Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/Oy1VTSVOpok9AQ1qmCOaR3vLQ30.roa
File: Oy1VTSVOpok9AQ1qmCOaR3vLQ30.roa (raw, json)
Hash identifier: nHfEUv7pvbMURelu/BEWAvpVEQGXuwMc+I2z/rwSVAk=
Subject key identifier: 3B:2D:55:4D:25:4E:A6:89:3D:01:0D:6A:98:23:9A:47:7B:CB:43:7D
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 0190FE59EDBAF2E11630603650C03FF3B554
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/Oy1VTSVOpok9AQ1qmCOaR3vLQ30.roa
Signing time: Mon 29 Jul 2024 11:57:04 +0000
ROA not before: Mon 29 Jul 2024 11:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44654
IP address blocks: 37.252.208.0/23 maxlen: 23
37.252.208.0/24 maxlen: 24
37.252.209.0/24 maxlen: 24
37.252.210.0/23 maxlen: 23
37.252.210.0/24 maxlen: 24
37.252.211.0/24 maxlen: 24
37.252.212.0/23 maxlen: 23
37.252.212.0/24 maxlen: 24
37.252.213.0/24 maxlen: 24
37.252.215.0/24 maxlen: 24
109.205.8.0/21 maxlen: 24
185.36.124.0/22 maxlen: 24
185.36.124.0/23 maxlen: 23
185.36.124.0/24 maxlen: 24
185.36.125.0/24 maxlen: 24
2a02:d8::/32 maxlen: 48
2a02:d8:8::/48 maxlen: 48
2a02:d8:9::/48 maxlen: 48
2a02:d8:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 Aug 2024 07:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:59:ed:ba:f2:e1:16:30:60:36:50:c0:3f:f3:b5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Jul 29 11:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b2d554d254ea6893d010d6a98239a477bcb437d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5d:30:d5:ba:5c:82:12:66:51:d8:c2:71:46:
02:32:aa:62:cc:8b:ee:8a:55:63:77:06:e9:70:3a:
b6:ed:48:4e:b5:82:53:3f:ba:48:29:e1:a7:0f:d7:
a0:70:c1:32:ef:e6:c3:71:2e:3c:f3:47:93:bd:e7:
77:82:08:ef:72:74:f7:77:7e:36:b6:f7:d1:69:a6:
65:dc:60:ef:6b:4e:11:e6:d9:de:6b:47:e2:b8:0a:
8f:44:1d:e2:d5:24:e2:5a:6b:f6:ad:fd:3c:0a:6a:
17:33:ec:11:ec:e7:b7:ad:ce:e0:87:3f:f7:23:f3:
50:cc:dd:f2:2b:c2:47:72:bb:7d:3b:3f:10:86:68:
5e:eb:22:14:49:c7:22:a0:f5:a4:ee:e0:21:5d:57:
d7:5a:1a:52:42:65:02:f6:b0:d1:de:b1:25:e2:df:
b0:1d:80:35:19:60:85:f6:a1:77:3f:8d:1f:7d:ba:
f0:fe:89:83:13:ce:37:f9:41:c9:a4:d7:49:4e:bf:
51:7b:c2:d6:be:96:b3:b2:ff:80:71:e4:17:8f:3e:
f5:4b:cd:16:29:f1:7a:1b:87:0f:7f:ec:3d:54:0c:
c1:35:ea:12:69:a5:30:a1:60:81:50:22:2f:ea:fb:
ff:aa:b3:15:62:7b:16:83:e3:52:57:c0:ff:c3:0f:
10:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2D:55:4D:25:4E:A6:89:3D:01:0D:6A:98:23:9A:47:7B:CB:43:7D
