Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/1fc627-a373-474d-bc7e-e2d846849482/1/y8hw3wUX16qVL40Ah-sWmVWWopI.roa
File: y8hw3wUX16qVL40Ah-sWmVWWopI.roa (raw, json)
Hash identifier: J2RxJI8bV1iGYbg2Hmbf1z9PZszqV0zDCW3uavBs3C0=
Subject key identifier: CB:C8:70:DF:05:17:D7:AA:95:2F:8D:00:87:EB:16:99:55:96:A2:92
Certificate issuer: /CN=2efb9e6d7566dfef9d5cb98d929cb70323d389f2
Certificate serial: 01856D6612AB2552503704230E7C7B0CAFD7
Authority key identifier: 2E:FB:9E:6D:75:66:DF:EF:9D:5C:B9:8D:92:9C:B7:03:23:D3:89:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvuebXVm3--dXLmNkpy3AyPTifI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/1fc627-a373-474d-bc7e-e2d846849482/1/y8hw3wUX16qVL40Ah-sWmVWWopI.roa
Signing time: Sun 01 Jan 2023 12:54:44 +0000
ROA not before: Sun 01 Jan 2023 12:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49354
IP address blocks: 37.18.128.0/22 maxlen: 26
2a05:280::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:12:ab:25:52:50:37:04:23:0e:7c:7b:0c:af:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2efb9e6d7566dfef9d5cb98d929cb70323d389f2
Validity
Not Before: Jan 1 12:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbc870df0517d7aa952f8d0087eb16995596a292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e2:49:9a:e7:91:96:8d:97:50:90:f4:e7:41:
c9:cd:ee:43:da:62:bc:ca:ae:9d:b8:06:e5:65:0c:
04:9a:f6:b3:98:a9:da:2f:ce:48:df:61:47:ed:dd:
5e:cc:16:fe:a8:bf:09:98:ff:b5:9f:ed:d7:3f:fe:
01:bf:5d:ab:80:46:64:b6:cd:49:31:60:2b:92:b6:
33:79:58:df:1a:31:71:d2:25:76:6e:7f:0c:c7:98:
44:36:67:2c:9e:c8:c6:cf:23:c1:1f:8c:92:56:bc:
e7:bc:db:da:9b:50:f0:2b:19:bc:33:6c:0f:c8:da:
df:f6:ce:21:b2:97:66:07:44:6a:88:3b:06:d5:df:
fe:08:6a:2b:7d:6c:2a:a1:2d:90:b2:46:cd:f5:86:
d2:34:45:00:75:95:5b:9b:b4:72:ee:e1:81:21:80:
61:ca:12:9d:fc:55:7d:00:61:cc:39:62:8b:03:d8:
60:21:05:94:aa:9b:bd:77:a3:27:1b:59:08:39:6e:
d7:24:f8:b7:82:27:39:f3:21:e0:bb:e2:82:8f:cb:
a2:77:49:3d:6f:02:d8:da:a1:71:92:b8:42:fd:fd:
ab:e5:1a:58:69:c0:05:54:b5:5a:55:82:d8:a7:2f:
44:91:86:b8:d7:a7:56:45:ca:85:c1:65:8d:df:da:
d3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C8:70:DF:05:17:D7:AA:95:2F:8D:00:87:EB:16:99:55:96:A2:92
X509v3 Authority Key Identifier:
keyid:2E:FB:9E:6D:75:66:DF:EF:9D:5C:B9:8D:92:9C:B7:03:23:D3:89:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvuebXVm3--dXLmNkpy3AyPTifI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/1fc627-a373-474d-bc7e-e2d846849482/1/y8hw3wUX16qVL40Ah-sWmVWWopI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/1fc627-a373-474d-bc7e-e2d846849482/1/LvuebXVm3--dXLmNkpy3AyPTifI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.128.0/22
