Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/lIUunyMXTWa1nMh_9sKd3OlOxhc.roa
File: lIUunyMXTWa1nMh_9sKd3OlOxhc.roa (raw, json)
Hash identifier: ELbBSaiu7YrYV6eclVVYf88nY/OflTYKZlM4apbfnDI=
Subject key identifier: 94:85:2E:9F:23:17:4D:66:B5:9C:C8:7F:F6:C2:9D:DC:E9:4E:C6:17
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 019097F158F80E7FC0ECF7F4F5A50A5B58A1
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/lIUunyMXTWa1nMh_9sKd3OlOxhc.roa
Signing time: Tue 09 Jul 2024 14:41:34 +0000
ROA not before: Tue 09 Jul 2024 14:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207252
IP address blocks: 37.114.40.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 20:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:f1:58:f8:0e:7f:c0:ec:f7:f4:f5:a5:0a:5b:58:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jul 9 14:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94852e9f23174d66b59cc87ff6c29ddce94ec617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:49:d6:2f:6f:06:d7:e4:ee:cd:1e:d4:0a:92:
b8:2e:5d:a3:d2:27:af:06:b2:b2:c6:86:3f:03:8b:
2b:10:39:7b:0d:77:0b:b8:f9:51:6b:e3:9d:a5:7d:
c1:4d:b1:33:73:1f:cd:e4:d9:c9:8b:20:e3:e0:aa:
75:3e:23:df:4d:47:fa:31:b1:52:c9:e8:70:f4:9f:
e6:73:08:d0:c7:62:bc:ba:f9:15:d1:15:26:0a:16:
c1:31:5e:55:78:56:36:bf:7e:f0:66:79:51:0e:0c:
e4:e1:a4:b3:0d:22:fe:e9:9e:30:9e:09:e3:f6:b0:
8b:b8:11:55:ac:68:8c:47:fc:91:f7:ae:11:d2:2b:
89:12:59:9a:a4:80:72:83:ee:e1:43:f0:e4:56:44:
0f:a2:8e:a2:0b:ab:ed:bc:e0:be:6d:6d:9d:32:03:
35:f4:d8:58:7a:66:54:a3:70:dd:b7:75:6f:94:05:
0f:84:60:23:bb:e7:32:b6:0a:94:c8:6e:4d:cb:9c:
fb:c6:82:d6:ab:c2:e3:29:4d:52:a2:62:c9:b2:ec:
2a:bb:71:6c:66:07:08:ff:1f:ca:5e:38:5a:3d:68:
56:bc:d3:2c:e5:fd:31:74:1d:7f:00:91:c0:96:79:
bf:0b:4a:9b:21:a5:60:53:31:e5:d6:90:28:4a:38:
3a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:85:2E:9F:23:17:4D:66:B5:9C:C8:7F:F6:C2:9D:DC:E9:4E:C6:17
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/lIUunyMXTWa1nMh_9sKd3OlOxhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.40.0/24
37.114.58.0/24
43.251.161.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:1b:20:ff:94:20:5c:c7:04:1d:62:e2:f7:6d:fd:7c:ce:07:
c7:b7:2f:96:01:17:4b:f4:64:24:37:3e:c8:35:81:5b:b1:e2:
e8:a5:bf:b0:b1:4f:60:ef:8f:11:6a:0d:07:fe:b9:41:1b:40:
73:fd:be:96:50:1c:24:10:e8:9c:77:c3:80:e8:79:ba:1b:ed:
f9:03:78:ce:21:22:dd:49:20:71:a3:7e:9a:cd:8f:87:e5:90:
ac:ec:a5:2a:1a:00:8a:c5:3a:9f:22:24:4b:5f:0d:1b:3e:d2:
a4:1e:cb:ef:76:a0:9e:92:44:00:30:75:94:e1:81:40:80:d1:
ee:fa:cd:c9:4e:d6:24:69:0f:f6:4b:f1:b4:70:3f:44:66:2c:
48:6b:49:4d:49:a8:47:c4:ee:03:f9:a2:fb:6d:7c:22:aa:9c:
a0:8b:ed:1f:06:12:42:91:b3:3c:d9:c6:e5:a7:ac:47:a4:37:
92:a5:2d:74:0d:e7:db:ad:04:5d:2e:55:f3:3b:1e:55:ff:28:
92:97:28:85:74:f1:fb:a6:4c:57:f9:b0:65:c8:85:66:13:31:
48:1a:8a:a8:41:e9:11:87:56:74:4a:9b:7e:64:e1:ae:94:f7:
fb:ed:1a:b8:02:10:f0:49:d8:9d:b8:cf:0b:22:d2:fb:95:51:
54:71:9a:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCX8Vj4Dn/A7Pf09aUKW1ihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwNzA5MTQ0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDg1MmU5ZjIzMTc0ZDY2YjU5Y2M4N2ZmNmMyOWRkY2U5NGVjNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EnWL28G1+TuzR7UCpK4Ll2j0iev
BrKyxoY/A4srEDl7DXcLuPlRa+OdpX3BTbEzcx/N5NnJiyDj4Kp1PiPfTUf6MbFS
yehw9J/mcwjQx2K8uvkV0RUmChbBMV5VeFY2v37wZnlRDgzk4aSzDSL+6Z4wngnj
9rCLuBFVrGiMR/yR964R0iuJElmapIByg+7hQ/DkVkQPoo6iC6vtvOC+bW2dMgM1
9NhYemZUo3Ddt3VvlAUPhGAju+cytgqUyG5Ny5z7xoLWq8LjKU1SomLJsuwqu3Fs
ZgcI/x/KXjhaPWhWvNMs5f0xdB1/AJHAlnm/C0qbIaVgUzHl1pAoSjg6zQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJSFLp8jF01mtZzIf/bCndzpTsYXMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvbElVdW55TVhUV2Exbk1oXzlzS2QzT2xPeGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJXIoAwQA
JXI6AwQAK/uhMA0GCSqGSIb3DQEBCwUAA4IBAQB9GyD/lCBcxwQdYuL3bf18zgfH
ty+WARdL9GQkNz7INYFbseLopb+wsU9g748Rag0H/rlBG0Bz/b6WUBwkEOicd8OA
6Hm6G+35A3jOISLdSSBxo36azY+H5ZCs7KUqGgCKxTqfIiRLXw0bPtKkHsvvdqCe
kkQAMHWU4YFAgNHu+s3JTtYkaQ/2S/G0cD9EZixIa0lNSahHxO4D+aL7bXwiqpyg
i+0fBhJCkbM82cblp6xHpDeSpS10DefbrQRdLlXzOx5V/yiSlyiFdPH7pkxX+bBl
yIVmEzFIGoqoQekRh1Z0Spt+ZOGulPf77Rq4AhDwSdiduM8LItL7lVFUcZpb
-----END CERTIFICATE-----
Generated at Thu Aug 1 22:20:40 2024 by rpki-client on console-fra.rpki-client.org