Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/cn8xdEhQnlxhWQGOLe7-obkvv4I.roa
File: cn8xdEhQnlxhWQGOLe7-obkvv4I.roa (raw, json)
Hash identifier: girU5+ujBAmTuat30sHLNs37mwCpL3LhcaNKPnl5Buw=
Subject key identifier: 72:7F:31:74:48:50:9E:5C:61:59:01:8E:2D:EE:FE:A1:B9:2F:BF:82
Certificate issuer: /CN=380b283a0513940d520a680b8b3d14dbc367770d
Certificate serial: 01856C4A4F994D8E07B69D5B55BF4D670402
Authority key identifier: 38:0B:28:3A:05:13:94:0D:52:0A:68:0B:8B:3D:14:DB:C3:67:77:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OAsoOgUTlA1SCmgLiz0U28Nndw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/cn8xdEhQnlxhWQGOLe7-obkvv4I.roa
Signing time: Sun 01 Jan 2023 07:44:47 +0000
ROA not before: Sun 01 Jan 2023 07:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210636
IP address blocks: 37.77.58.0/24 maxlen: 24
37.77.57.0/24 maxlen: 24
37.77.56.0/24 maxlen: 24
37.77.59.0/24 maxlen: 24
37.77.63.0/24 maxlen: 24
37.77.62.0/24 maxlen: 24
37.77.60.0/24 maxlen: 24
37.77.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:4f:99:4d:8e:07:b6:9d:5b:55:bf:4d:67:04:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380b283a0513940d520a680b8b3d14dbc367770d
Validity
Not Before: Jan 1 07:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=727f317448509e5c6159018e2deefea1b92fbf82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:63:90:ea:47:00:a1:da:63:19:be:22:6f:d8:
90:cf:d5:ae:73:6e:9f:38:05:41:58:b8:b6:db:24:
19:b0:37:80:42:f8:bd:a9:44:f2:e0:97:5f:f6:7e:
8b:cf:6a:a3:4e:ce:b6:ef:2a:a0:4f:09:08:1b:fc:
8d:be:75:25:42:a0:d7:36:d9:3e:79:d9:80:5c:f5:
2c:ab:54:25:0f:ba:bd:9d:28:5f:91:a5:31:45:10:
1e:14:9b:39:a0:5c:69:87:39:a1:e7:33:3c:05:0c:
3c:4e:1a:e2:20:87:49:8b:64:8c:d0:d9:0c:f4:79:
e3:24:ae:d2:9c:c4:06:2b:b5:b9:a5:aa:0d:e1:b2:
5a:21:ab:c4:37:f8:b2:09:0a:14:ee:ab:f1:10:db:
9e:0c:d9:e4:f5:3b:4f:16:46:0c:b9:8a:cd:f1:74:
9e:23:41:54:4d:18:9c:76:94:27:09:ee:5f:bf:14:
56:9d:5f:6e:01:c4:44:72:3f:dc:54:28:5f:53:95:
b0:3b:9c:c7:38:3c:74:3c:a8:86:60:37:b2:50:a3:
82:3a:b7:fd:1a:06:d5:a0:25:30:5f:69:d8:db:60:
12:d0:f5:00:60:27:70:59:49:c7:80:e7:f1:49:53:
98:02:65:9f:75:ed:e1:47:29:df:ba:75:be:84:36:
10:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7F:31:74:48:50:9E:5C:61:59:01:8E:2D:EE:FE:A1:B9:2F:BF:82
X509v3 Authority Key Identifier:
keyid:38:0B:28:3A:05:13:94:0D:52:0A:68:0B:8B:3D:14:DB:C3:67:77:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OAsoOgUTlA1SCmgLiz0U28Nndw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/cn8xdEhQnlxhWQGOLe7-obkvv4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c08e1e-f5bd-4a1a-8aba-ccf6454bb24c/1/OAsoOgUTlA1SCmgLiz0U28Nndw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.56.0/21
