Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/cf2ebf-2a09-43d2-a225-a165359a6211/1/JdARUnPxhbojj7Ik2NUqAtaUHeI.roa
File: JdARUnPxhbojj7Ik2NUqAtaUHeI.roa (raw, json)
Hash identifier: CccJrb0DOftnF032zuoJI3LtLf0cx8h0l7svzMQ7PBs=
Subject key identifier: 25:D0:11:52:73:F1:85:BA:23:8F:B2:24:D8:D5:2A:02:D6:94:1D:E2
Certificate issuer: /CN=4ee4057f9ea0140cef7ce4789369c5cf01f7c68e
Certificate serial: 018572E81E27C7EEE70CE4F30D2F05E8D1BB
Authority key identifier: 4E:E4:05:7F:9E:A0:14:0C:EF:7C:E4:78:93:69:C5:CF:01:F7:C6:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuQFf56gFAzvfOR4k2nFzwH3xo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/cf2ebf-2a09-43d2-a225-a165359a6211/1/JdARUnPxhbojj7Ik2NUqAtaUHeI.roa
Signing time: Mon 02 Jan 2023 14:34:52 +0000
ROA not before: Mon 02 Jan 2023 14:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39305
IP address blocks: 37.221.84.0/24 maxlen: 24
37.221.85.0/24 maxlen: 24
37.221.86.0/24 maxlen: 24
2a09:f200::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:1e:27:c7:ee:e7:0c:e4:f3:0d:2f:05:e8:d1:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee4057f9ea0140cef7ce4789369c5cf01f7c68e
Validity
Not Before: Jan 2 14:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25d0115273f185ba238fb224d8d52a02d6941de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8e:c8:f0:0c:0d:2e:d8:63:41:7e:56:dc:a5:
ab:7e:29:40:f2:7a:73:4b:50:22:4a:f3:9b:87:5d:
1b:f4:45:dc:37:89:b4:03:b7:b3:1d:86:3f:d0:6a:
40:08:5e:26:de:91:c5:01:a3:80:6f:26:b4:ed:22:
f9:ec:89:0e:f8:4f:c2:30:ce:22:b2:17:c9:d3:ad:
46:81:af:78:86:ed:8e:52:f5:a2:a2:9e:8f:a3:f1:
a0:23:ac:f9:cc:e4:b8:52:55:99:73:c2:73:30:3a:
a1:92:f1:cc:c8:6b:be:df:69:57:14:71:bd:8c:2d:
76:a6:9b:43:3f:44:79:09:0d:b5:65:30:bb:09:b3:
8b:08:d6:34:a8:f4:5e:99:26:6a:82:d0:3b:ec:dd:
b0:da:db:d6:cb:18:c0:39:09:83:3e:1d:44:31:62:
c5:3d:1f:32:72:a8:8d:8e:d5:15:fd:1c:14:66:cd:
ad:49:5d:4f:c5:c3:29:04:f0:62:ed:37:f0:b4:5e:
c6:c9:a0:de:b1:b3:87:c2:4a:15:ce:58:c6:9d:96:
cd:ba:d8:1d:b8:db:b4:3c:86:2d:eb:dd:ee:68:13:
21:00:fe:e1:f2:62:f7:f9:11:e7:21:e4:f9:21:6b:
bc:d5:15:f4:3b:3a:77:81:20:9f:90:fe:d4:99:db:
7b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D0:11:52:73:F1:85:BA:23:8F:B2:24:D8:D5:2A:02:D6:94:1D:E2
X509v3 Authority Key Identifier:
keyid:4E:E4:05:7F:9E:A0:14:0C:EF:7C:E4:78:93:69:C5:CF:01:F7:C6:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuQFf56gFAzvfOR4k2nFzwH3xo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cf2ebf-2a09-43d2-a225-a165359a6211/1/JdARUnPxhbojj7Ik2NUqAtaUHeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cf2ebf-2a09-43d2-a225-a165359a6211/1/TuQFf56gFAzvfOR4k2nFzwH3xo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.84.0-37.221.86.255
