Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/itGgRM9hILiKS0Q7QWLW7k7jAck.roa
File: itGgRM9hILiKS0Q7QWLW7k7jAck.roa (raw, json)
Hash identifier: YqbGC9azbcjKOKT5TjPBJiEKiD9shyKO4aCEJYrI090=
Subject key identifier: 8A:D1:A0:44:CF:61:20:B8:8A:4B:44:3B:41:62:D6:EE:4E:E3:01:C9
Certificate issuer: /CN=f98669d31a14dbdc5077159cf0a65353bfbfa20a
Certificate serial: 0193B5034C12AB1211401951A419F0A644B0
Authority key identifier: F9:86:69:D3:1A:14:DB:DC:50:77:15:9C:F0:A6:53:53:BF:BF:A2:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YZp0xoU29xQdxWc8KZTU7-_ogo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/itGgRM9hILiKS0Q7QWLW7k7jAck.roa
Signing time: Wed 11 Dec 2024 09:18:32 +0000
ROA not before: Wed 11 Dec 2024 09:18:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34222
IP address blocks: 37.46.208.0/21 maxlen: 21
2a00:19a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 12 Dec 2024 10:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:03:4c:12:ab:12:11:40:19:51:a4:19:f0:a6:44:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98669d31a14dbdc5077159cf0a65353bfbfa20a
Validity
Not Before: Dec 11 09:18:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ad1a044cf6120b88a4b443b4162d6ee4ee301c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fc:23:4c:ba:0e:f0:a5:49:5c:8c:28:d5:d1:
34:69:88:bf:7f:ce:4d:6c:9e:f3:fa:d9:d0:4b:ac:
ab:5d:12:f2:f7:ad:0b:bf:48:77:ed:ec:61:fc:a0:
0e:9f:61:cd:3b:8f:0a:5c:bc:f5:90:ee:6b:aa:c5:
87:f2:39:bd:2a:21:4e:93:db:9b:32:3d:56:a2:11:
cc:d5:33:b6:01:f6:1d:76:55:1c:8c:0c:e0:c5:41:
0d:38:49:75:70:a4:5f:a0:7b:e0:c9:6a:28:35:50:
9d:49:26:97:67:70:7f:90:1d:af:59:ee:4f:7e:9b:
f1:62:4a:74:62:97:4b:e1:b1:ed:e0:87:84:41:81:
eb:0f:62:a6:89:b7:84:00:d6:e9:8f:9a:31:27:e8:
99:f7:7f:c7:f6:f0:59:ae:9a:82:11:41:62:a6:a2:
9d:1c:58:97:c9:e5:40:62:3f:72:fa:ed:ea:7c:0d:
4b:af:6b:d3:a3:7b:8a:33:42:d6:3f:18:b5:2f:f1:
6c:e9:64:32:9e:d2:16:a3:ef:ae:68:98:11:24:8d:
76:0e:db:bf:67:1b:b8:c2:60:a1:a3:39:25:7a:44:
21:58:30:32:af:ad:8c:a5:0a:9d:f6:cc:2b:f6:ec:
6b:9b:ae:cc:2d:1b:51:ce:0b:61:fa:af:e8:7f:76:
c7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D1:A0:44:CF:61:20:B8:8A:4B:44:3B:41:62:D6:EE:4E:E3:01:C9
X509v3 Authority Key Identifier:
keyid:F9:86:69:D3:1A:14:DB:DC:50:77:15:9C:F0:A6:53:53:BF:BF:A2:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YZp0xoU29xQdxWc8KZTU7-_ogo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/itGgRM9hILiKS0Q7QWLW7k7jAck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/1-YZp0xoU29xQdxWc8KZTU7-_ogo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.208.0/21
IPv6:
2a00:19a0::/32