Signature Algorithm: sha256WithRSAEncryption
30:da:c2:b4:17:2f:36:a6:c0:81:a5:e7:70:ca:1d:54:53:f4:
f6:f3:63:08:7d:52:9f:19:de:36:af:d3:2b:ef:cf:d0:3c:41:
d7:b3:1c:a6:89:1a:31:0a:72:4a:b2:9a:d4:14:86:70:12:8a:
87:2f:68:43:64:21:e6:22:c3:25:a9:2f:67:26:3f:04:41:82:
1b:95:e8:d0:a7:7b:ca:82:d6:18:fd:be:6a:3a:36:6a:25:33:
e2:14:9c:6d:a6:ef:f3:1d:fd:44:3b:9f:42:15:8b:b3:e1:64:
1c:47:8c:d2:f7:e2:8d:b9:61:15:f9:ab:84:13:0e:25:69:b8:
b3:8b:d2:31:9f:ab:b9:a3:b3:37:6e:55:95:1f:9c:c9:73:30:
f5:c6:ba:7f:86:53:fd:c4:24:6a:0e:65:c3:2f:42:4e:4b:87:
ef:4f:0a:b6:b6:a5:82:71:72:86:cb:0c:6f:83:3f:ed:24:eb:
c8:e1:6a:c9:e0:7d:88:ad:94:d3:2d:74:d6:df:0d:9b:f8:e5:
9f:1e:10:21:11:2e:3d:cc:46:b0:a7:66:2c:ac:b3:b3:73:93:
5e:68:fa:87:f3:45:86:9b:c0:03:16:38:8d:90:65:1f:6d:89:
c9:09:ec:1e:09:60:07:e9:ca:d9:47:b2:64:aa:b3:18:5d:34:
f4:00:30:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSk+ZTY4Htp1bVb9NZwQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MGIyODNhMDUxMzk0MGQ1MjBhNjgwYjhiM2QxNGRiYzM2
Nzc3MGQwHhcNMjMwMTAxMDc0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdmMzE3NDQ4NTA5ZTVjNjE1OTAxOGUyZGVlZmVhMWI5MmZiZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWOQ6kcAodpjGb4ib9iQz9Wuc26f
OAVBWLi22yQZsDeAQvi9qUTy4Jdf9n6Lz2qjTs627yqgTwkIG/yNvnUlQqDXNtk+
edmAXPUsq1QlD7q9nShfkaUxRRAeFJs5oFxphzmh5zM8BQw8ThriIIdJi2SM0NkM
9HnjJK7SnMQGK7W5paoN4bJaIavEN/iyCQoU7qvxENueDNnk9TtPFkYMuYrN8XSe
I0FUTRicdpQnCe5fvxRWnV9uAcREcj/cVChfU5WwO5zHODx0PKiGYDeyUKOCOrf9
GgbVoCUwX2nY22AS0PUAYCdwWUnHgOfxSVOYAmWfde3hRynfunW+hDYQnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJ/MXRIUJ5cYVkBji3u/qG5L7+CMB8GA1UdIwQY
MBaAFDgLKDoFE5QNUgpoC4s9FNvDZ3cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Fzb09nVVRsQTFTQ21nTGl6MFUyOE5uZHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jMDhlMWUtZjViZC00YTFhLThhYmEt
Y2NmNjQ1NGJiMjRjLzEvY244eGRFaFFubHhoV1FHT0xlNy1vYmt2djRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jMDhlMWUtZjViZC00YTFhLThhYmEtY2NmNjQ1NGJiMjRj
LzEvT0Fzb09nVVRsQTFTQ21nTGl6MFUyOE5uZHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJU04MA0G
CSqGSIb3DQEBCwUAA4IBAQAw2sK0Fy82psCBpedwyh1UU/T282MIfVKfGd42r9Mr
78/QPEHXsxymiRoxCnJKsprUFIZwEoqHL2hDZCHmIsMlqS9nJj8EQYIblejQp3vK
gtYY/b5qOjZqJTPiFJxtpu/zHf1EO59CFYuz4WQcR4zS9+KNuWEV+auEEw4labiz
i9Ixn6u5o7M3blWVH5zJczD1xrp/hlP9xCRqDmXDL0JOS4fvTwq2tqWCcXKGywxv
gz/tJOvI4WrJ4H2IrZTTLXTW3w2b+OWfHhAhES49zEawp2YsrLOzc5NeaPqH80WG
m8ADFjiNkGUfbYnJCeweCWAH6crZR7JkqrMYXTT0ADAh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:49 2024 by rpki-client on console-fra.rpki-client.org