Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/9P2251iRceD9YEJKpXWyu55cydo.roa
File: 9P2251iRceD9YEJKpXWyu55cydo.roa (raw, json)
Hash identifier: Ug0C4wsiO4Ece7zXcys4K+XK7yLUoQ54bQPD0uEKxX0=
Subject key identifier: F4:FD:B6:E7:58:91:71:E0:FD:60:42:4A:A5:75:B2:BB:9E:5C:C9:DA
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 018BB832C6DD2FE09238C82A498100DD3830
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/9P2251iRceD9YEJKpXWyu55cydo.roa
Signing time: Fri 10 Nov 2023 07:46:57 +0000
ROA not before: Fri 10 Nov 2023 07:46:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39409
IP address blocks: 37.153.156.0/24 maxlen: 24
185.216.8.0/24 maxlen: 24
2a10:9906:1001::/48 maxlen: 48
2001:678:d58::/48 maxlen: 48
2001:678:20c::/48 maxlen: 48
2a10:9906:3020::/48 maxlen: 48
2a10:9906::/48 maxlen: 48
2a10:9906:3010::/48 maxlen: 48
2a10:9906:1002::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:32:c6:dd:2f:e0:92:38:c8:2a:49:81:00:dd:38:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Nov 10 07:46:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4fdb6e7589171e0fd60424aa575b2bb9e5cc9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7a:46:de:b7:86:f2:46:6b:de:e0:86:7e:b8:
bd:b9:aa:56:6d:34:c6:ec:d1:df:50:e7:44:71:5b:
f1:12:a9:ea:01:e4:72:24:a1:6c:d8:26:7a:da:a5:
91:aa:4c:db:64:23:45:2d:de:3c:bf:de:63:8c:bf:
d1:8b:7b:24:72:a5:48:41:a3:01:42:d0:26:1a:d2:
c7:63:76:6b:84:f8:ce:cf:cc:4a:d4:e6:a1:09:ca:
bc:b8:27:51:5e:57:93:b6:df:ff:72:fe:49:fd:95:
23:ed:3a:23:11:07:e6:2a:d3:15:e6:92:fb:37:1f:
c4:3a:87:8e:7f:c0:7b:18:d3:4b:58:8e:1c:f4:09:
3f:45:26:2b:e3:ff:81:bb:0d:10:5e:05:d9:ed:93:
43:8f:70:61:da:fe:70:d1:f7:aa:58:e6:1d:eb:cc:
72:86:4f:71:4d:f2:bd:b1:98:13:74:d7:e1:99:b0:
75:05:65:30:da:3c:db:45:1e:11:71:c9:6f:ad:f6:
44:1c:d4:8b:af:b4:a1:15:06:8c:5d:43:1b:1c:6d:
eb:80:67:7f:44:10:8d:d3:cc:60:f9:ee:db:9e:31:
68:6e:1e:cf:bf:44:ad:99:5f:35:be:85:95:a2:ef:
ea:f6:54:63:7c:00:e4:fc:84:03:df:b0:d0:61:69:
33:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:FD:B6:E7:58:91:71:E0:FD:60:42:4A:A5:75:B2:BB:9E:5C:C9:DA
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/9P2251iRceD9YEJKpXWyu55cydo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.156.0/24
185.216.8.0/24
IPv6:
2001:678:20c::/48
2001:678:d58::/48
2a10:9906::/48
2a10:9906:1001::-2a10:9906:1002:ffff:ffff:ffff:ffff:ffff
