Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/oDpCNAZYO2E77cHlvyVbNEfFYTQ.roa
File: oDpCNAZYO2E77cHlvyVbNEfFYTQ.roa (raw, json)
Hash identifier: ribGPm3/FseY2pvmxxRofQ0SbtoNxPvO8IvrpmrWk1Q=
Subject key identifier: A0:3A:42:34:06:58:3B:61:3B:ED:C1:E5:BF:25:5B:34:47:C5:61:34
Certificate issuer: /CN=614e19a2275816a28e5e80c8f9a28cc5a1d9c0d5
Certificate serial: 018CC3B68068103837CCD43DBF9DE6DD0966
Authority key identifier: 61:4E:19:A2:27:58:16:A2:8E:5E:80:C8:F9:A2:8C:C5:A1:D9:C0:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YU4ZoidYFqKOXoDI-aKMxaHZwNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/oDpCNAZYO2E77cHlvyVbNEfFYTQ.roa
Signing time: Mon 01 Jan 2024 06:29:26 +0000
ROA not before: Mon 01 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200551
IP address blocks: 37.157.31.0/24 maxlen: 24
77.73.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 05:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:80:68:10:38:37:cc:d4:3d:bf:9d:e6:dd:09:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614e19a2275816a28e5e80c8f9a28cc5a1d9c0d5
Validity
Not Before: Jan 1 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a03a423406583b613bedc1e5bf255b3447c56134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:85:e7:00:83:3d:c3:0e:30:cf:11:6d:13:88:
83:da:ce:40:04:bb:41:1a:d9:5b:1e:bc:af:e4:8d:
e1:3b:78:5a:77:92:38:54:d8:0c:0c:e4:08:d4:bf:
87:56:16:51:80:38:e1:44:7f:40:fb:e6:4e:d6:98:
89:d3:24:e8:ed:c2:75:e9:9e:8a:62:8b:12:1c:52:
9d:27:91:d3:c2:73:2e:5e:02:a2:2e:6a:15:81:07:
a5:fe:5c:b9:03:47:56:3b:9b:df:1c:4a:b2:9a:a4:
5c:10:4b:05:70:48:d5:53:d0:56:e9:55:bb:44:08:
a6:9b:8a:34:72:ec:85:f4:59:72:6d:2c:bd:51:97:
22:a4:4d:3c:ab:7a:78:71:f2:d8:4f:46:c7:ba:9a:
29:6a:e5:ba:00:27:27:e8:b8:4a:52:8a:80:00:13:
36:ff:27:12:42:8a:3a:43:0b:58:5e:a8:e1:e9:1c:
b8:b9:32:94:fe:97:53:8a:30:33:9e:77:33:88:59:
8d:c6:47:b5:94:e5:bb:94:be:50:6c:47:1f:c9:54:
0b:81:1d:44:1d:f7:30:12:a9:d4:58:81:67:b6:ae:
bb:ed:54:7a:8f:9a:0f:68:2c:a4:b0:bb:ff:54:5d:
08:88:04:39:d4:98:c2:62:d6:7b:2a:d9:23:e4:df:
9f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3A:42:34:06:58:3B:61:3B:ED:C1:E5:BF:25:5B:34:47:C5:61:34
X509v3 Authority Key Identifier:
keyid:61:4E:19:A2:27:58:16:A2:8E:5E:80:C8:F9:A2:8C:C5:A1:D9:C0:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YU4ZoidYFqKOXoDI-aKMxaHZwNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/oDpCNAZYO2E77cHlvyVbNEfFYTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e58e27-cafd-417c-95d0-870544caafab/1/YU4ZoidYFqKOXoDI-aKMxaHZwNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.31.0/24