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/Oy1VTSVOpok9AQ1qmCOaR3vLQ30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.208.0-37.252.213.255
37.252.215.0/24
109.205.8.0/21
185.36.124.0/22
IPv6:
2a02:d8::/32
Signature Algorithm: sha256WithRSAEncryption
33:98:d0:3a:51:b0:db:b2:3a:4d:86:47:f1:9a:68:2e:2f:12:
7a:84:ef:e8:fd:fb:22:38:ea:b7:26:7b:fb:ff:a0:4f:b8:2c:
f4:41:57:7f:32:40:8e:82:b4:f3:9d:37:94:74:ca:ba:a5:12:
99:35:99:e3:bf:8f:67:bd:b0:55:82:15:0e:8b:7f:de:71:16:
73:ac:48:2c:f9:61:0e:d3:bc:79:44:8c:c6:f8:ff:85:c1:28:
6a:53:c4:98:85:c3:67:2d:2e:b2:4f:f4:07:7b:77:4e:2c:60:
60:80:29:67:41:78:08:28:bd:3c:c8:71:26:47:05:44:b6:96:
18:6d:a1:06:a2:01:d2:b2:ba:a5:69:19:3a:04:34:a5:cd:cf:
51:87:b0:30:cb:d7:c0:9f:d0:8b:ab:0e:e8:2e:08:e8:27:04:
87:9e:16:a7:12:68:21:c5:e0:7f:13:93:70:1a:9e:06:6a:4b:
8c:5c:b8:3d:9e:b1:8b:b3:f3:0a:b4:de:e9:2f:dc:ca:89:6d:
c8:c5:49:f4:54:0b:6b:7c:7e:42:e6:a8:22:77:30:4f:51:80:
31:ed:76:dd:8d:d9:f3:87:9d:02:10:51:6a:f7:d0:ad:b6:b2:
9b:99:2c:15:2c:6c:09:7f:28:6b:cb:0e:7b:da:4c:c2:25:2c:
07:14:d8:1b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZD+We268uEWMGA2UMA/87VUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjQwNzI5MTE1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjJkNTU0ZDI1NGVhNjg5M2QwMTBkNmE5ODIzOWE0NzdiY2I0MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0V0w1bpcghJmUdjCcUYCMqpizIvu
ilVjdwbpcDq27UhOtYJTP7pIKeGnD9egcMEy7+bDcS4880eTved3ggjvcnT3d342
tvfRaaZl3GDva04R5tnea0fiuAqPRB3i1STiWmv2rf08CmoXM+wR7Oe3rc7ghz/3
I/NQzN3yK8JHcrt9Oz8Qhmhe6yIUSccioPWk7uAhXVfXWhpSQmUC9rDR3rEl4t+w
HYA1GWCF9qF3P40ffbrw/omDE843+UHJpNdJTr9Re8LWvpazsv+AceQXjz71S80W
KfF6G4cPf+w9VAzBNeoSaaUwoWCBUCIv6vv/qrMVYnsWg+NSV8D/ww8Q7wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDstVU0lTqaJPQENapgjmkd7y0N9MB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvT3kxVlRTVk9wb2s5QVExcW1DT2FSM3ZMUTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAQl/NAD
BAEl/NQDBAAl/NcDBANtzQgDBAK5JHwwDQQCAAIwBwMFACoCANgwDQYJKoZIhvcN
AQELBQADggEBADOY0DpRsNuyOk2GR/GaaC4vEnqE7+j9+yI46rcme/v/oE+4LPRB
V38yQI6CtPOdN5R0yrqlEpk1meO/j2e9sFWCFQ6Lf95xFnOsSCz5YQ7TvHlEjMb4
/4XBKGpTxJiFw2ctLrJP9Ad7d04sYGCAKWdBeAgovTzIcSZHBUS2lhhtoQaiAdKy
uqVpGToENKXNz1GHsDDL18Cf0IurDuguCOgnBIeeFqcSaCHF4H8Tk3AangZqS4xc
uD2esYuz8wq03ukv3MqJbcjFSfRUC2t8fkLmqCJ3ME9RgDHtdt2N2fOHnQIQUWr3
0K22spuZLBUsbAl/KGvLDnvaTMIlLAcU2Bs=
-----END CERTIFICATE-----
Generated at Thu Aug 8 10:10:11 2024 by rpki-client on console-ams.rpki-client.org