Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/PFPVmXk96OZR7Q6MCS1WTLwPQ7I.roa
File: PFPVmXk96OZR7Q6MCS1WTLwPQ7I.roa (raw, json)
Hash identifier: U9vBkRr5Jdd/xdXVol2SXjo80mqYw999o0EVPPcCCHs=
Subject key identifier: 3C:53:D5:99:79:3D:E8:E6:51:ED:0E:8C:09:2D:56:4C:BC:0F:43:B2
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018EAEFC3A2596145E99AB66E69CD64EF9A9
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/PFPVmXk96OZR7Q6MCS1WTLwPQ7I.roa
Signing time: Fri 05 Apr 2024 15:59:09 +0000
ROA not before: Fri 05 Apr 2024 15:59:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 37.114.32.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
43.251.162.0/24 maxlen: 24
43.251.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 May 2024 10:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:fc:3a:25:96:14:5e:99:ab:66:e6:9c:d6:4e:f9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Apr 5 15:59:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c53d599793de8e651ed0e8c092d564cbc0f43b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:39:21:b2:a9:a1:9d:06:56:ac:05:10:b0:62:
f1:90:88:a6:76:4d:ce:9e:27:63:c5:0f:13:8a:ca:
87:72:0e:f6:90:e4:8e:79:f8:3d:76:eb:fe:ee:b6:
36:99:c1:de:4b:66:33:97:ea:39:9b:9c:a5:94:ad:
1f:1b:31:87:2a:a1:99:5d:d4:71:d5:1a:33:94:e3:
17:38:7b:b2:4b:41:5b:1a:2c:6e:88:34:06:ac:03:
50:41:6f:66:d4:f9:a1:2e:62:6a:a2:00:e0:fe:db:
d2:79:82:b4:99:a5:a6:b6:38:e3:37:a0:4a:35:05:
f6:23:73:f6:4b:8b:20:6f:28:6d:e5:6f:dd:30:e7:
d4:51:53:ae:79:c2:86:4c:b9:57:36:d2:1d:9f:5d:
24:ab:06:c6:3e:a8:0e:22:6d:b7:b0:3b:47:3f:a6:
1c:7d:41:82:03:c9:c2:78:73:a0:86:a2:38:76:36:
b6:fd:a3:6c:77:4a:d5:9a:35:1b:5e:a2:75:56:41:
0b:f3:c0:8d:74:41:69:d7:e7:69:87:74:6a:d1:09:
30:d5:0e:af:89:2b:c4:cb:27:28:97:cf:46:0f:e0:
8f:17:81:a9:99:bc:20:2f:70:17:8f:bb:8c:74:df:
06:05:54:69:8a:ab:2b:e9:62:8c:92:36:e8:24:de:
83:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:53:D5:99:79:3D:E8:E6:51:ED:0E:8C:09:2D:56:4C:BC:0F:43:B2
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/PFPVmXk96OZR7Q6MCS1WTLwPQ7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/24
37.114.58.0/24
43.251.162.0/23
Signature Algorithm: sha256WithRSAEncryption
96:74:e2:2b:c3:c9:46:df:1b:a4:b8:89:65:88:e9:91:04:e3:
29:9c:4a:96:14:c9:5e:47:58:94:1b:f2:18:36:6c:5a:ca:15:
6c:05:4c:ca:c8:3f:67:b0:c7:a0:e7:1b:4d:e9:03:1c:1d:58:
9b:95:a6:7b:41:85:fe:b1:d9:5e:c2:38:fd:62:1f:b0:c9:ea:
12:c3:c1:d9:66:2f:53:40:2b:c2:c5:0b:e1:ff:f7:97:cc:03:
13:a1:eb:b0:5b:40:b0:38:3f:93:4b:2e:d3:7b:cf:c6:86:90:
91:fd:19:3b:16:db:8b:93:90:82:03:8c:bc:78:32:0a:9b:e0:
96:33:6d:10:68:62:49:cb:50:2b:62:6c:1c:7b:a7:60:27:53:
0e:c9:cb:c2:d5:23:15:dc:65:d7:16:a3:b9:30:33:e3:95:34:
5b:37:03:31:c9:57:1e:c8:66:86:a0:90:59:f9:d8:2f:08:8d:
ff:bb:c7:cd:0d:65:3d:fe:d3:1c:20:28:ad:c9:51:36:df:4d:
3d:16:f3:4c:23:9b:7e:00:03:7f:23:d8:2c:d5:7a:59:5c:96:
47:b5:8e:0b:d8:f4:d5:aa:37:71:ff:91:fa:9a:1f:40:a2:6b:
e9:ed:34:bf:84:8b:1d:0a:bd:16:17:e2:fe:85:99:d0:6b:6c:
bd:c4:1d:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6u/DollhRematm5pzWTvmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwNDA1MTU1OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUzZDU5OTc5M2RlOGU2NTFlZDBlOGMwOTJkNTY0Y2JjMGY0M2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDkhsqmhnQZWrAUQsGLxkIimdk3O
nidjxQ8TisqHcg72kOSOefg9duv+7rY2mcHeS2Yzl+o5m5yllK0fGzGHKqGZXdRx
1RozlOMXOHuyS0FbGixuiDQGrANQQW9m1PmhLmJqogDg/tvSeYK0maWmtjjjN6BK
NQX2I3P2S4sgbyht5W/dMOfUUVOuecKGTLlXNtIdn10kqwbGPqgOIm23sDtHP6Yc
fUGCA8nCeHOghqI4dja2/aNsd0rVmjUbXqJ1VkEL88CNdEFp1+dph3Rq0Qkw1Q6v
iSvEyycol89GD+CPF4GpmbwgL3AXj7uMdN8GBVRpiqsr6WKMkjboJN6DhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDxT1Zl5PejmUe0OjAktVky8D0OyMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvUEZQVm1Yazk2T1pSN1E2TUNTMVdUTHdQUTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJXIgAwQA
JXI6AwQBK/uiMA0GCSqGSIb3DQEBCwUAA4IBAQCWdOIrw8lG3xukuIlliOmRBOMp
nEqWFMleR1iUG/IYNmxayhVsBUzKyD9nsMeg5xtN6QMcHViblaZ7QYX+sdlewjj9
Yh+wyeoSw8HZZi9TQCvCxQvh//eXzAMToeuwW0CwOD+TSy7Te8/GhpCR/Rk7FtuL
k5CCA4y8eDIKm+CWM20QaGJJy1ArYmwce6dgJ1MOycvC1SMV3GXXFqO5MDPjlTRb
NwMxyVceyGaGoJBZ+dgvCI3/u8fNDWU9/tMcICityVE23009FvNMI5t+AAN/I9gs
1XpZXJZHtY4L2PTVqjdx/5H6mh9Aomvp7TS/hIsdCr0WF+L+hZnQa2y9xB33
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org