IPv6:
2a09:f200::/29
Signature Algorithm: sha256WithRSAEncryption
88:c2:6d:c8:8c:a4:fe:07:d9:0c:ff:3c:ef:c3:ce:bd:9f:36:
04:c1:d0:42:a1:fb:dc:76:2d:78:7c:d8:38:5d:fd:0f:73:01:
a9:05:d5:b8:74:3d:56:60:99:60:db:84:51:0d:91:b9:4e:b1:
80:c4:c8:e9:54:da:0a:80:75:e7:0f:94:73:25:cd:49:45:39:
4a:d3:db:10:78:8a:7a:ae:24:55:48:98:3b:24:2d:56:e2:52:
66:93:4e:14:2c:c2:93:e7:8d:a6:13:6b:6f:d0:b7:39:e9:2c:
53:56:25:79:f5:c9:18:ec:b0:76:4a:97:06:7f:b7:fa:a8:c8:
e0:65:fb:9b:1f:72:ab:c5:b2:9b:95:e8:3a:ee:fa:b6:c2:25:
0c:db:ba:78:23:f7:cb:c0:d7:f3:58:aa:8e:18:9f:e1:e4:b6:
e3:03:90:3e:23:2b:d5:9e:86:20:b3:3e:cb:bd:c9:b1:86:62:
7e:2e:fc:76:41:1f:d7:2a:9f:1c:a4:c9:70:72:2a:11:59:85:
80:69:19:e0:8b:65:e5:64:5a:33:c1:48:00:5c:76:15:1e:3e:
24:f9:30:fa:4a:72:1c:95:86:0e:45:1d:cf:51:be:95:fb:01:
70:31:47:66:b8:b6:59:82:61:5b:17:25:fd:57:5d:18:be:0c:
d5:ed:bf:af
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVy6B4nx+7nDOTzDS8F6NG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTQwNTdmOWVhMDE0MGNlZjdjZTQ3ODkzNjljNWNmMDFm
N2M2OGUwHhcNMjMwMTAyMTQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQwMTE1MjczZjE4NWJhMjM4ZmIyMjRkOGQ1MmEwMmQ2OTQxZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI7I8AwNLthjQX5W3KWrfilA8npz
S1AiSvObh10b9EXcN4m0A7ezHYY/0GpACF4m3pHFAaOAbya07SL57IkO+E/CMM4i
shfJ061Gga94hu2OUvWiop6Po/GgI6z5zOS4UlWZc8JzMDqhkvHMyGu+32lXFHG9
jC12pptDP0R5CQ21ZTC7CbOLCNY0qPRemSZqgtA77N2w2tvWyxjAOQmDPh1EMWLF
PR8ycqiNjtUV/RwUZs2tSV1PxcMpBPBi7TfwtF7GyaDesbOHwkoVzljGnZbNutgd
uNu0PIYt693uaBMhAP7h8mL3+RHnIeT5IWu81RX0Ozp3gSCfkP7Umdt70wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCXQEVJz8YW6I4+yJNjVKgLWlB3iMB8GA1UdIwQY
MBaAFE7kBX+eoBQM73zkeJNpxc8B98aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVRRmY1NmdGQXp2Zk9SNGsybkZ6d0gzeG80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9jZjJlYmYtMmEwOS00M2QyLWEyMjUt
YTE2NTM1OWE2MjExLzEvSmRBUlVuUHhoYm9qajdJazJOVXFBdGFVSGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9jZjJlYmYtMmEwOS00M2QyLWEyMjUtYTE2NTM1OWE2MjEx
LzEvVHVRRmY1NmdGQXp2Zk9SNGsybkZ6d0gzeG80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAIl3VQD
BAAl3VYwDQQCAAIwBwMFAyoJ8gAwDQYJKoZIhvcNAQELBQADggEBAIjCbciMpP4H
2Qz/PO/Dzr2fNgTB0EKh+9x2LXh82Dhd/Q9zAakF1bh0PVZgmWDbhFENkblOsYDE
yOlU2gqAdecPlHMlzUlFOUrT2xB4inquJFVImDskLVbiUmaTThQswpPnjaYTa2/Q
tznpLFNWJXn1yRjssHZKlwZ/t/qoyOBl+5sfcqvFspuV6Dru+rbCJQzbungj98vA
1/NYqo4Yn+HktuMDkD4jK9WehiCzPsu9ybGGYn4u/HZBH9cqnxykyXByKhFZhYBp
GeCLZeVkWjPBSABcdhUePiT5MPpKchyVhg5FHc9RvpX7AXAxR2a4tlmCYVsXJf1X
XRi+DNXtv68=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org