Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/oKrxidasrhyCgz8mTWCUPhcmRx8.roa
File: oKrxidasrhyCgz8mTWCUPhcmRx8.roa (raw, json)
Hash identifier: eXxdDqD/N3dgokJl2TmBXGNzfX4usw9/LkJ+KuNmxzU=
Subject key identifier: A0:AA:F1:89:D6:AC:AE:1C:82:83:3F:26:4D:60:94:3E:17:26:47:1F
Certificate issuer: /CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Certificate serial: 018571830B9C4D051DA3B589406F360FEC84
Authority key identifier: 42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/oKrxidasrhyCgz8mTWCUPhcmRx8.roa
Signing time: Mon 02 Jan 2023 08:04:51 +0000
ROA not before: Mon 02 Jan 2023 08:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13127
IP address blocks: 37.220.150.0/24 maxlen: 24
37.220.149.0/24 maxlen: 24
37.220.148.0/24 maxlen: 24
37.220.151.0/24 maxlen: 24
37.220.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:0b:9c:4d:05:1d:a3:b5:89:40:6f:36:0f:ec:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Validity
Not Before: Jan 2 08:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0aaf189d6acae1c82833f264d60943e1726471f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:65:0c:57:af:6f:aa:89:4d:b7:c5:12:87:62:
b8:3c:1c:c7:ec:4a:98:a9:d1:42:0f:48:43:87:17:
8e:d1:b9:7a:a1:06:b2:29:14:71:82:ea:71:bd:ac:
81:22:45:63:24:99:21:95:11:07:46:92:9b:99:95:
5e:b0:bf:67:21:48:cf:f7:e9:d7:ff:22:32:8a:5b:
33:be:47:4c:9c:72:1a:e4:cc:27:4b:03:86:34:17:
dd:3d:67:61:31:83:fa:01:44:e9:48:54:7b:fb:3f:
f5:15:83:73:77:95:d7:37:38:32:de:df:5c:68:ce:
75:d2:e2:57:27:32:56:5b:bc:fa:1b:9c:b0:66:2f:
84:5e:4e:85:93:3c:b4:75:80:e2:a6:f7:e0:8e:fb:
90:3d:46:bb:59:a3:fa:1a:ca:97:48:ee:0a:1e:95:
85:7d:1b:b3:6f:6e:8c:51:5a:39:14:1b:6b:d4:4b:
bb:02:75:4b:da:39:fd:c4:b6:ae:77:c3:84:e6:08:
e8:bb:96:da:ab:8c:70:f2:6f:c7:9f:1e:bd:2b:c5:
76:b5:0d:dd:85:55:6a:fb:10:95:0b:38:a0:7b:25:
1c:aa:35:e4:66:cd:bb:26:70:a1:76:aa:44:d2:b8:
cc:a8:75:0c:99:f8:18:bc:13:46:01:a7:a6:4c:ee:
12:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:AA:F1:89:D6:AC:AE:1C:82:83:3F:26:4D:60:94:3E:17:26:47:1F
X509v3 Authority Key Identifier:
keyid:42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/oKrxidasrhyCgz8mTWCUPhcmRx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/QsQnI8H3W6C-iTXHL2G_5cX0zjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.147.0-37.220.151.255
Signature Algorithm: sha256WithRSAEncryption
04:9c:ef:d0:53:ac:25:da:aa:ca:46:df:05:9f:6e:31:f7:66:
30:64:c9:8a:19:dc:92:6b:65:c5:24:fa:25:52:e3:8d:d0:c1:
