Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/P37q2fUw6hst4ZfcwIXLNsH5wlY.roa
File: P37q2fUw6hst4ZfcwIXLNsH5wlY.roa (raw, json)
Hash identifier: HuKP5wgJ8U1+HMxlpKq+3wd8e6oW+S5u4ito2fKPj6g=
Subject key identifier: 3F:7E:EA:D9:F5:30:EA:1B:2D:E1:97:DC:C0:85:CB:36:C1:F9:C2:56
Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Certificate serial: 01898C331B35C4996D2C3CDE3E57B9A7A1A9
Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/P37q2fUw6hst4ZfcwIXLNsH5wlY.roa
Signing time: Tue 25 Jul 2023 08:38:26 +0000
ROA not before: Tue 25 Jul 2023 08:38:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5459
IP address blocks: 195.66.232.0/22 maxlen: 22
195.66.240.0/22 maxlen: 22
195.66.248.0/22 maxlen: 22
2a01:40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Jul 2023 08:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:33:1b:35:c4:99:6d:2c:3c:de:3e:57:b9:a7:a1:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Validity
Not Before: Jul 25 08:38:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f7eead9f530ea1b2de197dcc085cb36c1f9c256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:53:e6:d9:a6:94:25:a8:08:d5:c6:46:82:b0:
10:03:88:5d:f7:df:8e:34:09:fa:8a:6d:1f:2f:3a:
9b:85:dd:7d:ff:ce:9c:1b:c7:8c:98:d9:71:60:e8:
56:27:16:88:0d:59:58:23:ba:af:dd:72:ca:d6:a6:
be:b2:d8:8d:97:c4:e4:e1:ea:b8:48:ba:00:33:94:
5a:77:40:dd:44:c3:eb:ff:3c:20:00:93:24:9f:16:
1e:ba:e1:68:87:23:f5:01:e5:f5:e4:31:ed:dc:a7:
b0:60:64:77:9f:ea:1a:d0:7c:b0:69:b6:b8:28:62:
34:b1:4d:a4:00:8f:f5:34:28:6b:10:12:2b:f9:4f:
aa:d5:e8:de:aa:84:77:3b:c7:6c:47:a4:52:0e:aa:
26:a9:00:bc:7b:66:e7:64:f4:16:4f:9e:e9:9b:ad:
d2:9d:57:a3:96:22:7d:f2:e5:44:a8:2b:40:86:16:
e5:bf:3b:f9:97:ec:eb:db:cb:72:9d:49:01:50:90:
d4:cf:03:07:c5:ca:67:3b:db:4b:00:68:4f:1b:c0:
b8:c5:d7:05:9f:4c:82:98:56:3a:74:24:82:be:2e:
77:6e:51:d3:27:46:a4:39:88:f4:86:d2:fe:f4:9d:
13:50:a7:23:73:da:79:67:0f:a4:ae:75:93:7a:98:
9b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7E:EA:D9:F5:30:EA:1B:2D:E1:97:DC:C0:85:CB:36:C1:F9:C2:56
X509v3 Authority Key Identifier:
keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/P37q2fUw6hst4ZfcwIXLNsH5wlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.232.0/22
195.66.240.0/22
195.66.248.0/22
IPv6:
2a01:40::/32
Signature Algorithm: sha256WithRSAEncryption
24:e9:a3:6f:52:28:79:5b:a5:33:a3:9f:53:e8:56:f1:98:40:
c9:aa:f4:8d:58:d6:2b:fd:d7:af:ae:b2:ab:34:5a:bd:10:be:
dd:8f:ad:3d:85:2f:3e:bd:07:24:bd:15:af:88:50:2c:9c:0e:
36:29:80:47:c9:35:e9:03:39:61:b9:1c:d5:ed:e4:4a:06:e1:
80:32:34:f1:55:01:9a:cc:db:fe:fc:02:f3:68:3e:1b:b0:df:
4c:13:c4:04:94:b4:27:4e:f1:48:47:3c:9d:a7:47:d2:87:d6:
3b:e3:af:5c:91:15:5d:d2:42:72:5a:56:46:09:42:bb:5d:44:
42:9b:86:27:8e:80:cd:3d:eb:93:42:96:20:21:ec:13:f4:70:
8a:7d:ec:4b:7d:e5:8d:84:9f:12:4a:cf:1e:a2:6f:d6:4e:2e:
19:a6:05:0d:05:e3:17:25:36:7c:02:9e:dc:1f:55:3b:19:74:
6e:44:27:1b:f9:4a:f2:5a:b1:fb:15:cc:ad:fc:be:17:71:f1:
a6:dc:36:3d:34:13:3f:bc:c9:9e:97:ad:7d:26:44:3e:6b:d6:
70:8b:29:c2:69:26:d0:bf:0d:53:bc:5d:27:15:bc:3a:58:aa:
31:63:a1:2d:02:8b:29:91:3c:bd:0a:22:28:e4:02:63:d3:14:
e1:6c:ab:64
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYmMMxs1xJltLDzePle5p6GpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWFhMDBlYTc3NzA5OGIxYmYwMzY3NTZkNjQwZTlkMzFk
NjNiM2IwHhcNMjMwNzI1MDgzODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjdlZWFkOWY1MzBlYTFiMmRlMTk3ZGNjMDg1Y2IzNmMxZjljMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71Pm2aaUJagI1cZGgrAQA4hd99+O
NAn6im0fLzqbhd19/86cG8eMmNlxYOhWJxaIDVlYI7qv3XLK1qa+stiNl8Tk4eq4
SLoAM5Rad0DdRMPr/zwgAJMknxYeuuFohyP1AeX15DHt3KewYGR3n+oa0Hywaba4
KGI0sU2kAI/1NChrEBIr+U+q1ejeqoR3O8dsR6RSDqomqQC8e2bnZPQWT57pm63S
nVejliJ98uVEqCtAhhblvzv5l+zr28tynUkBUJDUzwMHxcpnO9tLAGhPG8C4xdcF
n0yCmFY6dCSCvi53blHTJ0akOYj0htL+9J0TUKcjc9p5Zw+krnWTepibNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD9+6tn1MOobLeGX3MCFyzbB+cJWMB8GA1UdIwQY
MBaAFDbqoA6ndwmLG/A2dW1kDp0x1js7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQt
YmRiMjEzMTNjM2VjLzEvUDM3cTJmVXc2aHN0NFpmY3dJWExOc0g1d2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQtYmRiMjEzMTNjM2Vj
LzEvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCw0LoAwQC
w0LwAwQCw0L4MA0EAgACMAcDBQAqAQBAMA0GCSqGSIb3DQEBCwUAA4IBAQAk6aNv
Uih5W6Uzo59T6FbxmEDJqvSNWNYr/devrrKrNFq9EL7dj609hS8+vQckvRWviFAs
nA42KYBHyTXpAzlhuRzV7eRKBuGAMjTxVQGazNv+/ALzaD4bsN9ME8QElLQnTvFI
Rzydp0fSh9Y7469ckRVd0kJyWlZGCUK7XURCm4YnjoDNPeuTQpYgIewT9HCKfexL
feWNhJ8SSs8eom/WTi4ZpgUNBeMXJTZ8Ap7cH1U7GXRuRCcb+UryWrH7Fcyt/L4X
cfGm3DY9NBM/vMmel619JkQ+a9ZwiynCaSbQvw1TvF0nFbw6WKoxY6EtAospkTy9
CiIo5AJj0xThbKtk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:57 2024 by rpki-client on console-fra.rpki-client.org