Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/1SImFdiv2zpkTugjqj0JnmnDPxY.roa
File: 1SImFdiv2zpkTugjqj0JnmnDPxY.roa (raw, json)
Hash identifier: M+btXLg8vJvaa3PLdGSPXWqkyVQaWD+P9JSr9x7tFuo=
Subject key identifier: D5:22:26:15:D8:AF:DB:3A:64:4E:E8:23:AA:3D:09:9E:69:C3:3F:16
Certificate issuer: /CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Certificate serial: 01902ACD48276EB306E2E4A696DD1B87134E
Authority key identifier: A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/1SImFdiv2zpkTugjqj0JnmnDPxY.roa
Signing time: Tue 18 Jun 2024 10:03:34 +0000
ROA not before: Tue 18 Jun 2024 10:03:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199727
IP address blocks: 185.37.43.0/24 maxlen: 24
185.189.172.0/24 maxlen: 24
185.189.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 12:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:cd:48:27:6e:b3:06:e2:e4:a6:96:dd:1b:87:13:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a510356dc0a521895ce61f85495e06daf7a12b3b
Validity
Not Before: Jun 18 10:03:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5222615d8afdb3a644ee823aa3d099e69c33f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:44:ff:7c:24:d0:d1:47:0c:f9:7a:27:16:de:
e5:21:c2:ad:a3:cb:5c:cc:6a:80:c1:be:d0:35:c2:
49:ff:6a:0f:78:00:ce:fc:db:96:79:6b:fb:7c:fe:
36:33:45:65:6f:6c:7f:cc:3c:c2:ae:98:ab:f8:73:
37:82:fd:8d:6c:55:11:92:66:a7:ff:7e:89:1e:d4:
6d:d2:d3:1c:38:ce:1a:a6:30:b7:39:36:38:75:c5:
97:b0:b3:5e:c2:6d:79:19:4a:43:fb:c5:1f:58:04:
34:78:25:2f:49:fb:fc:30:b2:5b:21:14:be:0a:51:
60:9d:85:a8:b5:ea:c0:bc:cd:7c:88:1a:a7:25:04:
99:1a:a7:15:94:e6:0e:d7:63:18:b5:64:56:78:c1:
1d:2c:b7:4f:94:9d:4c:44:b8:f7:8d:e2:52:ba:2b:
a1:1a:f3:c3:84:c9:db:f9:6e:f5:c4:be:aa:74:8a:
8b:ca:50:23:ec:46:71:11:4e:3d:8f:26:5d:37:b2:
5e:00:63:58:72:3d:35:bb:88:79:37:f9:a1:a5:82:
c6:d7:54:bc:54:fb:34:40:b3:b2:d6:b5:65:ea:21:
e7:cd:d9:bb:7e:8a:72:75:5e:90:fc:79:43:2a:ab:
a9:e2:ca:b0:08:40:b5:49:45:16:63:d3:a9:2c:d7:
5a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:22:26:15:D8:AF:DB:3A:64:4E:E8:23:AA:3D:09:9E:69:C3:3F:16
X509v3 Authority Key Identifier:
keyid:A5:10:35:6D:C0:A5:21:89:5C:E6:1F:85:49:5E:06:DA:F7:A1:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pRA1bcClIYlc5h-FSV4G2vehKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/1SImFdiv2zpkTugjqj0JnmnDPxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/3c7c7c-4326-4184-8356-01182f840789/1/pRA1bcClIYlc5h-FSV4G2vehKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.43.0/24
