Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/OAZ_rILKfWqHmCoFHLZsJfyAcfY.roa
File: OAZ_rILKfWqHmCoFHLZsJfyAcfY.roa (raw, json)
Hash identifier: jihVfLKxzRMD56iJ+fsTan8C5KCwIn6aoWVtWOUmlpY=
Subject key identifier: 38:06:7F:AC:82:CA:7D:6A:87:98:2A:05:1C:B6:6C:25:FC:80:71:F6
Certificate issuer: /CN=a47c0ac8a9d5f62c491d4b17cb212b52c0e75607
Certificate serial: 01856F392F7CEF7908B34C6F7523F73448D6
Authority key identifier: A4:7C:0A:C8:A9:D5:F6:2C:49:1D:4B:17:CB:21:2B:52:C0:E7:56:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHwKyKnV9ixJHUsXyyErUsDnVgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/OAZ_rILKfWqHmCoFHLZsJfyAcfY.roa
Signing time: Sun 01 Jan 2023 21:24:56 +0000
ROA not before: Sun 01 Jan 2023 21:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58045
IP address blocks: 37.209.240.0/23 maxlen: 23
37.209.240.0/24 maxlen: 24
37.209.241.0/24 maxlen: 24
37.209.242.0/23 maxlen: 23
37.209.243.0/24 maxlen: 24
37.209.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:2f:7c:ef:79:08:b3:4c:6f:75:23:f7:34:48:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47c0ac8a9d5f62c491d4b17cb212b52c0e75607
Validity
Not Before: Jan 1 21:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38067fac82ca7d6a87982a051cb66c25fc8071f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a5:46:ea:8c:c5:53:23:67:85:95:5f:7c:b8:
c0:b5:f2:29:df:d9:f4:99:d3:fe:2b:b0:f3:f7:18:
84:f4:85:4e:72:aa:0a:4a:00:13:b5:6c:c4:a0:a4:
b0:9c:0b:bc:c9:7a:67:3d:2a:54:de:81:91:f3:e9:
4f:ba:3f:4d:9e:68:fa:03:e2:23:02:92:8e:0a:07:
36:be:31:0d:6f:2e:1f:b9:a6:f5:80:87:06:6c:6f:
b5:b6:0f:5c:3c:cd:34:a6:73:41:01:fb:b1:17:9e:
b5:d3:c4:79:4d:66:1d:76:8e:87:5b:44:83:9c:7e:
7f:37:db:fd:ca:e7:f5:26:89:07:8e:19:47:96:c4:
3f:75:78:67:a8:64:f9:11:43:7a:1a:e0:a1:87:24:
ac:0d:41:88:fa:5c:27:01:28:2c:81:d5:5b:8c:5c:
69:fd:73:4f:6c:0a:31:5f:d6:57:bd:a1:b7:24:80:
0d:a9:61:9e:81:1d:44:59:a5:d2:54:3b:65:c8:64:
45:ae:58:6d:e6:f7:a3:fb:54:91:93:7c:e3:23:8f:
b5:f2:67:7f:e9:56:cd:42:63:40:58:11:11:27:aa:
e6:64:02:e7:f6:0d:99:06:e7:16:9a:49:5e:5c:5f:
ff:fe:71:66:56:29:80:55:d2:08:bd:2d:c6:a7:99:
0b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:06:7F:AC:82:CA:7D:6A:87:98:2A:05:1C:B6:6C:25:FC:80:71:F6
X509v3 Authority Key Identifier:
keyid:A4:7C:0A:C8:A9:D5:F6:2C:49:1D:4B:17:CB:21:2B:52:C0:E7:56:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHwKyKnV9ixJHUsXyyErUsDnVgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/OAZ_rILKfWqHmCoFHLZsJfyAcfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/pHwKyKnV9ixJHUsXyyErUsDnVgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.240.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:e3:47:c2:af:96:83:e2:25:d4:31:68:aa:08:94:8d:bd:d4:
