Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/pBEZF1JWA_7vF1qse9kA8n6minY.roa
File: pBEZF1JWA_7vF1qse9kA8n6minY.roa (raw, json)
Hash identifier: Paas/aOdlCtH21psVkGHK/qaVhHHmSIkBHJEVN6jn2E=
Subject key identifier: A4:11:19:17:52:56:03:FE:EF:17:5A:AC:7B:D9:00:F2:7E:A6:8A:76
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018C1655AA7345B0D3D53C5F196B54907DFA
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/pBEZF1JWA_7vF1qse9kA8n6minY.roa
Signing time: Tue 28 Nov 2023 14:29:22 +0000
ROA not before: Tue 28 Nov 2023 14:29:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 37.114.35.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.44.0/23 maxlen: 24
103.252.89.0/24 maxlen: 24
103.252.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:55:aa:73:45:b0:d3:d5:3c:5f:19:6b:54:90:7d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Nov 28 14:29:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4111917525603feef175aac7bd900f27ea68a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a7:e4:12:2d:5e:ca:60:a1:32:52:de:e3:29:
cb:c4:29:9f:53:36:bb:c2:4c:78:04:64:8e:8f:e5:
eb:f3:8d:55:86:fb:fa:bb:cd:7b:27:15:da:7f:a9:
5d:a0:1d:93:a7:64:6b:49:b1:ed:63:3c:6b:2c:16:
10:bb:3d:c8:ca:df:7a:a7:92:ab:7d:70:2f:47:b7:
98:a4:62:64:1f:de:b0:e6:95:ba:6b:34:c8:be:47:
60:bf:b8:f7:24:d8:30:ae:c5:fb:34:c6:48:7d:63:
fe:78:ae:db:a1:b6:18:fd:8d:8d:a1:8e:fe:a2:9e:
8e:f5:b5:86:e1:4c:4f:ee:46:ff:6b:7c:9c:03:a7:
76:72:68:3a:ba:fc:90:89:55:55:e8:af:b4:c3:c1:
75:08:9d:60:4e:ed:5b:b0:1d:e5:7d:a9:82:18:79:
32:72:87:af:fc:e5:c6:33:0f:cb:43:9c:47:ec:cc:
54:e7:10:52:86:b7:e4:4f:b1:45:a9:db:a5:26:b4:
db:a6:20:24:54:02:a6:47:bb:83:0c:e3:0f:f1:9d:
7a:e4:ec:6c:82:6a:f9:4f:d1:6c:a8:0c:db:f5:fe:
b5:91:30:f5:68:56:f4:d5:e4:21:3b:b1:9d:95:ce:
c2:fa:43:86:57:6f:af:c3:18:66:0e:fd:bb:b5:92:
c0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:11:19:17:52:56:03:FE:EF:17:5A:AC:7B:D9:00:F2:7E:A6:8A:76
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/pBEZF1JWA_7vF1qse9kA8n6minY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.35.0/24
37.114.43.0-37.114.45.255
103.252.89.0-103.252.90.255
Signature Algorithm: sha256WithRSAEncryption
3d:a5:4a:da:e3:37:ea:24:bf:0a:8d:1f:4d:1d:54:43:93:95:
7c:ff:68:86:25:78:db:0b:c9:56:94:4e:21:1b:85:1d:f3:ee:
98:15:e6:67:23:94:c5:63:da:19:47:87:0c:7a:84:a3:ad:b5:
64:43:d2:ad:1b:31:46:6f:b9:4f:a1:05:24:b1:c1:3f:85:46:
33:0e:81:40:30:ee:4d:2c:ff:cb:64:35:fe:96:60:e5:f5:cb:
c1:fc:e4:b3:de:fd:b1:25:40:7b:30:6a:87:cc:c9:26:d4:97:
82:c6:05:1a:8d:02:b3:86:ad:02:6e:36:5a:b6:ba:99:ba:b7:
e1:07:25:c6:d1:05:29:f5:f7:c8:47:bb:e5:77:09:3f:c4:82:
75:68:ef:ec:12:77:06:b4:a3:9c:66:57:58:d0:35:7e:d2:70:
74:44:46:74:c8:ef:59:a8:3b:62:e7:60:e7:7d:a7:8e:c2:80:
e0:df:7a:5b:bf:ae:c3:a6:61:47:00:da:46:0e:9f:9f:2c:53:
83:4e:b7:81:05:02:de:c6:6b:3b:c1:09:d8:9e:d7:22:98:70:
e0:c9:97:fc:f1:65:8c:12:c5:cd:bd:82:8b:fb:bf:25:bc:e1:
f8:ea:d5:49:73:9b:52:c2:df:ed:22:dc:eb:b2:26:12:e6:47:
1a:3d:ee:63
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYwWVapzRbDT1TxfGWtUkH36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMxMTI4MTQyOTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDExMTkxNzUyNTYwM2ZlZWYxNzVhYWM3YmQ5MDBmMjdlYTY4YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6fkEi1eymChMlLe4ynLxCmfUza7
wkx4BGSOj+Xr841Vhvv6u817JxXaf6ldoB2Tp2RrSbHtYzxrLBYQuz3Iyt96p5Kr
fXAvR7eYpGJkH96w5pW6azTIvkdgv7j3JNgwrsX7NMZIfWP+eK7bobYY/Y2NoY7+
op6O9bWG4UxP7kb/a3ycA6d2cmg6uvyQiVVV6K+0w8F1CJ1gTu1bsB3lfamCGHky
coev/OXGMw/LQ5xH7MxU5xBShrfkT7FFqdulJrTbpiAkVAKmR7uDDOMP8Z165Oxs
gmr5T9FsqAzb9f61kTD1aFb01eQhO7Gdlc7C+kOGV2+vwxhmDv27tZLAzQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKQRGRdSVgP+7xdarHvZAPJ+pop2MB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvcEJFWkYxSldBXzd2RjFxc2U5a0E4bjZtaW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAJXIjMAwD
BAAlcisDBAElciwwDAMEAGf8WQMEAGf8WjANBgkqhkiG9w0BAQsFAAOCAQEAPaVK
2uM36iS/Co0fTR1UQ5OVfP9ohiV42wvJVpROIRuFHfPumBXmZyOUxWPaGUeHDHqE
o621ZEPSrRsxRm+5T6EFJLHBP4VGMw6BQDDuTSz/y2Q1/pZg5fXLwfzks979sSVA
ezBqh8zJJtSXgsYFGo0Cs4atAm42Wra6mbq34QclxtEFKfX3yEe75XcJP8SCdWjv
7BJ3BrSjnGZXWNA1ftJwdERGdMjvWag7Yudg532njsKA4N96W7+uw6ZhRwDaRg6f
nyxTg063gQUC3sZrO8EJ2J7XIphw4MmX/PFljBLFzb2Ci/u/Jbzh+OrVSXObUsLf
7SLc67ImEuZHGj3uYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org