Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/wA43RwIjR4yXHvs75Ry-xkZe9sY.roa
File: wA43RwIjR4yXHvs75Ry-xkZe9sY.roa (raw, json)
Hash identifier: m7XzizH48w2LjNQRhYsnEKQ6uwun8Z7RBiLWhXV5h5I=
Subject key identifier: C0:0E:37:47:02:23:47:8C:97:1E:FB:3B:E5:1C:BE:C6:46:5E:F6:C6
Certificate issuer: /CN=e8f239a70043734172d26378bf2106ae72552187
Certificate serial: 018CC425378AD106DDBC4491F5BC3BE08FD3
Authority key identifier: E8:F2:39:A7:00:43:73:41:72:D2:63:78:BF:21:06:AE:72:55:21:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/wA43RwIjR4yXHvs75Ry-xkZe9sY.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31042
IP address blocks: 37.0.64.0/21 maxlen: 24
79.140.144.0/20 maxlen: 24
185.12.40.0/22 maxlen: 24
185.80.96.0/22 maxlen: 24
89.207.192.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:37:8a:d1:06:dd:bc:44:91:f5:bc:3b:e0:8f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8f239a70043734172d26378bf2106ae72552187
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c00e37470223478c971efb3be51cbec6465ef6c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5b:b8:05:38:3e:3b:ba:45:f7:c2:a0:6e:df:
af:b3:d6:3b:f4:09:1a:38:f6:c0:e5:35:6f:e1:ba:
60:1d:75:6b:d0:bb:f6:60:18:70:18:cd:03:cc:12:
72:48:fe:da:18:96:af:c7:09:71:7d:03:46:62:ea:
8a:8e:a2:aa:2f:ef:6f:ee:62:eb:84:47:74:3a:e2:
58:45:5b:cf:1d:fb:09:72:ca:b2:14:ab:c5:57:3f:
9b:8e:7d:bf:fb:98:68:32:0f:c9:98:84:06:b9:4b:
0c:9b:dc:7f:7c:c9:a4:29:23:29:d9:8f:e3:98:8e:
03:80:b0:c6:12:75:00:02:9a:51:b4:cf:49:45:a0:
44:ac:94:ca:5e:5b:5f:ae:be:f2:02:fe:ce:d4:30:
b7:d2:37:a8:1e:d2:a3:aa:ce:d8:42:9e:34:81:74:
40:8a:56:3e:66:f2:e3:04:33:e0:56:c2:79:65:3e:
42:ea:0a:ba:f9:32:d2:10:b4:49:f2:75:29:db:54:
8d:72:3a:a0:ac:0c:8d:2f:03:34:15:02:d3:c6:b5:
bc:fb:5d:16:8d:06:82:50:77:a2:f1:6d:5e:2b:d9:
91:3d:22:50:1c:b5:fa:54:44:bf:6b:e5:59:41:c4:
59:30:55:8d:31:76:a7:1c:2b:00:10:cf:aa:89:62:
06:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0E:37:47:02:23:47:8C:97:1E:FB:3B:E5:1C:BE:C6:46:5E:F6:C6
X509v3 Authority Key Identifier:
keyid:E8:F2:39:A7:00:43:73:41:72:D2:63:78:BF:21:06:AE:72:55:21:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/wA43RwIjR4yXHvs75Ry-xkZe9sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.64.0/21
79.140.144.0/20
89.207.192.0/21
185.12.40.0/22
185.80.96.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:12:e4:7e:1c:1f:93:69:99:a0:4c:56:b0:69:05:ba:13:6a:
