Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/sQcWay3OJoejjVXOEfheNWR9c0w.roa
File: sQcWay3OJoejjVXOEfheNWR9c0w.roa (raw, json)
Hash identifier: 7czAJvxcPXYSnomh+BtGD90eZKWDiYRnRJ5ppNRGLFU=
Subject key identifier: B1:07:16:6B:2D:CE:26:87:A3:8D:55:CE:11:F8:5E:35:64:7D:73:4C
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01868F37F703C237641321ACC2CE04B612FB
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/sQcWay3OJoejjVXOEfheNWR9c0w.roa
Signing time: Sun 26 Feb 2023 19:34:14 +0000
ROA not before: Sun 26 Feb 2023 19:34:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47637
IP address blocks: 176.100.33.0/24 maxlen: 24
176.100.32.0/21 maxlen: 24
37.114.37.0/24 maxlen: 24
37.114.41.0/24 maxlen: 24
94.154.49.0/24 maxlen: 24
2a00:ccc4::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8f:37:f7:03:c2:37:64:13:21:ac:c2:ce:04:b6:12:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Feb 26 19:34:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b107166b2dce2687a38d55ce11f85e35647d734c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:93:8a:a0:28:bd:c7:b2:aa:15:4f:97:35:76:
80:f5:1e:ac:62:3c:81:2e:f4:5e:44:14:00:b4:eb:
0b:a1:59:c9:68:15:bd:ed:0d:ff:df:95:b6:36:4e:
29:a8:ce:25:35:8f:b1:40:13:18:98:ec:ea:e1:69:
fb:9e:39:00:77:3a:60:a2:39:2e:a4:77:d9:6a:b7:
ef:d3:d0:3c:6a:a4:b4:eb:f3:2f:c2:c2:ce:2e:0a:
57:78:b2:76:79:48:9b:9d:73:07:4b:51:a5:23:98:
d0:5b:ea:8f:10:4f:24:1d:00:e3:d7:d4:ac:a8:55:
c9:23:d6:02:13:94:f9:a3:f1:cc:19:b3:2e:d0:b3:
22:6c:7a:47:62:63:06:4d:f0:2a:32:5c:b9:32:cc:
3f:ef:8b:9e:7e:2b:1d:ff:cc:f5:3c:ca:bc:3f:d9:
b4:2f:80:75:94:4b:3a:c1:64:98:32:a4:fb:3b:3e:
7d:2e:f4:50:7c:9e:cd:7f:ce:e2:bd:7a:55:37:61:
9a:73:be:0d:fc:04:74:19:5c:1b:6d:a2:bf:24:06:
2e:1a:fa:21:ff:84:d7:13:0c:fc:23:f6:72:ec:95:
95:2f:33:74:e8:d4:1c:7d:aa:a3:85:a5:56:2e:25:
4f:97:e4:cf:92:4d:9c:36:9e:46:90:1d:50:0f:25:
90:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:07:16:6B:2D:CE:26:87:A3:8D:55:CE:11:F8:5E:35:64:7D:73:4C
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/sQcWay3OJoejjVXOEfheNWR9c0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.37.0/24
37.114.41.0/24
94.154.49.0/24
176.100.32.0/21
IPv6:
2a00:ccc4::/32
Signature Algorithm: sha256WithRSAEncryption
2d:81:26:ed:f3:eb:23:72:77:bd:95:f5:e8:24:76:96:fb:8d:
d0:35:1a:7c:cc:ac:76:ab:5c:33:11:3f:a1:43:5c:14:88:67:
19:db:2a:5d:7e:e9:bd:cd:a7:76:1e:05:5b:47:ba:2e:b5:1a:
91:f5:0c:23:c0:f1:71:19:4a:ea:73:ea:61:19:f9:ae:b5:ee:
15:02:a4:ff:d7:bf:35:a7:d5:85:cd:4c:ef:38:e5:43:73:5e:
fe:24:e3:89:3a:c2:0f:24:cf:14:f2:f7:d6:50:ee:db:8a:d7:
36:38:e6:02:00:54:23:da:b0:e0:f5:00:58:62:a4:a1:a1:6d:
70:6f:64:32:cd:27:91:95:e1:f8:f8:ca:f0:4f:2a:fb:fc:71:
f7:b1:34:c2:24:b3:53:73:e7:d0:68:2e:24:39:4c:8c:e8:50:
17:f7:a0:d6:b4:f2:d4:86:f1:50:7e:9d:53:4c:8c:ce:2c:6a:
c8:2a:df:03:9a:d3:6f:5d:31:75:68:5f:85:fb:b9:87:fd:b7:
3a:4b:13:1b:38:7c:d5:63:57:e6:2f:4f:43:b6:20:7f:14:60:
cb:09:cc:74:e6:e9:90:79:55:ac:c5:5a:78:7f:f5:1d:56:0f:
ce:f2:07:a8:92:fd:92:c9:b2:e1:19:6f:6e:43:8c:fa:d5:c4:
3f:68:53:56
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYaPN/cDwjdkEyGsws4EthL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwMjI2MTkzNDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA3MTY2YjJkY2UyNjg3YTM4ZDU1Y2UxMWY4NWUzNTY0N2Q3MzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpOKoCi9x7KqFU+XNXaA9R6sYjyB
LvReRBQAtOsLoVnJaBW97Q3/35W2Nk4pqM4lNY+xQBMYmOzq4Wn7njkAdzpgojku
pHfZarfv09A8aqS06/MvwsLOLgpXeLJ2eUibnXMHS1GlI5jQW+qPEE8kHQDj19Ss
qFXJI9YCE5T5o/HMGbMu0LMibHpHYmMGTfAqMly5Msw/74uefisd/8z1PMq8P9m0
L4B1lEs6wWSYMqT7Oz59LvRQfJ7Nf87ivXpVN2Gac74N/AR0GVwbbaK/JAYuGvoh
/4TXEwz8I/Zy7JWVLzN06NQcfaqjhaVWLiVPl+TPkk2cNp5GkB1QDyWQaQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLEHFmstziaHo41VzhH4XjVkfXNMMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvc1FjV2F5M09Kb2VqalZYT0VmaGVOV1I5YzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAJXIlAwQA
JXIpAwQAXpoxAwQDsGQgMA0EAgACMAcDBQAqAMzEMA0GCSqGSIb3DQEBCwUAA4IB
AQAtgSbt8+sjcne9lfXoJHaW+43QNRp8zKx2q1wzET+hQ1wUiGcZ2ypdfum9zad2
HgVbR7outRqR9QwjwPFxGUrqc+phGfmute4VAqT/1781p9WFzUzvOOVDc17+JOOJ
OsIPJM8U8vfWUO7bitc2OOYCAFQj2rDg9QBYYqShoW1wb2QyzSeRleH4+MrwTyr7
/HH3sTTCJLNTc+fQaC4kOUyM6FAX96DWtPLUhvFQfp1TTIzOLGrIKt8DmtNvXTF1
aF+F+7mH/bc6SxMbOHzVY1fmL09DtiB/FGDLCcx05umQeVWsxVp4f/UdVg/O8geo
kv2SybLhGW9uQ4z61cQ/aFNW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org