Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/592cf0-03df-4886-b061-284f7c9622b5/1/X4haPB4NPt1aHxuTeunEFNLuiy8.roa
File: X4haPB4NPt1aHxuTeunEFNLuiy8.roa (raw, json)
Hash identifier: qRW6b7NTUpsPGfXsxEmDcKyPxvlcmGSg8b/StyoQ1a0=
Subject key identifier: 5F:88:5A:3C:1E:0D:3E:DD:5A:1F:1B:93:7A:E9:C4:14:D2:EE:8B:2F
Certificate issuer: /CN=b13099c38b6477a68c98019ff6e0040808078b90
Certificate serial: 018C67FF7DE4B9FD989C30DE58EB06A3826A
Authority key identifier: B1:30:99:C3:8B:64:77:A6:8C:98:01:9F:F6:E0:04:08:08:07:8B:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTCZw4tkd6aMmAGf9uAECAgHi5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/592cf0-03df-4886-b061-284f7c9622b5/1/X4haPB4NPt1aHxuTeunEFNLuiy8.roa
Signing time: Thu 14 Dec 2023 11:04:06 +0000
ROA not before: Thu 14 Dec 2023 11:04:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206347
IP address blocks: 185.32.92.0/22 maxlen: 24
185.193.168.0/22 maxlen: 24
138.124.160.0/20 maxlen: 24
37.48.225.0/24 maxlen: 24
37.48.226.0/23 maxlen: 23
138.124.175.0/24 maxlen: 24
37.48.228.0/24 maxlen: 24
37.48.231.0/24 maxlen: 24
185.67.232.0/22 maxlen: 24
185.102.132.0/22 maxlen: 24
2a0b:de40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:ff:7d:e4:b9:fd:98:9c:30:de:58:eb:06:a3:82:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b13099c38b6477a68c98019ff6e0040808078b90
Validity
Not Before: Dec 14 11:04:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f885a3c1e0d3edd5a1f1b937ae9c414d2ee8b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bb:4d:06:0e:51:ca:d0:8a:75:78:e7:f2:cc:
30:05:ef:63:13:2b:7d:d9:7e:5a:d2:87:41:64:6b:
0c:5b:8c:d5:52:74:e6:23:b3:8c:84:f0:4c:3a:17:
fd:aa:a0:a3:f9:cf:a6:90:f2:15:88:f6:93:38:d8:
00:41:c9:44:c3:e7:6a:29:20:72:79:da:8c:54:a1:
94:c9:ef:5a:6c:16:4f:83:53:40:5e:b1:2b:7c:80:
1e:7b:06:2d:49:e3:3c:a6:d1:8b:f2:c8:88:f9:7a:
c5:86:13:74:86:6b:5a:2f:0e:88:39:a6:f7:35:5a:
d8:97:2d:05:41:2e:04:2a:b8:d0:e2:23:8f:1c:8f:
b9:e6:3a:4e:b8:1b:18:8c:21:56:af:25:f9:5f:33:
33:b5:62:41:7c:d8:80:3d:82:8d:dd:f8:d8:52:03:
fd:ab:fc:a9:95:a2:2f:fb:49:fd:d8:8b:a9:b7:43:
1b:5f:eb:e2:29:53:63:51:59:0a:c3:c3:61:36:5d:
b5:95:90:32:e0:45:74:dd:51:1f:b6:26:be:72:65:
35:9b:e5:a0:37:14:77:a3:45:61:cb:a4:e9:21:ed:
aa:d6:17:a4:72:a1:60:fc:18:08:a0:bf:62:04:29:
0c:16:0b:5d:c5:9c:29:4d:3f:2d:3a:25:49:f3:48:
5a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:88:5A:3C:1E:0D:3E:DD:5A:1F:1B:93:7A:E9:C4:14:D2:EE:8B:2F
X509v3 Authority Key Identifier:
keyid:B1:30:99:C3:8B:64:77:A6:8C:98:01:9F:F6:E0:04:08:08:07:8B:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTCZw4tkd6aMmAGf9uAECAgHi5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/592cf0-03df-4886-b061-284f7c9622b5/1/X4haPB4NPt1aHxuTeunEFNLuiy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/592cf0-03df-4886-b061-284f7c9622b5/1/sTCZw4tkd6aMmAGf9uAECAgHi5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.225.0-37.48.228.255
