Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/1-xSuTHYGm-YwdpejMtrhTfve3DA.roa
File: 1-xSuTHYGm-YwdpejMtrhTfve3DA.roa (raw, json)
Hash identifier: HqcKv0S9f/SmPFv30LiybF93p0NOXw0I0FzqPkC/C8Q=
Subject key identifier: FB:14:AE:4C:76:06:9B:E6:30:76:97:A3:32:DA:E1:4D:FB:DE:DC:30
Certificate issuer: /CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Certificate serial: 01930A01F9119747A493B26AE47DA061D9C5
Authority key identifier: 45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/1-xSuTHYGm-YwdpejMtrhTfve3DA.roa
Signing time: Fri 08 Nov 2024 04:22:01 +0000
ROA not before: Fri 08 Nov 2024 04:22:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35590
IP address blocks: 178.239.37.0/24 maxlen: 24
178.239.38.0/24 maxlen: 24
178.239.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Nov 2024 07:36:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0a:01:f9:11:97:47:a4:93:b2:6a:e4:7d:a0:61:d9:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Validity
Not Before: Nov 8 04:22:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb14ae4c76069be6307697a332dae14dfbdedc30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:6f:19:44:dc:cd:5b:a8:64:66:2b:00:bf:41:
90:f8:8a:ab:f3:be:ee:99:5b:be:f0:ad:a6:74:75:
a2:36:5b:65:eb:b7:35:07:53:3a:e3:dc:da:e7:90:
6a:a8:99:c7:44:a4:5d:1c:74:90:b8:fe:df:ad:63:
6b:91:a0:26:de:48:96:23:f7:65:00:30:90:33:89:
e3:4f:25:49:41:7a:4e:09:52:4b:e0:73:8e:51:e4:
a8:fb:bb:fc:dc:5a:fc:92:5d:30:96:65:7a:03:26:
21:6b:f4:ff:6a:e9:19:37:02:c6:35:df:10:65:f1:
cd:33:6d:36:71:b4:46:a5:61:f2:e1:ef:a0:e0:8c:
e9:66:e1:f0:1f:6c:b0:09:35:f9:ed:a9:56:de:da:
97:aa:65:a1:ed:2f:52:c1:c9:ac:be:4a:97:bb:f4:
b6:38:5a:4d:9e:58:71:79:b6:97:27:13:db:fb:f0:
48:38:72:42:c5:f3:e0:17:08:d1:34:08:a8:7f:3a:
da:a4:37:9f:0b:17:3e:f2:4f:21:5b:e6:07:8c:59:
59:40:0d:45:41:de:1c:f8:79:a0:8b:b6:8d:69:ea:
7a:92:52:e0:88:e1:e9:99:2f:31:6c:69:f7:75:69:
51:86:db:13:73:7f:d1:7c:e3:a7:15:c3:64:1d:9f:
e7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:14:AE:4C:76:06:9B:E6:30:76:97:A3:32:DA:E1:4D:FB:DE:DC:30
X509v3 Authority Key Identifier:
keyid:45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/1-xSuTHYGm-YwdpejMtrhTfve3DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/RfnjL_avPV5dd727mNo30LjkRRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.37.0-178.239.39.255
Signature Algorithm: sha256WithRSAEncryption
