Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/v5lGJZJ1i-usVyw9r1prxZSV0rc.roa
File: v5lGJZJ1i-usVyw9r1prxZSV0rc.roa (raw, json)
Hash identifier: himBxTSaj0kVUNxFzn6ndxnWWgZcTctJqCMSn/OOnzg=
Subject key identifier: BF:99:46:25:92:75:8B:EB:AC:57:2C:3D:AF:5A:6B:C5:94:95:D2:B7
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 0190E3E21BAEABAACCEDCFC80953153FA12C
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/v5lGJZJ1i-usVyw9r1prxZSV0rc.roa
Signing time: Wed 24 Jul 2024 08:36:04 +0000
ROA not before: Wed 24 Jul 2024 08:36:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35766
IP address blocks: 37.130.200.0/23 maxlen: 24
37.130.204.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jul 2024 05:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e3:e2:1b:ae:ab:aa:cc:ed:cf:c8:09:53:15:3f:a1:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jul 24 08:36:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf99462592758bebac572c3daf5a6bc59495d2b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8a:04:a9:7b:24:17:ee:51:c2:2f:4f:cf:43:
2d:80:75:7d:69:2a:ff:c2:8d:ed:a8:fb:52:fb:5c:
99:25:d3:6a:92:c1:95:fc:02:03:7f:61:3c:f6:9d:
c5:04:e2:45:ba:c3:d1:c5:b2:49:9a:25:4f:6a:6b:
20:6f:72:07:5d:e8:c6:35:0e:85:86:b7:de:5c:a2:
b4:ab:f3:c5:c9:4c:a2:43:c5:e4:b3:e1:ea:67:7c:
cd:46:25:f1:2a:83:dc:fd:91:c1:18:28:05:2f:47:
f0:88:01:e5:a3:73:49:28:8b:7e:ed:51:72:71:ef:
f5:f5:64:45:ea:38:ff:53:19:e2:c6:38:34:c3:98:
fd:83:09:37:b9:37:7f:40:60:b2:03:f1:8c:ad:8c:
23:48:cd:23:59:68:49:cc:3b:af:a1:09:ab:c1:2f:
76:90:d7:6b:17:57:33:8d:39:d4:4a:80:90:cc:a3:
96:37:f4:8c:c5:a1:21:13:4d:eb:03:14:86:f3:1e:
ad:6f:ef:e2:50:bc:b0:f8:da:b2:8e:76:4a:1e:be:
7c:53:13:b8:1a:cb:c8:af:4f:e1:6a:94:cb:e7:ea:
06:26:8b:9f:19:b5:4b:e7:ae:eb:75:77:57:1d:ef:
21:d1:d4:bc:ce:72:58:08:ab:4b:1f:01:37:52:50:
27:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:99:46:25:92:75:8B:EB:AC:57:2C:3D:AF:5A:6B:C5:94:95:D2:B7
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/v5lGJZJ1i-usVyw9r1prxZSV0rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.200.0/23
37.130.204.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:49:29:b4:84:c9:c7:4b:03:a7:11:c1:be:87:f7:92:99:8f:
7b:19:1b:4e:0d:38:03:5a:3f:07:a0:f7:45:ce:7e:b6:ca:54:
d5:69:91:78:04:8f:d1:bf:21:6b:1f:ef:f2:c9:f0:4e:76:b8:
4c:f7:d1:dd:2f:89:41:a6:98:f2:d1:53:f9:67:57:64:0e:09:
18:05:cc:0f:90:73:e7:eb:04:e3:37:5d:34:3f:3b:71:1e:c4:
c2:7d:cc:2a:28:bf:26:37:3a:b1:0c:b3:a9:0c:98:c2:83:3c:
b6:50:d4:4a:5b:24:10:e5:e5:f3:9f:1b:06:5f:0b:2a:49:1d:
9d:50:86:f5:52:19:29:ef:4b:29:f7:e2:b6:31:99:d0:a6:9d:
5e:67:ae:10:ef:90:07:f1:dd:d3:f3:28:0b:f3:df:aa:dd:af:
0e:67:29:da:52:ae:c1:7c:6a:56:a7:04:b9:fb:25:d5:c1:dc:
c5:f9:86:f4:0a:0f:10:85:a3:8f:eb:fe:e5:37:bc:39:d5:af:
bf:15:6c:4e:02:89:dc:c3:08:3d:0f:9b:e8:08:a3:44:52:18:
c7:2e:5c:3e:2d:a3:f8:c7:75:30:24:ba:3e:57:f2:17:93:fa:
65:87:6a:a0:ff:3d:52:6e:51:2d:76:ed:87:82:7b:24:a3:da:
77:29:9d:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDj4huuq6rM7c/ICVMVP6EsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjQwNzI0MDgzNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjk5NDYyNTkyNzU4YmViYWM1NzJjM2RhZjVhNmJjNTk0OTVkMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4oEqXskF+5Rwi9Pz0MtgHV9aSr/
wo3tqPtS+1yZJdNqksGV/AIDf2E89p3FBOJFusPRxbJJmiVPamsgb3IHXejGNQ6F
hrfeXKK0q/PFyUyiQ8Xks+HqZ3zNRiXxKoPc/ZHBGCgFL0fwiAHlo3NJKIt+7VFy
ce/19WRF6jj/Uxnixjg0w5j9gwk3uTd/QGCyA/GMrYwjSM0jWWhJzDuvoQmrwS92
kNdrF1czjTnUSoCQzKOWN/SMxaEhE03rAxSG8x6tb+/iULyw+NqyjnZKHr58UxO4
GsvIr0/hapTL5+oGJoufGbVL567rdXdXHe8h0dS8znJYCKtLHwE3UlAn2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL+ZRiWSdYvrrFcsPa9aa8WUldK3MB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvdjVsR0paSjFpLXVzVnl3OXIxcHJ4WlNWMHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2EtNmJhMGEwY2UwMWVk
LzEvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJYLIAwQC
JYLMMA0GCSqGSIb3DQEBCwUAA4IBAQBrSSm0hMnHSwOnEcG+h/eSmY97GRtODTgD
Wj8HoPdFzn62ylTVaZF4BI/RvyFrH+/yyfBOdrhM99HdL4lBppjy0VP5Z1dkDgkY
BcwPkHPn6wTjN100PztxHsTCfcwqKL8mNzqxDLOpDJjCgzy2UNRKWyQQ5eXznxsG
XwsqSR2dUIb1Uhkp70sp9+K2MZnQpp1eZ64Q75AH8d3T8ygL89+q3a8OZynaUq7B
fGpWpwS5+yXVwdzF+Yb0Cg8QhaOP6/7lN7w51a+/FWxOAoncwwg9D5voCKNEUhjH
Llw+LaP4x3UwJLo+V/IXk/plh2qg/z1SblEtdu2Hgnsko9p3KZ29
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:53 2025 by rpki-client