37.48.231.0/24
138.124.160.0/20
185.32.92.0/22
185.67.232.0/22
185.102.132.0/22
185.193.168.0/22
IPv6:
2a0b:de40::/29
Signature Algorithm: sha256WithRSAEncryption
ae:5c:fc:fe:b1:ee:14:81:67:1e:6d:57:a5:3b:11:8f:4a:6f:
b2:a8:8a:62:cf:6b:14:bc:cf:bd:b9:81:38:4f:f0:26:6e:0b:
e5:18:d7:bc:b6:35:26:86:fd:fb:63:38:df:d1:4f:a2:2e:c0:
8b:2d:1d:f6:27:6c:17:e8:2a:67:06:a0:cc:d5:3c:a7:ef:40:
b0:87:d2:4f:14:7e:30:93:c0:1d:fe:b7:a8:1e:1c:17:cb:a0:
9f:48:0a:1f:3f:e2:11:fc:1e:4d:89:d1:40:31:35:2b:ee:12:
5e:39:f8:15:1f:ea:1b:9d:7b:ae:cb:06:27:6f:ea:d0:90:1a:
6d:89:7d:20:44:ce:43:e1:48:7d:89:43:2f:31:d8:df:7d:d3:
f4:90:87:37:63:c8:d1:2a:11:d9:3a:71:89:18:c7:2f:4d:d6:
7c:85:79:f1:1a:96:70:a5:51:17:6c:0a:6d:57:17:cb:5b:91:
28:15:af:c9:59:64:b8:ed:9b:02:2a:7a:b2:35:e5:f5:e1:ad:
09:dc:64:d1:1f:f0:4d:77:c1:15:3b:e1:e7:5b:a1:88:9d:f6:
69:fc:5b:8d:3c:0d:c5:49:47:c1:c4:56:66:aa:8b:91:32:f4:
ec:c0:9b:36:ef:21:27:b9:c0:38:6e:bf:63:da:f2:95:6c:df:
0b:e5:37:2a
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYxn/33kuf2YnDDeWOsGo4JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzA5OWMzOGI2NDc3YTY4Yzk4MDE5ZmY2ZTAwNDA4MDgw
NzhiOTAwHhcNMjMxMjE0MTEwNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjg4NWEzYzFlMGQzZWRkNWExZjFiOTM3YWU5YzQxNGQyZWU4YjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7tNBg5RytCKdXjn8swwBe9jEyt9
2X5a0odBZGsMW4zVUnTmI7OMhPBMOhf9qqCj+c+mkPIViPaTONgAQclEw+dqKSBy
edqMVKGUye9abBZPg1NAXrErfIAeewYtSeM8ptGL8siI+XrFhhN0hmtaLw6IOab3
NVrYly0FQS4EKrjQ4iOPHI+55jpOuBsYjCFWryX5XzMztWJBfNiAPYKN3fjYUgP9
q/yplaIv+0n92Iupt0MbX+viKVNjUVkKw8NhNl21lZAy4EV03VEftia+cmU1m+Wg
NxR3o0Vhy6TpIe2q1hekcqFg/BgIoL9iBCkMFgtdxZwpTT8tOiVJ80ha0wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFF+IWjweDT7dWh8bk3rpxBTS7osvMB8GA1UdIwQY
MBaAFLEwmcOLZHemjJgBn/bgBAgIB4uQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RDWnc0dGtkNmFNbUFHZjl1QUVDQWdIaTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81OTJjZjAtMDNkZi00ODg2LWIwNjEt
Mjg0ZjdjOTYyMmI1LzEvWDRoYVBCNE5QdDFhSHh1VGV1bkVGTkx1aXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81OTJjZjAtMDNkZi00ODg2LWIwNjEtMjg0ZjdjOTYyMmI1
LzEvc1RDWnc0dGtkNmFNbUFHZjl1QUVDQWdIaTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyMAwDBAAlMOED
BAAlMOQDBAAlMOcDBASKfKADBAK5IFwDBAK5Q+gDBAK5ZoQDBAK5wagwDQQCAAIw
BwMFAyoL3kAwDQYJKoZIhvcNAQELBQADggEBAK5c/P6x7hSBZx5tV6U7EY9Kb7Ko
imLPaxS8z725gThP8CZuC+UY17y2NSaG/ftjON/RT6IuwIstHfYnbBfoKmcGoMzV
PKfvQLCH0k8UfjCTwB3+t6geHBfLoJ9ICh8/4hH8Hk2J0UAxNSvuEl45+BUf6hud
e67LBidv6tCQGm2JfSBEzkPhSH2JQy8x2N990/SQhzdjyNEqEdk6cYkYxy9N1nyF
efEalnClURdsCm1XF8tbkSgVr8lZZLjtmwIqerI15fXhrQncZNEf8E13wRU74edb
oYid9mn8W408DcVJR8HEVmaqi5Ey9OzAmzbvISe5wDhuv2Pa8pVs3wvlNyo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:28 2024 by rpki-client on console-ams.rpki-client.org