26:80:90:fe:a6:21:d9:db:69:5e:2b:62:74:cc:54:1b:62:2b:
39:b0:6b:37:21:dd:1e:c4:61:6c:17:e0:bf:da:0c:68:8a:72:
31:02:45:93:d3:21:eb:0d:4a:5f:ae:9e:a5:3b:aa:83:12:95:
7b:f4:3e:36:cd:12:e4:94:5f:78:ec:c1:68:61:1c:94:73:7f:
5b:a3:b4:68:0e:f7:9f:dc:3a:7d:b6:7c:3b:b4:4e:dc:8b:4b:
ae:89:9a:27:38:a3:7c:90:42:98:db:3d:ea:d5:1c:6a:71:cc:
cf:09:6d:5d:02:04:cf:5d:a5:04:49:a1:df:3e:7f:4b:42:92:
bc:6a:85:02:b1:0a:e1:2c:a1:85:80:b2:92:b8:24:c0:bd:48:
ab:3b:7e:31:ef:16:ea:5b:9e:17:3d:4f:e3:8a:9d:63:e5:db:
9a:ff:ab:73:f0:5e:f4:e2:32:84:b8:f2:b1:c6:99:8b:8a:58:
df:45:e7:d5:55:f4:2d:1f:d8:23:7b:14:a5:d0:91:4a:a9:06:
c0:91:0f:85:7f:28:f8:52:be:ce:fc:5d:e1:f8:ef:9f:52:5c:
d2:a9:6d:ed
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxgwucTQUdo7WJQG82D+yEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzQyNzIzYzFmNzViYTBiZTg5MzVjNzJmNjFiZmU1YzVm
NGNlM2MwHhcNMjMwMTAyMDgwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGFhZjE4OWQ2YWNhZTFjODI4MzNmMjY0ZDYwOTQzZTE3MjY0NzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GUMV69vqolNt8USh2K4PBzH7EqY
qdFCD0hDhxeO0bl6oQayKRRxgupxvayBIkVjJJkhlREHRpKbmZVesL9nIUjP9+nX
/yIyilszvkdMnHIa5MwnSwOGNBfdPWdhMYP6AUTpSFR7+z/1FYNzd5XXNzgy3t9c
aM510uJXJzJWW7z6G5ywZi+EXk6Fkzy0dYDipvfgjvuQPUa7WaP6GsqXSO4KHpWF
fRuzb26MUVo5FBtr1Eu7AnVL2jn9xLaud8OE5gjou5baq4xw8m/Hnx69K8V2tQ3d
hVVq+xCVCzigeyUcqjXkZs27JnChdqpE0rjMqHUMmfgYvBNGAaemTO4StQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKCq8YnWrK4cgoM/Jk1glD4XJkcfMB8GA1UdIwQY
MBaAFELEJyPB91ugvok1xy9hv+XF9M48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNRbkk4SDNXNkMtaVRYSEwyR181Y1gwemp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jNTY0MTgtZDFkNi00YjQzLWFlYzAt
Yjk4YTY5MDFlYTEwLzEvb0tyeGlkYXNyaHlDZ3o4bVRXQ1VQaGNtUng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jNTY0MTgtZDFkNi00YjQzLWFlYzAtYjk4YTY5MDFlYTEw
LzEvUXNRbkk4SDNXNkMtaVRYSEwyR181Y1gwemp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAl3JMD
BAMl3JAwDQYJKoZIhvcNAQELBQADggEBAASc79BTrCXaqspG3wWfbjH3ZjBkyYoZ
3JJrZcUk+iVS443QwSaAkP6mIdnbaV4rYnTMVBtiKzmwazch3R7EYWwX4L/aDGiK
cjECRZPTIesNSl+unqU7qoMSlXv0PjbNEuSUX3jswWhhHJRzf1ujtGgO95/cOn22
fDu0TtyLS66Jmic4o3yQQpjbPerVHGpxzM8JbV0CBM9dpQRJod8+f0tCkrxqhQKx
CuEsoYWAspK4JMC9SKs7fjHvFupbnhc9T+OKnWPl25r/q3PwXvTiMoS48rHGmYuK
WN9F59VV9C0f2CN7FKXQkUqpBsCRD4V/KPhSvs78XeH4759SXNKpbe0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:02 2024 by rpki-client on console-ams.rpki-client.org