Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/3-NLTgyvgOq7MKIbe1v5icJqz8c.roa
File: 3-NLTgyvgOq7MKIbe1v5icJqz8c.roa (raw, json)
Hash identifier: QPTua7Nyp8tGhgGWlVLsJlzCfdMBTmtBwdmyunAIky4=
Subject key identifier: DF:E3:4B:4E:0C:AF:80:EA:BB:30:A2:1B:7B:5B:F9:89:C2:6A:CF:C7
Certificate issuer: /CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Certificate serial: 0194A7A79A21EFC117DCFED792E8B3E31B33
Authority key identifier: 90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/3-NLTgyvgOq7MKIbe1v5icJqz8c.roa
Signing time: Mon 27 Jan 2025 12:06:06 +0000
ROA not before: Mon 27 Jan 2025 12:06:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50411
IP address blocks: 37.130.8.0/24 maxlen: 24
37.130.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 12:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:a7:9a:21:ef:c1:17:dc:fe:d7:92:e8:b3:e3:1b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Validity
Not Before: Jan 27 12:06:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfe34b4e0caf80eabb30a21b7b5bf989c26acfc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7e:ba:b4:a8:6a:e9:a6:1e:f6:d5:76:5c:8f:
d5:6a:ae:a8:62:0e:33:f6:89:84:05:dc:35:10:35:
c0:1b:56:c8:fc:f4:58:22:b1:c4:17:ac:19:55:88:
99:a1:16:86:87:e7:02:31:c9:b9:8e:0e:88:31:6b:
ad:f0:1d:33:e3:69:21:6e:65:fd:b4:db:9c:df:09:
22:d5:27:24:94:ef:47:9e:ad:0d:d6:bb:d4:b9:0c:
8a:b4:85:56:75:16:0e:08:84:53:69:b0:78:dd:7e:
f2:d0:fc:f2:a1:3d:04:92:ac:15:28:dc:ac:f3:1d:
4f:0b:c6:4f:a2:fe:8d:01:a8:26:6e:31:75:ad:0f:
a6:3e:03:af:a6:5c:72:3b:2c:35:b3:95:d8:6e:b1:
1c:2c:dc:3c:41:1c:b5:f2:14:cf:bc:0c:94:11:28:
7b:ae:e8:ae:4b:be:7e:e3:15:73:4b:88:9e:85:38:
ef:a7:b7:1d:a0:0b:99:61:99:2f:be:df:98:0b:85:
4e:c0:d0:8f:98:06:32:b3:59:8d:78:f1:49:e1:b2:
d2:d2:ac:2e:83:c8:40:5d:45:65:18:ed:52:4d:95:
69:f6:ed:3b:5a:8c:85:a7:b3:c2:13:55:2b:5c:84:
71:53:f1:fe:1d:6d:13:74:86:dd:be:3e:f8:4b:f0:
46:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E3:4B:4E:0C:AF:80:EA:BB:30:A2:1B:7B:5B:F9:89:C2:6A:CF:C7
X509v3 Authority Key Identifier:
keyid:90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/3-NLTgyvgOq7MKIbe1v5icJqz8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.8.0/23
Signature Algorithm: sha256WithRSAEncryption
29:e2:89:c3:41:ae:9b:6d:29:16:1b:f4:3a:8f:cf:38:7c:e3:
8b:20:51:37:b9:f8:76:1c:e3:dd:94:2d:94:d5:9a:f9:c7:1d:
ba:21:05:3e:04:8c:84:62:80:4e:60:e4:0f:eb:7d:f7:0c:62:
b8:73:64:b1:62:f8:05:df:2a:7e:a2:84:9e:92:08:04:4d:76:
87:80:8a:99:1e:a4:7e:69:7a:ec:73:d5:21:f4:ba:57:45:0e:
42:c5:fb:f5:b1:7a:10:db:71:fc:4c:fd:1e:f0:1f:10:b4:c9:
9b:cd:c9:b3:44:50:af:dc:f2:ef:d4:66:86:d9:88:a1:12:75:
0b:00:3d:b6:d0:c4:13:a4:5c:0d:f3:63:61:64:89:3e:cd:13:
07:7c:2b:6b:97:56:48:95:73:bb:73:7a:13:71:16:7c:29:45:
72:12:44:bc:d7:9e:35:7b:cd:16:9e:38:c6:58:81:36:1b:75:
7a:92:c0:94:9f:39:5f:f3:2f:e0:06:bb:e0:09:70:50:fa:15:
01:3e:55:35:5a:fe:31:5a:c3:be:2d:2a:62:0f:07:92:59:56:
6f:42:f9:64:69:a9:7a:1e:72:74:5e:76:f9:92:2b:db:45:6d:
12:16:dc:eb:12:8a:4d:1b:93:ed:7e:cc:de:f1:af:59:af:5e:
de:26:de:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSnp5oh78EX3P7Xkuiz4xszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjhhMTU0NjZjM2ZmMWU5MTVkNzgwYTEwYjBiYWE5YWQ2
OTQ4NjAwHhcNMjUwMTI3MTIwNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmUzNGI0ZTBjYWY4MGVhYmIzMGEyMWI3YjViZjk4OWMyNmFjZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2366tKhq6aYe9tV2XI/Vaq6oYg4z
9omEBdw1EDXAG1bI/PRYIrHEF6wZVYiZoRaGh+cCMcm5jg6IMWut8B0z42khbmX9
tNuc3wki1ScklO9Hnq0N1rvUuQyKtIVWdRYOCIRTabB43X7y0PzyoT0EkqwVKNys
8x1PC8ZPov6NAagmbjF1rQ+mPgOvplxyOyw1s5XYbrEcLNw8QRy18hTPvAyUESh7
ruiuS75+4xVzS4iehTjvp7cdoAuZYZkvvt+YC4VOwNCPmAYys1mNePFJ4bLS0qwu
g8hAXUVlGO1STZVp9u07WoyFp7PCE1UrXIRxU/H+HW0TdIbdvj74S/BGnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/jS04Mr4DquzCiG3tb+YnCas/HMB8GA1UdIwQY
MBaAFJC4oVRmw/8ekV14ChCwuqmtaUhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDct
NzhlOTk3ODY5OTUyLzEvMy1OTFRneXZnT3E3TUtJYmUxdjVpY0pxejhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDctNzhlOTk3ODY5OTUy
LzEva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJYIIMA0G
CSqGSIb3DQEBCwUAA4IBAQAp4onDQa6bbSkWG/Q6j884fOOLIFE3ufh2HOPdlC2U
1Zr5xx26IQU+BIyEYoBOYOQP6333DGK4c2SxYvgF3yp+ooSekggETXaHgIqZHqR+
aXrsc9Uh9LpXRQ5Cxfv1sXoQ23H8TP0e8B8QtMmbzcmzRFCv3PLv1GaG2YihEnUL
AD220MQTpFwN82NhZIk+zRMHfCtrl1ZIlXO7c3oTcRZ8KUVyEkS81541e80WnjjG
WIE2G3V6ksCUnzlf8y/gBrvgCXBQ+hUBPlU1Wv4xWsO+LSpiDweSWVZvQvlkaal6
HnJ0Xnb5kivbRW0SFtzrEopNG5Ptfsze8a9Zr17eJt5i
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:05:46 2025 by rpki-client