Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/Kvr5e2UnxOOHaQg5acH2jsxGbiI.roa
File: Kvr5e2UnxOOHaQg5acH2jsxGbiI.roa (raw, json)
Hash identifier: 3ncnwVmPbA3b/xE7TJlF2X5ZWiNw575eKzhYpfu4d/4=
Subject key identifier: 2A:FA:F9:7B:65:27:C4:E3:87:69:08:39:69:C1:F6:8E:CC:46:6E:22
Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Certificate serial: 0192251C5EB53919A4A3D36AA52BB62EB39E
Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/Kvr5e2UnxOOHaQg5acH2jsxGbiI.roa
Signing time: Tue 24 Sep 2024 17:37:49 +0000
ROA not before: Tue 24 Sep 2024 17:37:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 37.77.21.0/24 maxlen: 24
37.77.22.0/24 maxlen: 24
37.77.28.0/24 maxlen: 24
37.77.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 09:19:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:25:1c:5e:b5:39:19:a4:a3:d3:6a:a5:2b:b6:2e:b3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Validity
Not Before: Sep 24 17:37:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2afaf97b6527c4e38769083969c1f68ecc466e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a1:86:35:81:c8:43:2c:82:74:aa:ed:06:37:
37:a7:d8:2f:6a:80:8a:74:d8:f4:a0:ca:af:8a:ed:
74:34:9f:c0:11:f8:82:2b:34:17:34:c2:bb:5e:11:
91:e0:91:28:43:f2:fb:79:4e:63:40:b4:2f:e3:87:
b9:95:af:a5:dc:d3:fc:41:32:c5:d4:a5:39:6a:1e:
5b:0d:7c:d6:04:ab:81:c7:24:90:4c:db:bb:01:31:
ac:f9:28:5f:0c:c2:e0:02:0e:ba:81:b8:8a:d2:34:
cc:33:be:1e:24:bf:6b:a6:e0:99:e1:7e:72:63:3d:
a4:30:0b:bc:2f:a3:25:ea:76:27:2a:92:51:52:36:
2e:8e:54:2f:6a:2d:7e:34:3b:50:9c:cd:1d:80:98:
58:7f:0d:79:3f:5d:a0:65:13:4f:04:13:3d:0a:65:
83:cb:71:ad:69:21:03:6c:63:22:e6:19:b5:a6:fd:
e5:27:98:16:e5:89:c7:ea:d2:fa:55:94:3c:21:50:
17:67:85:89:48:20:ac:fc:74:75:c8:19:ac:67:8a:
d1:d4:8d:64:b6:c4:d7:6e:ed:3d:5a:9d:a7:65:da:
78:eb:d6:46:0d:79:85:fa:63:7a:18:92:c3:22:23:
3b:f7:cf:97:c4:69:22:30:2e:c3:a8:ef:2d:58:7f:
fb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FA:F9:7B:65:27:C4:E3:87:69:08:39:69:C1:F6:8E:CC:46:6E:22
X509v3 Authority Key Identifier:
keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/Kvr5e2UnxOOHaQg5acH2jsxGbiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.21.0-37.77.22.255
37.77.28.0/23
Signature Algorithm: sha256WithRSAEncryption
99:0b:26:14:a5:24:af:2d:a3:4a:e1:82:70:81:43:0a:27:28:
1c:87:8c:12:ce:a8:98:9d:64:b1:54:13:56:d3:cc:b8:50:8c:
02:b1:ee:b3:96:89:cb:11:60:ae:91:3b:2c:99:ef:58:0b:1e:
83:26:f1:94:b8:69:11:40:05:f3:aa:e5:3a:e8:e7:3a:24:6a:
7a:dc:ae:c9:33:b0:03:c3:47:cc:b4:17:a9:50:64:63:c4:f7:
93:6c:61:99:d3:b9:94:fd:da:62:9c:13:9c:0b:5d:5f:3d:4f:
31:d8:65:f1:74:62:28:a2:3a:25:7b:80:59:b1:5b:14:1a:fa:
5d:10:db:7a:ad:fa:18:b8:9d:e5:85:67:04:2f:e2:9a:fc:72:
03:c8:58:a3:83:a6:84:69:6d:61:d3:a1:37:8f:38:cb:a2:46:
fb:fd:1d:f3:3e:62:13:4b:a0:6d:49:6a:e2:ba:3c:19:06:8a:
06:37:49:57:72:68:78:f5:b9:62:a8:34:60:60:ea:3b:be:81:
cf:9b:d5:48:68:a5:1a:30:45:56:ab:f6:a0:e4:45:52:79:62:
4b:4e:30:5e:04:81:81:a1:2b:d8:3c:13:52:5e:a9:30:e5:af:
4d:bd:8a:1a:c6:69:ca:51:8f:ce:af:d1:90:08:04:5a:ab:85:
e6:c9:3c:a5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZIlHF61ORmko9NqpSu2LrOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh
NTI2ZDgwHhcNMjQwOTI0MTczNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZhZjk3YjY1MjdjNGUzODc2OTA4Mzk2OWMxZjY4ZWNjNDY2ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6aGGNYHIQyyCdKrtBjc3p9gvaoCK
dNj0oMqviu10NJ/AEfiCKzQXNMK7XhGR4JEoQ/L7eU5jQLQv44e5la+l3NP8QTLF
1KU5ah5bDXzWBKuBxySQTNu7ATGs+ShfDMLgAg66gbiK0jTMM74eJL9rpuCZ4X5y
Yz2kMAu8L6Ml6nYnKpJRUjYujlQvai1+NDtQnM0dgJhYfw15P12gZRNPBBM9CmWD
y3GtaSEDbGMi5hm1pv3lJ5gW5YnH6tL6VZQ8IVAXZ4WJSCCs/HR1yBmsZ4rR1I1k
tsTXbu09Wp2nZdp469ZGDXmF+mN6GJLDIiM798+XxGkiMC7DqO8tWH/7zwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCr6+XtlJ8Tjh2kIOWnB9o7MRm4iMB8GA1UdIwQY
MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt
MWU4MjlmZmExYzNhLzEvS3ZyNWUyVW54T09IYVFnNWFjSDJqc3hHYmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh
LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAlTRUD
BAAlTRYDBAElTRwwDQYJKoZIhvcNAQELBQADggEBAJkLJhSlJK8to0rhgnCBQwon
KByHjBLOqJidZLFUE1bTzLhQjAKx7rOWicsRYK6ROyyZ71gLHoMm8ZS4aRFABfOq
5Tro5zokanrcrskzsAPDR8y0F6lQZGPE95NsYZnTuZT92mKcE5wLXV89TzHYZfF0
YiiiOiV7gFmxWxQa+l0Q23qt+hi4neWFZwQv4pr8cgPIWKODpoRpbWHToTePOMui
Rvv9HfM+YhNLoG1JauK6PBkGigY3SVdyaHj1uWKoNGBg6ju+gc+b1UhopRowRVar
9qDkRVJ5YktOMF4EgYGhK9g8E1JeqTDlr029ihrGacpRj86v0ZAIBFqrhebJPKU=
-----END CERTIFICATE-----
Generated at Thu Oct 10 12:45:06 2024 by rpki-client on console-fra.rpki-client.org