Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/sRVPQLIzfj2IzxX6tuu9STSn45w.roa
File: sRVPQLIzfj2IzxX6tuu9STSn45w.roa (raw, json)
Hash identifier: tQ3B4Vhhm9ZkBob1jRvjdPmbkv69eRzneEeON4ctj0s=
Subject key identifier: B1:15:4F:40:B2:33:7E:3D:88:CF:15:FA:B6:EB:BD:49:34:A7:E3:9C
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 01863A664D64AA866B5DDA31B715DF7E012C
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/sRVPQLIzfj2IzxX6tuu9STSn45w.roa
Signing time: Fri 10 Feb 2023 08:17:08 +0000
ROA not before: Fri 10 Feb 2023 08:17:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34373
IP address blocks: 37.143.37.0/24 maxlen: 24
37.143.36.0/24 maxlen: 24
37.143.36.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:66:4d:64:aa:86:6b:5d:da:31:b7:15:df:7e:01:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Feb 10 08:17:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1154f40b2337e3d88cf15fab6ebbd4934a7e39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1b:f3:4d:08:3a:c4:e2:ff:28:cf:5e:5d:9f:
a0:79:72:69:f6:e6:28:2f:bb:21:f2:78:e0:9a:1d:
80:f5:95:70:61:a5:80:1c:49:f3:97:4c:0c:84:af:
1f:3d:a0:93:7d:5f:cf:52:b4:f1:f6:71:c7:f3:1c:
ea:ed:50:17:fb:c5:a7:be:1f:23:de:2b:e5:2a:2a:
dd:07:d4:b6:2a:91:30:5a:20:9f:a8:a7:ff:fc:b2:
92:16:5a:ed:18:bf:6f:dd:7a:94:bc:e0:2b:ea:be:
7a:92:16:5a:44:e5:9f:93:cc:a0:c9:dc:66:09:b0:
24:78:2a:0b:74:62:62:af:2a:79:f9:67:d7:46:e2:
ea:12:fa:92:6b:ef:35:57:ca:54:0c:0d:7a:4c:80:
4e:3b:e1:6e:4e:e1:8b:fc:bc:f7:aa:0a:02:5b:a6:
36:2d:55:e5:22:31:8b:75:a1:65:cb:dd:84:b8:97:
65:b5:a2:64:29:29:d2:c9:bd:fd:64:8b:23:d3:8f:
b2:5b:73:65:d9:a1:ed:b9:6b:58:c3:b3:c4:7e:20:
2b:49:bd:1b:ff:30:2f:4c:e1:28:09:03:51:eb:8e:
de:26:90:f5:18:ce:bc:1b:12:bb:ed:44:c3:ce:fe:
bb:43:52:8e:56:6d:b9:80:bd:28:69:d4:19:6a:e9:
6c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:15:4F:40:B2:33:7E:3D:88:CF:15:FA:B6:EB:BD:49:34:A7:E3:9C
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/sRVPQLIzfj2IzxX6tuu9STSn45w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.36.0/23
Signature Algorithm: sha256WithRSAEncryption
d7:2f:41:f0:b2:5e:02:3b:84:56:3b:e1:7f:4b:23:c9:d4:36:
3a:11:95:a9:bb:9f:bd:7a:cf:6a:3c:a7:bf:53:66:eb:a1:b9:
40:21:17:08:43:21:ae:8a:99:73:a0:7f:94:47:3b:2d:7d:23:
6d:36:6d:e0:49:57:fc:41:b8:29:f9:96:9d:a3:d6:62:2b:ca:
27:d9:dc:28:a9:89:57:ec:97:80:79:e9:27:fe:b3:65:39:90:
5f:47:86:9c:03:a6:9e:91:bb:a9:b4:b1:92:43:2e:a5:6e:aa:
ff:4e:92:83:e7:06:47:39:04:a1:7c:c1:40:a2:9d:65:be:9d:
b8:3d:6f:d1:7b:28:fc:cc:c0:fb:e8:68:a6:e9:be:eb:d7:80:
dd:fa:37:12:48:52:3e:bc:08:89:5d:24:0e:3c:1b:a0:7a:7d:
08:af:4a:2a:82:70:3a:b7:00:76:1c:01:07:ca:37:99:4a:24:
eb:69:c3:d3:9a:bc:0a:05:16:23:a4:30:7c:19:d9:21:b8:00:
02:cd:16:a5:99:73:1d:b8:81:2a:2a:17:58:8f:53:ee:45:22:
91:aa:b7:28:a9:50:a7:aa:b5:d8:64:3f:cb:81:20:9a:33:2e:
c5:af:97:89:de:a5:14:ad:02:80:95:0e:3f:18:c0:d1:6f:75:
ba:f5:2f:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY6Zk1kqoZrXdoxtxXffgEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjMwMjEwMDgxNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTE1NGY0MGIyMzM3ZTNkODhjZjE1ZmFiNmViYmQ0OTM0YTdlMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRvzTQg6xOL/KM9eXZ+geXJp9uYo
L7sh8njgmh2A9ZVwYaWAHEnzl0wMhK8fPaCTfV/PUrTx9nHH8xzq7VAX+8Wnvh8j
3ivlKirdB9S2KpEwWiCfqKf//LKSFlrtGL9v3XqUvOAr6r56khZaROWfk8ygydxm
CbAkeCoLdGJiryp5+WfXRuLqEvqSa+81V8pUDA16TIBOO+FuTuGL/Lz3qgoCW6Y2
LVXlIjGLdaFly92EuJdltaJkKSnSyb39ZIsj04+yW3Nl2aHtuWtYw7PEfiArSb0b
/zAvTOEoCQNR647eJpD1GM68GxK77UTDzv67Q1KOVm25gL0oadQZaulswwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEVT0CyM349iM8V+rbrvUk0p+OcMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEvc1JWUFFMSXpmajJJenhYNnR1dTlTVFNuNDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx
LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJY8kMA0G
CSqGSIb3DQEBCwUAA4IBAQDXL0Hwsl4CO4RWO+F/SyPJ1DY6EZWpu5+9es9qPKe/
U2broblAIRcIQyGuiplzoH+URzstfSNtNm3gSVf8Qbgp+Zado9ZiK8on2dwoqYlX
7JeAeekn/rNlOZBfR4acA6aekbuptLGSQy6lbqr/TpKD5wZHOQShfMFAop1lvp24
PW/Reyj8zMD76Gim6b7r14Dd+jcSSFI+vAiJXSQOPBugen0Ir0oqgnA6twB2HAEH
yjeZSiTracPTmrwKBRYjpDB8GdkhuAACzRalmXMduIEqKhdYj1PuRSKRqrcoqVCn
qrXYZD/LgSCaMy7Fr5eJ3qUUrQKAlQ4/GMDRb3W69S/j
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:12 2024 by rpki-client on console-ams.rpki-client.org