Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/iLPIjW2_YkeU5miYxVHGtLnqnDY.roa
File: iLPIjW2_YkeU5miYxVHGtLnqnDY.roa (raw, json)
Hash identifier: lPbIyjTG0sVYj1DtWWv/ADSu8mfUZXy+BpQmHWFUy0c=
Subject key identifier: 88:B3:C8:8D:6D:BF:62:47:94:E6:68:98:C5:51:C6:B4:B9:EA:9C:36
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 0185718C2DBA8FDB089AC04E2312DE28345E
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/iLPIjW2_YkeU5miYxVHGtLnqnDY.roa
Signing time: Mon 02 Jan 2023 08:14:50 +0000
ROA not before: Mon 02 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57734
IP address blocks: 37.49.234.0/23 maxlen: 24
37.49.234.0/24 maxlen: 24
2a00:a4c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2d:ba:8f:db:08:9a:c0:4e:23:12:de:28:34:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: Jan 2 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88b3c88d6dbf624794e66898c551c6b4b9ea9c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a1:83:e1:ea:2a:a7:12:7e:0f:96:76:09:32:
32:81:7b:4d:d8:12:ad:1f:2f:03:f0:29:65:d8:a0:
c6:23:f0:b6:49:e8:cd:b4:bd:4c:14:62:e0:6e:cb:
3e:22:de:fe:ec:c1:67:8b:1b:0e:9f:5f:24:79:75:
6d:aa:de:45:7a:1e:0d:23:08:92:c3:59:4d:f0:53:
45:d6:21:c4:76:5f:f2:35:4e:40:f1:e9:d5:e5:56:
46:37:e0:c9:12:dd:1f:08:f7:94:b5:ae:a7:50:10:
29:05:2c:5f:bf:97:ea:55:e5:79:bd:d3:35:e2:14:
45:46:8f:98:31:54:13:f3:e3:bd:c7:39:0c:31:c0:
1b:ad:99:5b:9d:46:2f:ed:b0:dd:34:7e:ef:76:cb:
db:74:f3:26:99:18:7b:09:6b:43:28:61:a2:ff:78:
7e:31:0b:4b:43:a0:d6:82:cf:7d:e8:8e:d1:8a:d4:
9a:cb:09:e6:32:0c:c8:41:00:f8:ac:f6:25:90:0d:
93:e7:ba:06:e4:94:b8:8d:a4:b7:b9:25:0f:ad:74:
29:5b:e3:95:fa:2b:a1:b1:f5:89:c2:40:08:cd:fb:
90:f9:ca:13:9a:cd:ee:8d:14:16:87:2d:b2:f6:15:
6b:74:fb:96:0c:88:c0:ec:98:8a:ba:8f:b3:5c:0e:
7c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B3:C8:8D:6D:BF:62:47:94:E6:68:98:C5:51:C6:B4:B9:EA:9C:36
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/iLPIjW2_YkeU5miYxVHGtLnqnDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.234.0/23
IPv6:
2a00:a4c0::/32
Signature Algorithm: sha256WithRSAEncryption
34:c7:63:a3:ec:4c:e5:59:a7:5a:0a:89:68:ec:95:8d:aa:2b:
d5:d3:6b:70:59:63:b0:09:fe:14:85:0a:bf:d9:d0:9d:6a:8f:
6d:35:90:15:f0:e2:9c:48:58:e0:14:3d:17:75:09:2d:6c:c7:
dd:17:83:fe:d6:a8:ae:e7:2a:06:26:51:2b:1b:1d:2c:87:8d:
19:fd:57:32:93:b9:13:39:51:03:e4:b2:5f:d2:07:e7:be:b1:
ea:b5:4b:5c:d9:fd:93:e2:76:72:41:c6:0b:ab:04:bf:20:3f:
6c:45:51:e0:ee:e2:af:44:db:32:e2:3d:c8:53:5b:67:f0:0f:
ff:18:11:5d:f7:97:68:72:48:7b:d5:4b:36:12:d5:a8:95:3a:
52:67:79:f0:f2:22:fa:c9:fb:24:d5:f5:20:8e:3b:b9:f0:87:
74:0b:08:06:7c:b6:1a:5d:d2:e6:26:99:c6:2b:18:e7:ac:d9:
ac:70:35:c4:83:75:22:df:3b:ff:99:aa:66:e5:22:2f:3c:5a:
cd:71:15:17:6d:56:cf:91:c6:e1:70:d2:9c:ee:a8:ab:f5:97:
38:6e:3d:34:a8:37:8e:16:ee:aa:e1:84:1e:2e:76:ea:9e:db:
1f:c9:47:65:52:a9:02:09:36:e2:44:9f:31:f3:dd:f4:45:9d:
83:d5:32:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxjC26j9sImsBOIxLeKDReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGIzYzg4ZDZkYmY2MjQ3OTRlNjY4OThjNTUxYzZiNGI5ZWE5YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqGD4eoqpxJ+D5Z2CTIygXtN2BKt
Hy8D8Cll2KDGI/C2SejNtL1MFGLgbss+It7+7MFnixsOn18keXVtqt5Feh4NIwiS
w1lN8FNF1iHEdl/yNU5A8enV5VZGN+DJEt0fCPeUta6nUBApBSxfv5fqVeV5vdM1
4hRFRo+YMVQT8+O9xzkMMcAbrZlbnUYv7bDdNH7vdsvbdPMmmRh7CWtDKGGi/3h+
MQtLQ6DWgs996I7RitSaywnmMgzIQQD4rPYlkA2T57oG5JS4jaS3uSUPrXQpW+OV
+iuhsfWJwkAIzfuQ+coTms3ujRQWhy2y9hVrdPuWDIjA7JiKuo+zXA585wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIizyI1tv2JHlOZomMVRxrS56pw2MB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvaUxQSWpXMl9Za2VVNW1pWXhWSEd0TG5xbkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEtODUwZjM0OTA2MjI5
LzEvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBJTHqMA0E
AgACMAcDBQAqAKTAMA0GCSqGSIb3DQEBCwUAA4IBAQA0x2Oj7EzlWadaColo7JWN
qivV02twWWOwCf4UhQq/2dCdao9tNZAV8OKcSFjgFD0XdQktbMfdF4P+1qiu5yoG
JlErGx0sh40Z/Vcyk7kTOVED5LJf0gfnvrHqtUtc2f2T4nZyQcYLqwS/ID9sRVHg
7uKvRNsy4j3IU1tn8A//GBFd95dockh71Us2EtWolTpSZ3nw8iL6yfsk1fUgjju5
8Id0CwgGfLYaXdLmJpnGKxjnrNmscDXEg3Ui3zv/mapm5SIvPFrNcRUXbVbPkcbh
cNKc7qir9Zc4bj00qDeOFu6q4YQeLnbqntsfyUdlUqkCCTbiRJ8x8930RZ2D1TK8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:35 2024 by rpki-client on console-ams.rpki-client.org