Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/qh5hevQ5zqfzF9FDv6KqBDLb6kE.roa
File: qh5hevQ5zqfzF9FDv6KqBDLb6kE.roa (raw, json)
Hash identifier: 2JzsB1O/z5IJ6oP4pUMVt3eBG0l7+jYBmh/djQWiTEE=
Subject key identifier: AA:1E:61:7A:F4:39:CE:A7:F3:17:D1:43:BF:A2:AA:04:32:DB:EA:41
Certificate issuer: /CN=c8d335041718b18830b1f58c15d3518510fe6118
Certificate serial: 01856E141DBFF718C7F8968CA844DD8DC005
Authority key identifier: C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/qh5hevQ5zqfzF9FDv6KqBDLb6kE.roa
Signing time: Sun 01 Jan 2023 16:04:50 +0000
ROA not before: Sun 01 Jan 2023 16:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 37.1.174.0/24 maxlen: 24
37.1.175.0/24 maxlen: 24
37.1.173.0/24 maxlen: 24
37.252.206.0/24 maxlen: 24
37.252.205.0/24 maxlen: 24
37.252.200.0/21 maxlen: 21
37.252.207.0/24 maxlen: 24
37.1.169.0/24 maxlen: 24
37.1.168.0/21 maxlen: 21
37.1.168.0/24 maxlen: 24
37.1.171.0/24 maxlen: 24
37.1.170.0/24 maxlen: 24
37.1.172.0/24 maxlen: 24
2a03:b7c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 14 Mar 2023 08:35:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:1d:bf:f7:18:c7:f8:96:8c:a8:44:dd:8d:c0:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d335041718b18830b1f58c15d3518510fe6118
Validity
Not Before: Jan 1 16:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1e617af439cea7f317d143bfa2aa0432dbea41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dd:00:ff:2e:9b:93:43:50:45:7c:f4:a7:0f:
9d:df:5c:4d:a4:4c:80:a3:f3:d8:58:c2:5c:f0:10:
39:58:5b:30:c2:d0:91:a5:fe:80:86:25:40:32:f7:
7b:d9:38:59:5b:0b:3c:34:9d:7f:fe:8e:2b:ba:0f:
cc:a7:5c:5f:4b:8a:55:8f:5d:f7:91:59:bc:62:12:
98:ed:b8:e2:83:cd:8a:9b:1d:66:92:b8:37:cd:68:
b7:18:43:c7:fc:cc:22:92:35:09:10:63:e2:36:da:
f0:e2:85:4e:d0:be:80:60:e0:4f:73:2e:ef:c1:01:
dc:5d:ca:ee:a2:0e:44:cc:c1:1e:72:31:da:7c:5b:
d5:44:5e:f4:71:e0:fb:12:f3:39:ea:f5:1e:2f:70:
5b:4f:24:49:ee:1d:5a:b6:c8:7f:b5:90:41:ce:ec:
94:1c:20:94:b4:98:ce:5d:7e:45:43:91:3f:38:35:
17:1e:29:11:3c:c6:bb:e9:8c:6e:98:c8:fb:98:af:
34:01:d5:3b:3b:8f:88:1a:c6:ac:b0:18:4b:f5:c1:
2d:3f:84:7d:b1:8d:88:3e:a9:13:b8:a1:23:9a:bd:
22:a0:4e:87:77:f7:37:dc:c3:eb:57:d7:e8:f0:b1:
99:89:40:2d:3d:e2:51:28:c0:05:d7:cb:c4:b1:6a:
1b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1E:61:7A:F4:39:CE:A7:F3:17:D1:43:BF:A2:AA:04:32:DB:EA:41
X509v3 Authority Key Identifier:
keyid:C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/qh5hevQ5zqfzF9FDv6KqBDLb6kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/yNM1BBcYsYgwsfWMFdNRhRD-YRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.168.0/21
37.252.200.0/21
