Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/0YIzaoHdJU_5DQNEIa-ynUDovS4.roa
File: 0YIzaoHdJU_5DQNEIa-ynUDovS4.roa (raw, json)
Hash identifier: ZfemyVTjwBNWqaFFLgZKloCVgOtPC6PC4HZBJbEcAcM=
Subject key identifier: D1:82:33:6A:81:DD:25:4F:F9:0D:03:44:21:AF:B2:9D:40:E8:BD:2E
Certificate issuer: /CN=a47c0ac8a9d5f62c491d4b17cb212b52c0e75607
Certificate serial: 018CCA2BB170E03D213B6B9BC24F751D3B3D
Authority key identifier: A4:7C:0A:C8:A9:D5:F6:2C:49:1D:4B:17:CB:21:2B:52:C0:E7:56:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHwKyKnV9ixJHUsXyyErUsDnVgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/0YIzaoHdJU_5DQNEIa-ynUDovS4.roa
Signing time: Tue 02 Jan 2024 12:35:10 +0000
ROA not before: Tue 02 Jan 2024 12:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58045
IP address blocks: 37.209.240.0/23 maxlen: 23
37.209.240.0/24 maxlen: 24
37.209.241.0/24 maxlen: 24
37.209.242.0/23 maxlen: 23
37.209.243.0/24 maxlen: 24
37.209.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:b1:70:e0:3d:21:3b:6b:9b:c2:4f:75:1d:3b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47c0ac8a9d5f62c491d4b17cb212b52c0e75607
Validity
Not Before: Jan 2 12:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d182336a81dd254ff90d034421afb29d40e8bd2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f0:e3:40:0e:df:2c:d0:d1:f8:40:91:8b:b0:
7b:fc:d9:6c:5c:fc:75:88:35:34:6a:55:46:53:9d:
3e:ee:02:cd:75:46:ad:ac:6f:76:18:a5:af:dd:ec:
6c:47:3a:2f:60:fb:11:02:4a:ae:d6:1d:86:f7:a4:
ce:fc:5e:b2:8f:3e:e1:76:49:7b:db:4a:38:a8:a0:
c9:b2:ff:e6:96:ad:dd:0f:d2:85:0e:ed:6c:74:33:
34:5e:91:31:a2:a5:70:68:e9:a6:5d:8f:f4:91:aa:
92:7b:db:05:ae:6b:42:88:fc:88:fc:34:8a:86:cf:
4a:bb:eb:29:f3:fa:5d:8b:5e:7f:80:70:20:ef:02:
82:9b:28:3f:f0:66:ef:6f:a0:9b:bb:b3:f6:e7:d6:
62:77:6f:15:cb:30:13:69:55:44:84:38:f0:e2:5e:
db:c3:77:3f:09:74:fb:6b:e4:f8:f3:65:47:16:ec:
f2:2b:e0:36:0e:8f:71:d2:82:8f:e7:85:07:bb:91:
67:54:55:f9:db:48:9a:45:22:58:aa:c7:65:e5:70:
22:cc:e5:7b:a6:95:e7:81:ca:3b:05:e3:89:ec:dc:
c1:fa:66:85:66:b8:6a:48:f8:71:48:6d:e6:77:54:
f4:6c:ed:aa:cc:ad:8a:38:cb:82:5e:68:1b:9a:5b:
b6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:82:33:6A:81:DD:25:4F:F9:0D:03:44:21:AF:B2:9D:40:E8:BD:2E
X509v3 Authority Key Identifier:
keyid:A4:7C:0A:C8:A9:D5:F6:2C:49:1D:4B:17:CB:21:2B:52:C0:E7:56:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHwKyKnV9ixJHUsXyyErUsDnVgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/0YIzaoHdJU_5DQNEIa-ynUDovS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/pHwKyKnV9ixJHUsXyyErUsDnVgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.240.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:e8:73:39:9c:80:07:7f:07:1e:df:ce:bd:df:9a:8d:cd:28:
