Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/HCeUVctBBvywrsImTIvWgWZ3u5U.roa
File: HCeUVctBBvywrsImTIvWgWZ3u5U.roa (raw, json)
Hash identifier: 7X6SEBMm+sjNTxwAsLfZBJrcorPghaEXYnBbx6WIkJo=
Subject key identifier: 1C:27:94:55:CB:41:06:FC:B0:AE:C2:26:4C:8B:D6:81:66:77:BB:95
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E2E3678459990DA20C620DF0E4A9C77A7
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/HCeUVctBBvywrsImTIvWgWZ3u5U.roa
Signing time: Mon 11 Mar 2024 15:51:45 +0000
ROA not before: Mon 11 Mar 2024 15:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43201
IP address blocks: 37.72.139.0/24 maxlen: 24
193.3.170.0/24 maxlen: 24
194.56.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 17:10:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:36:78:45:99:90:da:20:c6:20:df:0e:4a:9c:77:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 11 15:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c279455cb4106fcb0aec2264c8bd6816677bb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e0:4f:fb:98:ce:3b:61:64:d1:7e:e6:3e:0f:
72:43:ac:05:56:f2:54:ee:d4:22:fc:6a:f9:e0:57:
fb:69:43:a1:c7:91:a8:e7:41:31:63:cc:10:49:99:
7d:2c:9f:62:3b:a3:8c:94:e8:39:b7:c6:be:e8:8e:
da:e5:78:a4:7b:8e:8f:cb:be:05:20:b2:6a:36:a4:
1e:3e:eb:af:bd:a3:9a:92:e9:e3:58:66:c2:e6:a5:
b3:17:67:4d:fb:26:5f:11:b9:bb:3c:d1:cb:0e:a5:
64:40:1d:59:c7:63:d0:6f:64:3b:99:64:e4:f1:43:
e5:77:37:8d:f5:d4:a4:07:83:cc:ce:d0:bc:26:56:
4f:f4:d7:4c:37:09:85:de:5f:02:9c:df:31:d0:88:
5f:70:e5:2b:32:41:53:7b:1e:5a:3a:d8:c2:bd:8a:
bf:f6:48:df:8b:62:14:04:0a:cd:2c:cc:83:50:f4:
81:74:83:f6:f5:f5:ec:26:ff:14:28:b3:e7:7b:b7:
a1:62:60:0f:31:ac:8c:5d:55:02:e0:25:d3:9c:61:
0b:7b:f5:af:13:88:f5:58:30:fc:32:b7:8d:b1:20:
98:53:d3:73:5b:e2:4e:cf:71:f4:0b:77:15:45:19:
4f:6e:e6:56:a1:36:c9:44:f2:9d:4a:cd:2e:1c:bd:
65:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:27:94:55:CB:41:06:FC:B0:AE:C2:26:4C:8B:D6:81:66:77:BB:95
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/HCeUVctBBvywrsImTIvWgWZ3u5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.139.0/24
193.3.170.0/24
194.56.180.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ca:68:48:ff:87:4a:86:70:8a:70:98:24:16:dd:65:8f:13:
0a:bf:62:40:09:12:81:3d:db:32:ae:84:4d:8d:99:8e:75:8b:
c1:d1:fc:3c:35:93:5a:f8:64:54:2c:8c:70:af:25:e8:27:d5:
88:b6:13:ea:11:db:29:50:fb:d0:75:5a:99:c0:a1:bd:ae:f7:
49:13:2c:6c:25:d9:93:9b:3f:b4:da:37:66:d4:76:0a:a7:93:
16:17:2c:98:79:73:44:19:c8:74:86:64:03:c6:13:be:96:b9:
9b:8f:61:cc:87:c7:6e:16:85:75:17:46:36:2f:b6:e8:bd:8e:
61:f0:96:33:d7:b2:5d:6b:f9:5e:30:60:d3:16:d6:e2:10:94:
21:4e:6b:10:d7:f3:93:c7:0f:c9:c8:84:67:4d:7b:14:c6:41:
07:2f:91:7e:38:a6:f6:e8:98:3e:f1:aa:4c:93:7c:c1:4b:23:
46:a1:5a:bf:a6:cd:8f:32:9e:63:8f:f0:2d:c4:2a:48:e0:60:
ca:bc:38:11:7f:41:0d:4a:b4:6b:cb:89:d6:03:ad:e3:e9:44:
3b:00:7b:ac:23:54:67:73:9e:cd:e5:40:e0:d7:e5:12:2a:2c:
99:0e:33:ad:e0:fe:63:0b:33:99:f0:bf:c8:76:eb:ce:a7:dc:
98:cb:1b:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4uNnhFmZDaIMYg3w5KnHenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzExMTU1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzI3OTQ1NWNiNDEwNmZjYjBhZWMyMjY0YzhiZDY4MTY2NzdiYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOBP+5jOO2Fk0X7mPg9yQ6wFVvJU
7tQi/Gr54Ff7aUOhx5Go50ExY8wQSZl9LJ9iO6OMlOg5t8a+6I7a5Xike46Py74F
ILJqNqQePuuvvaOakunjWGbC5qWzF2dN+yZfEbm7PNHLDqVkQB1Zx2PQb2Q7mWTk
8UPldzeN9dSkB4PMztC8JlZP9NdMNwmF3l8CnN8x0IhfcOUrMkFTex5aOtjCvYq/
9kjfi2IUBArNLMyDUPSBdIP29fXsJv8UKLPne7ehYmAPMayMXVUC4CXTnGELe/Wv
E4j1WDD8MreNsSCYU9NzW+JOz3H0C3cVRRlPbuZWoTbJRPKdSs0uHL1lYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBwnlFXLQQb8sK7CJkyL1oFmd7uVMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvSENlVVZjdEJCdnl3cnNJbVRJdldnV1ozdTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJUiLAwQA
wQOqAwQAwji0MA0GCSqGSIb3DQEBCwUAA4IBAQBvymhI/4dKhnCKcJgkFt1ljxMK
v2JACRKBPdsyroRNjZmOdYvB0fw8NZNa+GRULIxwryXoJ9WIthPqEdspUPvQdVqZ
wKG9rvdJEyxsJdmTmz+02jdm1HYKp5MWFyyYeXNEGch0hmQDxhO+lrmbj2HMh8du
FoV1F0Y2L7bovY5h8JYz17Jda/leMGDTFtbiEJQhTmsQ1/OTxw/JyIRnTXsUxkEH
L5F+OKb26Jg+8apMk3zBSyNGoVq/ps2PMp5jj/AtxCpI4GDKvDgRf0ENSrRry4nW
A63j6UQ7AHusI1Rnc57N5UDg1+USKiyZDjOt4P5jCzOZ8L/IduvOp9yYyxvm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org