Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/i6FSEzXhkr6BaLgBhxZ0v4RHW_g.roa
File: i6FSEzXhkr6BaLgBhxZ0v4RHW_g.roa (raw, json)
Hash identifier: r2hh8Ahm+n8s08S3tYQNNV0kDIlIV4NpusVxXElpTRk=
Subject key identifier: 8B:A1:52:13:35:E1:92:BE:81:68:B8:01:87:16:74:BF:84:47:5B:F8
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018CCA2A380CBDC92F2FC277E9BE2E5CD9CB
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/i6FSEzXhkr6BaLgBhxZ0v4RHW_g.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 37.128.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Apr 2024 02:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:38:0c:bd:c9:2f:2f:c2:77:e9:be:2e:5c:d9:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ba1521335e192be8168b801871674bf84475bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2d:38:ee:ab:4b:64:46:db:56:d7:80:2f:a4:
3a:6f:03:30:67:d5:99:1c:e2:0b:13:42:d6:82:49:
ef:4d:50:72:be:db:ca:9d:c1:96:9f:35:ef:f6:f7:
2e:c8:53:28:21:0d:63:b1:81:3e:2f:b9:9b:a5:75:
c1:d2:7a:d4:5c:ae:98:9b:cb:f4:74:a9:ea:c6:1f:
a6:88:f7:31:cc:02:32:f3:cf:94:b0:bd:f7:4f:6d:
1c:b3:79:b3:e6:3f:99:28:e9:7f:bb:d6:2a:97:25:
ea:5b:b1:31:f7:79:5a:5e:de:28:f9:ca:71:ce:fb:
20:3b:63:dc:7d:2d:a5:cd:8a:a4:5d:8b:fe:ac:72:
e4:00:ff:06:82:54:ef:48:7c:cd:14:7d:68:bd:b8:
17:6a:ce:90:b4:a1:e3:79:bb:9a:69:3d:a3:f2:75:
ed:5b:5a:1a:c9:4f:e3:76:69:9c:ec:d9:4b:98:6e:
fe:0c:19:a1:0c:98:5c:ba:b8:2f:a6:8d:fb:8b:fa:
61:44:34:bb:e3:3d:42:5c:7a:e1:95:f9:18:0f:c1:
cf:c1:fa:51:5e:dc:02:80:02:f9:ca:0f:4a:af:41:
68:f5:70:cd:04:fc:af:f4:9b:8a:5c:38:4a:a9:84:
0c:c6:5d:de:98:a4:1c:eb:10:82:44:65:82:39:63:
a4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A1:52:13:35:E1:92:BE:81:68:B8:01:87:16:74:BF:84:47:5B:F8
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/i6FSEzXhkr6BaLgBhxZ0v4RHW_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.254.0/23
Signature Algorithm: sha256WithRSAEncryption
67:c6:51:3c:cc:61:7f:6b:c7:7e:9a:65:77:62:e4:27:54:2a:
69:2a:6f:23:98:87:70:bb:79:0b:69:f0:dc:00:30:90:1a:b0:
1d:6f:35:78:bf:c2:4b:f5:71:91:87:ba:5f:42:d6:f2:82:09:
bf:7b:f5:49:d3:3d:35:3e:4d:2c:aa:a8:35:7d:6d:4e:33:af:
e1:e5:ee:89:ea:0e:d8:29:6f:20:9c:ad:0c:9b:e3:4d:d3:0e:
95:b8:59:9a:10:57:03:f9:a3:31:80:dc:7c:36:87:23:23:e6:
53:f7:d9:4d:c0:5a:ca:b4:78:fc:74:13:d3:c9:d7:8e:31:b5:
67:8b:31:9c:a0:18:f8:8c:e4:92:71:a0:00:5e:14:2f:3c:25:
01:cc:6e:d1:87:08:66:d8:46:c9:5f:00:a4:6b:4a:67:e6:92:
aa:bb:fa:3b:6e:3a:18:a8:a7:6b:18:94:30:74:7d:06:d4:af:
54:73:cf:9a:10:cf:f4:c4:3d:d8:c8:16:a0:27:29:ef:57:38:
82:cc:1a:7f:42:93:91:6f:b2:bf:47:9e:b9:b4:20:75:4a:93:
aa:d6:8c:93:78:a6:5f:78:ac:31:14:a7:ea:10:29:f3:ba:e0:
cf:73:d4:dc:52:6d:1a:9d:03:5f:2d:b5:37:92:32:11:f3:7c:
3c:95:c7:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKjgMvckvL8J36b4uXNnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmExNTIxMzM1ZTE5MmJlODE2OGI4MDE4NzE2NzRiZjg0NDc1YmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS047qtLZEbbVteAL6Q6bwMwZ9WZ
HOILE0LWgknvTVByvtvKncGWnzXv9vcuyFMoIQ1jsYE+L7mbpXXB0nrUXK6Ym8v0
dKnqxh+miPcxzAIy88+UsL33T20cs3mz5j+ZKOl/u9YqlyXqW7Ex93laXt4o+cpx
zvsgO2PcfS2lzYqkXYv+rHLkAP8GglTvSHzNFH1ovbgXas6QtKHjebuaaT2j8nXt
W1oayU/jdmmc7NlLmG7+DBmhDJhcurgvpo37i/phRDS74z1CXHrhlfkYD8HPwfpR
XtwCgAL5yg9Kr0Fo9XDNBPyv9JuKXDhKqYQMxl3emKQc6xCCRGWCOWOkrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuhUhM14ZK+gWi4AYcWdL+ER1v4MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvaTZGU0V6WGhrcjZCYUxnQmh4WjB2NFJIV19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJYD+MA0G
CSqGSIb3DQEBCwUAA4IBAQBnxlE8zGF/a8d+mmV3YuQnVCppKm8jmIdwu3kLafDc
ADCQGrAdbzV4v8JL9XGRh7pfQtbyggm/e/VJ0z01Pk0sqqg1fW1OM6/h5e6J6g7Y
KW8gnK0Mm+NN0w6VuFmaEFcD+aMxgNx8NocjI+ZT99lNwFrKtHj8dBPTydeOMbVn
izGcoBj4jOSScaAAXhQvPCUBzG7Rhwhm2EbJXwCka0pn5pKqu/o7bjoYqKdrGJQw
dH0G1K9Uc8+aEM/0xD3YyBagJynvVziCzBp/QpORb7K/R565tCB1SpOq1oyTeKZf
eKwxFKfqECnzuuDPc9TcUm0anQNfLbU3kjIR83w8lcdH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:50 2025 by rpki-client