Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/U69bzoVtbyUIWkeHNu788vprMDw.roa
File: U69bzoVtbyUIWkeHNu788vprMDw.roa (raw, json)
Hash identifier: 2ccyrvIq0U0TbYxMJV6bROj9cIJLpM+wAbcPaCYVzj4=
Subject key identifier: 53:AF:5B:CE:85:6D:6F:25:08:5A:47:87:36:EE:FC:F2:FA:6B:30:3C
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 018CCC2D1F8C44BC349BF0DF1E31F3596944
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/U69bzoVtbyUIWkeHNu788vprMDw.roa
Signing time: Tue 02 Jan 2024 21:55:58 +0000
ROA not before: Tue 02 Jan 2024 21:55:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/20 maxlen: 20
37.32.112.0/21 maxlen: 21
37.32.120.0/24 maxlen: 24
37.32.120.0/21 maxlen: 24
37.32.124.0/24 maxlen: 24
37.32.126.0/24 maxlen: 24
185.49.96.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 21:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cc:2d:1f:8c:44:bc:34:9b:f0:df:1e:31:f3:59:69:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Jan 2 21:55:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53af5bce856d6f25085a478736eefcf2fa6b303c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:27:cb:45:08:4a:7b:2f:50:d3:0f:13:75:15:
a7:7f:c4:43:4a:76:a1:14:30:ce:cd:08:f8:a9:d3:
2d:13:7a:11:b9:b0:9c:5b:73:c9:18:5e:d3:6d:08:
8a:86:06:7c:c8:7d:3f:dc:96:4d:9e:bb:a6:ee:a7:
fb:46:12:2f:87:fe:ab:6a:08:47:25:38:6f:4b:f8:
16:19:f0:18:5d:33:31:34:4f:58:37:b7:65:50:ed:
d0:09:61:3c:02:0b:2f:f6:23:76:a4:f0:da:3e:6a:
a5:89:5f:3f:d7:13:c5:d4:2e:75:5d:c7:53:24:1c:
7c:a2:ca:24:7e:70:93:97:e9:b0:8b:33:b9:dc:79:
1d:a3:46:25:c2:6f:a2:89:50:46:dd:87:8e:77:11:
92:e2:7f:62:f1:2d:d8:a7:ec:ff:9f:27:30:06:04:
20:40:c7:f9:96:85:d0:ac:9b:3d:2f:81:2c:4a:bc:
46:37:f7:d7:75:9a:74:b8:9d:4f:1e:58:96:98:64:
d0:92:f6:7d:6e:1d:87:1d:d4:e8:a8:1b:be:a7:eb:
75:6f:52:16:80:81:00:9a:ec:b0:09:b6:fb:4e:5a:
4b:8f:d8:ca:dc:49:60:8f:d4:3f:27:49:f6:1a:40:
89:c7:85:22:43:a1:6c:c3:47:fc:c6:59:10:16:8d:
d6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:AF:5B:CE:85:6D:6F:25:08:5A:47:87:36:EE:FC:F2:FA:6B:30:3C
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/U69bzoVtbyUIWkeHNu788vprMDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
Signature Algorithm: sha256WithRSAEncryption
31:ec:95:02:e5:67:11:7b:8f:bc:75:3c:77:cf:1c:5f:b1:be:
5c:41:ea:0d:3e:d7:a9:6a:d7:f0:c8:5f:2c:8e:46:0a:74:0e:
18:e4:cd:94:4d:2d:85:25:15:aa:87:c7:8a:76:96:ea:4e:7a:
da:8b:29:c8:d1:b6:fb:b0:18:d8:1e:32:28:6f:46:3f:0b:87:
29:a5:e4:ca:de:91:63:89:43:20:1d:39:5c:93:5e:6f:f3:ed:
ac:01:68:f6:7e:41:0c:68:90:60:c9:9f:a0:cd:1a:9c:b7:fc:
08:fd:25:bb:79:0b:73:ec:41:8e:ed:da:47:52:be:43:99:d9:
45:89:fe:d2:0d:72:8b:96:d9:05:e4:90:65:66:18:35:2c:87:
56:99:f1:26:42:1d:e3:43:71:24:e2:d6:b2:44:fd:0d:ba:55:
44:46:3a:84:b3:de:41:40:92:7c:98:42:9c:16:a2:de:f9:51:
3c:ea:dc:ce:72:9a:13:37:29:23:ba:3b:a2:9c:e5:38:c5:15:
4f:ba:2e:53:21:c7:51:89:dc:25:20:0e:42:ec:c8:67:21:de:
84:2e:69:fd:43:9f:c0:56:f7:87:3d:bd:27:b5:93:35:33:b0:
5b:5c:71:c6:99:5f:d9:a8:32:b4:33:3e:c4:6f:32:48:75:da:
97:98:6e:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzMLR+MRLw0m/DfHjHzWWlEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDIwMjk3ODM5YzczOTBkZjIwMjUxYTVjMDkzMGU2YTY3
MmJlZTMwHhcNMjQwMTAyMjE1NTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2FmNWJjZTg1NmQ2ZjI1MDg1YTQ3ODczNmVlZmNmMmZhNmIzMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCfLRQhKey9Q0w8TdRWnf8RDSnah
FDDOzQj4qdMtE3oRubCcW3PJGF7TbQiKhgZ8yH0/3JZNnrum7qf7RhIvh/6raghH
JThvS/gWGfAYXTMxNE9YN7dlUO3QCWE8Agsv9iN2pPDaPmqliV8/1xPF1C51XcdT
JBx8osokfnCTl+mwizO53Hkdo0Ylwm+iiVBG3YeOdxGS4n9i8S3Yp+z/nycwBgQg
QMf5loXQrJs9L4EsSrxGN/fXdZp0uJ1PHliWmGTQkvZ9bh2HHdToqBu+p+t1b1IW
gIEAmuywCbb7TlpLj9jK3Elgj9Q/J0n2GkCJx4UiQ6Fsw0f8xlkQFo3WtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFOvW86FbW8lCFpHhzbu/PL6azA8MB8GA1UdIwQY
MBaAFBwCApeDnHOQ3yAlGlwJMOamcr7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYt
MTQyYTJiOThmNGM4LzEvVTY5YnpvVnRieVVJV2tlSE51Nzg4dnByTUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYtMTQyYTJiOThmNGM4
LzEvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEJSBwAwQC
uTFgMA0GCSqGSIb3DQEBCwUAA4IBAQAx7JUC5WcRe4+8dTx3zxxfsb5cQeoNPtep
atfwyF8sjkYKdA4Y5M2UTS2FJRWqh8eKdpbqTnraiynI0bb7sBjYHjIob0Y/C4cp
peTK3pFjiUMgHTlck15v8+2sAWj2fkEMaJBgyZ+gzRqct/wI/SW7eQtz7EGO7dpH
Ur5DmdlFif7SDXKLltkF5JBlZhg1LIdWmfEmQh3jQ3Ek4tayRP0NulVERjqEs95B
QJJ8mEKcFqLe+VE86tzOcpoTNykjujuinOU4xRVPui5TIcdRidwlIA5C7MhnId6E
Lmn9Q5/AVveHPb0ntZM1M7BbXHHGmV/ZqDK0Mz7EbzJIddqXmG52
-----END CERTIFICATE-----
Generated at Mon Feb 19 22:04:44 2024 by rpki-client on console-ams.rpki-client.org