Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/T7PvUdEuOQWF3LCceOFVvGiMOYg.roa
File: T7PvUdEuOQWF3LCceOFVvGiMOYg.roa (raw, json)
Hash identifier: Rc9MNrbxaVWlwvB1IzjClsnuDKNGnhCEQMsakKVYCIk=
Subject key identifier: 4F:B3:EF:51:D1:2E:39:05:85:DC:B0:9C:78:E1:55:BC:68:8C:39:88
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018A1726F873D68E66F1A7CC3A9D368DB484
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/T7PvUdEuOQWF3LCceOFVvGiMOYg.roa
Signing time: Mon 21 Aug 2023 08:12:24 +0000
ROA not before: Mon 21 Aug 2023 08:12:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 95.82.0.0/21 maxlen: 24
176.221.24.0/21 maxlen: 24
37.128.252.0/22 maxlen: 24
37.128.252.0/23 maxlen: 23
37.128.248.0/22 maxlen: 24
37.128.254.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Aug 2023 06:53:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:26:f8:73:d6:8e:66:f1:a7:cc:3a:9d:36:8d:b4:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Aug 21 08:12:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fb3ef51d12e390585dcb09c78e155bc688c3988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f8:5b:8e:e3:58:8d:f3:7a:5d:76:7f:eb:57:
9d:69:9d:a1:da:97:cd:f0:f8:7c:91:53:6f:e4:7d:
04:1f:df:74:ec:48:4e:ac:36:a4:4f:7e:f9:7a:22:
f4:10:d2:3e:ea:17:c6:a2:55:9e:72:4b:c4:d7:40:
eb:c1:5c:78:f8:20:f1:66:ab:ff:35:7d:24:10:87:
8a:fd:f8:dc:a3:3e:72:de:6d:fd:c0:df:36:53:c1:
04:c5:df:e3:6e:a1:5f:0d:fb:ec:88:4e:e3:ed:80:
4c:fa:13:ff:38:32:d6:c9:42:5b:b1:64:ed:71:cf:
d4:47:48:a8:94:0b:24:8a:b8:86:56:12:41:a3:c6:
ef:80:f2:9e:a0:6f:d3:7b:5c:61:e7:2d:2f:86:e3:
b4:40:fe:88:f9:a9:b7:d0:04:af:19:4d:ed:ea:15:
05:40:bd:88:30:9b:8c:b7:f5:e2:c4:be:1f:bc:9c:
03:27:68:78:0d:1b:c0:cd:46:c5:68:44:03:be:f3:
58:b2:4f:13:30:f7:93:b1:86:01:d6:de:cd:2a:e9:
f7:bb:c6:b4:73:30:ed:ef:49:d9:17:46:1f:8c:09:
4b:9a:0c:f1:ed:8e:03:34:7b:b2:50:f9:d8:48:cf:
f5:d8:70:f9:7d:8f:6d:a4:a4:59:22:bc:4d:90:67:
9e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B3:EF:51:D1:2E:39:05:85:DC:B0:9C:78:E1:55:BC:68:8C:39:88
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/T7PvUdEuOQWF3LCceOFVvGiMOYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/21
95.82.0.0/21
176.221.24.0/21
Signature Algorithm: sha256WithRSAEncryption
70:8d:4a:52:7b:78:b7:c2:17:af:99:15:0c:5a:30:c2:a3:d8:
61:28:00:3d:ec:90:d2:fa:36:79:a1:e5:99:a8:5d:57:41:ff:
42:84:3e:ed:c8:44:c0:9e:ec:28:63:af:d7:af:59:80:32:b7:
4b:03:12:10:d0:70:f3:c9:d3:21:09:96:68:a1:d0:db:c7:62:
d6:28:29:d4:64:ad:13:82:47:73:ad:90:cb:58:4a:b7:a7:98:
5b:29:75:07:88:f1:98:42:23:f0:ad:dc:26:4a:87:47:75:b9:
a0:1b:12:33:17:46:9f:91:cd:09:57:04:79:30:0d:74:9a:68:
2b:3a:4b:88:93:85:a0:bc:b6:24:0c:d0:f5:c9:88:9a:8f:9e:
34:22:d8:c3:7a:71:68:2c:57:d4:b0:c7:7f:4b:82:cb:48:1a:
4e:8f:33:ff:4c:0a:bd:6a:80:3f:c2:39:da:98:53:2b:b4:36:
48:37:0c:7a:28:8b:5f:1e:a2:30:80:d8:f3:4f:e4:7e:11:00:
a8:03:69:3a:29:4d:44:68:96:11:81:00:28:f4:4d:d7:d5:1d:
54:88:1c:e9:54:04:12:0b:a4:d5:cf:f6:a6:0f:34:75:f3:fa:
c8:d6:0a:5f:ce:9e:4d:62:de:28:7f:39:61:aa:09:9c:09:ef:
0f:7d:35:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoXJvhz1o5m8afMOp02jbSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwODIxMDgxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmIzZWY1MWQxMmUzOTA1ODVkY2IwOWM3OGUxNTViYzY4OGMzOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvhbjuNYjfN6XXZ/61edaZ2h2pfN
8Ph8kVNv5H0EH9907EhOrDakT375eiL0ENI+6hfGolWeckvE10DrwVx4+CDxZqv/
NX0kEIeK/fjcoz5y3m39wN82U8EExd/jbqFfDfvsiE7j7YBM+hP/ODLWyUJbsWTt
cc/UR0iolAskiriGVhJBo8bvgPKeoG/Te1xh5y0vhuO0QP6I+am30ASvGU3t6hUF
QL2IMJuMt/XixL4fvJwDJ2h4DRvAzUbFaEQDvvNYsk8TMPeTsYYB1t7NKun3u8a0
czDt70nZF0YfjAlLmgzx7Y4DNHuyUPnYSM/12HD5fY9tpKRZIrxNkGeemQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE+z71HRLjkFhdywnHjhVbxojDmIMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvVDdQdlVkRXVPUVdGM0xDY2VPRlZ2R2lNT1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJYD4AwQD
X1IAAwQDsN0YMA0GCSqGSIb3DQEBCwUAA4IBAQBwjUpSe3i3whevmRUMWjDCo9hh
KAA97JDS+jZ5oeWZqF1XQf9ChD7tyETAnuwoY6/Xr1mAMrdLAxIQ0HDzydMhCZZo
odDbx2LWKCnUZK0TgkdzrZDLWEq3p5hbKXUHiPGYQiPwrdwmSodHdbmgGxIzF0af
kc0JVwR5MA10mmgrOkuIk4WgvLYkDND1yYiaj540ItjDenFoLFfUsMd/S4LLSBpO
jzP/TAq9aoA/wjnamFMrtDZINwx6KItfHqIwgNjzT+R+EQCoA2k6KU1EaJYRgQAo
9E3X1R1UiBzpVAQSC6TVz/amDzR18/rI1gpfzp5NYt4ofzlhqgmcCe8PfTXm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:24 2024 by rpki-client on console-ams.rpki-client.org