Signature Algorithm: sha256WithRSAEncryption
89:6c:85:32:6d:f9:e3:a6:68:80:6c:7f:72:80:c1:e5:97:73:
c3:f3:9f:45:a2:7e:fe:1e:9a:17:f7:29:c2:3d:39:96:4d:dd:
db:01:e9:59:b1:5a:a2:b2:96:d6:d4:d4:50:d4:2b:4a:d1:4e:
17:68:06:23:5c:10:5a:4b:a8:54:c5:f6:5c:e0:65:cf:07:cc:
7c:f0:4d:e9:c5:76:f3:da:6f:bc:b0:3b:bc:54:de:8b:cd:64:
aa:c0:90:e6:42:7c:bb:55:17:53:62:ba:70:33:fd:92:12:8a:
ae:64:19:b2:17:74:7b:48:0d:00:6f:20:eb:7f:3b:fd:23:32:
df:ae:c4:e1:51:d0:cc:62:71:21:63:bc:07:5e:82:10:38:2c:
f1:94:2d:2a:d0:d0:60:4e:93:c5:dc:59:83:b2:d3:9e:a5:da:
71:a1:5b:a7:5d:d2:4a:8f:5b:a0:69:02:35:fc:9c:69:22:05:
5b:f2:13:35:a2:13:94:f3:a5:ad:05:fd:78:4e:da:76:9f:d3:
66:5f:7a:f4:50:f7:1f:b8:ac:70:eb:dc:c4:d4:e4:26:e9:f5:
49:a2:10:b1:3e:21:6e:90:b9:91:23:62:dc:4f:3e:6b:d7:56:
59:a1:b5:b6:e7:46:f1:82:e3:2a:b2:9e:94:6b:c0:cf:15:99:
84:d1:0e:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZO1A0wSqxIRQBlRpBnwpkSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODY2OWQzMWExNGRiZGM1MDc3MTU5Y2YwYTY1MzUzYmZi
ZmEyMGEwHhcNMjQxMjExMDkxODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQxYTA0NGNmNjEyMGI4OGE0YjQ0M2I0MTYyZDZlZTRlZTMwMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/wjTLoO8KVJXIwo1dE0aYi/f85N
bJ7z+tnQS6yrXRLy960Lv0h37exh/KAOn2HNO48KXLz1kO5rqsWH8jm9KiFOk9ub
Mj1WohHM1TO2AfYddlUcjAzgxUENOEl1cKRfoHvgyWooNVCdSSaXZ3B/kB2vWe5P
fpvxYkp0YpdL4bHt4IeEQYHrD2KmibeEANbpj5oxJ+iZ93/H9vBZrpqCEUFipqKd
HFiXyeVAYj9y+u3qfA1Lr2vTo3uKM0LWPxi1L/Fs6WQyntIWo++uaJgRJI12Dtu/
Zxu4wmChozklekQhWDAyr62MpQqd9swr9uxrm67MLRtRzgth+q/of3bHNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIrRoETPYSC4iktEO0Fi1u5O4wHJMB8GA1UdIwQY
MBaAFPmGadMaFNvcUHcVnPCmU1O/v6IKMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZWnAweG9VMjl4UWR4V2M4S1pUVTctX29nby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvMmI0MTdkLTI4NjktNDExZi1hZWRh
LTRhMDViYWM1MjY1Zi8xL2l0R2dSTTloSUxpS1MwUTdRV0xXN2s3akFjay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvMmI0MTdkLTI4NjktNDExZi1hZWRhLTRhMDViYWM1MjY1
Zi8xLzEtWVpwMHhvVTI5eFFkeFdjOEtaVFU3LV9vZ28uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAMlLtAw
DQQCAAIwBwMFACoAGaAwDQYJKoZIhvcNAQELBQADggEBAIlshTJt+eOmaIBsf3KA
weWXc8Pzn0Wifv4emhf3KcI9OZZN3dsB6VmxWqKyltbU1FDUK0rRThdoBiNcEFpL
qFTF9lzgZc8HzHzwTenFdvPab7ywO7xU3ovNZKrAkOZCfLtVF1NiunAz/ZISiq5k
GbIXdHtIDQBvIOt/O/0jMt+uxOFR0MxicSFjvAdeghA4LPGULSrQ0GBOk8XcWYOy
056l2nGhW6dd0kqPW6BpAjX8nGkiBVvyEzWiE5Tzpa0F/XhO2naf02ZfevRQ9x+4
rHDr3MTU5Cbp9UmiELE+IW6QuZEjYtxPPmvXVlmhtbbnRvGC4yqynpRrwM8VmYTR
DtE=
-----END CERTIFICATE-----
Generated at Thu Dec 12 13:53:15 2024 by rpki-client on console-fra.rpki-client.org