70:cc:ba:1d:a2:66:3f:0a:ab:13:48:87:30:47:a8:26:9a:13:
c6:67:8f:02:35:e5:3e:e1:d4:8c:12:d4:bc:64:d6:0c:c2:0d:
38:6d:89:b5:9a:ac:87:aa:97:7b:40:d4:4c:f4:f5:62:81:3f:
64:c5:4a:e6:e1:39:a7:9e:5a:f8:ad:4b:29:6e:62:3f:dc:4b:
72:eb:f0:f3:82:f9:53:45:4a:d1:13:64:e8:5e:74:ed:a5:65:
f8:9c:11:1e:19:1e:7b:27:57:66:14:0e:9a:ed:3a:95:d1:d0:
fd:f9:d2:bd:f9:86:ff:8d:a4:92:3a:77:b7:9e:d1:02:ca:1c:
37:bf:c2:07:46:0d:25:9a:64:f9:99:77:8f:bc:9e:19:c4:04:
dc:4e:5b:b2:6d:4b:a8:a7:30:5d:89:68:dd:ed:d8:70:8f:a2:
bd:83:88:c8:0b:c2:4d:52:f0:de:59:5f:f3:c1:ff:6b:78:15:
16:cd:7f:32:95:6b:88:27:05:03:7e:85:3a:f7:0c:5a:d3:e7:
20:2a:20:e8:8a:bb:46:eb:40:b1:1c:12:f3:e1:f3:9e:9b:f1:
27:8d:da:7d:99:bd:6d:3c:13:e1:15:be:c4:69:f5:3a:2e:a9:
d9:25:fa:b4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJTeK0QbdvESR9bw74I/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZjIzOWE3MDA0MzczNDE3MmQyNjM3OGJmMjEwNmFlNzI1
NTIxODcwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDBlMzc0NzAyMjM0NzhjOTcxZWZiM2JlNTFjYmVjNjQ2NWVmNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1u4BTg+O7pF98Kgbt+vs9Y79Aka
OPbA5TVv4bpgHXVr0Lv2YBhwGM0DzBJySP7aGJavxwlxfQNGYuqKjqKqL+9v7mLr
hEd0OuJYRVvPHfsJcsqyFKvFVz+bjn2/+5hoMg/JmIQGuUsMm9x/fMmkKSMp2Y/j
mI4DgLDGEnUAAppRtM9JRaBErJTKXltfrr7yAv7O1DC30jeoHtKjqs7YQp40gXRA
ilY+ZvLjBDPgVsJ5ZT5C6gq6+TLSELRJ8nUp21SNcjqgrAyNLwM0FQLTxrW8+10W
jQaCUHei8W1eK9mRPSJQHLX6VES/a+VZQcRZMFWNMXanHCsAEM+qiWIGdQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMAON0cCI0eMlx77O+UcvsZGXvbGMB8GA1UdIwQY
MBaAFOjyOacAQ3NBctJjeL8hBq5yVSGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlBJNXB3QkRjMEZ5MG1ONHZ5RUdybkpWSVljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy80ZTkwMmEtMjk5Zi00ZGE3LTlhNmQt
NjY5YmQxMTNhMTc4LzEvd0E0M1J3SWpSNHlYSHZzNzVSeS14a1plOXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy80ZTkwMmEtMjk5Zi00ZGE3LTlhNmQtNjY5YmQxMTNhMTc4
LzEvNlBJNXB3QkRjMEZ5MG1ONHZ5RUdybkpWSVljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJQBAAwQE
T4yQAwQDWc/AAwQCuQwoAwQCuVBgMA0GCSqGSIb3DQEBCwUAA4IBAQB6EuR+HB+T
aZmgTFawaQW6E2pwzLodomY/CqsTSIcwR6gmmhPGZ48CNeU+4dSMEtS8ZNYMwg04
bYm1mqyHqpd7QNRM9PVigT9kxUrm4Tmnnlr4rUspbmI/3Ety6/DzgvlTRUrRE2To
XnTtpWX4nBEeGR57J1dmFA6a7TqV0dD9+dK9+Yb/jaSSOne3ntECyhw3v8IHRg0l
mmT5mXePvJ4ZxATcTluybUuopzBdiWjd7dhwj6K9g4jIC8JNUvDeWV/zwf9reBUW
zX8ylWuIJwUDfoU69wxa0+cgKiDoirtG60CxHBLz4fOem/Enjdp9mb1tPBPhFb7E
afU6LqnZJfq0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:36 2025 by rpki-client