Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/4CCwoDvVz37WCgTEcjfOO81myx8.roa
File: 4CCwoDvVz37WCgTEcjfOO81myx8.roa (raw, json)
Hash identifier: b3SCaXfYBhUdCVngxiWYqn8wang0GLBuLnINM3qV2QU=
Subject key identifier: E0:20:B0:A0:3B:D5:CF:7E:D6:0A:04:C4:72:37:CE:3B:CD:66:CB:1F
Certificate issuer: /CN=36574be6ae76cd523b33787cfbdb69264263d074
Certificate serial: 018CC7276374122910FD050917A0CB7A71AE
Authority key identifier: 36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/4CCwoDvVz37WCgTEcjfOO81myx8.roa
Signing time: Mon 01 Jan 2024 22:31:36 +0000
ROA not before: Mon 01 Jan 2024 22:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200873
IP address blocks: 37.221.99.0/24 maxlen: 24
185.67.236.0/23 maxlen: 23
185.67.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:63:74:12:29:10:fd:05:09:17:a0:cb:7a:71:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36574be6ae76cd523b33787cfbdb69264263d074
Validity
Not Before: Jan 1 22:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e020b0a03bd5cf7ed60a04c47237ce3bcd66cb1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:79:4a:1d:84:a7:0d:bf:a7:48:ae:f4:e2:c5:
2c:c6:a6:30:02:22:47:56:50:44:4b:71:95:a1:d6:
ce:ee:d5:29:66:ea:a3:55:0f:0f:3c:0e:b4:cd:ea:
a6:19:af:fb:c7:aa:15:c4:a4:8b:16:f0:c3:1a:7e:
b6:d6:06:55:32:59:e1:94:f5:cc:44:1e:0d:c9:ee:
df:95:b8:f8:63:a2:44:f5:80:51:eb:0e:f6:40:3f:
2d:43:cb:48:c4:f4:a1:f3:11:9a:7a:24:06:fc:b2:
ee:61:8c:e2:41:e3:be:51:14:8f:92:0e:10:e6:7e:
d6:8b:d6:0d:c5:9d:e7:14:ae:bd:04:78:b4:61:77:
9e:7d:d9:cc:e6:7d:94:5b:22:ed:f2:ab:48:f9:37:
19:60:b4:66:77:27:f5:07:a0:4e:d5:18:0e:05:9e:
a3:f1:36:72:bb:99:18:8f:c6:bb:14:8a:6b:58:00:
a8:98:f8:a8:b7:c1:33:34:10:66:75:8b:68:58:78:
79:35:57:db:e1:2c:be:9d:7d:a2:45:99:ed:7a:56:
35:70:79:fd:50:4d:b4:04:a3:79:3b:d6:90:0b:6f:
34:13:80:a8:16:50:8a:ca:12:1d:c0:71:6e:b4:07:
20:6b:37:e0:99:d0:13:85:41:26:d3:66:0b:04:ff:
b5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:20:B0:A0:3B:D5:CF:7E:D6:0A:04:C4:72:37:CE:3B:CD:66:CB:1F
X509v3 Authority Key Identifier:
keyid:36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/4CCwoDvVz37WCgTEcjfOO81myx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/NldL5q52zVI7M3h8-9tpJkJj0HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.99.0/24
185.67.236.0-185.67.238.255
Signature Algorithm: sha256WithRSAEncryption
5a:09:2c:5c:ee:e9:d7:f2:fd:00:03:bc:b3:04:4b:e3:8d:a8:
1a:39:b0:00:d4:b2:88:3c:9a:05:84:1d:5d:cf:fc:26:85:85:
26:d0:ce:e0:93:f8:af:1d:97:b4:3c:6c:f8:69:a7:a7:d2:e8:
c6:74:e4:f3:28:13:4e:dc:7d:b2:34:c6:f3:a2:e2:cd:09:2e:
b8:36:27:df:70:c3:fd:e9:53:e1:7c:c1:91:58:68:90:1a:72:
56:60:79:14:a7:77:b8:41:f9:9c:e9:53:e6:08:9a:3c:de:bd:
81:a2:b5:87:f3:f6:2c:01:cd:17:c3:8e:6e:8a:4e:02:51:fb:
a0:34:46:07:f3:b7:78:47:bd:5e:b9:14:9c:52:5c:f6:83:de:
93:c9:f2:c8:56:2e:9f:f8:7e:95:be:ef:6d:d5:19:73:fb:15:
ca:4f:39:ea:04:db:24:9c:5d:37:5d:9e:72:e4:e1:ff:67:9c:
31:af:8b:62:b6:56:18:ea:9a:d7:9c:a6:7c:93:8b:28:41:a2:
61:8e:cc:2b:89:06:81:15:c0:57:2f:3b:60:ff:86:a1:71:8e:
4f:bc:fd:b9:24:31:f3:28:f1:40:db:c3:de:1a:56:8c:b1:ff:
f0:94:a6:d0:2a:1a:93:81:9f:19:35:6d:27:dd:6b:4e:29:ee:
bc:6b:71:f9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHJ2N0EikQ/QUJF6DLenGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NTc0YmU2YWU3NmNkNTIzYjMzNzg3Y2ZiZGI2OTI2NDI2
M2QwNzQwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDIwYjBhMDNiZDVjZjdlZDYwYTA0YzQ3MjM3Y2UzYmNkNjZjYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXlKHYSnDb+nSK704sUsxqYwAiJH
VlBES3GVodbO7tUpZuqjVQ8PPA60zeqmGa/7x6oVxKSLFvDDGn621gZVMlnhlPXM
RB4Nye7flbj4Y6JE9YBR6w72QD8tQ8tIxPSh8xGaeiQG/LLuYYziQeO+URSPkg4Q
5n7Wi9YNxZ3nFK69BHi0YXeefdnM5n2UWyLt8qtI+TcZYLRmdyf1B6BO1RgOBZ6j
8TZyu5kYj8a7FIprWAComPiot8EzNBBmdYtoWHh5NVfb4Sy+nX2iRZntelY1cHn9
UE20BKN5O9aQC280E4CoFlCKyhIdwHFutAcgazfgmdAThUEm02YLBP+1OwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOAgsKA71c9+1goExHI3zjvNZssfMB8GA1UdIwQY
MBaAFDZXS+auds1SOzN4fPvbaSZCY9B0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmxkTDVxNTJ6Vkk3TTNoOC05dHBKa0pqMEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS83ZTFkOTQtMTg1NC00NzNkLTg3NTMt
MThkZWQ4MGI0YjVkLzEvNENDd29EdlZ6MzdXQ2dURWNqZk9PODFteXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS83ZTFkOTQtMTg1NC00NzNkLTg3NTMtMThkZWQ4MGI0YjVk
LzEvTmxkTDVxNTJ6Vkk3TTNoOC05dHBKa0pqMEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAJd1jMAwD
BAK5Q+wDBAC5Q+4wDQYJKoZIhvcNAQELBQADggEBAFoJLFzu6dfy/QADvLMES+ON
qBo5sADUsog8mgWEHV3P/CaFhSbQzuCT+K8dl7Q8bPhpp6fS6MZ05PMoE07cfbI0
xvOi4s0JLrg2J99ww/3pU+F8wZFYaJAaclZgeRSnd7hB+ZzpU+YImjzevYGitYfz
9iwBzRfDjm6KTgJR+6A0Rgfzt3hHvV65FJxSXPaD3pPJ8shWLp/4fpW+723VGXP7
FcpPOeoE2yScXTddnnLk4f9nnDGvi2K2VhjqmtecpnyTiyhBomGOzCuJBoEVwFcv
O2D/hqFxjk+8/bkkMfMo8UDbw94aVoyx//CUptAqGpOBnxk1bSfda04p7rxrcfk=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:06 2025 by rpki-client