Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/9V4E9drvNEi63rg7-BpYPZi0jac.roa
File: 9V4E9drvNEi63rg7-BpYPZi0jac.roa (raw, json)
Hash identifier: EYjqyJIk3XxkoBUal9ZXtSfOPdhdpZ4EzDMnjnLncG8=
Subject key identifier: F5:5E:04:F5:DA:EF:34:48:BA:DE:B8:3B:F8:1A:58:3D:98:B4:8D:A7
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018572470E3C479BEA7500906FEE4D6A28CD
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/9V4E9drvNEi63rg7-BpYPZi0jac.roa
Signing time: Mon 02 Jan 2023 11:38:57 +0000
ROA not before: Mon 02 Jan 2023 11:38:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56534
IP address blocks: 37.139.44.0/22 maxlen: 22
37.139.44.0/24 maxlen: 24
37.139.39.0/24 maxlen: 24
37.139.45.0/24 maxlen: 24
37.139.46.0/24 maxlen: 24
37.139.36.0/22 maxlen: 22
37.139.36.0/24 maxlen: 24
37.139.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:0e:3c:47:9b:ea:75:00:90:6f:ee:4d:6a:28:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f55e04f5daef3448badeb83bf81a583d98b48da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5a:02:cf:18:29:68:aa:ee:cc:ec:85:0a:59:
2d:6a:63:53:11:41:93:b5:d5:76:29:5f:09:c0:0f:
bf:c8:94:a9:5d:1f:44:41:1f:42:8f:4d:99:b2:05:
da:a4:6c:57:90:84:81:07:7e:b8:8d:5f:27:55:6b:
74:32:d0:6f:e1:74:2e:c8:f9:00:75:d2:28:37:22:
a1:13:87:1c:cd:a8:6e:1f:f2:39:29:cf:a8:f0:89:
8d:04:68:0c:5e:43:f3:1e:ac:c5:54:c3:56:8d:18:
c4:00:ce:2a:f4:a0:6a:c3:f9:1b:29:a0:1c:65:ea:
dc:42:f6:b8:63:d3:73:5e:ac:08:58:93:55:95:81:
4d:d5:fd:b3:be:27:20:9e:f4:f3:3f:cc:36:ec:17:
8a:1e:cc:70:5a:67:05:09:f2:bb:3b:3a:0f:ff:11:
f7:df:54:e8:37:1f:a8:97:a1:7e:5e:e8:6d:67:eb:
08:1a:7f:9d:71:2e:ba:5d:a7:72:13:7c:30:3a:82:
98:ef:dd:30:48:6e:09:8c:22:a5:33:02:e1:cc:27:
75:71:3f:41:1d:b5:c8:af:1b:9a:40:87:40:fb:fc:
9d:6d:5a:4d:e0:bf:66:fb:4f:51:82:44:d9:1e:1d:
ab:7e:c8:bc:5f:a4:e1:2b:c4:d5:14:d5:b9:a6:a4:
41:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:5E:04:F5:DA:EF:34:48:BA:DE:B8:3B:F8:1A:58:3D:98:B4:8D:A7
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/9V4E9drvNEi63rg7-BpYPZi0jac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.36.0/22
37.139.44.0/22
Signature Algorithm: sha256WithRSAEncryption
d1:31:08:89:49:43:ce:5d:80:02:37:ee:9f:cb:85:d9:60:12:
de:15:a9:70:44:65:e0:2f:bc:ca:5d:4e:d9:43:0e:0f:41:d6:
4d:b2:c9:f8:aa:45:67:a8:48:70:f3:d6:a9:5d:1b:13:89:f8:
16:4c:e8:57:65:ce:47:55:f9:73:c9:ef:33:ff:d7:af:dc:37:
43:0b:0c:d2:0d:64:24:72:b2:84:36:54:48:75:49:db:af:9d:
88:e4:56:15:08:01:e0:42:42:8f:e2:c9:0b:2d:dc:a5:d4:02:
55:99:9e:b8:96:41:f6:e5:86:ef:57:aa:35:6f:cc:e5:d5:ae:
b9:a6:e8:ae:c8:1d:a2:49:70:fd:73:2c:ba:8b:9e:c8:64:3e:
88:ee:e3:84:dc:22:72:4f:09:ed:07:d5:34:d0:7e:63:68:cd:
55:b1:03:79:1e:a1:f0:3f:95:66:74:1f:a3:58:99:1e:6f:fc:
77:28:a8:17:5c:1b:bc:d8:6f:14:0d:34:73:17:b1:69:0a:da:
87:97:4b:c3:42:86:74:72:d9:f3:b9:ea:77:7e:cb:2b:d3:8f:
9d:29:72:eb:61:e0:ff:f9:de:8e:a5:7b:b9:4b:80:bc:f0:b9:
78:e3:50:08:ae:62:58:78:3f:af:53:ae:dc:ef:21:88:70:7a:
5e:6d:d7:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyRw48R5vqdQCQb+5NaijNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTVlMDRmNWRhZWYzNDQ4YmFkZWI4M2JmODFhNTgzZDk4YjQ4ZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFoCzxgpaKruzOyFClktamNTEUGT
tdV2KV8JwA+/yJSpXR9EQR9Cj02ZsgXapGxXkISBB364jV8nVWt0MtBv4XQuyPkA
ddIoNyKhE4cczahuH/I5Kc+o8ImNBGgMXkPzHqzFVMNWjRjEAM4q9KBqw/kbKaAc
ZercQva4Y9NzXqwIWJNVlYFN1f2zvicgnvTzP8w27BeKHsxwWmcFCfK7OzoP/xH3
31ToNx+ol6F+XuhtZ+sIGn+dcS66XadyE3wwOoKY790wSG4JjCKlMwLhzCd1cT9B
HbXIrxuaQIdA+/ydbVpN4L9m+09RgkTZHh2rfsi8X6ThK8TVFNW5pqRBZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPVeBPXa7zRIut64O/gaWD2YtI2nMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvOVY0RTlkcnZORWk2M3JnNy1CcFlQWmkwamFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJYskAwQC
JYssMA0GCSqGSIb3DQEBCwUAA4IBAQDRMQiJSUPOXYACN+6fy4XZYBLeFalwRGXg
L7zKXU7ZQw4PQdZNssn4qkVnqEhw89apXRsTifgWTOhXZc5HVflzye8z/9ev3DdD
CwzSDWQkcrKENlRIdUnbr52I5FYVCAHgQkKP4skLLdyl1AJVmZ64lkH25YbvV6o1
b8zl1a65puiuyB2iSXD9cyy6i57IZD6I7uOE3CJyTwntB9U00H5jaM1VsQN5HqHw
P5VmdB+jWJkeb/x3KKgXXBu82G8UDTRzF7FpCtqHl0vDQoZ0ctnzuep3fssr04+d
KXLrYeD/+d6OpXu5S4C88Ll441AIrmJYeD+vU67c7yGIcHpebde6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org