185.189.172.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:c3:1e:c7:20:e4:a0:cb:72:ec:32:46:ab:99:06:26:2f:50:
42:d5:e3:d9:fe:f8:5b:fe:8d:4b:a6:1d:dd:11:10:eb:ef:27:
29:f1:17:63:7e:fd:e5:7d:8e:0f:de:a2:52:03:80:ca:e3:f2:
1a:a8:fa:3e:50:87:c1:d3:81:e7:c5:c8:e7:42:35:8c:97:1b:
10:a9:6f:da:ff:4c:f7:e3:62:8d:d9:a2:60:78:b4:2a:84:2c:
06:07:9d:94:fe:c7:d4:24:df:51:44:a9:52:83:f2:b6:3e:d2:
c9:cd:7a:31:d9:a2:92:23:10:03:a7:9b:b1:e0:03:db:e6:c6:
41:7d:62:ed:d2:2d:c8:f1:a5:4d:bb:bf:de:b9:6b:8f:38:e0:
e0:d5:94:17:f6:27:67:2c:cb:06:17:2c:b2:60:8b:ff:54:b8:
e0:dc:c3:e9:4a:d8:42:5b:73:8c:ef:73:f9:77:1e:63:ed:67:
30:75:b7:7e:c6:d2:69:c4:af:98:7a:67:3e:b2:45:d7:64:77:
f8:f1:b8:24:33:c7:3d:70:9a:b0:a7:ae:72:06:19:ad:ca:cc:
53:3b:64:bc:04:90:6b:bf:3c:b1:ac:01:45:7e:17:0b:70:20:
3d:28:56:f4:ed:1e:0b:d6:a8:51:32:07:7f:ca:cd:be:49:5b:
df:9b:1c:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAqzUgnbrMG4uSmlt0bhxNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MTAzNTZkYzBhNTIxODk1Y2U2MWY4NTQ5NWUwNmRhZjdh
MTJiM2IwHhcNMjQwNjE4MTAwMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTIyMjYxNWQ4YWZkYjNhNjQ0ZWU4MjNhYTNkMDk5ZTY5YzMzZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kT/fCTQ0UcM+XonFt7lIcKto8tc
zGqAwb7QNcJJ/2oPeADO/NuWeWv7fP42M0Vlb2x/zDzCrpir+HM3gv2NbFURkman
/36JHtRt0tMcOM4apjC3OTY4dcWXsLNewm15GUpD+8UfWAQ0eCUvSfv8MLJbIRS+
ClFgnYWoterAvM18iBqnJQSZGqcVlOYO12MYtWRWeMEdLLdPlJ1MRLj3jeJSuiuh
GvPDhMnb+W71xL6qdIqLylAj7EZxEU49jyZdN7JeAGNYcj01u4h5N/mhpYLG11S8
VPs0QLOy1rVl6iHnzdm7fopydV6Q/HlDKqup4sqwCEC1SUUWY9OpLNdawwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNUiJhXYr9s6ZE7oI6o9CZ5pwz8WMB8GA1UdIwQY
MBaAFKUQNW3ApSGJXOYfhUleBtr3oSs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYt
MDExODJmODQwNzg5LzEvMVNJbUZkaXYyenBrVHVnanFqMEpubW5EUHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zYzdjN2MtNDMyNi00MTg0LTgzNTYtMDExODJmODQwNzg5
LzEvcFJBMWJjQ2xJWWxjNWgtRlNWNEcydmVoS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSUrAwQB
ub2sMA0GCSqGSIb3DQEBCwUAA4IBAQCmwx7HIOSgy3LsMkarmQYmL1BC1ePZ/vhb
/o1Lph3dERDr7ycp8Rdjfv3lfY4P3qJSA4DK4/IaqPo+UIfB04HnxcjnQjWMlxsQ
qW/a/0z342KN2aJgeLQqhCwGB52U/sfUJN9RRKlSg/K2PtLJzXox2aKSIxADp5ux
4APb5sZBfWLt0i3I8aVNu7/euWuPOODg1ZQX9idnLMsGFyyyYIv/VLjg3MPpSthC
W3OM73P5dx5j7Wcwdbd+xtJpxK+Yemc+skXXZHf48bgkM8c9cJqwp65yBhmtysxT
O2S8BJBrvzyxrAFFfhcLcCA9KFb07R4L1qhRMgd/ys2+SVvfmxwk
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:23 2025 by rpki-client