Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/2pEJ0nfkMB4Ydw46zQaN2UBOEbE.roa
File: 2pEJ0nfkMB4Ydw46zQaN2UBOEbE.roa (raw, json)
Hash identifier: Tv5GXgdEVanBioit25z0M68T9Kh7eMvti+HiiOS6t+k=
Subject key identifier: DA:91:09:D2:77:E4:30:1E:18:77:0E:3A:CD:06:8D:D9:40:4E:11:B1
Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Certificate serial: 01856B49F2927EE96A4C7ECCD84DA10DD567
Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/2pEJ0nfkMB4Ydw46zQaN2UBOEbE.roa
Signing time: Sun 01 Jan 2023 03:04:46 +0000
ROA not before: Sun 01 Jan 2023 03:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 37.221.73.0/24 maxlen: 24
37.221.75.0/24 maxlen: 24
37.221.72.0/24 maxlen: 24
37.221.74.0/24 maxlen: 24
2a09:ea00:2::/48 maxlen: 48
2a09:ea00::/48 maxlen: 48
2a09:ea00:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 30 Oct 2023 10:26:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:49:f2:92:7e:e9:6a:4c:7e:cc:d8:4d:a1:0d:d5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Validity
Not Before: Jan 1 03:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da9109d277e4301e18770e3acd068dd9404e11b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9b:e4:5e:e3:d5:7f:df:a9:45:60:dd:31:9c:
34:4b:77:53:cc:97:37:5c:40:eb:43:d3:5f:08:19:
d7:bf:34:66:58:67:b6:41:3b:d4:9b:77:ca:59:96:
86:4a:bd:41:40:50:05:cf:d6:bd:e8:20:96:e9:c1:
d1:22:1c:5e:82:86:05:42:5d:70:18:b8:f5:cd:47:
7b:79:33:6e:b9:7b:4a:aa:77:0d:ef:0e:2c:96:f6:
d0:0f:09:b7:8f:54:a1:f9:c6:72:a3:1a:db:6c:61:
cf:d0:ff:4d:bc:7f:98:c0:d4:35:9e:75:82:1f:54:
3f:bc:64:0f:01:a1:b2:96:24:bd:5a:25:7a:1d:c5:
eb:3d:c9:06:67:2b:5c:f2:3c:76:d0:21:40:2d:6e:
4c:05:19:bb:5d:19:76:b4:06:48:49:22:17:90:cd:
e0:ae:a2:61:5d:26:05:70:f5:c7:fe:98:8c:49:b3:
6b:a5:60:fb:1c:87:a8:12:3e:59:af:8c:5e:98:17:
0b:e7:6e:c8:4c:3a:c1:14:32:a2:b3:c3:bb:3d:4e:
55:9b:48:4d:fd:f9:cc:8a:74:29:b6:4e:4f:25:43:
b6:50:66:06:37:d1:ba:c9:0b:02:79:8d:1b:2c:fb:
41:2d:0e:cf:74:bf:90:4c:f7:5b:32:ba:0e:a0:95:
89:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:91:09:D2:77:E4:30:1E:18:77:0E:3A:CD:06:8D:D9:40:4E:11:B1
X509v3 Authority Key Identifier:
keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/2pEJ0nfkMB4Ydw46zQaN2UBOEbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.72.0/22
IPv6:
2a09:ea00::-2a09:ea00:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:df:9e:99:bf:99:8b:1f:54:6e:bc:d0:b6:19:c4:8b:5b:1e:
31:bf:4c:71:64:c1:48:db:5e:53:cd:f7:79:44:e0:99:84:a3:
33:0a:28:68:0a:73:aa:eb:a7:ee:e4:20:b7:4b:cf:c7:7b:6a:
1a:22:d1:6f:46:ad:09:68:8d:bc:ec:65:b1:24:6f:89:89:9c:
fa:bc:6e:e8:95:73:4c:d6:2b:14:c1:be:0e:93:0c:f6:4a:4d:
ec:98:5c:45:c8:3b:94:ba:3f:97:d0:86:7c:0f:31:01:1b:fb:
e6:80:1a:3f:6c:36:64:71:ea:de:3d:47:5b:aa:54:4a:94:ee:
53:31:b5:c7:be:4c:f5:84:0b:99:51:42:c0:2c:d7:ab:60:34:
bb:96:3c:06:0a:33:37:e0:df:ac:c2:6a:e6:da:9a:e9:cc:ac:
48:4a:9c:a6:f2:61:4b:9b:1b:d4:8b:cc:ae:6e:e6:5e:53:bb:
0b:31:d6:1b:8c:3b:fe:73:b2:8a:1c:46:00:bb:61:52:c2:12:
46:fd:d9:73:0b:16:a7:c9:f2:14:90:d5:1f:ca:76:78:38:0b:
d5:05:f7:2c:ba:15:01:6e:b4:92:4a:05:a4:19:f3:4e:93:9f:
e3:59:bf:cd:1b:d6:70:e3:79:8a:01:6b:7c:15:1f:21:ad:86:
f6:ee:65:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVrSfKSfulqTH7M2E2hDdVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmN2Q4ODUzOTNiMzJiNWVlZTNhMGJmNDMzOGUwZmFhZWYz
Yzc1M2MwHhcNMjMwMTAxMDMwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTkxMDlkMjc3ZTQzMDFlMTg3NzBlM2FjZDA2OGRkOTQwNGUxMWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5vkXuPVf9+pRWDdMZw0S3dTzJc3
XEDrQ9NfCBnXvzRmWGe2QTvUm3fKWZaGSr1BQFAFz9a96CCW6cHRIhxegoYFQl1w
GLj1zUd7eTNuuXtKqncN7w4slvbQDwm3j1Sh+cZyoxrbbGHP0P9NvH+YwNQ1nnWC
H1Q/vGQPAaGyliS9WiV6HcXrPckGZytc8jx20CFALW5MBRm7XRl2tAZISSIXkM3g
rqJhXSYFcPXH/piMSbNrpWD7HIeoEj5Zr4xemBcL527ITDrBFDKis8O7PU5Vm0hN
/fnMinQptk5PJUO2UGYGN9G6yQsCeY0bLPtBLQ7PdL+QTPdbMroOoJWJ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqRCdJ35DAeGHcOOs0GjdlAThGxMB8GA1UdIwQY
MBaAFE99iFOTsyte7joL9DOOD6rvPHU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEt
YjE4ZGFjMmQyNTliLzEvMnBFSjBuZmtNQjRZZHc0NnpRYU4yVUJPRWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEtYjE4ZGFjMmQyNTli
LzEvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQCJd1IMBcE
AgACMBEwDwMEASoJ6gMHACoJ6gAAAjANBgkqhkiG9w0BAQsFAAOCAQEAQN+emb+Z
ix9UbrzQthnEi1seMb9McWTBSNteU833eUTgmYSjMwooaApzquun7uQgt0vPx3tq
GiLRb0atCWiNvOxlsSRviYmc+rxu6JVzTNYrFMG+DpMM9kpN7JhcRcg7lLo/l9CG
fA8xARv75oAaP2w2ZHHq3j1HW6pUSpTuUzG1x75M9YQLmVFCwCzXq2A0u5Y8Bgoz
N+DfrMJq5tqa6cysSEqcpvJhS5sb1IvMrm7mXlO7CzHWG4w7/nOyihxGALthUsIS
Rv3ZcwsWp8nyFJDVH8p2eDgL1QX3LLoVAW60kkoFpBnzTpOf41m/zRvWcON5igFr
fBUfIa2G9u5luQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org