Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/i722vw18lwgLXjhVgZTmycM5FWY.roa
File: i722vw18lwgLXjhVgZTmycM5FWY.roa (raw, json)
Hash identifier: g2+VWKQsQvz3WWoMhZwTwPJ/sCKDNch9s9w8yaoFoYk=
Subject key identifier: 8B:BD:B6:BF:0D:7C:97:08:0B:5E:38:55:81:94:E6:C9:C3:39:15:66
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 018CC80164BA0A6031D9F6545673024E11A7
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/i722vw18lwgLXjhVgZTmycM5FWY.roa
Signing time: Tue 02 Jan 2024 02:29:43 +0000
ROA not before: Tue 02 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
185.97.4.0/22 maxlen: 22
194.104.149.0/24 maxlen: 24
185.97.6.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 03 Jun 2024 18:13:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:64:ba:0a:60:31:d9:f6:54:56:73:02:4e:11:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jan 2 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bbdb6bf0d7c97080b5e38558194e6c9c3391566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:14:e3:94:bd:9a:20:ef:03:3d:ba:34:e6:48:
be:b2:36:7a:b4:d8:5e:fa:d3:94:5f:b5:c4:56:84:
02:be:7f:a8:d9:8b:10:92:bb:93:3c:23:c9:84:6c:
79:de:d2:e5:c5:2c:4a:22:89:73:d3:06:21:56:22:
25:6a:c2:be:7a:0b:98:7e:a0:5a:b5:48:be:b5:61:
d0:9d:36:2e:35:2a:8a:29:e4:75:2f:ca:69:b7:c9:
c6:3e:66:56:88:cd:a9:55:ab:8f:2e:e1:85:81:06:
98:92:d5:e8:38:99:45:34:40:67:9d:65:55:75:73:
7d:6f:40:b4:de:c1:92:54:d3:45:dc:93:3e:a4:e7:
cb:60:fc:96:f8:a7:22:44:c6:7e:09:b0:5b:0c:15:
db:98:b1:01:29:25:36:62:05:77:74:20:62:e6:d7:
7e:0f:86:ee:58:19:b9:01:e6:bf:75:85:fc:fa:f9:
c9:93:da:6f:99:fe:f7:e4:98:0f:d3:2d:85:b0:9a:
e8:8f:ad:b9:1b:5e:05:49:0d:1e:ec:32:15:ad:cb:
6d:61:00:b6:ac:15:f8:d7:e3:70:d4:29:61:06:ed:
f2:87:5d:5b:19:34:56:d5:46:ac:92:1f:54:eb:b3:
3a:1d:17:72:0d:34:b6:a8:67:53:00:82:a9:74:6c:
01:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BD:B6:BF:0D:7C:97:08:0B:5E:38:55:81:94:E6:C9:C3:39:15:66
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/i722vw18lwgLXjhVgZTmycM5FWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
185.97.4.0/22
194.104.114.0/23
194.104.149.0/24
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
4c:34:99:d1:bb:06:0e:69:cb:6b:e4:35:48:75:39:26:38:a4:
60:ec:be:66:3a:9d:2d:bf:aa:04:c9:f9:3d:2b:38:30:1c:ef:
3c:1b:d8:ca:9f:a6:59:68:4b:f8:41:72:bb:65:14:88:d3:27:
43:20:97:66:5f:c5:96:19:1e:f7:17:c7:cd:23:cc:9f:de:84:
5d:b8:bf:7a:1a:74:74:e8:f3:36:46:89:41:78:7a:43:de:6b:
c8:de:f2:e9:98:ef:3b:99:e7:17:3f:05:77:01:69:23:f2:21:
df:9b:98:ef:44:fb:99:71:f7:eb:59:74:a2:31:7a:10:ee:53:
45:76:ac:67:98:f6:90:4e:ce:4c:d2:8b:32:c3:12:ba:e5:a5:
4f:c4:a9:b8:50:9d:0b:f9:23:a3:69:c7:7a:6f:0a:5a:d8:3b:
df:05:a6:ef:51:0c:65:38:86:3b:72:76:9a:c7:c9:32:5c:84:
7e:d0:a1:dc:7f:2a:7a:74:a5:57:65:9c:2d:c9:b9:75:d9:c8:
e4:b9:36:e7:df:66:bd:5b:39:b1:9a:5b:5f:a0:ae:c6:d5:d6:
5d:c4:a1:38:24:8f:b3:b2:03:d3:d2:92:67:07:8a:f9:10:d6:
93:9f:fe:fd:06:1c:d6:db:d1:ab:db:15:ce:8f:a4:1d:b1:13:
e3:03:a5:7f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzIAWS6CmAx2fZUVnMCThGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmJkYjZiZjBkN2M5NzA4MGI1ZTM4NTU4MTk0ZTZjOWMzMzkxNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRTjlL2aIO8DPbo05ki+sjZ6tNhe
+tOUX7XEVoQCvn+o2YsQkruTPCPJhGx53tLlxSxKIolz0wYhViIlasK+eguYfqBa
tUi+tWHQnTYuNSqKKeR1L8ppt8nGPmZWiM2pVauPLuGFgQaYktXoOJlFNEBnnWVV
dXN9b0C03sGSVNNF3JM+pOfLYPyW+KciRMZ+CbBbDBXbmLEBKSU2YgV3dCBi5td+
D4buWBm5Aea/dYX8+vnJk9pvmf735JgP0y2FsJroj625G14FSQ0e7DIVrcttYQC2
rBX41+Nw1ClhBu3yh11bGTRW1Uaskh9U67M6HRdyDTS2qGdTAIKpdGwBUwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIu9tr8NfJcIC144VYGU5snDORVmMB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvaTcyMnZ3MThsd2dMWGpoVmdaVG15Y001RldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJeSCAwQA
XvePAwQCuWEEAwQBwmhyAwQAwmiVMA0EAgACMAcDBQIqBgHAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMNJnRuwYOactr5DVIdTkmOKRg7L5mOp0tv6oEyfk9KzgwHO88G9jK
n6ZZaEv4QXK7ZRSI0ydDIJdmX8WWGR73F8fNI8yf3oRduL96GnR06PM2RolBeHpD
3mvI3vLpmO87mecXPwV3AWkj8iHfm5jvRPuZcffrWXSiMXoQ7lNFdqxnmPaQTs5M
0osywxK65aVPxKm4UJ0L+SOjacd6bwpa2DvfBabvUQxlOIY7cnaax8kyXIR+0KHc
fyp6dKVXZZwtybl12cjkuTbn32a9WzmxmltfoK7G1dZdxKE4JI+zsgPT0pJnB4r5
ENaTn/79BhzW29Gr2xXOj6QdsRPjA6V/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:41 2024 by rpki-client on console-ams.rpki-client.org