Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/h1-yMAOx0rP_xHuXKB5TfbRtRFU.roa
File: h1-yMAOx0rP_xHuXKB5TfbRtRFU.roa (raw, json)
Hash identifier: ao72HZaAlvI1aMx8mp0Yf9ySwdAknFwnXRByy80TUSs=
Subject key identifier: 87:5F:B2:30:03:B1:D2:B3:FF:C4:7B:97:28:1E:53:7D:B4:6D:44:55
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 018AF651B1AFF2E7E995FCFA099A05A6EF66
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/h1-yMAOx0rP_xHuXKB5TfbRtRFU.roa
Signing time: Tue 03 Oct 2023 16:14:23 +0000
ROA not before: Tue 03 Oct 2023 16:14:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213371
IP address blocks: 37.49.229.0/24 maxlen: 24
37.49.230.0/24 maxlen: 24
37.49.228.0/24 maxlen: 24
77.247.109.0/24 maxlen: 24
185.53.88.0/24 maxlen: 24
185.53.89.0/24 maxlen: 24
37.49.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 05:19:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:51:b1:af:f2:e7:e9:95:fc:fa:09:9a:05:a6:ef:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Oct 3 16:14:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=875fb23003b1d2b3ffc47b97281e537db46d4455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0a:8a:7f:4d:48:75:6d:d8:95:f2:eb:99:f9:
82:29:24:ae:dc:25:92:89:6b:8a:a9:47:86:4b:33:
46:1b:bf:9d:7c:be:6f:79:4c:ae:64:d6:7c:cc:f9:
3f:ab:74:fd:5b:04:0c:66:68:d0:01:f5:b5:2d:f9:
29:ce:36:96:7e:6a:4a:ce:1c:7d:59:48:05:e1:4e:
12:9e:e7:47:41:1e:bd:d8:fb:5c:a5:71:e8:4c:98:
8e:7c:eb:23:95:50:13:05:f6:8c:16:49:73:ab:21:
ce:97:d3:d8:1b:f5:0e:57:8b:2a:5b:49:d8:d0:4f:
3a:85:a2:14:fe:2b:17:72:f9:61:39:69:82:28:4a:
ce:84:10:ed:78:ce:b7:38:b8:33:82:97:90:76:1e:
55:89:8d:6a:c5:df:b9:2f:f0:41:71:82:1d:fe:35:
53:70:04:31:f0:ec:9c:65:9e:80:f3:e8:0f:97:6a:
c4:8d:b9:43:ef:af:98:69:bc:83:8d:ea:92:05:4c:
b9:71:9f:f2:af:1d:3a:f5:85:ca:16:17:6b:0d:90:
83:3a:72:bd:4b:12:19:35:a6:a6:5a:ba:c1:34:0b:
b7:fe:be:ab:d3:12:19:7f:60:b2:1d:b2:14:6a:96:
08:2a:75:7d:5b:38:74:c0:44:96:c8:a5:24:20:04:
2d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5F:B2:30:03:B1:D2:B3:FF:C4:7B:97:28:1E:53:7D:B4:6D:44:55
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/h1-yMAOx0rP_xHuXKB5TfbRtRFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.224.0/24
37.49.228.0-37.49.230.255
77.247.109.0/24
185.53.88.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:02:f2:ff:8c:7d:2c:da:34:d1:95:b8:bf:65:f5:ab:83:46:
96:8a:2b:de:93:81:9b:a8:fb:9d:38:b4:84:fb:0c:a9:76:83:
43:21:c0:91:f9:3c:5a:e6:8d:95:25:e3:5e:34:1b:8c:71:80:
62:21:7b:01:b9:fb:37:e5:3d:48:32:37:ce:01:4d:26:4d:bc:
c3:03:b9:58:d0:fb:9e:b8:e9:9a:db:b7:3c:fa:2e:e0:5b:2b:
58:7e:8e:e4:91:b1:35:1c:2a:59:95:5f:ef:33:be:da:e0:13:
d9:8f:d6:07:5d:75:89:3f:62:07:10:c2:89:14:29:66:a3:b3:
97:1b:ac:df:04:da:a9:b4:89:db:74:3a:14:80:46:7b:79:07:
d7:90:ef:6f:b3:44:5a:47:36:d6:55:a2:d0:ce:a1:e1:79:a4:
84:92:31:32:2f:da:65:4b:b4:06:3f:e6:1a:0b:3f:fd:4d:1e:
84:50:a9:c2:28:03:8d:83:1f:f4:eb:62:60:d2:33:8b:c2:4c:
d7:a0:a0:f6:3c:f7:14:6b:3c:63:21:3a:f3:83:5d:32:54:0c:
8d:89:d1:86:63:ac:3f:e3:84:65:14:7e:29:6c:d5:12:7b:77:
33:fd:53:7e:b9:60:ef:fc:43:a9:b5:50:38:94:5d:de:98:0c:
59:74:05:64
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYr2UbGv8ufplfz6CZoFpu9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2UyYTQ2ZTM0ZjQ5MTQzM2M4YjYyZjMxOWI5MDJiZGRm
ZGU4MzEwHhcNMjMxMDAzMTYxNDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVmYjIzMDAzYjFkMmIzZmZjNDdiOTcyODFlNTM3ZGI0NmQ0NDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQqKf01IdW3YlfLrmfmCKSSu3CWS
iWuKqUeGSzNGG7+dfL5veUyuZNZ8zPk/q3T9WwQMZmjQAfW1LfkpzjaWfmpKzhx9
WUgF4U4SnudHQR692PtcpXHoTJiOfOsjlVATBfaMFklzqyHOl9PYG/UOV4sqW0nY
0E86haIU/isXcvlhOWmCKErOhBDteM63OLgzgpeQdh5ViY1qxd+5L/BBcYId/jVT
cAQx8OycZZ6A8+gPl2rEjblD76+YabyDjeqSBUy5cZ/yrx069YXKFhdrDZCDOnK9
SxIZNaamWrrBNAu3/r6r0xIZf2CyHbIUapYIKnV9Wzh0wESWyKUkIAQt0wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIdfsjADsdKz/8R7lygeU320bURVMB8GA1UdIwQY
MBaAFMZ+KkbjT0kUM8i2LzGbkCvd/egxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQt
MDY2ODY2ZjJkZWQwLzEvaDEteU1BT3gwclBfeEh1WEtCNVRmYlJ0UkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQtMDY2ODY2ZjJkZWQw
LzEveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAJTHgMAwD
BAIlMeQDBAAlMeYDBABN920DBAG5NVgwDQYJKoZIhvcNAQELBQADggEBACoC8v+M
fSzaNNGVuL9l9auDRpaKK96TgZuo+504tIT7DKl2g0MhwJH5PFrmjZUl4140G4xx
gGIhewG5+zflPUgyN84BTSZNvMMDuVjQ+5646Zrbtzz6LuBbK1h+juSRsTUcKlmV
X+8zvtrgE9mP1gdddYk/YgcQwokUKWajs5cbrN8E2qm0idt0OhSARnt5B9eQ72+z
RFpHNtZVotDOoeF5pISSMTIv2mVLtAY/5hoLP/1NHoRQqcIoA42DH/TrYmDSM4vC
TNegoPY89xRrPGMhOvODXTJUDI2J0YZjrD/jhGUUfils1RJ7dzP9U365YO/8Q6m1
UDiUXd6YDFl0BWQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:39 2024 by rpki-client on console-fra.rpki-client.org