IPv6:
2a05:280::/29
Signature Algorithm: sha256WithRSAEncryption
86:38:f4:60:9f:6e:ff:eb:85:5f:b3:4e:bd:cd:3e:dc:41:e1:
24:d6:07:94:c6:5d:c1:fd:83:70:e0:78:da:46:29:31:24:78:
8d:6e:0b:f2:dd:19:b0:09:d8:99:c1:2d:84:3b:f0:67:8e:9d:
d7:f5:0e:81:71:bf:2d:81:6c:26:cb:6a:c2:4f:7f:f9:ac:fa:
c8:8c:2d:94:61:69:48:d1:fe:d3:69:e8:93:45:3f:0d:fa:38:
0e:0d:02:71:74:2a:e7:a6:e0:b8:82:f0:a7:3e:d0:5a:c8:50:
ca:7b:82:82:6c:b9:64:70:16:65:2a:ae:70:8c:74:52:a3:28:
ef:d1:91:00:56:5e:01:bc:57:a9:ef:1a:5b:88:85:38:c8:c4:
b7:14:b1:a6:58:1d:5a:7c:89:8f:bd:0c:54:d2:5b:9d:51:39:
61:58:9d:cc:1f:59:e2:d6:cf:b5:6e:7c:ef:8f:ee:e8:e0:ff:
da:62:0e:31:51:42:78:33:12:2d:fb:84:69:a9:ad:71:a7:4a:
fd:3a:72:9e:60:63:56:33:15:aa:ae:c3:f3:ef:e1:43:98:02:
eb:91:7f:16:b1:33:ec:7f:6b:03:3f:b6:6e:bf:b2:80:79:76:
6e:7f:e6:0d:2b:ed:ae:aa:1a:10:e1:3e:e9:01:76:20:06:9c:
82:cd:76:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtZhKrJVJQNwQjDnx7DK/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZmI5ZTZkNzU2NmRmZWY5ZDVjYjk4ZDkyOWNiNzAzMjNk
Mzg5ZjIwHhcNMjMwMTAxMTI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmM4NzBkZjA1MTdkN2FhOTUyZjhkMDA4N2ViMTY5OTU1OTZhMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuJJmueRlo2XUJD050HJze5D2mK8
yq6duAblZQwEmvazmKnaL85I32FH7d1ezBb+qL8JmP+1n+3XP/4Bv12rgEZkts1J
MWArkrYzeVjfGjFx0iV2bn8Mx5hENmcsnsjGzyPBH4ySVrznvNvam1DwKxm8M2wP
yNrf9s4hspdmB0RqiDsG1d/+CGorfWwqoS2QskbN9YbSNEUAdZVbm7Ry7uGBIYBh
yhKd/FV9AGHMOWKLA9hgIQWUqpu9d6MnG1kIOW7XJPi3gic58yHgu+KCj8uid0k9
bwLY2qFxkrhC/f2r5RpYacAFVLVaVYLYpy9EkYa416dWRcqFwWWN39rTZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMvIcN8FF9eqlS+NAIfrFplVlqKSMB8GA1UdIwQY
MBaAFC77nm11Zt/vnVy5jZKctwMj04nyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZ1ZWJYVm0zLS1kWExtTmtweTNBeVBUaWZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xZmM2MjctYTM3My00NzRkLWJjN2Ut
ZTJkODQ2ODQ5NDgyLzEveThodzN3VVgxNnFWTDQwQWgtc1dtVldXb3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xZmM2MjctYTM3My00NzRkLWJjN2UtZTJkODQ2ODQ5NDgy
LzEvTHZ1ZWJYVm0zLS1kWExtTmtweTNBeVBUaWZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCJRKAMA0E
AgACMAcDBQMqBQKAMA0GCSqGSIb3DQEBCwUAA4IBAQCGOPRgn27/64Vfs069zT7c
QeEk1geUxl3B/YNw4HjaRikxJHiNbgvy3RmwCdiZwS2EO/Bnjp3X9Q6Bcb8tgWwm
y2rCT3/5rPrIjC2UYWlI0f7TaeiTRT8N+jgODQJxdCrnpuC4gvCnPtBayFDKe4KC
bLlkcBZlKq5wjHRSoyjv0ZEAVl4BvFep7xpbiIU4yMS3FLGmWB1afImPvQxU0lud
UTlhWJ3MH1ni1s+1bnzvj+7o4P/aYg4xUUJ4MxIt+4Rpqa1xp0r9OnKeYGNWMxWq
rsPz7+FDmALrkX8WsTPsf2sDP7Zuv7KAeXZuf+YNK+2uqhoQ4T7pAXYgBpyCzXbQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:43 2024 by rpki-client on console-ams.rpki-client.org