Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/aNduelSTjA9FEQaY3xeEcqP4Lms.roa
File: aNduelSTjA9FEQaY3xeEcqP4Lms.roa (raw, json)
Hash identifier: T1Z726h+D9npTphqKZ4ngZvahiSMkyarwCFaL6/Z2rY=
Subject key identifier: 68:D7:6E:7A:54:93:8C:0F:45:11:06:98:DF:17:84:72:A3:F8:2E:6B
Certificate issuer: /CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Certificate serial: 018CC649AC2CF8D3E87881829D89DFAA438D
Authority key identifier: 6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/aNduelSTjA9FEQaY3xeEcqP4Lms.roa
Signing time: Mon 01 Jan 2024 18:29:26 +0000
ROA not before: Mon 01 Jan 2024 18:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201749
IP address blocks: 37.205.112.0/24 maxlen: 24
37.205.112.0/22 maxlen: 22
37.205.116.0/22 maxlen: 22
37.205.117.0/24 maxlen: 24
37.205.116.0/24 maxlen: 24
37.205.113.0/24 maxlen: 24
37.205.115.0/24 maxlen: 24
37.205.114.0/24 maxlen: 24
37.205.118.0/24 maxlen: 24
37.205.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 08:44:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:ac:2c:f8:d3:e8:78:81:82:9d:89:df:aa:43:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Validity
Not Before: Jan 1 18:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68d76e7a54938c0f45110698df178472a3f82e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a9:a2:55:0a:ec:1c:f0:cd:54:4e:70:5c:b1:
6c:48:b8:28:7a:a4:01:5f:9f:45:34:22:a1:6e:c8:
7e:ec:d0:d0:00:42:ad:ee:74:29:b9:26:89:e2:14:
20:ae:16:e4:82:4a:a1:e8:d5:97:32:77:d9:6b:62:
71:26:52:b9:10:b0:3a:b4:32:51:d5:4e:d3:bf:fd:
5c:3c:22:c0:2f:cf:05:d2:2f:72:1d:98:ae:e5:27:
ad:fe:30:49:a1:f7:02:98:0f:e9:37:88:a7:5a:2e:
21:8b:35:5d:ee:a0:84:a4:ae:48:7f:6e:e9:5a:25:
c4:e3:a7:a7:e2:69:8c:db:e9:64:94:72:02:b6:48:
9e:e4:8d:1f:67:59:7a:13:08:1f:e8:89:f5:fe:08:
e6:fe:05:ec:80:43:34:b3:82:9b:5b:5b:43:f4:35:
3a:da:00:a9:08:02:8d:45:14:d1:58:23:ae:12:de:
51:f2:39:9d:27:32:46:68:1d:d2:11:8b:76:fb:2d:
4f:df:3e:8d:70:54:ad:51:fa:23:91:89:be:66:c4:
9e:eb:ec:ec:76:f6:0d:e3:56:af:98:ec:be:19:ae:
60:de:e5:3c:fd:2d:e9:fe:5e:37:2e:c6:4e:d9:ec:
92:de:12:67:bf:24:66:c0:3a:2f:f2:c4:b2:e3:fd:
9d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D7:6E:7A:54:93:8C:0F:45:11:06:98:DF:17:84:72:A3:F8:2E:6B
X509v3 Authority Key Identifier:
keyid:6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/aNduelSTjA9FEQaY3xeEcqP4Lms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.112.0/21
Signature Algorithm: sha256WithRSAEncryption
01:1f:7f:45:c5:b3:70:af:86:3e:f8:32:24:6f:31:85:e4:9c:
6c:32:d6:3f:8e:b7:64:2c:ea:4c:26:b5:81:e2:b8:d3:c4:77:
e0:4d:0d:11:34:bb:d0:e9:c6:bf:a5:32:2a:48:13:e1:f1:f2:
08:07:f2:92:6e:8a:26:4f:56:b1:aa:1d:61:03:16:0c:59:5d:
ba:85:eb:9d:90:47:26:01:19:af:cb:5f:cc:cc:42:11:5e:b5:
27:6a:7c:2d:93:55:44:e0:d2:68:46:f7:3b:b2:45:2a:6f:26:
5b:e7:0e:3e:60:ae:b1:01:b4:86:35:d3:43:53:52:a8:df:85:
4d:73:22:dc:60:f0:aa:34:69:98:12:7e:24:38:6e:2b:7b:e2:
ae:b8:22:73:c3:75:7c:db:99:60:af:d2:23:a3:b0:99:98:21:
c5:68:50:c2:9e:e7:ad:27:54:ac:e7:9e:4e:44:4c:11:03:98:
ce:c4:c9:38:17:5f:98:1d:9e:65:d7:ef:00:2b:78:07:3c:8d:
4c:a6:4f:bb:c9:89:0a:cf:6e:25:a4:47:c0:36:e7:37:52:4f:
49:df:17:d5:09:02:3a:44:ce:2b:cb:71:ac:5c:6a:c3:3d:a3:
73:c9:95:2f:98:87:b9:83:d1:f4:03:26:68:f4:a6:68:2b:b6:
c9:9e:40:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSaws+NPoeIGCnYnfqkONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2Q1Y2FkNGQzMzA2YzRmNzJjNDJhZmMwNmU1Y2QxZmJh
ZmUzYTMwHhcNMjQwMTAxMTgyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQ3NmU3YTU0OTM4YzBmNDUxMTA2OThkZjE3ODQ3MmEzZjgyZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqmiVQrsHPDNVE5wXLFsSLgoeqQB
X59FNCKhbsh+7NDQAEKt7nQpuSaJ4hQgrhbkgkqh6NWXMnfZa2JxJlK5ELA6tDJR
1U7Tv/1cPCLAL88F0i9yHZiu5Set/jBJofcCmA/pN4inWi4hizVd7qCEpK5If27p
WiXE46en4mmM2+lklHICtkie5I0fZ1l6Ewgf6In1/gjm/gXsgEM0s4KbW1tD9DU6
2gCpCAKNRRTRWCOuEt5R8jmdJzJGaB3SEYt2+y1P3z6NcFStUfojkYm+ZsSe6+zs
dvYN41avmOy+Ga5g3uU8/S3p/l43LsZO2eyS3hJnvyRmwDov8sSy4/2d7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjXbnpUk4wPRREGmN8XhHKj+C5rMB8GA1UdIwQY
MBaAFG7NXK1NMwbE9yxCr8BuXNH7r+OjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgt
NWZiYzIzMGFiZGMyLzEvYU5kdWVsU1RqQTlGRVFhWTN4ZUVjcVA0TG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgtNWZiYzIzMGFiZGMy
LzEvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJc1wMA0G
CSqGSIb3DQEBCwUAA4IBAQABH39FxbNwr4Y++DIkbzGF5JxsMtY/jrdkLOpMJrWB
4rjTxHfgTQ0RNLvQ6ca/pTIqSBPh8fIIB/KSboomT1axqh1hAxYMWV26heudkEcm
ARmvy1/MzEIRXrUnanwtk1VE4NJoRvc7skUqbyZb5w4+YK6xAbSGNdNDU1Ko34VN
cyLcYPCqNGmYEn4kOG4re+KuuCJzw3V825lgr9Ijo7CZmCHFaFDCnuetJ1Ss555O
REwRA5jOxMk4F1+YHZ5l1+8AK3gHPI1Mpk+7yYkKz24lpEfANuc3Uk9J3xfVCQI6
RM4ry3GsXGrDPaNzyZUvmIe5g9H0AyZo9KZoK7bJnkAU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:33 2025 by rpki-client