8b:45:56:a4:57:db:
60:00:e5:37:1a:5e:df:b7:47:aa:b1:07:bd:28:d1:ac:63:b1:
b4:b9:82:9f:33:47:f3:20:47:04:86:5b:5d:ff:a3:9a:1a:c0:
fa:46:02:65:6b:b5:9e:54:78:09:b6:8e:3d:ff:1a:70:0b:7d:
95:4c:30:7a:a4:c4:d8:9b:70:f6:73:50:f4:7f:fd:c7:ee:ac:
6e:81:14:c6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZDMnjXf8l8ZI3WY44ot0cdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjQwNzE5MjAxMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDhlMjdiMWFlODkwYTVjZTUxOTRkZmQxYmEyYzIyMjNkOWNiNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCioCnu7iMvbU1ryBfjZPlEgR3Af
jlvrqj65+JtUKgevatxMNWKOkCkMuf8+1B85UOFi3pLQQLJMw5Ga7M4tlBavEPNS
pIIptL+B9DbJmrRk3FZW/oWHQe/xiGkehWTxK5rS7Z+gMvVrJA2AoJaqw9aZOZMT
RBHCNeYbpjTlHhrPYMThW8dLhYrHYKNl+ls4ZeO25Q7+bX/CUWVvo7aQyuY6WIIk
Hfybny8NQQ/P/7HPSEz2Gu0ixopmDhyyzTLU23fGoTMZpxH94TigTXNwhDtsAbc4
M/pYosnBodPx4BmtJvW4KbLdiEJv/X8bRB0XwoueAmJomUoNE/3J4bb3fwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCCOJ7GuiQpc5RlN/RuiwiI9nLYfMB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvSUk0bnNhNkpDbHpsR1UzOUc2TENJajJjdGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAQl/NAD
BAEl/NQDBAAl/NcDBANtzQgDBAK5JHwwDQQCAAIwBwMFACoCANgwDQYJKoZIhvcN
AQELBQADggEBAI7MdBCf4FA/GK33+v9nW4hv+sCCF+kdnREEWzCgDK4554Z3QYCJ
IX4v2bwSEp3zIdeLujw6AqDX6ipKaVcpZ0kU+TB1Wudv2ABn6Vh+F3h7kCgA4uTT
itVVICejiS3m2almcpwLe5xtJ/ErKAMtKnfg1hjXnzra0CNZqXsp0T0jdx9cFObX
dFMNOjXgpJ/OGLy4JqI8xKM1zE3w3oVL8Zg29OEBzfqu5q14lcZhfYtFVqRX22AA
5TcaXt+3R6qxB70o0axjsbS5gp8zR/MgRwSGW13/o5oawPpGAmVrtZ5UeAm2jj3/
GnALfZVMMHqkxNibcPZzUPR//cfurG6BFMY=
-----END CERTIFICATE-----
Generated at Mon Jul 29 14:18:38 2024 by rpki-client on console-ams.rpki-client.org