Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/LCydPpBgT6rkbKeNPJIXqg8NAEs.roa
File: LCydPpBgT6rkbKeNPJIXqg8NAEs.roa (raw, json)
Hash identifier: AK0GZpQvcTnFaGTxNfzrHPROXIy+X2tXqtvE9Aa2dAw=
Subject key identifier: 2C:2C:9D:3E:90:60:4F:AA:E4:6C:A7:8D:3C:92:17:AA:0F:0D:00:4B
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018CC94E10EBA838ABF843AD099073294B02
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/LCydPpBgT6rkbKeNPJIXqg8NAEs.roa
Signing time: Tue 02 Jan 2024 08:33:05 +0000
ROA not before: Tue 02 Jan 2024 08:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47637
IP address blocks: 176.100.33.0/24 maxlen: 24
176.100.32.0/21 maxlen: 24
37.114.37.0/24 maxlen: 24
37.114.41.0/24 maxlen: 24
94.154.49.0/24 maxlen: 24
2a00:ccc4::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 17 May 2024 20:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:10:eb:a8:38:ab:f8:43:ad:09:90:73:29:4b:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 2 08:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c2c9d3e90604faae46ca78d3c9217aa0f0d004b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a5:73:78:ea:ca:4d:e3:30:d7:d8:06:7a:4d:
0e:66:1c:a9:6c:49:57:1b:58:51:93:e9:f1:7f:48:
c9:81:2b:1f:31:db:6f:3a:3a:e6:da:14:79:33:2e:
89:05:19:1c:78:6e:32:3b:83:31:f7:77:4c:1c:56:
ad:80:2a:b8:75:40:69:fc:f7:08:22:55:32:b4:81:
52:a5:8a:3f:18:9c:d9:c6:0e:83:4b:54:d9:49:3e:
81:0c:68:49:d9:6e:8d:92:26:c9:b1:06:50:dd:21:
fb:4a:9a:44:27:7b:ea:51:ef:85:42:2b:61:d8:5a:
34:a5:02:3b:fb:cd:05:a5:3c:b0:ea:b7:0a:25:45:
83:f5:7a:b5:ec:30:43:55:9c:c7:c0:d9:db:2b:9f:
22:2a:d5:d4:a0:f3:59:f6:1a:2e:10:39:d8:eb:35:
79:1f:2c:37:44:97:d0:d3:fc:e8:b2:66:1d:17:19:
0c:fe:0d:51:ac:7a:85:61:f7:71:69:aa:11:be:2e:
d4:3b:c1:46:e4:58:5c:fa:16:8d:e3:ff:55:5e:3f:
59:36:73:e5:93:ea:bc:ee:78:85:d9:51:85:cd:56:
e0:b3:73:ea:d4:7a:8f:d2:e2:51:94:d5:dd:5c:b5:
35:72:fb:d7:ba:6a:d0:c4:01:d6:50:64:00:9e:f4:
aa:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:2C:9D:3E:90:60:4F:AA:E4:6C:A7:8D:3C:92:17:AA:0F:0D:00:4B
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/LCydPpBgT6rkbKeNPJIXqg8NAEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.37.0/24
37.114.41.0/24
94.154.49.0/24
176.100.32.0/21
IPv6:
2a00:ccc4::/32
Signature Algorithm: sha256WithRSAEncryption
4a:47:e2:cd:02:cf:f4:77:6f:f2:f4:1b:a0:c4:3f:02:04:78:
45:d6:87:6f:6c:4a:4e:4a:fe:51:b2:ea:84:ce:cc:9a:57:49:
f0:96:51:ad:89:86:3d:91:96:6a:01:3e:a1:f2:6a:47:7b:fc:
05:4b:1b:78:27:f3:42:de:cd:f6:f2:c6:eb:c3:d2:d5:a0:1d:
99:7a:ab:c0:32:17:ad:1a:82:b3:20:4f:af:4a:33:3c:2b:a3:
3a:03:ec:7b:67:35:b3:38:51:a4:dd:be:0e:cb:d4:7a:8e:f8:
53:6d:6f:81:61:2f:c9:26:fc:31:5d:aa:80:56:44:da:c9:9d:
c0:9c:d1:98:c5:e3:19:e0:a7:05:e2:3e:ec:fe:9d:0a:15:46:
cd:c8:8f:0b:85:c4:90:56:ca:10:5b:c9:6e:52:c3:10:23:5f:
85:25:24:00:a8:93:1f:d8:86:6c:95:71:97:46:70:58:4d:1b:
58:52:8b:27:77:25:5e:69:a2:f7:0d:e4:76:78:09:65:59:81:
0f:17:5d:47:05:5c:3a:a0:17:a7:5a:ce:e0:9a:b2:60:ff:5b:
02:d9:31:33:fb:56:dc:94:08:0c:a6:6a:f3:68:7a:81:5a:4e:
29:ae:d8:02:31:5e:43:82:de:67:66:b3:ab:0d:1e:c4:0f:ae:
1e:e4:6e:c7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJThDrqDir+EOtCZBzKUsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwMTAyMDgzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzJjOWQzZTkwNjA0ZmFhZTQ2Y2E3OGQzYzkyMTdhYTBmMGQwMDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaVzeOrKTeMw19gGek0OZhypbElX
G1hRk+nxf0jJgSsfMdtvOjrm2hR5My6JBRkceG4yO4Mx93dMHFatgCq4dUBp/PcI
IlUytIFSpYo/GJzZxg6DS1TZST6BDGhJ2W6NkibJsQZQ3SH7SppEJ3vqUe+FQith
2Fo0pQI7+80FpTyw6rcKJUWD9Xq17DBDVZzHwNnbK58iKtXUoPNZ9houEDnY6zV5
Hyw3RJfQ0/zosmYdFxkM/g1RrHqFYfdxaaoRvi7UO8FG5Fhc+haN4/9VXj9ZNnPl
k+q87niF2VGFzVbgs3Pq1HqP0uJRlNXdXLU1cvvXumrQxAHWUGQAnvSqowIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCwsnT6QYE+q5GynjTySF6oPDQBLMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvTEN5ZFBwQmdUNnJrYktlTlBKSVhxZzhOQUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAJXIlAwQA
JXIpAwQAXpoxAwQDsGQgMA0EAgACMAcDBQAqAMzEMA0GCSqGSIb3DQEBCwUAA4IB
AQBKR+LNAs/0d2/y9BugxD8CBHhF1odvbEpOSv5RsuqEzsyaV0nwllGtiYY9kZZq
AT6h8mpHe/wFSxt4J/NC3s328sbrw9LVoB2ZeqvAMhetGoKzIE+vSjM8K6M6A+x7
ZzWzOFGk3b4Oy9R6jvhTbW+BYS/JJvwxXaqAVkTayZ3AnNGYxeMZ4KcF4j7s/p0K
FUbNyI8LhcSQVsoQW8luUsMQI1+FJSQAqJMf2IZslXGXRnBYTRtYUosndyVeaaL3
DeR2eAllWYEPF11HBVw6oBenWs7gmrJg/1sC2TEz+1bclAgMpmrzaHqBWk4prtgC
MV5Dgt5nZrOrDR7ED64e5G7H
-----END CERTIFICATE-----
Generated at Fri May 17 21:15:30 2024 by rpki-client on console-ams.rpki-client.org