3b:98:2d:0c:f7:f2:ad:d4:43:35:cd:f7:6c:cf:e1:5a:50:65:
fe:63:46:f7:61:9a:5e:78:a3:8f:c1:97:4b:2e:fe:15:94:72:
6a:92:14:cc:07:ba:fe:c5:ad:c5:f8:6d:12:1e:65:dc:70:cb:
58:aa:07:6c:da:70:51:bb:70:dc:69:ad:f1:3b:1c:ed:4b:37:
18:f2:29:67:e6:02:f3:10:2a:e1:fa:af:d4:6c:a1:4a:ae:28:
00:06:c9:52:d4:1f:46:d2:56:07:93:81:6a:03:9a:ad:06:9e:
28:23:c9:13:55:54:30:a8:37:1d:25:c6:3c:c0:b4:57:2a:b4:
05:6e:16:49:70:2d:b1:33:9f:72:0b:94:df:f8:3d:e7:03:d2:
8f:e6:8e:18:ed:d0:29:49:85:ba:51:92:02:55:8e:b7:1e:7f:
76:11:6e:f9:10:ff:2d:51:11:03:c5:1a:a1:4b:de:76:10:10:
80:32:1c:46:f2:80:5e:c2:8f:16:e6:ce:62:74:4b:be:2d:dc:
d1:62:46:17:54:1d:7a:7b:47:6c:8c:bb:c9:42:71:ae:fe:76:
25:92:05:88:f4:1c:df:3a:a5:5d:8a:14:d0:1b:5a:d4:6d:c0:
1c:04:14:87:bc:32:85:b4:95:24:4e:25:9b:99:f5:d5:7e:52:
6a:c3:0a:67
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZMKAfkRl0ekk7Jq5H2gYdnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZjllMzJmZjZhZjNkNWU1ZDc3YmRiYjk4ZGEzN2QwYjhl
NDQ1MTkwHhcNMjQxMTA4MDQyMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjE0YWU0Yzc2MDY5YmU2MzA3Njk3YTMzMmRhZTE0ZGZiZGVkYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+W8ZRNzNW6hkZisAv0GQ+Iqr877u
mVu+8K2mdHWiNltl67c1B1M649za55BqqJnHRKRdHHSQuP7frWNrkaAm3kiWI/dl
ADCQM4njTyVJQXpOCVJL4HOOUeSo+7v83Fr8kl0wlmV6AyYha/T/aukZNwLGNd8Q
ZfHNM202cbRGpWHy4e+g4IzpZuHwH2ywCTX57alW3tqXqmWh7S9SwcmsvkqXu/S2
OFpNnlhxebaXJxPb+/BIOHJCxfPgFwjRNAiofzrapDefCxc+8k8hW+YHjFlZQA1F
Qd4c+Hmgi7aNaep6klLgiOHpmS8xbGn3dWlRhtsTc3/RfOOnFcNkHZ/nJwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPsUrkx2BpvmMHaXozLa4U373twwMB8GA1UdIwQY
MBaAFEX54y/2rz1eXXe9u5jaN9C45EUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYt
OGVlMGExMmEzNTliLzEvMS14U3VUSFlHbS1Zd2RwZWpNdHJoVGZ2ZTNEQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDAvOWRlZjA4LTc1NTItNGI1YS05NjZmLThlZTBhMTJhMzU5
Yi8xL1JmbmpMX2F2UFY1ZGQ3MjdtTm8zMExqa1JSay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAsu8l
AwQDsu8gMA0GCSqGSIb3DQEBCwUAA4IBAQA7mC0M9/Kt1EM1zfdsz+FaUGX+Y0b3
YZpeeKOPwZdLLv4VlHJqkhTMB7r+xa3F+G0SHmXccMtYqgds2nBRu3Dcaa3xOxzt
SzcY8iln5gLzECrh+q/UbKFKrigABslS1B9G0lYHk4FqA5qtBp4oI8kTVVQwqDcd
JcY8wLRXKrQFbhZJcC2xM59yC5Tf+D3nA9KP5o4Y7dApSYW6UZICVY63Hn92EW75
EP8tUREDxRqhS952EBCAMhxG8oBewo8W5s5idEu+LdzRYkYXVB16e0dsjLvJQnGu
/nYlkgWI9BzfOqVdihTQG1rUbcAcBBSHvDKFtJUkTiWbmfXVflJqwwpn
-----END CERTIFICATE-----
Generated at Fri Nov 8 10:13:29 2024 by rpki-client on console-ams.rpki-client.org