Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/sVjW0sbj0pm6f0acu1fZAt7Hk-E.roa
File: sVjW0sbj0pm6f0acu1fZAt7Hk-E.roa (raw, json)
Hash identifier: nbKjLjhOQe6E6iyOM0BMMpYPaCmLAPmoVDHaUMzmGAs=
Subject key identifier: B1:58:D6:D2:C6:E3:D2:99:BA:7F:46:9C:BB:57:D9:02:DE:C7:93:E1
Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Certificate serial: 018BA4540819AE710EBD47D88681B3C16323
Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/sVjW0sbj0pm6f0acu1fZAt7Hk-E.roa
Signing time: Mon 06 Nov 2023 11:10:52 +0000
ROA not before: Mon 06 Nov 2023 11:10:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 37.221.73.0/24 maxlen: 24
37.221.72.0/24 maxlen: 24
37.221.72.0/22 maxlen: 24
2a09:ea00::/40 maxlen: 56
Validation: Failed, certificate revoked on Tue 14 Nov 2023 14:27:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:54:08:19:ae:71:0e:bd:47:d8:86:81:b3:c1:63:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Validity
Not Before: Nov 6 11:10:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b158d6d2c6e3d299ba7f469cbb57d902dec793e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a8:ba:1a:d1:8b:58:45:d1:7a:52:93:92:1e:
09:fa:4e:5d:6d:7e:49:f2:67:69:74:47:3a:60:a7:
56:a9:66:29:16:21:e6:a5:b0:20:ad:46:c7:a4:9c:
38:c5:a2:b3:b7:e0:a7:94:0b:5c:6f:56:01:4b:ab:
7a:8e:8f:e8:5e:76:c7:17:a8:eb:cb:17:56:81:f9:
52:c3:09:f4:81:7e:bc:07:97:5e:f8:ca:a9:30:92:
20:73:3a:22:2f:9b:38:e0:e5:2d:fb:70:26:d3:24:
cf:62:33:34:a4:44:fd:2f:b6:6d:14:00:05:af:d3:
1b:ae:64:2d:31:d0:cd:81:d3:0d:cb:33:b8:95:4c:
b5:36:45:09:1a:07:6e:57:8f:19:2b:d4:72:b3:96:
8d:80:03:e6:01:0a:63:40:b5:61:eb:5e:50:9e:48:
28:de:d0:6a:92:25:07:19:aa:24:4b:a7:14:29:f9:
79:29:77:70:56:83:3e:3f:ae:d7:08:97:9b:17:6d:
31:78:51:df:2e:4e:de:fa:9b:de:09:15:b4:5c:16:
63:43:59:5e:8c:95:d5:6c:16:c8:c2:ad:48:8d:6c:
49:dc:13:cc:7f:40:3c:5e:bb:ab:a1:a1:67:5d:6a:
6a:4f:86:99:2b:77:ce:8b:95:42:bb:23:00:82:0c:
4c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:58:D6:D2:C6:E3:D2:99:BA:7F:46:9C:BB:57:D9:02:DE:C7:93:E1
X509v3 Authority Key Identifier:
keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/sVjW0sbj0pm6f0acu1fZAt7Hk-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.72.0/22
IPv6:
2a09:ea00::/40
Signature Algorithm: sha256WithRSAEncryption
0c:5f:a0:59:7e:f2:cf:38:bb:6a:51:82:6c:76:a9:20:2d:bf:
d5:d7:3e:71:1c:2a:ad:f7:0f:c1:5c:b5:b6:1d:34:d7:3d:aa:
92:01:b2:09:40:af:ba:2f:c9:f3:9c:39:eb:17:7b:f4:15:79:
bc:0d:b8:25:41:33:23:c8:55:e8:0f:56:72:8d:2c:02:4e:11:
6e:46:9f:4b:67:a6:99:4d:7e:cd:be:b0:c6:be:d2:8d:ae:fc:
b4:62:2d:00:18:c4:10:4a:ea:b9:1f:aa:49:25:c8:04:cc:ff:
dd:c8:37:77:41:b4:ea:7b:6d:a4:f0:64:af:67:fe:9d:85:e6:
14:80:66:6f:be:16:9f:8d:0f:99:86:9b:c5:3a:86:71:d0:70:
a7:52:48:63:04:f9:71:37:93:7f:f5:e3:8d:23:2a:88:4f:19:
16:a2:b4:06:b3:e6:a3:0e:51:1c:7d:27:56:d1:6e:ee:13:ee:
78:e1:09:b4:25:13:7e:2d:66:45:ff:c3:fe:4c:5d:f2:9f:e0:
55:38:98:d1:82:df:88:6a:d7:54:07:62:b8:0a:23:62:37:2e:
a6:cf:24:44:06:14:4b:9e:76:15:de:c0:8c:f1:9b:7c:ab:ed:
cc:2f:6f:10:11:9d:57:c3:ac:8c:cb:29:ac:d9:6a:4f:70:75:
54:bd:36:31
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYukVAgZrnEOvUfYhoGzwWMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmN2Q4ODUzOTNiMzJiNWVlZTNhMGJmNDMzOGUwZmFhZWYz
Yzc1M2MwHhcNMjMxMTA2MTExMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTU4ZDZkMmM2ZTNkMjk5YmE3ZjQ2OWNiYjU3ZDkwMmRlYzc5M2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKi6GtGLWEXRelKTkh4J+k5dbX5J
8mdpdEc6YKdWqWYpFiHmpbAgrUbHpJw4xaKzt+CnlAtcb1YBS6t6jo/oXnbHF6jr
yxdWgflSwwn0gX68B5de+MqpMJIgczoiL5s44OUt+3Am0yTPYjM0pET9L7ZtFAAF
r9MbrmQtMdDNgdMNyzO4lUy1NkUJGgduV48ZK9Rys5aNgAPmAQpjQLVh615Qnkgo
3tBqkiUHGaokS6cUKfl5KXdwVoM+P67XCJebF20xeFHfLk7e+pveCRW0XBZjQ1le
jJXVbBbIwq1IjWxJ3BPMf0A8XruroaFnXWpqT4aZK3fOi5VCuyMAggxMVQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLFY1tLG49KZun9GnLtX2QLex5PhMB8GA1UdIwQY
MBaAFE99iFOTsyte7joL9DOOD6rvPHU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEt
YjE4ZGFjMmQyNTliLzEvc1ZqVzBzYmowcG02ZjBhY3UxZlpBdDdIay1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEtYjE4ZGFjMmQyNTli
LzEvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCJd1IMA4E
AgACMAgDBgAqCeoAADANBgkqhkiG9w0BAQsFAAOCAQEADF+gWX7yzzi7alGCbHap
IC2/1dc+cRwqrfcPwVy1th001z2qkgGyCUCvui/J85w56xd79BV5vA24JUEzI8hV
6A9Wco0sAk4RbkafS2emmU1+zb6wxr7Sja78tGItABjEEErquR+qSSXIBMz/3cg3
d0G06nttpPBkr2f+nYXmFIBmb74Wn40PmYabxTqGcdBwp1JIYwT5cTeTf/XjjSMq
iE8ZFqK0BrPmow5RHH0nVtFu7hPueOEJtCUTfi1mRf/D/kxd8p/gVTiY0YLfiGrX
VAdiuAojYjcups8kRAYUS552Fd7AjPGbfKvtzC9vEBGdV8OsjMsprNlqT3B1VL02
MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org