57:1d:1d:2e:27:7b:1b:a2:10:34:75:81:0c:cf:b1:ff:e0:e6:
45:43:6b:e2:d0:fe:d0:8f:59:ff:0e:8b:55:cb:3e:16:4d:72:
9c:fc:f9:17:eb:7f:7a:c3:d5:23:94:15:38:8f:df:ca:b5:dc:
b0:69:c0:c7:fa:f2:fc:ce:a4:53:42:83:c6:b3:f2:a7:d1:f7:
66:17:e0:e8:3f:00:2e:64:69:da:62:23:7f:2b:ca:05:61:42:
b5:a7:b3:43:08:96:95:8a:68:2f:b9:45:9e:5b:f0:7d:5c:b9:
3a:37:0c:84:07:b8:29:5d:ee:55:82:44:b4:af:1b:12:dd:13:
11:b8:e7:c2:3c:de:b9:1f:48:31:18:93:31:1d:99:55:bd:bf:
43:05:e4:07:0d:52:76:a2:a1:5a:bb:65:93:2f:9a:d6:c3:4d:
f4:13:f4:de:df:a8:bc:51:6c:d9:c4:76:a6:3f:97:73:c2:2f:
11:58:d8:5c:07:ff:ed:23:99:ad:d0:b6:32:d4:61:4d:00:df:
e5:08:ca:96:8f:d1:9a:6a:4e:37:2f:d4:66:a3:7f:8d:1a:8c:
9d:95:c0:fd:0f:8a:52:ed:e4:65:2f:f2:01:02:70:4d:30:f6:
fe:3c:61:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOS9873kIs0xvdSP3NEjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2MwYWM4YTlkNWY2MmM0OTFkNGIxN2NiMjEyYjUyYzBl
NzU2MDcwHhcNMjMwMTAxMjEyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODA2N2ZhYzgyY2E3ZDZhODc5ODJhMDUxY2I2NmMyNWZjODA3MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aVG6ozFUyNnhZVffLjAtfIp39n0
mdP+K7Dz9xiE9IVOcqoKSgATtWzEoKSwnAu8yXpnPSpU3oGR8+lPuj9Nnmj6A+Ij
ApKOCgc2vjENby4fuab1gIcGbG+1tg9cPM00pnNBAfuxF56108R5TWYddo6HW0SD
nH5/N9v9yuf1JokHjhlHlsQ/dXhnqGT5EUN6GuChhySsDUGI+lwnASgsgdVbjFxp
/XNPbAoxX9ZXvaG3JIANqWGegR1EWaXSVDtlyGRFrlht5vej+1SRk3zjI4+18md/
6VbNQmNAWBERJ6rmZALn9g2ZBucWmkleXF///nFmVimAVdIIvS3Gp5kLzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgGf6yCyn1qh5gqBRy2bCX8gHH2MB8GA1UdIwQY
MBaAFKR8Csip1fYsSR1LF8shK1LA51YHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEh3S3lLblY5aXhKSFVzWHl5RXJVc0RuVmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yNWM5MWQtNWEwNS00NmEyLTlhNzkt
NDIwY2MyNTFlNWViLzEvT0FaX3JJTEtmV3FIbUNvRkhMWnNKZnlBY2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yNWM5MWQtNWEwNS00NmEyLTlhNzktNDIwY2MyNTFlNWVi
LzEvcEh3S3lLblY5aXhKSFVzWHl5RXJVc0RuVmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJdHwMA0G
CSqGSIb3DQEBCwUAA4IBAQCK40fCr5aD4iXUMWiqCJSNvdRXHR0uJ3sbohA0dYEM
z7H/4OZFQ2vi0P7Qj1n/DotVyz4WTXKc/PkX6396w9UjlBU4j9/KtdywacDH+vL8
zqRTQoPGs/Kn0fdmF+DoPwAuZGnaYiN/K8oFYUK1p7NDCJaVimgvuUWeW/B9XLk6
NwyEB7gpXe5VgkS0rxsS3RMRuOfCPN65H0gxGJMxHZlVvb9DBeQHDVJ2oqFau2WT
L5rWw030E/Te36i8UWzZxHamP5dzwi8RWNhcB//tI5mt0LYy1GFNAN/lCMqWj9Ga
ak43L9Rmo3+NGoydlcD9D4pS7eRlL/IBAnBNMPb+PGFv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:14 2024 by rpki-client on console-ams.rpki-client.org