Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/_ygdJaScwM1ltlnNe1eoz3CL5PQ.roa
File: _ygdJaScwM1ltlnNe1eoz3CL5PQ.roa (raw, json)
Hash identifier: knXFCF5SMPEbfeGGI7kU9NgA6tEKNEKL1NkwrpsvO8Q=
Subject key identifier: FF:28:1D:25:A4:9C:C0:CD:65:B6:59:CD:7B:57:A8:CF:70:8B:E4:F4
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018CC94E1490313AC1331085C9EFEB68F258
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/_ygdJaScwM1ltlnNe1eoz3CL5PQ.roa
Signing time: Tue 02 Jan 2024 08:33:06 +0000
ROA not before: Tue 02 Jan 2024 08:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200482
IP address blocks: 43.251.163.0/24 maxlen: 24
43.251.162.0/24 maxlen: 24
37.114.61.0/24 maxlen: 24
37.114.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 12:20:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:14:90:31:3a:c1:33:10:85:c9:ef:eb:68:f2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 2 08:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff281d25a49cc0cd65b659cd7b57a8cf708be4f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b6:d0:07:3a:ed:b4:70:71:8f:da:8a:47:94:
f5:06:27:c3:25:d9:c4:ee:e1:dc:10:e0:f8:24:5f:
2a:96:c5:75:e8:fb:75:cb:ec:b5:9a:64:72:62:94:
ef:f7:30:77:6a:ca:41:cd:ed:1f:a6:f4:c1:04:d7:
53:5c:5b:e5:a0:31:83:8e:e1:b0:f1:f1:a8:c5:03:
b3:41:48:76:da:03:65:1b:c4:60:58:50:d6:73:51:
36:e4:b7:98:b8:20:0a:66:50:f7:0c:ea:2c:c4:ac:
c3:c2:39:81:73:52:1b:c2:c0:5b:9e:fd:1b:89:b7:
ee:e2:2b:2c:d9:92:19:8b:a2:37:b1:24:27:af:03:
13:93:43:91:09:19:b1:8f:45:60:51:40:e1:39:e4:
16:44:58:f6:53:25:97:f6:db:02:d4:30:0e:d9:28:
9f:85:55:96:6c:38:62:4d:41:c6:83:33:c2:72:1e:
48:3b:35:05:39:f2:40:71:e1:3e:dd:ae:01:25:73:
f6:91:14:7e:b8:a0:06:d1:19:6a:c3:2a:5c:13:40:
03:1e:84:f3:c7:cc:01:52:d0:2a:7f:89:5c:4f:92:
10:2c:b0:38:07:91:b4:31:1d:8a:f1:42:6b:80:e4:
d5:bc:86:7b:71:93:18:3a:e3:df:87:97:2c:97:34:
dd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:28:1D:25:A4:9C:C0:CD:65:B6:59:CD:7B:57:A8:CF:70:8B:E4:F4
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/_ygdJaScwM1ltlnNe1eoz3CL5PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.60.0/23
43.251.162.0/23
Signature Algorithm: sha256WithRSAEncryption
b9:57:e1:0b:bc:1c:94:82:6e:40:ac:d7:46:49:71:ac:a1:6b:
c0:37:eb:9c:4d:ee:85:a4:27:1f:4b:38:f6:0a:61:7a:5b:4f:
e0:f5:db:6c:f0:7a:bc:5c:70:d6:46:7d:19:d5:22:c1:c9:a1:
8d:3a:db:77:3d:a6:51:ca:4a:6b:5d:99:0d:58:03:a7:70:b5:
7b:75:ef:91:67:91:aa:be:60:04:0a:9f:ec:6f:52:74:f6:d8:
88:8b:52:dc:f2:ef:3d:b0:fc:a2:8f:ff:1b:54:9e:07:df:4c:
a8:46:43:7c:8b:72:5d:95:d5:a7:1a:bb:2d:1b:d7:82:f9:6d:
59:19:cb:27:71:d9:91:5b:05:9f:92:0a:84:17:98:ed:60:53:
a3:e7:fb:42:3a:da:31:30:7b:ee:78:05:4f:87:c7:ca:11:e5:
de:74:e4:a3:43:c5:af:9d:ee:2f:96:a6:bd:6f:b1:92:7d:7e:
6a:e1:c2:0e:2e:4f:cb:93:e5:ed:59:fd:25:2d:30:76:33:47:
1d:37:39:6f:0e:46:f8:30:1e:37:f9:01:da:48:41:f2:58:b6:
a5:05:e3:27:9f:7f:d8:2d:20:60:98:3d:de:fc:17:d1:1d:99:
33:ea:10:ac:29:87:b0:14:e6:c9:93:4a:58:ab:16:64:f7:ba:
00:81:28:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJThSQMTrBMxCFye/raPJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwMTAyMDgzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjI4MWQyNWE0OWNjMGNkNjViNjU5Y2Q3YjU3YThjZjcwOGJlNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67bQBzrttHBxj9qKR5T1BifDJdnE
7uHcEOD4JF8qlsV16Pt1y+y1mmRyYpTv9zB3aspBze0fpvTBBNdTXFvloDGDjuGw
8fGoxQOzQUh22gNlG8RgWFDWc1E25LeYuCAKZlD3DOosxKzDwjmBc1IbwsBbnv0b
ibfu4iss2ZIZi6I3sSQnrwMTk0ORCRmxj0VgUUDhOeQWRFj2UyWX9tsC1DAO2Sif
hVWWbDhiTUHGgzPCch5IOzUFOfJAceE+3a4BJXP2kRR+uKAG0RlqwypcE0ADHoTz
x8wBUtAqf4lcT5IQLLA4B5G0MR2K8UJrgOTVvIZ7cZMYOuPfh5cslzTdcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP8oHSWknMDNZbZZzXtXqM9wi+T0MB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvX3lnZEphU2N3TTFsdGxuTmUxZW96M0NMNVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJXI8AwQB
K/uiMA0GCSqGSIb3DQEBCwUAA4IBAQC5V+ELvByUgm5ArNdGSXGsoWvAN+ucTe6F
pCcfSzj2CmF6W0/g9dts8Hq8XHDWRn0Z1SLByaGNOtt3PaZRykprXZkNWAOncLV7
de+RZ5GqvmAECp/sb1J09tiIi1Lc8u89sPyij/8bVJ4H30yoRkN8i3JdldWnGrst
G9eC+W1ZGcsncdmRWwWfkgqEF5jtYFOj5/tCOtoxMHvueAVPh8fKEeXedOSjQ8Wv
ne4vlqa9b7GSfX5q4cIOLk/Lk+XtWf0lLTB2M0cdNzlvDkb4MB43+QHaSEHyWLal
BeMnn3/YLSBgmD3e/BfRHZkz6hCsKYewFObJk0pYqxZk97oAgShL
-----END CERTIFICATE-----
Generated at Thu Nov 7 17:43:10 2024 by rpki-client on console-ams.rpki-client.org