77.73.95.0/24
Signature Algorithm: sha256WithRSAEncryption
03:05:f5:95:2b:4e:1b:ff:7f:ad:3a:ac:c7:2d:af:74:c7:c0:
0e:f3:bd:0c:fa:88:16:70:3a:bd:4d:33:1a:63:99:99:21:42:
5f:09:fa:7a:ba:cb:b9:c4:de:1c:80:d0:86:74:66:77:99:2c:
72:2d:7f:fd:2c:7f:9a:20:b8:dc:76:54:8d:7f:d1:01:95:a0:
2f:e8:d4:9f:66:f3:95:75:e2:7a:a7:5c:b8:90:df:d5:0e:d2:
88:cb:9d:74:5b:f1:1c:b1:86:83:f7:04:30:b4:dd:ff:82:72:
c5:37:fc:5b:d3:64:55:26:b8:f7:7a:10:2a:f9:bc:6a:a2:d7:
fd:9f:c3:5f:9a:51:8e:74:67:12:45:a2:d5:82:61:fb:fe:31:
b6:97:f0:5d:b2:32:75:75:7f:d0:d8:3a:cb:a6:00:e7:73:9a:
93:c1:5b:45:70:82:03:cf:91:2b:ae:d3:50:1d:59:d9:c1:42:
d8:f9:98:b7:43:c1:b0:33:99:4c:48:db:e1:bc:c6:26:96:e5:
64:25:e8:0d:0d:89:2d:14:87:2f:3c:5a:f1:36:e0:66:3d:6a:
2e:c3:2d:1a:1d:e1:65:a1:dd:94:50:b4:98:a5:a5:e0:f5:88:
88:4c:2c:a9:28:00:6f:07:ab:cf:27:33:61:80:96:f7:b8:0c:
fd:cf:6b:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtoBoEDg3zNQ9v53m3QlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGUxOWEyMjc1ODE2YTI4ZTVlODBjOGY5YTI4Y2M1YTFk
OWMwZDUwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNhNDIzNDA2NTgzYjYxM2JlZGMxZTViZjI1NWIzNDQ3YzU2MTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoXnAIM9ww4wzxFtE4iD2s5ABLtB
GtlbHryv5I3hO3had5I4VNgMDOQI1L+HVhZRgDjhRH9A++ZO1piJ0yTo7cJ16Z6K
YosSHFKdJ5HTwnMuXgKiLmoVgQel/ly5A0dWO5vfHEqymqRcEEsFcEjVU9BW6VW7
RAimm4o0cuyF9FlybSy9UZcipE08q3p4cfLYT0bHupopauW6ACcn6LhKUoqAABM2
/ycSQoo6QwtYXqjh6Ry4uTKU/pdTijAznncziFmNxke1lOW7lL5QbEcfyVQLgR1E
HfcwEqnUWIFntq677VR6j5oPaCyksLv/VF0IiAQ51JjCYtZ7Ktkj5N+f5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKA6QjQGWDthO+3B5b8lWzRHxWE0MB8GA1UdIwQY
MBaAFGFOGaInWBaijl6AyPmijMWh2cDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVU0Wm9pZFlGcUtPWG9ESS1hS014YUhad05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lNThlMjctY2FmZC00MTdjLTk1ZDAt
ODcwNTQ0Y2FhZmFiLzEvb0RwQ05BWllPMkU3N2NIbHZ5VmJORWZGWVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lNThlMjctY2FmZC00MTdjLTk1ZDAtODcwNTQ0Y2FhZmFi
LzEvWVU0Wm9pZFlGcUtPWG9ESS1hS014YUhad05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJZ0fAwQA
TUlfMA0GCSqGSIb3DQEBCwUAA4IBAQADBfWVK04b/3+tOqzHLa90x8AO870M+ogW
cDq9TTMaY5mZIUJfCfp6usu5xN4cgNCGdGZ3mSxyLX/9LH+aILjcdlSNf9EBlaAv
6NSfZvOVdeJ6p1y4kN/VDtKIy510W/EcsYaD9wQwtN3/gnLFN/xb02RVJrj3ehAq
+bxqotf9n8NfmlGOdGcSRaLVgmH7/jG2l/BdsjJ1dX/Q2DrLpgDnc5qTwVtFcIID
z5ErrtNQHVnZwULY+Zi3Q8GwM5lMSNvhvMYmluVkJegNDYktFIcvPFrxNuBmPWou
wy0aHeFlod2UULSYpaXg9YiITCypKABvB6vPJzNhgJb3uAz9z2vM
-----END CERTIFICATE-----
Generated at Tue Mar 12 08:57:28 2024 by rpki-client on console-ams.rpki-client.org