2a10:9906:3010::/48
2a10:9906:3020::/48
Signature Algorithm: sha256WithRSAEncryption
8e:ae:60:25:e5:52:da:7d:62:1c:58:72:d0:83:6b:13:18:b7:
3b:f8:bd:8a:13:57:b8:85:fe:40:2a:9b:67:19:6b:1d:02:6a:
cd:b4:af:71:f0:44:0e:5e:e0:c8:46:ac:e1:c4:50:f5:58:e3:
c0:20:48:62:54:eb:36:52:c0:bb:cb:3b:84:01:ca:88:ea:ca:
da:a1:d8:5f:ca:b1:b0:07:24:d6:61:64:fc:f9:2c:11:1f:97:
90:4d:3e:7e:dc:4a:4a:25:80:58:6b:d7:14:a1:54:68:44:52:
b7:d1:29:05:7c:b4:aa:45:8c:e0:4f:1a:72:2e:b7:62:43:24:
91:5a:a6:37:24:4f:9f:c4:34:31:04:03:6b:28:12:8e:1d:8c:
f6:ee:f3:3c:e9:0b:2e:3a:02:ca:b9:1c:19:8b:32:80:62:f8:
46:21:ea:4a:3e:a2:08:93:10:ec:76:c5:ef:4c:30:17:bb:43:
0b:89:f7:98:0f:f2:95:6b:44:e0:d7:e5:13:24:ad:38:29:ec:
0f:ee:a7:e4:92:3e:60:b8:f8:62:9b:82:cd:09:0a:58:53:c7:
bc:af:f6:5d:1d:eb:cf:15:36:4c:3f:e5:72:01:f0:04:40:67:
aa:4a:1b:3d:4e:1c:93:dc:14:3c:1d:85:38:67:d1:c0:b4:1a:
b5:d1:46:25
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYu4MsbdL+CSOMgqSYEA3TgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjMxMTEwMDc0NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGZkYjZlNzU4OTE3MWUwZmQ2MDQyNGFhNTc1YjJiYjllNWNjOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnpG3reG8kZr3uCGfri9uapWbTTG
7NHfUOdEcVvxEqnqAeRyJKFs2CZ62qWRqkzbZCNFLd48v95jjL/Ri3skcqVIQaMB
QtAmGtLHY3ZrhPjOz8xK1OahCcq8uCdRXleTtt//cv5J/ZUj7TojEQfmKtMV5pL7
Nx/EOoeOf8B7GNNLWI4c9Ak/RSYr4/+Buw0QXgXZ7ZNDj3Bh2v5w0feqWOYd68xy
hk9xTfK9sZgTdNfhmbB1BWUw2jzbRR4RcclvrfZEHNSLr7ShFQaMXUMbHG3rgGd/
RBCN08xg+e7bnjFobh7Pv0StmV81voWVou/q9lRjfADk/IQD37DQYWkzkQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFPT9tudYkXHg/WBCSqV1srueXMnaMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvOVAyMjUxaVJjZUQ5WUVKS3BYV3l1NTVjeWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTASBAIAATAMAwQAJZmcAwQA
udgIMEcEAgACMEEDBwAgAQZ4AgwDBwAgAQZ4DVgDBwAqEJkGAAAwEgMHACoQmQYQ
AQMHACoQmQYQAgMHACoQmQYwEAMHACoQmQYwIDANBgkqhkiG9w0BAQsFAAOCAQEA
jq5gJeVS2n1iHFhy0INrExi3O/i9ihNXuIX+QCqbZxlrHQJqzbSvcfBEDl7gyEas
4cRQ9VjjwCBIYlTrNlLAu8s7hAHKiOrK2qHYX8qxsAck1mFk/PksER+XkE0+ftxK
SiWAWGvXFKFUaERSt9EpBXy0qkWM4E8aci63YkMkkVqmNyRPn8Q0MQQDaygSjh2M
9u7zPOkLLjoCyrkcGYsygGL4RiHqSj6iCJMQ7HbF70wwF7tDC4n3mA/ylWtE4Nfl
EyStOCnsD+6n5JI+YLj4YpuCzQkKWFPHvK/2XR3rzxU2TD/lcgHwBEBnqkobPU4c
k9wUPB2FOGfRwLQatdFGJQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:52 2024 by rpki-client on console-ams.rpki-client.org