Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/ID87uc-nARr9YMhHJPEUoVsqClg.roa
File: ID87uc-nARr9YMhHJPEUoVsqClg.roa (raw, json)
Hash identifier: EN3mmmEvA7/iH5ewV2N0eyCL4lZ0aeh+SGdxLq91bt8=
Subject key identifier: 20:3F:3B:B9:CF:A7:01:1A:FD:60:C8:47:24:F1:14:A1:5B:2A:0A:58
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018D3A9750DBD644097E4CC5FAFAFECFBD8B
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/ID87uc-nARr9YMhHJPEUoVsqClg.roa
Signing time: Wed 24 Jan 2024 08:30:11 +0000
ROA not before: Wed 24 Jan 2024 08:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198484
IP address blocks: 37.26.144.0/21 maxlen: 21
37.26.144.0/24 maxlen: 24
37.26.145.0/24 maxlen: 24
37.26.146.0/24 maxlen: 24
37.26.147.0/24 maxlen: 24
37.26.148.0/24 maxlen: 24
37.26.149.0/24 maxlen: 24
141.226.132.0/24 maxlen: 24
2a03:c5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 03 Apr 2024 20:05:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:97:50:db:d6:44:09:7e:4c:c5:fa:fa:fe:cf:bd:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 24 08:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=203f3bb9cfa7011afd60c84724f114a15b2a0a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:45:9e:4e:6e:97:df:15:4e:8a:e7:d0:c2:79:
ed:40:c2:7b:12:93:96:ba:20:f6:3b:4d:11:c0:b8:
3b:75:de:54:6d:29:d5:8a:c9:c3:16:2a:6c:fd:77:
80:9a:76:31:72:2d:dc:59:16:2b:35:c2:9a:62:63:
1b:c2:93:94:b4:65:93:44:94:73:82:98:55:d9:bd:
e8:b5:c2:9b:2c:db:5e:61:f2:77:62:59:69:e2:99:
b2:c6:a0:e1:3c:e0:ad:db:e4:1a:d0:e2:e6:ea:1a:
38:6a:e3:11:c8:e3:ac:cf:86:c4:92:1a:8b:d8:b7:
0b:85:0c:b9:ca:97:bf:f7:75:b5:c8:e4:2d:b0:48:
1b:48:37:5d:26:24:8a:04:2e:b9:08:c0:2e:1d:b9:
8f:78:8b:6c:70:32:7f:41:7c:ec:7d:0d:11:c0:1c:
57:87:b3:85:c8:41:05:f7:95:13:1d:4c:10:dd:b0:
cf:d8:f9:dc:b9:42:d9:31:01:42:bc:1d:c3:4a:93:
13:19:1f:a5:14:17:cb:db:1e:31:5b:b1:34:eb:5c:
c9:63:fc:b4:cd:71:35:33:7a:4f:ab:3d:81:5f:d3:
11:2f:e9:38:e9:a4:f5:68:3f:b1:42:55:35:40:90:
f9:22:a9:51:ce:60:ee:a2:c6:0a:f5:d5:ff:ad:7e:
e3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3F:3B:B9:CF:A7:01:1A:FD:60:C8:47:24:F1:14:A1:5B:2A:0A:58
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/ID87uc-nARr9YMhHJPEUoVsqClg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
141.226.132.0/24
IPv6:
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
63:7e:ce:20:44:9b:3b:b7:91:88:8b:6d:4e:0a:7d:2a:fe:d0:
e4:ea:68:67:bc:44:b3:f4:f1:50:9b:10:79:e9:20:fe:22:51:
59:b0:2a:a2:fc:8f:a3:9b:df:c4:40:9e:89:82:57:c2:26:29:
d5:2e:52:bb:67:1d:1d:71:fc:65:f7:66:86:4e:74:75:f1:f0:
bb:9d:7a:0a:ff:97:15:9c:52:9d:ec:ed:19:d0:9b:54:7a:aa:
4e:ed:58:76:50:95:96:5c:25:9f:71:10:85:0f:97:70:20:8b:
10:dc:ba:ed:00:d5:16:7a:d8:56:be:20:6c:42:e2:49:e4:e6:
ce:d5:f2:17:f9:09:84:2f:6e:39:e8:e1:a9:36:86:94:ca:33:
f7:3f:0c:d4:70:ef:1f:10:92:59:b4:66:6d:4f:73:6a:9d:b1:
29:95:50:09:96:28:88:10:18:1f:7e:07:e6:93:2c:7d:6f:b5:
78:55:ea:ff:8c:fc:e4:c9:45:57:38:2a:c5:b7:8c:11:02:aa:
17:19:4a:92:5a:9d:a5:39:4e:fe:14:89:eb:ce:66:c4:86:d0:
3b:08:c3:33:6f:c7:07:8e:60:c7:c4:49:cd:ad:c7:b2:8a:de:
a8:b6:1f:20:d5:f9:bc:05:a5:82:aa:83:be:2a:a6:48:54:ee:
38:c7:11:37
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY06l1Db1kQJfkzF+vr+z72LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwMTI0MDgzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDNmM2JiOWNmYTcwMTFhZmQ2MGM4NDcyNGYxMTRhMTViMmEwYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEWeTm6X3xVOiufQwnntQMJ7EpOW
uiD2O00RwLg7dd5UbSnVisnDFips/XeAmnYxci3cWRYrNcKaYmMbwpOUtGWTRJRz
gphV2b3otcKbLNteYfJ3Yllp4pmyxqDhPOCt2+Qa0OLm6ho4auMRyOOsz4bEkhqL
2LcLhQy5ype/93W1yOQtsEgbSDddJiSKBC65CMAuHbmPeItscDJ/QXzsfQ0RwBxX
h7OFyEEF95UTHUwQ3bDP2PncuULZMQFCvB3DSpMTGR+lFBfL2x4xW7E061zJY/y0
zXE1M3pPqz2BX9MRL+k46aT1aD+xQlU1QJD5IqlRzmDuosYK9dX/rX7jcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCA/O7nPpwEa/WDIRyTxFKFbKgpYMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvSUQ4N3VjLW5BUnI5WU1oSEpQRVVvVnNxQ2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJRqQAwQA
jeKEMA0EAgACMAcDBQAqA8XAMA0GCSqGSIb3DQEBCwUAA4IBAQBjfs4gRJs7t5GI
i21OCn0q/tDk6mhnvESz9PFQmxB56SD+IlFZsCqi/I+jm9/EQJ6JglfCJinVLlK7
Zx0dcfxl92aGTnR18fC7nXoK/5cVnFKd7O0Z0JtUeqpO7Vh2UJWWXCWfcRCFD5dw
IIsQ3LrtANUWethWviBsQuJJ5ObO1fIX+QmEL2456OGpNoaUyjP3PwzUcO8fEJJZ
tGZtT3NqnbEplVAJliiIEBgffgfmkyx9b7V4Ver/jPzkyUVXOCrFt4wRAqoXGUqS
Wp2lOU7+FInrzmbEhtA7CMMzb8cHjmDHxEnNrceyit6oth8g1fm8BaWCqoO+KqZI
VO44xxE3
-----END CERTIFICATE-----
Generated at Wed Apr 3 23:24:09 2024 by rpki-client on console-ams.rpki-client.org