Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/AYhFVY02Xdb21wmVSGfK1SfTgOE.roa
File: AYhFVY02Xdb21wmVSGfK1SfTgOE.roa (raw, json)
Hash identifier: qWt6NCMMDnsWFv0OOoIAQ0cEPhVYIvTu7x4nco7i2/M=
Subject key identifier: 01:88:45:55:8D:36:5D:D6:F6:D7:09:95:48:67:CA:D5:27:D3:80:E1
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018607E019C85F68F63E2750CB38EED9C1B2
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/AYhFVY02Xdb21wmVSGfK1SfTgOE.roa
Signing time: Tue 31 Jan 2023 12:49:32 +0000
ROA not before: Tue 31 Jan 2023 12:49:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56534
IP address blocks: 37.139.44.0/22 maxlen: 22
37.139.44.0/24 maxlen: 24
37.139.39.0/24 maxlen: 24
37.139.45.0/24 maxlen: 24
37.139.46.0/24 maxlen: 24
37.139.36.0/22 maxlen: 22
37.139.36.0/24 maxlen: 24
37.139.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:e0:19:c8:5f:68:f6:3e:27:50:cb:38:ee:d9:c1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 31 12:49:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=018845558d365dd6f6d709954867cad527d380e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:70:40:ea:23:96:e4:4e:c2:70:3a:1e:88:de:
7c:c7:df:8c:a2:34:8d:8f:dc:cb:11:a2:72:75:82:
e7:0a:64:d0:f4:c9:4c:50:92:28:79:79:c8:0a:10:
2b:87:5a:e1:20:50:a0:67:ca:cd:cf:f7:7e:45:c1:
92:ee:fd:88:00:16:0c:3b:58:42:fb:b1:c1:fd:04:
c6:34:7e:0f:ae:89:8b:99:90:46:71:d1:8d:c8:6f:
c2:0d:d8:49:75:e1:65:87:1d:66:ec:d7:48:f5:2c:
7a:53:09:07:0d:b3:3f:23:41:22:4e:f1:72:33:ce:
62:09:6e:f9:3f:ef:f1:fd:ff:e4:b7:ac:c9:22:d2:
f3:6d:7c:80:39:dd:ff:db:dc:de:28:40:e5:ad:04:
b3:6c:15:74:d7:e9:2b:e2:08:06:0d:57:a9:60:9e:
b0:0e:db:2e:10:d6:e7:a7:53:72:26:2d:d8:1c:ac:
5a:e5:91:ad:4d:01:4b:ae:7f:46:4d:16:30:97:c2:
07:ad:9e:98:41:cb:c1:b0:dc:af:73:26:6e:55:f5:
64:c0:a5:5b:a6:55:d1:42:d7:17:f0:82:6e:db:f5:
37:41:6f:82:72:5b:7b:e0:47:90:d4:cf:f4:6c:1e:
c6:a8:38:98:1b:eb:77:5f:ad:0c:38:c7:11:fa:79:
d6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:88:45:55:8D:36:5D:D6:F6:D7:09:95:48:67:CA:D5:27:D3:80:E1
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/AYhFVY02Xdb21wmVSGfK1SfTgOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.36.0/22
37.139.44.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:f0:17:03:90:a2:21:f5:08:51:6f:1d:db:f1:41:1e:01:55:
02:2b:ad:18:c5:3c:e2:34:fa:cd:f3:6e:b8:0d:fe:2f:01:f0:
b6:6a:ca:76:01:c8:74:79:13:31:90:13:e9:03:cd:9f:20:21:
db:dd:80:cf:74:95:8a:b3:55:10:04:32:08:c8:da:47:32:15:
8a:7e:20:78:31:13:1d:45:2f:bf:3b:e7:43:f9:db:de:d5:ed:
b3:14:bd:41:fb:eb:8a:ac:07:31:15:cd:b7:66:0f:1c:de:45:
92:98:7e:94:d0:17:ab:fb:b9:be:40:ae:20:f8:0c:21:11:64:
32:fb:cd:7c:a5:43:2e:20:c5:b3:88:9d:65:e9:90:96:eb:5a:
b0:f0:6c:32:14:53:cf:98:f5:bc:2c:7a:18:97:0a:d8:a9:3e:
f8:72:76:99:25:d5:ae:0f:c0:e2:62:c2:e1:50:cb:24:0d:06:
43:03:19:73:28:5b:37:95:56:01:f5:4d:fb:dc:e4:d3:54:30:
03:6b:9f:61:e2:8e:f3:25:0c:9e:58:8b:62:3a:b8:8b:7a:a2:
b2:23:7f:12:c1:98:a0:89:6e:ab:5a:06:cd:08:fe:08:40:3e:
f1:72:e4:93:9f:d2:bd:3f:b4:e2:b5:9f:70:1a:5f:ff:2f:62:
09:a2:6f:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYH4BnIX2j2PidQyzju2cGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTMxMTI0OTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTg4NDU1NThkMzY1ZGQ2ZjZkNzA5OTU0ODY3Y2FkNTI3ZDM4MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHBA6iOW5E7CcDoeiN58x9+MojSN
j9zLEaJydYLnCmTQ9MlMUJIoeXnIChArh1rhIFCgZ8rNz/d+RcGS7v2IABYMO1hC
+7HB/QTGNH4PromLmZBGcdGNyG/CDdhJdeFlhx1m7NdI9Sx6UwkHDbM/I0EiTvFy
M85iCW75P+/x/f/kt6zJItLzbXyAOd3/29zeKEDlrQSzbBV01+kr4ggGDVepYJ6w
DtsuENbnp1NyJi3YHKxa5ZGtTQFLrn9GTRYwl8IHrZ6YQcvBsNyvcyZuVfVkwKVb
plXRQtcX8IJu2/U3QW+Cclt74EeQ1M/0bB7GqDiYG+t3X60MOMcR+nnWPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAGIRVWNNl3W9tcJlUhnytUn04DhMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvQVloRlZZMDJYZGIyMXdtVlNHZksxU2ZUZ09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJYskAwQC
JYssMA0GCSqGSIb3DQEBCwUAA4IBAQAs8BcDkKIh9QhRbx3b8UEeAVUCK60YxTzi
NPrN8264Df4vAfC2asp2Ach0eRMxkBPpA82fICHb3YDPdJWKs1UQBDIIyNpHMhWK
fiB4MRMdRS+/O+dD+dve1e2zFL1B++uKrAcxFc23Zg8c3kWSmH6U0Ber+7m+QK4g
+AwhEWQy+818pUMuIMWziJ1l6ZCW61qw8GwyFFPPmPW8LHoYlwrYqT74cnaZJdWu
D8DiYsLhUMskDQZDAxlzKFs3lVYB9U373OTTVDADa59h4o7zJQyeWItiOriLeqKy
I38SwZigiW6rWgbNCP4IQD7xcuSTn9K9P7TitZ9wGl//L2IJom+1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:28 2024 by rpki-client on console-fra.rpki-client.org