Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/RnM3xe3ton0Jc3s7Chz9eWWzU04.roa
File: RnM3xe3ton0Jc3s7Chz9eWWzU04.roa (raw, json)
Hash identifier: Aczya93i9cDt0ULlydgFh/Ale1fyBc8ipZMya3ZmYP4=
Subject key identifier: 46:73:37:C5:ED:ED:A2:7D:09:73:7B:3B:0A:1C:FD:79:65:B3:53:4E
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DC740BBB41FBF63AC46DFC3E73488B120
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/RnM3xe3ton0Jc3s7Chz9eWWzU04.roa
Signing time: Tue 20 Feb 2024 16:02:04 +0000
ROA not before: Tue 20 Feb 2024 16:02:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 37.77.147.0/24 maxlen: 24
37.140.221.0/24 maxlen: 24
193.109.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 17:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:40:bb:b4:1f:bf:63:ac:46:df:c3:e7:34:88:b1:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 20 16:02:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=467337c5ededa27d09737b3b0a1cfd7965b3534e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a7:86:39:a9:40:7b:61:a8:56:8f:ce:3a:33:
b1:72:f0:94:49:e8:5b:f9:3e:7e:fd:c1:fe:22:d8:
2e:4e:5e:d8:6c:53:f8:1a:1c:5a:be:0c:56:f2:5a:
fc:89:19:7f:90:fe:84:5b:bd:77:c2:c6:1c:74:eb:
68:7b:e1:8b:ce:ca:db:2c:e2:35:2e:0d:d8:09:8f:
8c:d0:5e:3d:d2:49:64:34:4d:6c:2e:83:28:8e:2f:
5d:35:39:8d:2e:6b:60:a4:7c:bb:d6:68:3d:27:ab:
36:e3:d8:92:26:d6:64:fb:5b:14:a6:68:80:67:28:
b3:75:6b:e8:91:10:ed:85:68:f1:13:06:34:fe:f7:
4a:8f:63:88:dd:97:c8:21:9f:bd:5f:cc:27:f1:af:
b4:a5:94:29:1e:ed:8b:c9:3f:9f:38:b4:ef:ff:44:
27:1e:79:ea:66:9a:31:55:30:45:57:c7:91:51:07:
d1:d3:29:66:64:7b:d4:31:82:df:29:14:bd:54:1e:
ee:aa:dc:34:8e:9d:a9:08:17:12:b3:f5:ac:01:99:
ab:c5:b4:c5:4d:24:6a:94:cb:1d:bd:6b:52:e2:01:
ba:93:0b:06:9c:95:0d:af:d7:c4:01:37:6a:44:a8:
e7:d2:d1:cc:09:f3:d8:a8:88:b5:b6:e3:3a:51:a0:
db:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:73:37:C5:ED:ED:A2:7D:09:73:7B:3B:0A:1C:FD:79:65:B3:53:4E
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/RnM3xe3ton0Jc3s7Chz9eWWzU04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.147.0/24
37.140.221.0/24
193.109.213.0/24
Signature Algorithm: sha256WithRSAEncryption
16:b1:b0:8d:d5:cb:e6:95:28:98:8f:7d:b4:08:62:98:44:43:
b6:73:9f:d2:36:ef:d7:f0:1d:1a:93:6e:26:ec:7a:fa:a3:df:
8b:ef:25:ee:0a:9a:a8:bf:79:a7:00:cb:a8:c8:84:d5:6d:da:
e1:da:5b:cb:f8:e7:e9:df:11:ce:ef:53:0e:2e:e5:71:47:ba:
bc:10:d8:c8:14:4d:63:7d:87:43:b4:9c:59:82:02:fb:bb:70:
7a:8d:b9:a2:7f:56:a4:db:c8:06:e4:cc:10:40:c2:3b:e2:6b:
42:08:e6:98:f7:b4:3a:ef:25:e7:a9:39:91:ba:53:16:c1:a2:
bb:81:d0:f1:45:38:34:be:63:36:6e:ef:6d:57:a2:87:26:c2:
b5:3a:61:cd:fb:c7:36:e4:95:f3:df:f7:57:ae:1f:5a:80:b9:
a5:aa:0b:91:77:80:18:35:c6:76:88:69:fc:95:9f:f2:d3:ed:
eb:35:29:e0:fb:01:02:7f:e4:41:64:46:b0:0c:61:c3:d2:e1:
7b:f3:57:61:2f:d2:85:b1:9c:26:09:c3:dc:6b:a4:1e:61:d5:
09:32:11:84:0d:93:f5:35:5a:fb:25:f7:6c:c4:94:96:4b:9a:
c8:73:47:ef:b4:63:0b:9f:32:02:5b:1d:42:69:a8:c7:3e:62:
a5:23:8c:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3HQLu0H79jrEbfw+c0iLEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIwMTYwMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjczMzdjNWVkZWRhMjdkMDk3MzdiM2IwYTFjZmQ3OTY1YjM1MzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaeGOalAe2GoVo/OOjOxcvCUSehb
+T5+/cH+ItguTl7YbFP4GhxavgxW8lr8iRl/kP6EW713wsYcdOtoe+GLzsrbLOI1
Lg3YCY+M0F490klkNE1sLoMoji9dNTmNLmtgpHy71mg9J6s249iSJtZk+1sUpmiA
ZyizdWvokRDthWjxEwY0/vdKj2OI3ZfIIZ+9X8wn8a+0pZQpHu2LyT+fOLTv/0Qn
HnnqZpoxVTBFV8eRUQfR0ylmZHvUMYLfKRS9VB7uqtw0jp2pCBcSs/WsAZmrxbTF
TSRqlMsdvWtS4gG6kwsGnJUNr9fEATdqRKjn0tHMCfPYqIi1tuM6UaDbTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEZzN8Xt7aJ9CXN7Owoc/Xlls1NOMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvUm5NM3hlM3RvbjBKYzNzN0NoejllV1d6VTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJU2TAwQA
JYzdAwQAwW3VMA0GCSqGSIb3DQEBCwUAA4IBAQAWsbCN1cvmlSiYj320CGKYREO2
c5/SNu/X8B0ak24m7Hr6o9+L7yXuCpqov3mnAMuoyITVbdrh2lvL+Ofp3xHO71MO
LuVxR7q8ENjIFE1jfYdDtJxZggL7u3B6jbmif1ak28gG5MwQQMI74mtCCOaY97Q6
7yXnqTmRulMWwaK7gdDxRTg0vmM2bu9tV6KHJsK1OmHN+8c25JXz3/dXrh9agLml
qguRd4AYNcZ2iGn8lZ/y0+3rNSng+wECf+RBZEawDGHD0uF781dhL9KFsZwmCcPc
a6QeYdUJMhGEDZP1NVr7JfdsxJSWS5rIc0fvtGMLnzICWx1CaajHPmKlI4wW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org