Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/r37AM7bHVRE8IP97jdWyXirmOn0.roa
File: r37AM7bHVRE8IP97jdWyXirmOn0.roa (raw, json)
Hash identifier: LQMaz6cEbXUzL+OZGe8OIyx0RRSa+kerfDedsMfa870=
Subject key identifier: AF:7E:C0:33:B6:C7:55:11:3C:20:FF:7B:8D:D5:B2:5E:2A:E6:3A:7D
Certificate issuer: /CN=b0095ed011c94358245c32757d46bed860df4c19
Certificate serial: 018D65018A7590022D64512AE06EE99D208F
Authority key identifier: B0:09:5E:D0:11:C9:43:58:24:5C:32:75:7D:46:BE:D8:60:DF:4C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/r37AM7bHVRE8IP97jdWyXirmOn0.roa
Signing time: Thu 01 Feb 2024 14:10:16 +0000
ROA not before: Thu 01 Feb 2024 14:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200209
IP address blocks: 5.63.20.0/24 maxlen: 24
185.23.109.0/24 maxlen: 24
2a13:a000:1000::/36 maxlen: 36
2a13:a000:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 01 Mar 2024 16:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:01:8a:75:90:02:2d:64:51:2a:e0:6e:e9:9d:20:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0095ed011c94358245c32757d46bed860df4c19
Validity
Not Before: Feb 1 14:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af7ec033b6c755113c20ff7b8dd5b25e2ae63a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8a:27:02:67:45:6b:4d:3d:07:6a:a3:23:db:
17:49:a3:ad:1c:17:ee:37:c5:38:02:16:42:82:c2:
92:58:62:fd:0c:96:19:78:ac:f3:4e:8e:d4:5c:f3:
51:33:c5:b8:65:b4:dd:9f:92:b9:00:5f:4a:55:e1:
e5:ad:55:99:90:78:34:48:29:73:27:65:6e:c5:86:
60:c2:68:dc:b0:8b:21:c5:70:9f:78:3a:46:25:85:
4f:c8:a5:04:6a:da:5a:ab:26:fb:eb:7c:12:a5:ae:
a1:55:0e:2b:19:d9:5b:e3:16:07:d2:4d:a0:c7:7f:
b7:31:f8:5c:63:f3:14:36:0a:d2:9f:2b:21:61:62:
b8:80:04:bd:b4:c0:92:7d:96:0b:b3:39:de:a8:8a:
28:c3:b9:7b:eb:cc:36:b0:93:0b:2b:39:cf:80:c2:
cd:fd:89:78:4a:20:9d:69:a0:1f:3e:42:cd:90:59:
d0:9a:c9:aa:3d:7c:19:9f:53:d0:d6:9e:08:4c:f4:
5a:fe:a3:7a:df:0a:fc:cf:17:7c:44:39:d8:ab:8c:
ad:c3:51:27:8f:f2:7b:f1:31:39:0c:90:48:dc:79:
07:17:5b:78:5b:36:61:31:41:36:76:f6:96:b9:c4:
4b:14:49:5a:ae:ea:1c:3a:3e:40:46:3b:5b:5b:64:
7b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7E:C0:33:B6:C7:55:11:3C:20:FF:7B:8D:D5:B2:5E:2A:E6:3A:7D
X509v3 Authority Key Identifier:
keyid:B0:09:5E:D0:11:C9:43:58:24:5C:32:75:7D:46:BE:D8:60:DF:4C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/r37AM7bHVRE8IP97jdWyXirmOn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.20.0/24
185.23.109.0/24
IPv6:
2a13:a000:1000::-2a13:a000:2fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
