Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/sH17iQw338ILl1xyWHp9MpUSdYE.roa
File: sH17iQw338ILl1xyWHp9MpUSdYE.roa (raw, json)
Hash identifier: A9TY0dNNBezOJR18Z84J/DP1WnGBGQ8f9H5kQI1gbJE=
Subject key identifier: B0:7D:7B:89:0C:37:DF:C2:0B:97:5C:72:58:7A:7D:32:95:12:75:81
Certificate issuer: /CN=74aa9312af4c3d9cee082c9541a6b65ada569b3c
Certificate serial: 0193435082590DD9A629E13B84E08AA35930
Authority key identifier: 74:AA:93:12:AF:4C:3D:9C:EE:08:2C:95:41:A6:B6:5A:DA:56:9B:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKqTEq9MPZzuCCyVQaa2WtpWmzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/sH17iQw338ILl1xyWHp9MpUSdYE.roa
Signing time: Tue 19 Nov 2024 07:26:09 +0000
ROA not before: Tue 19 Nov 2024 07:26:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42772
IP address blocks: 37.17.0.0/17 maxlen: 17
37.17.6.0/23 maxlen: 23
37.17.8.0/21 maxlen: 21
37.17.16.0/22 maxlen: 22
37.17.20.0/22 maxlen: 22
37.17.24.0/21 maxlen: 21
37.17.32.0/21 maxlen: 21
37.17.40.0/21 maxlen: 21
37.17.48.0/20 maxlen: 20
37.17.64.0/19 maxlen: 19
37.17.96.0/20 maxlen: 20
37.17.117.0/24 maxlen: 24
37.17.118.0/24 maxlen: 24
128.65.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 19 Nov 2024 12:36:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:50:82:59:0d:d9:a6:29:e1:3b:84:e0:8a:a3:59:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74aa9312af4c3d9cee082c9541a6b65ada569b3c
Validity
Not Before: Nov 19 07:26:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b07d7b890c37dfc20b975c72587a7d3295127581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dc:b3:71:88:2f:cb:fb:c9:6e:a2:be:65:db:
57:09:2a:d2:fa:3f:81:dd:df:04:ec:0a:24:58:0a:
70:1f:5d:ae:a5:c7:64:32:28:26:0f:1d:be:a9:42:
ce:3f:b5:da:f7:cf:d3:a7:a0:65:eb:54:d6:85:02:
a7:37:9c:82:7e:13:5a:0a:c9:01:e1:c8:4d:34:e2:
d9:04:d7:93:6b:51:a9:99:9d:59:2b:65:87:4d:8c:
f9:a9:28:93:25:b8:49:44:de:41:e7:a1:a4:c3:90:
d3:70:dd:eb:a5:4c:7e:9a:c5:ca:76:49:d1:3e:b6:
58:7e:5f:ae:55:84:e8:e6:26:3a:95:7b:d2:00:66:
c7:4a:b1:c7:4f:51:4c:63:47:5a:3a:6c:ea:7e:e2:
07:bc:8e:47:69:6d:fc:d4:cf:a4:31:bc:f2:a0:31:
6f:e8:db:3a:a6:7c:50:ea:e8:3e:36:0e:41:5c:12:
a8:e3:cc:c8:ce:19:b9:ce:ff:0f:48:52:f6:94:a4:
85:08:fd:eb:c3:09:9b:b2:42:76:54:46:ad:c7:6f:
b8:13:ff:a5:ab:4d:5c:b1:55:48:fd:1d:5b:f0:35:
4e:e0:12:17:c4:31:10:e9:f5:47:e6:9a:c1:9e:5e:
7c:dd:bb:f6:7c:f5:1f:8a:c2:cd:3c:ef:21:e9:85:
9a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7D:7B:89:0C:37:DF:C2:0B:97:5C:72:58:7A:7D:32:95:12:75:81
X509v3 Authority Key Identifier:
keyid:74:AA:93:12:AF:4C:3D:9C:EE:08:2C:95:41:A6:B6:5A:DA:56:9B:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKqTEq9MPZzuCCyVQaa2WtpWmzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/sH17iQw338ILl1xyWHp9MpUSdYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/dKqTEq9MPZzuCCyVQaa2WtpWmzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.0.0/17
