Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/384645-618a-45b2-9d2b-56fadc92e400/1/72hQfq9V638p_oYm3gEcOz3RvHs.roa
File: 72hQfq9V638p_oYm3gEcOz3RvHs.roa (raw, json)
Hash identifier: bllL8WH1JcMPPx6qVX7SXsZKhioxo5UglYYzCgRDqaY=
Subject key identifier: EF:68:50:7E:AF:55:EB:7F:29:FE:86:26:DE:01:1C:3B:3D:D1:BC:7B
Certificate issuer: /CN=f16225a500454e62f1d25253ba7a2d8c1e254429
Certificate serial: 0189F3B7FB9763941F3952BED3837425AE94
Authority key identifier: F1:62:25:A5:00:45:4E:62:F1:D2:52:53:BA:7A:2D:8C:1E:25:44:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8WIlpQBFTmLx0lJTunotjB4lRCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/384645-618a-45b2-9d2b-56fadc92e400/1/72hQfq9V638p_oYm3gEcOz3RvHs.roa
Signing time: Mon 14 Aug 2023 11:04:28 +0000
ROA not before: Mon 14 Aug 2023 11:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 926
IP address blocks: 37.10.116.0/24 maxlen: 24
185.184.229.0/24 maxlen: 24
2a13:9440::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:b7:fb:97:63:94:1f:39:52:be:d3:83:74:25:ae:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f16225a500454e62f1d25253ba7a2d8c1e254429
Validity
Not Before: Aug 14 11:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef68507eaf55eb7f29fe8626de011c3b3dd1bc7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b6:67:cc:0f:1a:c0:57:e9:46:62:f6:74:03:
94:93:81:91:ae:df:29:e6:92:21:97:f5:44:02:53:
db:a4:e1:cc:a3:d2:d9:2a:2c:e4:c5:c3:60:64:26:
14:a3:b5:b9:14:1e:fb:0f:5a:a6:f9:2b:47:55:5d:
56:2e:01:aa:b5:e1:69:d9:5c:52:c5:ba:d3:d1:8c:
e5:51:3f:7f:a9:6e:a5:0c:c1:4c:4b:c6:09:71:d3:
1f:11:2d:d0:26:ef:84:bf:97:af:9d:af:ee:4a:97:
63:bd:e8:11:46:19:51:0d:6b:45:ad:fb:c8:a6:18:
6a:90:6a:dd:13:90:11:4a:75:8d:1c:8e:ea:2f:71:
95:99:1b:8c:ca:07:62:d6:d8:37:49:6f:74:d3:39:
32:64:c5:69:cd:3b:64:1c:23:60:a3:29:3f:8d:19:
df:5f:a8:4c:01:5a:8f:1c:44:a5:11:25:ee:31:9e:
a3:a3:79:79:bc:b2:e0:d7:9d:be:d7:fd:c0:6d:5d:
37:ab:c6:54:62:2a:f9:6e:e0:9f:2e:a4:ec:73:fc:
1a:e9:86:1b:d3:c6:b6:c1:78:e0:87:74:8c:3c:70:
a3:74:79:21:2c:e3:67:62:dc:24:5c:39:cf:d7:4f:
b8:ab:d4:e4:95:ca:6e:8c:b1:6b:66:40:38:a2:89:
f4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:68:50:7E:AF:55:EB:7F:29:FE:86:26:DE:01:1C:3B:3D:D1:BC:7B
X509v3 Authority Key Identifier:
keyid:F1:62:25:A5:00:45:4E:62:F1:D2:52:53:BA:7A:2D:8C:1E:25:44:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8WIlpQBFTmLx0lJTunotjB4lRCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/384645-618a-45b2-9d2b-56fadc92e400/1/72hQfq9V638p_oYm3gEcOz3RvHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/384645-618a-45b2-9d2b-56fadc92e400/1/8WIlpQBFTmLx0lJTunotjB4lRCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.10.116.0/24
