Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/1-qtcpQXzxZXgdLkt090_eo5ebIo.roa
File: 1-qtcpQXzxZXgdLkt090_eo5ebIo.roa (raw, json)
Hash identifier: UejQOwmg9uUtMGuVztJbLBc4DfEQo1/H1iv5Fj28Sxw=
Subject key identifier: FA:AB:5C:A5:05:F3:C5:95:E0:74:B9:2D:D3:DD:3F:7A:8E:5E:6C:8A
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 018CCBCCFDC7E0992F3BB16E7E8F6887FD73
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/1-qtcpQXzxZXgdLkt090_eo5ebIo.roa
Signing time: Tue 02 Jan 2024 20:10:58 +0000
ROA not before: Tue 02 Jan 2024 20:10:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/21 maxlen: 21
37.32.112.0/20 maxlen: 20
37.32.120.0/21 maxlen: 21
37.32.120.0/24 maxlen: 24
37.32.124.0/24 maxlen: 24
37.32.126.0/24 maxlen: 24
185.49.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cb:cc:fd:c7:e0:99:2f:3b:b1:6e:7e:8f:68:87:fd:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Jan 2 20:10:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faab5ca505f3c595e074b92dd3dd3f7a8e5e6c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a6:a7:56:7b:b0:a4:3e:15:28:a0:67:51:71:
c4:f6:b1:af:0c:52:b6:84:27:09:1b:87:77:a4:25:
cc:f1:94:a7:e2:e0:36:c7:ae:41:82:6a:a7:55:88:
0f:60:32:52:eb:0a:a7:be:98:a0:8d:a5:2c:aa:5c:
03:15:9d:68:5a:14:52:01:69:64:ac:22:77:25:d7:
43:2e:0d:26:29:5a:0a:9f:94:a3:0f:91:fd:1e:2c:
14:05:7e:ef:41:fd:96:a8:11:1a:b3:f1:25:5a:f5:
d8:1c:c9:13:84:ec:4e:3e:00:32:99:43:fc:78:69:
1a:37:18:62:d2:89:29:a9:f6:e6:77:79:c2:24:f3:
c3:96:56:e4:1d:ba:b5:02:10:58:84:35:c3:75:65:
4c:ac:62:9e:06:fe:3c:fa:f6:c1:16:e7:2b:10:87:
0c:3d:f1:29:7b:ec:4a:79:92:09:02:0e:e7:88:4e:
f4:c6:9e:58:ad:ee:ad:e8:e6:6c:84:d5:b0:88:68:
b7:39:ca:15:d9:4c:91:25:dd:f9:d0:f1:ac:7f:6c:
e3:32:09:49:45:35:89:57:49:6b:97:02:9f:c5:5e:
2f:4a:ab:a4:dd:7b:23:98:05:32:6a:87:37:b5:20:
c4:7a:e5:cb:a0:db:b5:38:4d:4b:ec:17:79:ab:fe:
f3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:AB:5C:A5:05:F3:C5:95:E0:74:B9:2D:D3:DD:3F:7A:8E:5E:6C:8A
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/1-qtcpQXzxZXgdLkt090_eo5ebIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
Signature Algorithm: sha256WithRSAEncryption
80:39:8d:ce:be:f5:73:b6:06:d6:31:9d:40:c7:3a:5c:e5:27:
9f:e7:3f:dd:a7:21:c6:a8:47:d0:87:0b:e2:b2:ad:9c:08:fa:
0b:46:9f:94:40:b1:30:13:3d:16:ce:9e:c3:8d:52:01:67:71:
35:db:a1:8d:27:d2:e9:d6:99:ab:d6:43:d1:2a:6e:ef:0b:8f:
6b:1d:76:f9:28:2b:d2:1b:6e:8a:99:a1:d1:9f:2b:78:c2:ab:
ba:f2:67:39:46:03:d6:1a:81:1a:93:50:1f:ff:7c:cf:58:d2:
c2:da:20:07:47:2a:b5:ed:36:ec:28:d1:fa:ae:7d:eb:ee:84:
22:aa:29:58:26:f4:90:6a:32:59:98:d6:81:eb:ba:ef:d1:de:
f4:d4:1e:c9:7b:3d:46:7c:9c:6d:ab:2e:d4:da:1e:b0:e0:03:
a2:c3:ff:1b:9b:a4:bd:84:56:6f:4b:c4:3a:6b:8b:fb:12:e0:
2b:1e:b5:02:67:12:ba:50:5b:53:0d:fe:6c:75:d4:04:f9:b7:
22:a3:7d:96:10:3a:41:d9:83:16:cc:07:27:ee:90:99:ec:ed:
0f:7e:ad:50:38:ef:09:e7:ee:51:5d:3d:7d:0f:0e:7d:86:46:
cc:c5:d8:5d:cc:57:eb:2b:b7:b3:94:b1:a0:40:0e:68:79:8c:
b1:9b:26:5d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzLzP3H4JkvO7Fufo9oh/1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDIwMjk3ODM5YzczOTBkZjIwMjUxYTVjMDkzMGU2YTY3
MmJlZTMwHhcNMjQwMTAyMjAxMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWFiNWNhNTA1ZjNjNTk1ZTA3NGI5MmRkM2RkM2Y3YThlNWU2YzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKanVnuwpD4VKKBnUXHE9rGvDFK2
hCcJG4d3pCXM8ZSn4uA2x65BgmqnVYgPYDJS6wqnvpigjaUsqlwDFZ1oWhRSAWlk
rCJ3JddDLg0mKVoKn5SjD5H9HiwUBX7vQf2WqBEas/ElWvXYHMkThOxOPgAymUP8
eGkaNxhi0okpqfbmd3nCJPPDllbkHbq1AhBYhDXDdWVMrGKeBv48+vbBFucrEIcM
PfEpe+xKeZIJAg7niE70xp5Yre6t6OZshNWwiGi3OcoV2UyRJd350PGsf2zjMglJ
RTWJV0lrlwKfxV4vSquk3XsjmAUyaoc3tSDEeuXLoNu1OE1L7Bd5q/7z2QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqrXKUF88WV4HS5LdPdP3qOXmyKMB8GA1UdIwQY
MBaAFBwCApeDnHOQ3yAlGlwJMOamcr7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYt
MTQyYTJiOThmNGM4LzEvMS1xdGNwUVh6eFpYZ2RMa3QwOTBfZW81ZWJJby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmMvNzk3MzNmLTUzMzItNDUxYi04NmFmLTE0MmEyYjk4ZjRj
OC8xL0hBSUNsNE9jYzVEZklDVWFYQWt3NXFaeXZ1TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBCUgcAME
ArkxYDANBgkqhkiG9w0BAQsFAAOCAQEAgDmNzr71c7YG1jGdQMc6XOUnn+c/3ach
xqhH0IcL4rKtnAj6C0aflECxMBM9Fs6ew41SAWdxNduhjSfS6daZq9ZD0Spu7wuP
ax12+Sgr0htuipmh0Z8reMKruvJnOUYD1hqBGpNQH/98z1jSwtogB0cqte027CjR
+q596+6EIqopWCb0kGoyWZjWgeu679He9NQeyXs9Rnycbasu1NoesOADosP/G5uk
vYRWb0vEOmuL+xLgKx61AmcSulBbUw3+bHXUBPm3IqN9lhA6QdmDFswHJ+6Qmezt
D36tUDjvCefuUV09fQ8OfYZGzMXYXcxX6yu3s5SxoEAOaHmMsZsmXQ==
-----END CERTIFICATE-----
Generated at Wed Jan 3 02:40:25 2024 by rpki-client on console-ams.rpki-client.org