Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/e0FD86VxLnRo3zatdLuxAF0z-RA.roa
File: e0FD86VxLnRo3zatdLuxAF0z-RA.roa (raw, json)
Hash identifier: /A0ujTroexx0we29zHWAtY4IKSnEKSWMUj0ffiSzpUI=
Subject key identifier: 7B:41:43:F3:A5:71:2E:74:68:DF:36:AD:74:BB:B1:00:5D:33:F9:10
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01856E01C283D727ACDB6107CC2506E68001
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/e0FD86VxLnRo3zatdLuxAF0z-RA.roa
Signing time: Sun 01 Jan 2023 15:44:47 +0000
ROA not before: Sun 01 Jan 2023 15:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 37.114.43.0/24 maxlen: 24
37.114.44.0/23 maxlen: 24
103.252.89.0/24 maxlen: 24
103.252.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 14:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:c2:83:d7:27:ac:db:61:07:cc:25:06:e6:80:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 15:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b4143f3a5712e7468df36ad74bbb1005d33f910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6d:57:a3:ce:f0:8a:56:2f:bc:4e:c3:78:56:
a7:4d:73:df:d4:93:6e:80:b7:0d:16:47:40:10:2d:
db:20:c7:57:fc:db:18:47:08:6d:84:8a:cc:7d:09:
55:eb:bb:85:d3:69:32:10:d6:7c:92:c8:67:5a:69:
9c:73:4c:fd:95:b0:a9:94:73:47:ae:3b:a2:90:60:
d7:ba:2e:35:32:ef:0b:35:41:61:e1:7d:5d:1b:95:
db:69:1f:5b:ae:b8:46:1a:c3:d1:f3:3d:77:18:28:
a9:0c:ba:13:5a:85:b1:7f:41:86:eb:5a:0c:08:6e:
bf:29:ee:c7:fd:56:a5:91:f4:6c:fb:22:4e:f0:53:
34:e6:e9:40:ec:1c:25:b2:5a:5f:b7:24:b4:ba:51:
6a:aa:2c:79:30:d5:c2:82:76:86:7c:a1:eb:dc:21:
39:91:bc:53:ee:4f:50:20:95:f9:f9:c2:75:e1:c1:
6b:9e:db:27:c8:d5:27:8f:c5:ea:39:33:39:e6:52:
1a:48:38:e2:f5:b7:3e:0b:07:4d:41:02:2b:0f:03:
cb:cf:12:44:ed:c9:44:3c:39:1e:96:49:51:3d:85:
e4:d5:b4:74:c6:9c:dd:b7:91:f0:1c:78:1e:99:16:
19:11:d0:dc:24:b4:10:bc:0f:70:1a:ad:27:37:10:
e3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:41:43:F3:A5:71:2E:74:68:DF:36:AD:74:BB:B1:00:5D:33:F9:10
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/e0FD86VxLnRo3zatdLuxAF0z-RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.43.0-37.114.45.255
103.252.89.0-103.252.90.255
Signature Algorithm: sha256WithRSAEncryption
35:cb:29:f2:ee:0c:cf:09:69:eb:f6:05:6b:f8:6a:57:61:0d:
2e:61:9c:71:18:13:1b:a2:63:13:94:98:04:9d:ff:27:9f:fb:
49:a5:81:df:dc:f6:f4:83:1f:a6:0f:01:04:82:63:29:e8:4c:
25:5e:bd:18:63:20:ac:39:1e:03:8f:bc:65:3c:db:4e:0c:02:
b1:c1:bd:67:7f:81:f0:8d:0b:23:93:ae:3d:c2:54:28:e1:79:
f5:78:b2:15:8a:dc:e8:d4:e6:9e:1c:19:6a:29:60:4f:86:b7:
b1:9d:24:84:94:03:df:9b:8f:71:2a:a5:d4:e1:c0:3d:30:f4:
6b:c4:ff:01:6f:9f:e9:51:91:22:c8:ba:c6:be:c7:85:9d:0f:
68:6a:aa:51:e4:fc:97:12:17:73:12:d9:0f:53:77:72:70:e6:
b4:4d:d4:25:1b:20:8e:ac:d1:68:3d:d8:46:bf:e2:a9:33:54:
e4:1b:42:6e:d3:fc:5f:87:b2:cd:41:41:39:74:b9:a0:47:b1:
70:76:29:a9:31:71:00:c0:21:53:18:45:e1:79:d5:f9:54:e8:
49:5b:57:c0:64:61:b2:96:5f:43:e9:28:ed:38:7d:ef:91:d3:
0a:a4:34:4c:0a:03:c1:63:f5:bc:6d:29:36:be:3d:38:c4:71:
ea:cb:04:53
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVuAcKD1yes22EHzCUG5oABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwMTAxMTU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQxNDNmM2E1NzEyZTc0NjhkZjM2YWQ3NGJiYjEwMDVkMzNmOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG1Xo87wilYvvE7DeFanTXPf1JNu
gLcNFkdAEC3bIMdX/NsYRwhthIrMfQlV67uF02kyENZ8kshnWmmcc0z9lbCplHNH
rjuikGDXui41Mu8LNUFh4X1dG5XbaR9brrhGGsPR8z13GCipDLoTWoWxf0GG61oM
CG6/Ke7H/ValkfRs+yJO8FM05ulA7BwlslpftyS0ulFqqix5MNXCgnaGfKHr3CE5
kbxT7k9QIJX5+cJ14cFrntsnyNUnj8XqOTM55lIaSDji9bc+CwdNQQIrDwPLzxJE
7clEPDkelklRPYXk1bR0xpzdt5HwHHgemRYZEdDcJLQQvA9wGq0nNxDjcwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHtBQ/OlcS50aN82rXS7sQBdM/kQMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvZTBGRDg2VnhMblJvM3phdGRMdXhBRjB6LVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAlcisD
BAElciwwDAMEAGf8WQMEAGf8WjANBgkqhkiG9w0BAQsFAAOCAQEANcsp8u4Mzwlp
6/YFa/hqV2ENLmGccRgTG6JjE5SYBJ3/J5/7SaWB39z29IMfpg8BBIJjKehMJV69
GGMgrDkeA4+8ZTzbTgwCscG9Z3+B8I0LI5OuPcJUKOF59XiyFYrc6NTmnhwZailg
T4a3sZ0khJQD35uPcSql1OHAPTD0a8T/AW+f6VGRIsi6xr7HhZ0PaGqqUeT8lxIX
cxLZD1N3cnDmtE3UJRsgjqzRaD3YRr/iqTNU5BtCbtP8X4eyzUFBOXS5oEexcHYp
qTFxAMAhUxhF4XnV+VToSVtXwGRhspZfQ+ko7Th975HTCqQ0TAoDwWP1vG0pNr49
OMRx6ssEUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org