95:df:92:55:c9:8e:fd:91:55:c0:ba:e3:2a:e8:57:6f:fe:b9:
25:77:7a:29:0e:bb:9b:cd:45:97:1a:1d:eb:71:7a:0e:cd:ec:
65:21:dd:4e:fb:d9:cc:8d:44:2e:51:e5:ad:de:20:c7:6c:b6:
4c:3d:d5:73:78:61:1c:39:bb:9f:2b:03:78:a2:70:df:6c:52:
34:f5:0f:32:e6:69:08:3f:02:de:09:6f:16:b7:4a:ee:5d:71:
78:08:17:10:43:10:c5:20:68:fd:46:8e:71:7e:9b:c8:44:1b:
86:cd:c4:49:94:e4:05:63:93:bd:cf:0b:72:83:b1:b0:05:06:
fb:b5:f5:a5:d1:2f:59:3c:39:90:dd:a4:70:78:4f:01:91:42:
23:5f:2a:a1:3b:d7:f3:7d:90:e9:c9:43:69:bd:49:68:24:34:
ef:78:2f:7a:4f:aa:0b:e5:f1:01:de:28:e0:9f:b1:9e:44:ab:
9e:f6:b2:e3:93:7f:9d:a7:8d:b0:2d:4e:75:8c:25:aa:ed:3f:
37:7d:67:a4:6d:38:d0:69:85:05:23:fa:67:2c:cb:35:40:dd:
7e:3b:9d:5a:06:da:0c:cf:b0:8a:bc:9b:96:4a:93:c1:0b:7c:
3d:f0:a5:af:de:82:d0:97:94:e4:06:82:85:e9:32:08:9d:b9:
49:3a:2c:bb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY1lAYp1kAItZFEq4G7pnSCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMDk1ZWQwMTFjOTQzNTgyNDVjMzI3NTdkNDZiZWQ4NjBk
ZjRjMTkwHhcNMjQwMjAxMTQxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjdlYzAzM2I2Yzc1NTExM2MyMGZmN2I4ZGQ1YjI1ZTJhZTYzYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYonAmdFa009B2qjI9sXSaOtHBfu
N8U4AhZCgsKSWGL9DJYZeKzzTo7UXPNRM8W4ZbTdn5K5AF9KVeHlrVWZkHg0SClz
J2VuxYZgwmjcsIshxXCfeDpGJYVPyKUEatpaqyb763wSpa6hVQ4rGdlb4xYH0k2g
x3+3MfhcY/MUNgrSnyshYWK4gAS9tMCSfZYLszneqIoow7l768w2sJMLKznPgMLN
/Yl4SiCdaaAfPkLNkFnQmsmqPXwZn1PQ1p4ITPRa/qN63wr8zxd8RDnYq4ytw1En
j/J78TE5DJBI3HkHF1t4WzZhMUE2dvaWucRLFElaruocOj5ARjtbW2R7CwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK9+wDO2x1URPCD/e43Vsl4q5jp9MB8GA1UdIwQY
MBaAFLAJXtARyUNYJFwydX1Gvthg30wZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0FsZTBCSEpRMWdrWERKMWZVYS0yR0RmVEJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80OWNkZWMtNjlmMC00NTQwLTg5YmEt
ZWE0NTk2OTk1MGNjLzEvcjM3QU03YkhWUkU4SVA5N2pkV3lYaXJtT24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80OWNkZWMtNjlmMC00NTQwLTg5YmEtZWE0NTk2OTk1MGNj
LzEvc0FsZTBCSEpRMWdrWERKMWZVYS0yR0RmVEJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQABT8UAwQA
uRdtMBgEAgACMBIwEAMGBCoToAAQAwYEKhOgACAwDQYJKoZIhvcNAQELBQADggEB
AJXfklXJjv2RVcC64yroV2/+uSV3eikOu5vNRZcaHetxeg7N7GUh3U772cyNRC5R
5a3eIMdstkw91XN4YRw5u58rA3iicN9sUjT1DzLmaQg/At4Jbxa3Su5dcXgIFxBD
EMUgaP1GjnF+m8hEG4bNxEmU5AVjk73PC3KDsbAFBvu19aXRL1k8OZDdpHB4TwGR
QiNfKqE71/N9kOnJQ2m9SWgkNO94L3pPqgvl8QHeKOCfsZ5Eq572suOTf52njbAt
TnWMJartPzd9Z6RtONBphQUj+mcsyzVA3X47nVoG2gzPsIq8m5ZKk8ELfD3wpa/e
gtCXlOQGgoXpMgiduUk6LLs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:58 2025 by rpki-client