Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lfHV8kyQMqpXWxCzdMy8jQwnJ2s.roa
File: lfHV8kyQMqpXWxCzdMy8jQwnJ2s.roa (raw, json)
Hash identifier: Wd65AHePtGGA8UHTnqUNpfsIbLMzb+HXzgKFMe76AR8=
Subject key identifier: 95:F1:D5:F2:4C:90:32:AA:57:5B:10:B3:74:CC:BC:8D:0C:27:27:6B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D620080C4063B872AA8B256BB7E0438EA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lfHV8kyQMqpXWxCzdMy8jQwnJ2s.roa
Signing time: Thu 01 Feb 2024 00:10:16 +0000
ROA not before: Thu 01 Feb 2024 00:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 37.221.120.0/22 maxlen: 24
178.215.226.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 11:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:00:80:c4:06:3b:87:2a:a8:b2:56:bb:7e:04:38:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 1 00:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95f1d5f24c9032aa575b10b374ccbc8d0c27276b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e8:ed:a0:e6:df:e8:6f:17:61:cf:52:41:5f:
21:d6:4b:f0:58:73:09:a0:67:11:91:81:5e:02:36:
d2:8e:bb:d8:0a:66:ba:ed:7c:04:5e:ce:e4:ea:24:
fe:6c:3d:52:e1:05:89:88:90:4b:44:b7:96:75:99:
b5:28:41:35:46:ab:78:16:0c:2d:b0:8c:0d:27:5b:
75:74:fb:70:16:3b:3c:ed:7a:37:ff:dd:27:ae:f0:
c5:01:8d:85:f7:4d:0f:8e:56:ac:95:85:0f:f3:06:
af:bf:cb:43:3d:78:87:5c:c4:9c:50:a9:ef:39:3e:
08:27:0f:9f:e6:c3:af:16:48:54:a9:dc:bb:3a:83:
0a:b5:89:57:ff:96:72:84:6c:49:70:34:30:84:55:
f3:d7:f6:a6:0c:c2:80:bc:85:f5:c8:b9:bb:89:0e:
f4:79:38:7f:f9:9c:94:44:3e:fc:b9:f4:c9:37:fc:
51:59:53:b6:ac:67:14:23:0c:61:89:b8:80:f4:5b:
5b:49:af:f7:76:31:4e:8f:14:f4:96:6e:9a:17:6d:
fe:4b:a9:34:8f:06:8a:c4:f1:20:2d:b4:ff:f5:47:
28:c8:c3:6d:1d:59:4d:08:cb:e7:8d:88:7e:b7:f9:
99:6a:a9:0a:2a:51:d7:a7:59:7e:47:9b:95:73:3b:
1a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F1:D5:F2:4C:90:32:AA:57:5B:10:B3:74:CC:BC:8D:0C:27:27:6B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lfHV8kyQMqpXWxCzdMy8jQwnJ2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
178.215.226.0/24
185.225.73.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:0e:77:7c:99:eb:1a:cc:6b:c1:7b:d3:04:48:16:40:91:99:
48:45:50:0f:de:2a:63:8a:e0:37:bd:42:f8:ad:7d:13:fb:93:
c3:7f:92:41:f7:b4:9b:ac:fb:40:67:d2:fe:f9:8a:fd:03:92:
d5:7b:9a:45:9b:90:76:2e:7e:24:38:e0:57:3e:cb:3d:80:82:
a4:76:ce:5c:66:11:ec:a7:93:58:f4:3a:37:ee:9e:03:5f:8a:
7b:4e:07:d0:a4:36:22:ee:e5:da:75:46:69:c8:45:6b:bc:0f:
4c:7c:69:63:8d:06:a0:76:c0:59:ad:5c:00:38:d4:53:73:c7:
ed:4d:fb:f5:6c:51:0c:0f:bc:ab:af:d3:c1:4f:d7:46:4e:6b:
2a:b1:58:19:de:4a:0a:3f:d8:9c:fa:1e:01:45:88:41:f2:08:
c5:97:ef:14:62:c7:fa:c6:07:76:6c:54:c1:03:7b:fa:74:ea:
5f:ac:b4:c3:e2:24:a2:0e:75:23:bd:2d:ea:15:db:d9:4d:55:
4b:ea:9e:81:bf:26:5d:20:6b:78:26:6c:40:10:64:c5:2d:f5:
54:d7:dd:ed:80:8c:fa:06:a8:7c:02:76:b6:45:40:54:e6:ae:
fe:d7:b2:24:fb:53:4d:86:41:68:f2:44:e1:f5:73:93:b0:39:
6d:48:8c:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1iAIDEBjuHKqiyVrt+BDjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjAxMDAxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWYxZDVmMjRjOTAzMmFhNTc1YjEwYjM3NGNjYmM4ZDBjMjcyNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ujtoObf6G8XYc9SQV8h1kvwWHMJ
oGcRkYFeAjbSjrvYCma67XwEXs7k6iT+bD1S4QWJiJBLRLeWdZm1KEE1Rqt4Fgwt
sIwNJ1t1dPtwFjs87Xo3/90nrvDFAY2F900PjlaslYUP8wavv8tDPXiHXMScUKnv
OT4IJw+f5sOvFkhUqdy7OoMKtYlX/5ZyhGxJcDQwhFXz1/amDMKAvIX1yLm7iQ70
eTh/+ZyURD78ufTJN/xRWVO2rGcUIwxhibiA9FtbSa/3djFOjxT0lm6aF23+S6k0
jwaKxPEgLbT/9UcoyMNtHVlNCMvnjYh+t/mZaqkKKlHXp1l+R5uVczsazQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJXx1fJMkDKqV1sQs3TMvI0MJydrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbGZIVjhreVFNcXBYV3hDemRNeThqUXduSjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJd14AwQA
stfiAwQAueFJMA0GCSqGSIb3DQEBCwUAA4IBAQBMDnd8mesazGvBe9MESBZAkZlI
RVAP3ipjiuA3vUL4rX0T+5PDf5JB97SbrPtAZ9L++Yr9A5LVe5pFm5B2Ln4kOOBX
Pss9gIKkds5cZhHsp5NY9Do37p4DX4p7TgfQpDYi7uXadUZpyEVrvA9MfGljjQag
dsBZrVwAONRTc8ftTfv1bFEMD7yrr9PBT9dGTmsqsVgZ3koKP9ic+h4BRYhB8gjF
l+8UYsf6xgd2bFTBA3v6dOpfrLTD4iSiDnUjvS3qFdvZTVVL6p6BvyZdIGt4JmxA
EGTFLfVU193tgIz6Bqh8Ana2RUBU5q7+17Ik+1NNhkFo8kTh9XOTsDltSIya
-----END CERTIFICATE-----
Generated at Tue Feb 6 15:04:15 2024 by rpki-client on console-ams.rpki-client.org