Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/gjYOzWOlCjVMmOpcqnZbhUZEy2o.roa
File: gjYOzWOlCjVMmOpcqnZbhUZEy2o.roa (raw, json)
Hash identifier: gjvW/poQjgpAxUwT+24mjyEOUa1gG3d8VX+IBmZJ0Jo=
Subject key identifier: 82:36:0E:CD:63:A5:0A:35:4C:98:EA:5C:AA:76:5B:85:46:44:CB:6A
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018CC94E11EAF6E88413963227B3CAB5437E
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/gjYOzWOlCjVMmOpcqnZbhUZEy2o.roa
Signing time: Tue 02 Jan 2024 08:33:05 +0000
ROA not before: Tue 02 Jan 2024 08:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 43.251.163.0/24 maxlen: 24
43.251.162.0/24 maxlen: 24
37.114.32.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 15:59:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:11:ea:f6:e8:84:13:96:32:27:b3:ca:b5:43:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 2 08:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82360ecd63a50a354c98ea5caa765b854644cb6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f0:90:4e:32:40:07:13:95:85:97:f3:5b:37:
22:d7:ad:7a:ff:cf:64:69:cf:c7:df:77:4c:ee:ea:
2d:99:20:55:f4:28:43:5d:d5:18:9e:f5:4f:ba:ca:
e1:b3:bc:3c:0f:c0:4b:b0:d2:3d:fa:81:0e:ce:14:
cd:57:12:fd:b5:f6:94:2f:8d:c5:27:7f:28:90:e1:
ec:fc:c0:bd:59:ef:19:31:bf:d6:ea:a1:14:2d:55:
f2:00:9c:06:01:34:f5:76:cb:36:19:94:4e:fe:64:
af:1a:96:b9:75:c7:47:6e:c0:aa:6b:00:e8:99:89:
0b:0c:56:33:32:a6:0c:89:b1:4d:de:f8:f1:b8:5c:
4a:79:6f:15:41:02:1d:28:52:3d:ce:65:52:14:2f:
88:54:e9:51:43:c0:27:7a:43:ce:fc:20:58:5c:22:
6c:fb:9f:33:7d:6a:3f:47:c9:93:6b:2b:dc:f9:c5:
40:08:5a:f4:4d:f4:cd:f6:a9:2b:f6:af:02:b2:d8:
06:d5:ca:62:a3:5c:f9:13:92:ee:86:c2:9d:da:9b:
0d:f0:9b:d6:96:38:8e:05:bb:dd:61:c8:5f:d9:2c:
2e:0d:14:a2:3d:cc:27:1c:8f:9b:12:3f:e7:11:c2:
f0:4c:42:af:fa:35:3b:2a:dc:91:af:c9:34:47:1e:
27:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:36:0E:CD:63:A5:0A:35:4C:98:EA:5C:AA:76:5B:85:46:44:CB:6A
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/gjYOzWOlCjVMmOpcqnZbhUZEy2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/24
37.114.54.0/24
37.114.58.0/24
43.251.162.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:1d:0e:db:41:68:1a:67:b0:e0:15:69:1e:55:bf:af:18:bc:
8c:8c:8e:d3:6f:a2:52:2a:ef:51:c5:d3:96:20:80:8e:3c:fb:
65:19:ba:e6:6c:d2:3f:f4:98:74:9a:b7:4d:ee:db:28:b1:bb:
a9:3f:3a:94:87:1b:c9:20:c9:51:9d:b5:56:0b:b9:07:a7:57:
d4:e5:d8:18:b1:71:f3:d9:e2:12:91:b4:88:e0:4e:82:11:47:
45:75:0a:55:a3:28:72:5e:1f:ed:eb:6e:45:42:79:77:c4:2e:
63:34:00:ea:77:28:9f:88:27:aa:73:65:f4:2c:71:fa:22:e1:
42:6a:d2:a5:ea:97:b1:50:89:2d:89:12:40:67:3e:10:c5:8c:
54:f4:59:52:b8:7e:a4:1b:f2:f2:e4:a7:75:8c:2c:75:06:8d:
a5:0d:8c:b4:94:70:ef:32:ce:af:46:a9:cc:3e:14:06:14:69:
79:2b:28:fc:8e:8e:f8:cb:ac:bc:ff:fa:79:0b:ae:5e:8c:6c:
1a:6d:f7:e7:0a:11:42:4d:40:cb:02:96:9b:1e:b1:38:f9:be:
34:47:97:31:6c:c3:78:e6:e5:b9:aa:eb:3d:73:07:7e:1e:dc:
4d:f6:3b:99:b6:0f:7b:5f:9e:79:12:ce:93:25:ca:15:52:b8:
ed:1f:59:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJThHq9uiEE5YyJ7PKtUN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwMTAyMDgzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjM2MGVjZDYzYTUwYTM1NGM5OGVhNWNhYTc2NWI4NTQ2NDRjYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvCQTjJABxOVhZfzWzci1616/89k
ac/H33dM7uotmSBV9ChDXdUYnvVPusrhs7w8D8BLsNI9+oEOzhTNVxL9tfaUL43F
J38okOHs/MC9We8ZMb/W6qEULVXyAJwGATT1dss2GZRO/mSvGpa5dcdHbsCqawDo
mYkLDFYzMqYMibFN3vjxuFxKeW8VQQIdKFI9zmVSFC+IVOlRQ8AnekPO/CBYXCJs
+58zfWo/R8mTayvc+cVACFr0TfTN9qkr9q8CstgG1cpio1z5E5LuhsKd2psN8JvW
ljiOBbvdYchf2SwuDRSiPcwnHI+bEj/nEcLwTEKv+jU7KtyRr8k0Rx4nZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFII2Ds1jpQo1TJjqXKp2W4VGRMtqMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvZ2pZT3pXT2xDalZNbU9wY3FuWmJoVVpFeTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJXIgAwQA
JXI2AwQAJXI6AwQBK/uiMA0GCSqGSIb3DQEBCwUAA4IBAQCaHQ7bQWgaZ7DgFWke
Vb+vGLyMjI7Tb6JSKu9RxdOWIICOPPtlGbrmbNI/9Jh0mrdN7tsosbupPzqUhxvJ
IMlRnbVWC7kHp1fU5dgYsXHz2eISkbSI4E6CEUdFdQpVoyhyXh/t625FQnl3xC5j
NADqdyifiCeqc2X0LHH6IuFCatKl6pexUIktiRJAZz4QxYxU9FlSuH6kG/Ly5Kd1
jCx1Bo2lDYy0lHDvMs6vRqnMPhQGFGl5Kyj8jo74y6y8//p5C65ejGwabffnChFC
TUDLApabHrE4+b40R5cxbMN45uW5qus9cwd+HtxN9juZtg97X555Es6TJcoVUrjt
H1mk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org