05:a6:90:46:22:19:07:64:31:77:88:59:e7:76:12:75:40:0c:
42:c8:f8:ac:68:8b:f4:e8:94:cb:91:23:fa:e5:15:7e:a2:06:
71:b2:79:7f:47:fe:d3:c5:a5:59:8e:c4:a0:6a:01:42:9c:a7:
b0:64:f3:1e:c5:61:f5:6f:03:84:4e:e0:8c:c7:2b:43:a9:25:
78:e3:21:0b:6b:89:0b:04:6f:7a:06:0f:ef:66:ce:d5:4d:0c:
cf:63:9c:e7:8f:6f:1f:d2:15:a4:bb:3e:8c:5f:2e:4f:00:38:
28:b6:f6:1b:78:bc:26:ac:d5:17:f5:88:46:3b:15:1e:b2:6b:
59:e3:1b:4a:0f:3a:d1:eb:b2:df:ef:d8:e2:41:29:2e:12:77:
67:d1:52:c6:d4:9a:87:d5:a1:22:38:1d:19:8d:36:de:96:64:
48:c4:35:10:ce:08:a1:9a:67:ce:70:be:7a:73:c3:1d:c8:7b:
20:76:d5:2e:1f:3a:47:b9:3e:f2:7f:2d:06:7d:ff:c7:66:b9:
0f:00:d4:f7:26:67:e7:13:41:73:d2:9c:b1:25:17:87:12:6a:
6b:8d:11:79:4f:b1:53:36:39:9a:17:b8:fa:85:09:cb:48:b5:
12:e9:61:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK7Fw4D0hO2ubwk91HTs9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2MwYWM4YTlkNWY2MmM0OTFkNGIxN2NiMjEyYjUyYzBl
NzU2MDcwHhcNMjQwMTAyMTIzNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTgyMzM2YTgxZGQyNTRmZjkwZDAzNDQyMWFmYjI5ZDQwZThiZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivDjQA7fLNDR+ECRi7B7/NlsXPx1
iDU0alVGU50+7gLNdUatrG92GKWv3exsRzovYPsRAkqu1h2G96TO/F6yjz7hdkl7
20o4qKDJsv/mlq3dD9KFDu1sdDM0XpExoqVwaOmmXY/0kaqSe9sFrmtCiPyI/DSK
hs9Ku+sp8/pdi15/gHAg7wKCmyg/8Gbvb6Cbu7P259Zid28VyzATaVVEhDjw4l7b
w3c/CXT7a+T482VHFuzyK+A2Do9x0oKP54UHu5FnVFX520iaRSJYqsdl5XAizOV7
ppXngco7BeOJ7NzB+maFZrhqSPhxSG3md1T0bO2qzK2KOMuCXmgbmlu2XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGCM2qB3SVP+Q0DRCGvsp1A6L0uMB8GA1UdIwQY
MBaAFKR8Csip1fYsSR1LF8shK1LA51YHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEh3S3lLblY5aXhKSFVzWHl5RXJVc0RuVmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yNWM5MWQtNWEwNS00NmEyLTlhNzkt
NDIwY2MyNTFlNWViLzEvMFlJemFvSGRKVV81RFFORUlhLXluVURvdlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yNWM5MWQtNWEwNS00NmEyLTlhNzktNDIwY2MyNTFlNWVi
LzEvcEh3S3lLblY5aXhKSFVzWHl5RXJVc0RuVmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJdHwMA0G
CSqGSIb3DQEBCwUAA4IBAQCL6HM5nIAHfwce386935qNzSgFppBGIhkHZDF3iFnn
dhJ1QAxCyPisaIv06JTLkSP65RV+ogZxsnl/R/7TxaVZjsSgagFCnKewZPMexWH1
bwOETuCMxytDqSV44yELa4kLBG96Bg/vZs7VTQzPY5znj28f0hWkuz6MXy5PADgo
tvYbeLwmrNUX9YhGOxUesmtZ4xtKDzrR67Lf79jiQSkuEndn0VLG1JqH1aEiOB0Z
jTbelmRIxDUQzgihmmfOcL56c8MdyHsgdtUuHzpHuT7yfy0Gff/HZrkPANT3Jmfn
E0Fz0pyxJReHEmprjRF5T7FTNjmaF7j6hQnLSLUS6WH0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:21 2025 by rpki-client