Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/IhlbF7gX3ldXSlPwOOsi_D4hFJg.roa
File: IhlbF7gX3ldXSlPwOOsi_D4hFJg.roa (raw, json)
Hash identifier: SSE3yNGMVqzg1OeBUlY+/a6kCFBo28jGd/YY+wHMCT4=
Subject key identifier: 22:19:5B:17:B8:17:DE:57:57:4A:53:F0:38:EB:22:FC:3E:21:14:98
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018F88371DF6026D8778034BC9B0A8A21F1A
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/IhlbF7gX3ldXSlPwOOsi_D4hFJg.roa
Signing time: Fri 17 May 2024 20:21:04 +0000
ROA not before: Fri 17 May 2024 20:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57433
IP address blocks: 37.114.32.0/19 maxlen: 24
37.114.32.0/24 maxlen: 24
37.114.37.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.46.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
43.251.162.0/24 maxlen: 24
43.251.163.0/24 maxlen: 24
94.154.48.0/21 maxlen: 24
94.154.48.0/24 maxlen: 24
94.154.49.0/24 maxlen: 24
94.154.50.0/24 maxlen: 24
94.154.51.0/24 maxlen: 24
94.154.52.0/24 maxlen: 24
94.154.53.0/24 maxlen: 24
94.154.54.0/24 maxlen: 24
94.154.55.0/24 maxlen: 24
176.100.32.0/21 maxlen: 24
176.100.32.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
185.14.92.0/22 maxlen: 24
185.14.92.0/24 maxlen: 24
185.14.93.0/24 maxlen: 24
2a00:ccc0::/32 maxlen: 32
2a00:ccc1::/32 maxlen: 48
2a00:ccc1::/48 maxlen: 48
2a00:ccc1:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 08:06:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:88:37:1d:f6:02:6d:87:78:03:4b:c9:b0:a8:a2:1f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: May 17 20:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22195b17b817de57574a53f038eb22fc3e211498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:00:3d:ad:a6:56:08:48:54:94:bb:ce:33:0a:
54:15:10:51:95:06:b6:49:40:dd:cb:78:8b:4e:14:
8c:9f:74:fa:53:1c:e4:93:54:0b:6b:87:e7:e1:bc:
ae:ed:80:12:40:0a:bb:a4:44:b5:ce:60:45:03:55:
8f:07:e1:0a:19:41:0f:56:06:fa:0a:15:33:d5:fc:
a5:10:01:a5:31:e4:43:2a:d8:ee:7b:fa:2f:d2:c0:
1a:06:58:97:4a:1e:fd:a2:ad:2e:71:78:a0:01:b1:
a1:bb:56:70:49:6c:9a:9d:ea:06:94:fa:dc:8a:a7:
24:1d:49:08:83:41:f6:05:d9:11:c4:a1:a7:47:41:
4c:0d:fc:39:12:f0:82:3e:39:38:e1:4f:3d:10:f8:
97:f2:f0:42:f9:ff:be:09:2d:56:91:12:d7:82:33:
76:f5:f4:a0:66:0f:55:32:a4:8c:60:81:b0:f5:48:
e1:92:2a:7c:1c:13:19:5b:fa:42:5e:d6:59:43:15:
39:f7:bc:6e:39:5a:18:bb:04:31:20:75:c6:bd:5f:
55:31:c1:a0:31:43:0d:17:91:fd:52:ad:16:63:81:
6f:7e:bf:70:06:0d:56:80:8f:f6:49:3c:dd:d6:8b:
94:bd:58:86:72:c8:63:c3:3e:a5:ef:ab:73:93:23:
1f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:19:5B:17:B8:17:DE:57:57:4A:53:F0:38:EB:22:FC:3E:21:14:98
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/IhlbF7gX3ldXSlPwOOsi_D4hFJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/22
94.154.48.0/21
176.100.32.0/21
185.14.92.0/22
IPv6:
2a00:ccc0::/31
Signature Algorithm: sha256WithRSAEncryption
b2:dd:89:d4:6e:8b:9c:0b:8f:9f:09:f6:3c:ab:8d:1b:ad:96:
14:a7:c5:67:2f:e4:d9:50:29:87:87:dd:62:82:8a:f3:cd:a9:
3e:92:cb:1c:11:eb:7f:31:ca:6e:f5:31:3e:0d:dc:5d:d4:e0:
7c:16:b0:96:1c:7b:e5:81:1f:c6:d9:e2:c6:d0:3e:ed:8c:a8:
2e:3f:07:6c:43:79:ac:bd:9e:30:28:e6:3b:fe:19:3e:40:ad:
2d:7a:1a:5c:67:60:24:99:72:56:01:81:f0:78:f1:e8:9f:c3:
9f:b0:56:4c:1c:10:45:22:8a:52:c8:80:fc:6e:d3:fa:e6:7c:
93:63:02:93:df:b3:83:79:f8:e0:3d:94:2e:30:02:b0:6d:5a:
bb:5c:67:2d:96:9a:55:d9:1c:66:40:1f:8d:42:f6:09:b8:08:
24:15:81:d3:2b:ac:ae:cb:85:56:90:1b:47:19:51:72:9a:6e:
db:e7:e3:0c:9b:a6:48:7d:1c:11:47:bf:6f:10:50:e4:be:52:
db:a9:16:4d:29:81:27:42:73:7f:88:78:b5:20:fd:70:39:d8:
60:e8:cd:f2:11:ef:67:1e:6f:0d:36:01:34:6b:5f:2c:91:08:
09:e7:45:0e:83:c6:c8:c2:14:d2:88:eb:5c:e3:b1:cc:6f:31:
ef:40:76:ec
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY+INx32Am2HeANLybCooh8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwNTE3MjAyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjE5NWIxN2I4MTdkZTU3NTc0YTUzZjAzOGViMjJmYzNlMjExNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQA9raZWCEhUlLvOMwpUFRBRlQa2
SUDdy3iLThSMn3T6Uxzkk1QLa4fn4byu7YASQAq7pES1zmBFA1WPB+EKGUEPVgb6
ChUz1fylEAGlMeRDKtjue/ov0sAaBliXSh79oq0ucXigAbGhu1ZwSWyaneoGlPrc
iqckHUkIg0H2BdkRxKGnR0FMDfw5EvCCPjk44U89EPiX8vBC+f++CS1WkRLXgjN2
9fSgZg9VMqSMYIGw9Ujhkip8HBMZW/pCXtZZQxU597xuOVoYuwQxIHXGvV9VMcGg
MUMNF5H9Uq0WY4Fvfr9wBg1WgI/2STzd1ouUvViGcshjwz6l76tzkyMfrQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCIZWxe4F95XV0pT8DjrIvw+IRSYMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvSWhsYkY3Z1gzbGRYU2xQd09Pc2lfRDRoRkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFJXIgAwQC
K/ugAwQDXpowAwQDsGQgAwQCuQ5cMA0EAgACMAcDBQEqAMzAMA0GCSqGSIb3DQEB
CwUAA4IBAQCy3YnUboucC4+fCfY8q40brZYUp8VnL+TZUCmHh91igorzzak+kssc
Eet/Mcpu9TE+Ddxd1OB8FrCWHHvlgR/G2eLG0D7tjKguPwdsQ3msvZ4wKOY7/hk+
QK0tehpcZ2AkmXJWAYHwePHon8OfsFZMHBBFIopSyID8btP65nyTYwKT37ODefjg
PZQuMAKwbVq7XGctlppV2RxmQB+NQvYJuAgkFYHTK6yuy4VWkBtHGVFymm7b5+MM
m6ZIfRwRR79vEFDkvlLbqRZNKYEnQnN/iHi1IP1wOdhg6M3yEe9nHm8NNgE0a18s
kQgJ50UOg8bIwhTSiOtc47HMbzHvQHbs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org