185.184.229.0/24
IPv6:
2a13:9440::/29
Signature Algorithm: sha256WithRSAEncryption
1d:87:e7:e9:4f:77:39:ec:64:ba:94:e3:ed:c6:a1:19:f4:36:
57:cd:17:6b:2b:cd:b2:48:86:fd:9f:da:9e:8a:84:1f:aa:a5:
90:3d:de:1e:ab:0b:8f:47:ba:f7:2b:70:34:1e:9c:e0:f1:71:
4f:ba:58:8a:ce:fe:63:ca:a7:84:cf:2c:d5:dd:2b:1b:53:a5:
d8:51:86:b0:8f:5e:1d:cd:29:7d:a3:c1:04:84:03:a6:15:4e:
42:80:46:51:18:20:e7:75:7e:fa:1d:32:74:aa:84:5f:c9:8c:
98:14:ee:54:41:06:b6:e8:40:bf:4f:b1:21:ed:39:e8:8e:56:
ed:e4:d3:f3:a1:0b:b3:69:83:c5:3c:db:30:bf:e2:bd:8a:aa:
63:a9:f7:df:ab:69:61:bb:a3:b3:f0:e5:14:df:bf:d4:e2:24:
18:13:65:bd:1f:ed:f7:cf:c4:51:de:14:fd:54:41:e8:0c:06:
fb:18:a1:ac:47:5d:52:4f:98:33:89:bb:18:ef:b7:62:b4:c7:
6f:b3:01:69:62:d2:30:ee:58:80:9e:45:5b:1f:3a:2f:dd:73:
7b:dd:c7:a7:3f:ca:3b:46:34:fd:c9:f9:43:33:48:2c:10:34:
bb:e4:aa:3a:ea:4f:96:50:eb:08:d1:bc:57:d7:da:6d:6c:99:
61:03:a8:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYnzt/uXY5QfOVK+04N0Ja6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNjIyNWE1MDA0NTRlNjJmMWQyNTI1M2JhN2EyZDhjMWUy
NTQ0MjkwHhcNMjMwODE0MTEwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjY4NTA3ZWFmNTVlYjdmMjlmZTg2MjZkZTAxMWMzYjNkZDFiYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrZnzA8awFfpRmL2dAOUk4GRrt8p
5pIhl/VEAlPbpOHMo9LZKizkxcNgZCYUo7W5FB77D1qm+StHVV1WLgGqteFp2VxS
xbrT0YzlUT9/qW6lDMFMS8YJcdMfES3QJu+Ev5evna/uSpdjvegRRhlRDWtFrfvI
phhqkGrdE5ARSnWNHI7qL3GVmRuMygdi1tg3SW900zkyZMVpzTtkHCNgoyk/jRnf
X6hMAVqPHESlESXuMZ6jo3l5vLLg152+1/3AbV03q8ZUYir5buCfLqTsc/wa6YYb
08a2wXjgh3SMPHCjdHkhLONnYtwkXDnP10+4q9TklcpujLFrZkA4oon0QQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO9oUH6vVet/Kf6GJt4BHDs90bx7MB8GA1UdIwQY
MBaAFPFiJaUARU5i8dJSU7p6LYweJUQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFdJbHBRQkZUbUx4MGxKVHVub3RqQjRsUkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zODQ2NDUtNjE4YS00NWIyLTlkMmIt
NTZmYWRjOTJlNDAwLzEvNzJoUWZxOVY2MzhwX29ZbTNnRWNPejNSdkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zODQ2NDUtNjE4YS00NWIyLTlkMmItNTZmYWRjOTJlNDAw
LzEvOFdJbHBRQkZUbUx4MGxKVHVub3RqQjRsUkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAJQp0AwQA
ubjlMA0EAgACMAcDBQMqE5RAMA0GCSqGSIb3DQEBCwUAA4IBAQAdh+fpT3c57GS6
lOPtxqEZ9DZXzRdrK82ySIb9n9qeioQfqqWQPd4eqwuPR7r3K3A0Hpzg8XFPuliK
zv5jyqeEzyzV3SsbU6XYUYawj14dzSl9o8EEhAOmFU5CgEZRGCDndX76HTJ0qoRf
yYyYFO5UQQa26EC/T7Eh7Tnojlbt5NPzoQuzaYPFPNswv+K9iqpjqfffq2lhu6Oz
8OUU37/U4iQYE2W9H+33z8RR3hT9VEHoDAb7GKGsR11ST5gzibsY77ditMdvswFp
YtIw7liAnkVbHzov3XN73cenP8o7RjT9yflDM0gsEDS75Ko66k+WUOsI0bxX19pt
bJlhA6is
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:19 2024 by rpki-client on console-ams.rpki-client.org