128.65.2.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:a3:a7:f5:9b:f2:55:d4:5a:81:69:0a:59:69:e9:30:c3:e6:
c9:92:5b:36:d1:d5:b2:0e:05:ca:ed:1e:d0:9c:32:2f:4a:71:
c7:7a:70:63:a7:eb:9c:e8:8d:ed:d9:ca:82:7e:aa:44:0b:2d:
cd:f0:63:8b:47:ef:00:59:0e:20:2c:87:9c:2e:cd:85:ba:8d:
2f:00:ca:19:90:7e:21:8a:03:15:59:d6:c6:ed:97:ce:82:ab:
2f:2a:2f:f8:1f:b6:32:a0:78:da:4b:c0:2f:95:08:4a:8d:20:
fd:5c:67:19:f8:8b:db:e1:ca:e4:ad:14:b1:46:04:8b:51:4a:
36:04:31:8f:ec:ef:83:a3:5c:d4:2c:21:f7:2b:eb:6e:51:3e:
62:f4:21:93:7a:af:73:a9:c9:0c:7f:18:da:0c:7c:f2:1d:77:
c1:7e:a9:fc:21:f4:ee:37:0b:45:fb:bc:87:9a:f1:af:8b:73:
b3:4e:f4:32:60:4b:07:1a:04:b5:3d:c6:4b:1b:87:e1:ce:68:
f9:3c:32:5d:0c:18:bd:e2:d9:55:ba:cc:76:93:52:32:73:eb:
f9:f9:e2:bd:fe:12:12:94:3e:d1:ab:34:95:45:4c:45:a8:83:
c3:c2:46:f6:1c:d6:5b:bf:fc:09:fd:9c:5e:82:49:80:d8:27:
3f:8b:bd:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNDUIJZDdmmKeE7hOCKo1kwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWE5MzEyYWY0YzNkOWNlZTA4MmM5NTQxYTZiNjVhZGE1
NjliM2MwHhcNMjQxMTE5MDcyNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDdkN2I4OTBjMzdkZmMyMGI5NzVjNzI1ODdhN2QzMjk1MTI3NTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9yzcYgvy/vJbqK+ZdtXCSrS+j+B
3d8E7AokWApwH12upcdkMigmDx2+qULOP7Xa98/Tp6Bl61TWhQKnN5yCfhNaCskB
4chNNOLZBNeTa1GpmZ1ZK2WHTYz5qSiTJbhJRN5B56Gkw5DTcN3rpUx+msXKdknR
PrZYfl+uVYTo5iY6lXvSAGbHSrHHT1FMY0daOmzqfuIHvI5HaW381M+kMbzyoDFv
6Ns6pnxQ6ug+Ng5BXBKo48zIzhm5zv8PSFL2lKSFCP3rwwmbskJ2VEatx2+4E/+l
q01csVVI/R1b8DVO4BIXxDEQ6fVH5prBnl583bv2fPUfisLNPO8h6YWaPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLB9e4kMN9/CC5dcclh6fTKVEnWBMB8GA1UdIwQY
MBaAFHSqkxKvTD2c7ggslUGmtlraVps8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtxVEVxOU1QWnp1Q0N5VlFhYTJXdHBXbXp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYTQxNWEtYzcyOC00MmU5LWJlNDUt
OThhMWQ2NWNmZTZmLzEvc0gxN2lRdzMzOElMbDF4eVdIcDlNcFVTZFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYTQxNWEtYzcyOC00MmU5LWJlNDUtOThhMWQ2NWNmZTZm
LzEvZEtxVEVxOU1QWnp1Q0N5VlFhYTJXdHBXbXp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHJREAAwQB
gEECMA0GCSqGSIb3DQEBCwUAA4IBAQC1o6f1m/JV1FqBaQpZaekww+bJkls20dWy
DgXK7R7QnDIvSnHHenBjp+uc6I3t2cqCfqpECy3N8GOLR+8AWQ4gLIecLs2Fuo0v
AMoZkH4higMVWdbG7ZfOgqsvKi/4H7YyoHjaS8AvlQhKjSD9XGcZ+Ivb4crkrRSx
RgSLUUo2BDGP7O+Do1zULCH3K+tuUT5i9CGTeq9zqckMfxjaDHzyHXfBfqn8IfTu
NwtF+7yHmvGvi3OzTvQyYEsHGgS1PcZLG4fhzmj5PDJdDBi94tlVusx2k1Iyc+v5
+eK9/hISlD7RqzSVRUxFqIPDwkb2HNZbv/wJ/ZxegkmA2Cc/i71Z
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:27:54 2025 by rpki-client