IPv6:
2a03:b7c0::/32
Signature Algorithm: sha256WithRSAEncryption
61:7b:ee:5d:18:5b:67:84:45:58:0e:7d:86:ba:58:fc:5a:30:
70:f2:e5:0a:e2:f7:79:f8:43:a8:26:8e:00:0c:43:b2:88:17:
e1:0e:e5:da:00:18:e7:68:4c:c7:d4:0c:b1:29:4f:d3:73:c2:
8b:51:53:e0:80:56:b4:d7:b2:04:39:b3:bd:88:53:48:21:a9:
7c:77:89:42:db:db:26:ab:0f:89:71:c1:d9:6a:79:c7:28:07:
a9:9f:63:cb:d7:b2:ce:73:b6:34:01:c9:e9:24:75:5b:3a:13:
bc:dc:9b:7f:8d:a0:be:30:eb:0c:49:e9:1d:f8:8f:3b:a5:ca:
0c:4f:6b:c0:3d:37:66:68:4c:51:9b:0e:6c:de:ce:f7:43:13:
06:ab:5d:1c:da:14:ff:fb:1d:ec:19:a7:36:eb:26:9a:9f:11:
97:80:09:c8:0f:05:08:af:32:38:4b:48:05:00:fc:78:88:d0:
56:5a:61:51:91:92:7e:27:60:10:35:4f:c2:a4:19:ef:2b:08:
29:ea:0d:11:97:1c:d8:1e:3f:04:b6:00:46:7c:0a:bf:74:b7:
20:ea:86:2a:d8:40:02:f0:42:a7:6c:ca:28:20:c6:d2:92:9c:
61:77:e1:f3:1a:63:f1:79:5f:df:6a:96:87:66:f7:6c:1a:02:
12:72:80:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuFB2/9xjH+JaMqETdjcAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDMzNTA0MTcxOGIxODgzMGIxZjU4YzE1ZDM1MTg1MTBm
ZTYxMTgwHhcNMjMwMTAxMTYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFlNjE3YWY0MzljZWE3ZjMxN2QxNDNiZmEyYWEwNDMyZGJlYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN0A/y6bk0NQRXz0pw+d31xNpEyA
o/PYWMJc8BA5WFswwtCRpf6AhiVAMvd72ThZWws8NJ1//o4rug/Mp1xfS4pVj133
kVm8YhKY7bjig82Kmx1mkrg3zWi3GEPH/MwikjUJEGPiNtrw4oVO0L6AYOBPcy7v
wQHcXcruog5EzMEecjHafFvVRF70ceD7EvM56vUeL3BbTyRJ7h1atsh/tZBBzuyU
HCCUtJjOXX5FQ5E/ODUXHikRPMa76YxumMj7mK80AdU7O4+IGsassBhL9cEtP4R9
sY2IPqkTuKEjmr0ioE6Hd/c33MPrV9fo8LGZiUAtPeJRKMAF18vEsWobdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKoeYXr0Oc6n8xfRQ7+iqgQy2+pBMB8GA1UdIwQY
MBaAFMjTNQQXGLGIMLH1jBXTUYUQ/mEYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5NMUJCY1lzWWd3c2ZXTUZkTlJoUkQtWVJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YTM0NGUtMGVkOC00MmIyLWE3NDQt
YTllODQ2ODcxMGEzLzEvcWg1aGV2UTV6cWZ6RjlGRHY2S3FCRExiNmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YTM0NGUtMGVkOC00MmIyLWE3NDQtYTllODQ2ODcxMGEz
LzEveU5NMUJCY1lzWWd3c2ZXTUZkTlJoUkQtWVJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJQGoAwQD
JfzIMA0EAgACMAcDBQAqA7fAMA0GCSqGSIb3DQEBCwUAA4IBAQBhe+5dGFtnhEVY
Dn2Gulj8WjBw8uUK4vd5+EOoJo4ADEOyiBfhDuXaABjnaEzH1AyxKU/Tc8KLUVPg
gFa017IEObO9iFNIIal8d4lC29smqw+JccHZannHKAepn2PL17LOc7Y0AcnpJHVb
OhO83Jt/jaC+MOsMSekd+I87pcoMT2vAPTdmaExRmw5s3s73QxMGq10c2hT/+x3s
Gac26yaanxGXgAnIDwUIrzI4S0gFAPx4iNBWWmFRkZJ+J2AQNU/CpBnvKwgp6g0R
lxzYHj8EtgBGfAq/dLcg6oYq2EAC8EKnbMooIMbSkpxhd+HzGmPxeV/fapaHZvds
GgIScoCU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:15 2024 by rpki-client on console-ams.rpki-client.org