Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/VlXN4wO7OKRbcd89FqYng5s8E0A.roa
File: VlXN4wO7OKRbcd89FqYng5s8E0A.roa (raw, json)
Hash identifier: PHHAQIYY5kXOyOQYFG1KNgBpFxfxpDRy1Sq+pKjVZEo=
Subject key identifier: 56:55:CD:E3:03:BB:38:A4:5B:71:DF:3D:16:A6:27:83:9B:3C:13:40
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018DC0FB2A17EE8639518114AF1B8DC0BECE
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/VlXN4wO7OKRbcd89FqYng5s8E0A.roa
Signing time: Mon 19 Feb 2024 10:48:22 +0000
ROA not before: Mon 19 Feb 2024 10:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.140.247.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 19:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:fb:2a:17:ee:86:39:51:81:14:af:1b:8d:c0:be:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 19 10:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5655cde303bb38a45b71df3d16a627839b3c1340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ca:30:9e:67:18:bd:e9:b5:fb:09:f7:f1:ff:
62:ac:c7:27:b9:ea:0b:b5:33:be:26:c2:6e:9e:30:
e2:82:c5:ea:07:19:78:32:04:88:0d:fc:5c:64:ef:
c4:e5:16:57:e1:8e:63:dc:13:f9:5c:24:d3:fd:59:
35:ce:4b:6c:05:88:fa:ec:87:dd:13:06:f8:a2:f6:
92:bb:ef:f8:0a:90:0e:aa:80:57:b2:a0:88:3c:e9:
1f:91:90:3d:e0:d0:a9:c9:91:79:fb:f2:f6:2f:22:
5c:42:91:66:9e:c9:d6:78:90:1f:c4:f9:18:34:cc:
99:1e:8b:53:c4:85:47:7b:5e:e9:62:0f:37:a5:71:
b4:68:c0:d6:e2:6a:75:aa:67:ea:e4:3d:cf:65:6e:
33:c6:02:ab:19:be:44:27:df:99:0c:09:a7:71:40:
d7:7f:e6:8e:54:de:dc:36:2d:27:68:fa:bc:b3:0b:
07:7f:d6:fa:60:bd:dc:b8:36:06:f1:3d:1d:00:f9:
38:a3:d6:e0:d3:06:08:d6:98:87:db:0b:cb:25:09:
43:2f:d8:0b:86:b7:ef:4e:a9:a3:b6:bc:f6:04:3e:
84:c7:b7:39:82:8f:50:b2:18:7e:9c:a5:73:be:2a:
6b:8b:b4:d9:44:c5:6b:13:8a:5c:50:78:c6:3a:0c:
40:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:55:CD:E3:03:BB:38:A4:5B:71:DF:3D:16:A6:27:83:9B:3C:13:40
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/VlXN4wO7OKRbcd89FqYng5s8E0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.247.0/24
89.34.106.0/24
89.35.129.0/24
89.40.215.0/24
91.132.51.0/24
93.114.183.0/24
128.0.41.0/24
Signature Algorithm: sha256WithRSAEncryption
89:1b:99:9c:1c:8b:1d:19:70:2a:95:af:ff:d6:32:ca:87:ac:
98:b6:3d:a6:32:2e:dd:ea:47:90:78:7d:31:a5:fe:c7:fa:13:
1c:fd:9d:54:c3:ac:bf:03:0c:01:3e:35:56:4b:7e:ca:e9:d9:
55:04:a6:db:56:42:f2:20:29:4f:37:be:13:a0:bd:5a:db:34:
ad:3f:c4:c8:34:12:2c:93:45:66:a8:6b:5b:83:59:c5:e3:ff:
e8:97:ae:98:6d:28:78:e8:1b:67:4b:69:2c:3b:26:ed:54:e3:
dc:30:3d:53:26:2d:5c:85:11:55:24:3e:d5:b0:6c:d8:0a:dc:
9e:86:06:e9:a8:82:34:92:cb:9f:12:1c:2e:c9:71:a7:f2:4d:
7d:45:fd:41:fd:fa:41:00:92:99:5e:1c:82:55:94:95:6b:5f:
49:f5:4a:05:4c:18:4e:f3:f6:cc:79:0e:1d:f9:40:b8:69:0f:
41:e3:fa:76:e7:74:fd:5a:39:26:11:f9:8d:7f:23:97:db:55:
16:f8:11:69:bf:dd:c7:01:61:a7:36:7c:05:13:a7:e6:57:9b:
fd:27:5b:99:3d:f8:01:d3:15:94:06:96:f9:25:20:c2:1d:73:
ff:3d:15:00:9b:3a:f4:cb:0d:32:55:3d:37:d7:f1:cc:3e:d5:
7c:c3:fa:b1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY3A+yoX7oY5UYEUrxuNwL7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMjE5MTA0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjU1Y2RlMzAzYmIzOGE0NWI3MWRmM2QxNmE2Mjc4MzliM2MxMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8ownmcYvem1+wn38f9irMcnueoL
tTO+JsJunjDigsXqBxl4MgSIDfxcZO/E5RZX4Y5j3BP5XCTT/Vk1zktsBYj67Ifd
Ewb4ovaSu+/4CpAOqoBXsqCIPOkfkZA94NCpyZF5+/L2LyJcQpFmnsnWeJAfxPkY
NMyZHotTxIVHe17pYg83pXG0aMDW4mp1qmfq5D3PZW4zxgKrGb5EJ9+ZDAmncUDX
f+aOVN7cNi0naPq8swsHf9b6YL3cuDYG8T0dAPk4o9bg0wYI1piH2wvLJQlDL9gL
hrfvTqmjtrz2BD6Ex7c5go9Qshh+nKVzvipri7TZRMVrE4pcUHjGOgxA0wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFZVzeMDuzikW3HfPRamJ4ObPBNAMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvVmxYTjR3TzdPS1JiY2Q4OUZxWW5nNXM4RTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJYz3AwQA
WSJqAwQAWSOBAwQAWSjXAwQAW4QzAwQAXXK3AwQAgAApMA0GCSqGSIb3DQEBCwUA
A4IBAQCJG5mcHIsdGXAqla//1jLKh6yYtj2mMi7d6keQeH0xpf7H+hMc/Z1Uw6y/
AwwBPjVWS37K6dlVBKbbVkLyIClPN74ToL1a2zStP8TINBIsk0VmqGtbg1nF4//o
l66YbSh46BtnS2ksOybtVOPcMD1TJi1chRFVJD7VsGzYCtyehgbpqII0ksufEhwu
yXGn8k19Rf1B/fpBAJKZXhyCVZSVa19J9UoFTBhO8/bMeQ4d+UC4aQ9B4/p253T9
WjkmEfmNfyOX21UW+BFpv93HAWGnNnwFE6fmV5v9J1uZPfgB0xWUBpb5JSDCHXP/
PRUAmzr0yw0yVT031/HMPtV8w/qx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org