Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4qdkR2LLDxnd9WIPmU1RGnAveqo.roa
File: 4qdkR2LLDxnd9WIPmU1RGnAveqo.roa (raw, json)
Hash identifier: bBDng1aiowD5dP6op+a6LqLhfEF3ipm9N3RwpFC3T5g=
Subject key identifier: E2:A7:64:47:62:CB:0F:19:DD:F5:62:0F:99:4D:51:1A:70:2F:7A:AA
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D84C45BBE984AF2F65DBD39D44205A4D6
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4qdkR2LLDxnd9WIPmU1RGnAveqo.roa
Signing time: Wed 07 Feb 2024 18:11:17 +0000
ROA not before: Wed 07 Feb 2024 18:11:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62300
IP address blocks: 37.221.81.0/24 maxlen: 24
194.32.241.0/24 maxlen: 24
194.61.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 15:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:c4:5b:be:98:4a:f2:f6:5d:bd:39:d4:42:05:a4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 7 18:11:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2a7644762cb0f19ddf5620f994d511a702f7aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:85:e3:0e:c4:d1:b1:6d:46:56:9d:08:f0:
45:af:d7:9d:37:7f:47:6a:0e:d5:b8:90:c7:02:48:
3c:09:31:28:d9:26:fc:0f:ec:2c:93:76:f9:f6:4f:
32:68:a4:78:ae:61:44:99:88:b1:a6:3f:6b:1d:7c:
2b:a1:94:23:fa:9a:f8:9f:92:fb:f6:e7:50:12:4f:
59:07:06:2a:11:75:06:c9:c8:4c:91:06:f4:65:e6:
54:0d:10:a9:ab:2e:68:52:1d:a6:5e:b9:ec:ac:99:
e4:0a:a8:1f:3f:a5:22:fe:19:35:fe:87:55:1e:45:
20:9e:7b:b9:41:a3:77:e5:c2:39:57:63:4c:fb:74:
37:f5:4b:e9:56:95:13:05:61:c1:90:43:eb:ce:3d:
ee:3c:34:5e:cb:18:61:7b:08:e3:15:fb:8d:97:3e:
45:c5:90:4a:14:eb:aa:2b:86:8d:08:cf:d9:38:a2:
42:9c:34:f7:ea:10:e4:14:dd:52:cf:e7:41:cb:89:
b2:e0:cc:e4:cc:80:65:31:e4:09:59:db:2e:d7:07:
e9:ea:09:9a:b0:6d:f1:9a:6e:2b:d2:f6:4a:7f:82:
d0:74:6e:95:0b:72:3e:be:53:bb:1c:9c:37:b0:0c:
28:46:d9:cb:5b:53:87:14:8a:41:ec:44:1d:64:1f:
6c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A7:64:47:62:CB:0F:19:DD:F5:62:0F:99:4D:51:1A:70:2F:7A:AA
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4qdkR2LLDxnd9WIPmU1RGnAveqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.81.0/24
194.32.241.0/24
194.61.8.0/24
Signature Algorithm: sha256WithRSAEncryption
16:d9:88:d6:ab:2d:ad:30:30:b1:8c:60:03:7e:2b:50:99:bb:
ca:90:74:eb:40:94:07:bc:7c:3b:76:ca:55:db:95:f1:f6:21:
44:e9:c7:0f:b3:c9:7f:4a:e3:9a:32:02:c5:04:8f:f2:ca:b1:
06:2c:27:b9:ec:ae:f6:01:30:fe:d9:b4:f9:26:9d:3e:1d:9b:
2a:8b:bb:ea:b5:b3:fc:34:21:4d:b0:ca:c1:f7:f4:a8:bd:a8:
fe:4d:41:c6:0d:c9:31:bf:f0:ae:b5:0a:22:1a:f7:06:f8:8a:
88:6c:f1:2a:15:1a:6b:5f:d4:e5:cf:b5:6f:dd:ec:a2:5e:60:
d8:1d:06:b5:03:26:43:c4:1f:68:e2:5d:e8:71:10:27:94:0c:
97:a7:39:82:4e:a4:00:84:83:f5:a7:e1:b2:a3:b5:d0:af:b9:
03:b9:d5:9b:9c:55:0c:10:b8:e8:3a:39:b7:d7:b4:66:7e:b4:
dd:68:bd:c9:cf:bd:0c:a1:fb:a2:75:07:b1:64:54:b7:f7:c4:
97:c6:5d:d5:13:e4:24:1e:a9:10:bf:6f:c3:63:82:9f:3b:a2:
85:fe:53:97:bc:b5:de:67:69:a6:78:aa:10:67:7b:d5:0d:6f:
c2:29:f4:2c:87:1c:f6:2c:65:04:2b:f2:9f:70:f3:c4:31:2a:
c2:0a:33:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2ExFu+mEry9l29OdRCBaTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA3MTgxMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmE3NjQ0NzYyY2IwZjE5ZGRmNTYyMGY5OTRkNTExYTcwMmY3YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3WF4w7E0bFtRladCPBFr9edN39H
ag7VuJDHAkg8CTEo2Sb8D+wsk3b59k8yaKR4rmFEmYixpj9rHXwroZQj+pr4n5L7
9udQEk9ZBwYqEXUGychMkQb0ZeZUDRCpqy5oUh2mXrnsrJnkCqgfP6Ui/hk1/odV
HkUgnnu5QaN35cI5V2NM+3Q39UvpVpUTBWHBkEPrzj3uPDReyxhhewjjFfuNlz5F
xZBKFOuqK4aNCM/ZOKJCnDT36hDkFN1Sz+dBy4my4MzkzIBlMeQJWdsu1wfp6gma
sG3xmm4r0vZKf4LQdG6VC3I+vlO7HJw3sAwoRtnLW1OHFIpB7EQdZB9sXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOKnZEdiyw8Z3fViD5lNURpwL3qqMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvNHFka1IyTExEeG5kOVdJUG1VMVJHbkF2ZXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJd1RAwQA
wiDxAwQAwj0IMA0GCSqGSIb3DQEBCwUAA4IBAQAW2YjWqy2tMDCxjGADfitQmbvK
kHTrQJQHvHw7dspV25Xx9iFE6ccPs8l/SuOaMgLFBI/yyrEGLCe57K72ATD+2bT5
Jp0+HZsqi7vqtbP8NCFNsMrB9/Sovaj+TUHGDckxv/CutQoiGvcG+IqIbPEqFRpr
X9Tlz7Vv3eyiXmDYHQa1AyZDxB9o4l3ocRAnlAyXpzmCTqQAhIP1p+Gyo7XQr7kD
udWbnFUMELjoOjm317RmfrTdaL3Jz70MofuidQexZFS398SXxl3VE+QkHqkQv2/D
Y4KfO6KF/lOXvLXeZ2mmeKoQZ3vVDW/CKfQshxz2LGUEK/KfcPPEMSrCCjOm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org