Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/r9v6JuAUqKXZEF8CV7UcNFeP9e0.roa
File: r9v6JuAUqKXZEF8CV7UcNFeP9e0.roa (raw, json)
Hash identifier: /9SHTgGyTGjqGZZViaB8ayMS7u0qOrKNSURlrrqIReE=
Subject key identifier: AF:DB:FA:26:E0:14:A8:A5:D9:10:5F:02:57:B5:1C:34:57:8F:F5:ED
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 019123489427331E3B4F93C1BA2800F058C0
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/r9v6JuAUqKXZEF8CV7UcNFeP9e0.roa
Signing time: Mon 05 Aug 2024 16:04:04 +0000
ROA not before: Mon 05 Aug 2024 16:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/20 maxlen: 24
37.32.112.0/21 maxlen: 21
37.32.120.0/21 maxlen: 24
37.32.120.0/24 maxlen: 24
37.32.124.0/24 maxlen: 24
37.32.126.0/24 maxlen: 24
185.49.96.0/22 maxlen: 24
2a01:9180::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:48:94:27:33:1e:3b:4f:93:c1:ba:28:00:f0:58:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Aug 5 16:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afdbfa26e014a8a5d9105f0257b51c34578ff5ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:89:41:39:66:ab:88:37:d4:c8:81:cd:fe:bb:
d7:94:71:13:2b:5b:7e:24:cb:a6:1f:1d:62:0b:46:
72:1e:88:21:f3:0c:3f:4a:c1:9f:83:5a:db:92:1f:
85:62:ce:55:35:4e:f9:09:55:d2:51:26:17:db:87:
9a:83:57:0b:a9:73:37:94:62:0e:02:1b:e2:43:e0:
08:43:07:42:5d:a8:f2:51:05:86:8a:06:c2:ce:49:
20:91:73:2a:57:27:28:a7:71:71:88:8f:16:8a:5e:
51:2e:db:4f:96:1c:4b:36:5f:92:ab:8f:25:38:35:
30:80:39:0c:fc:ba:c9:2f:c5:91:33:0b:70:50:bc:
d0:3a:6a:8d:08:3d:1c:91:93:3b:df:5e:a5:54:61:
81:06:27:4a:df:52:5a:42:8c:ec:7b:62:09:d1:39:
5b:25:5f:fa:41:a1:f9:b0:6c:87:ec:95:9b:df:44:
f5:71:e6:dc:06:01:f1:df:0a:1d:a5:1a:a2:ac:7d:
9f:1c:b6:5b:94:76:de:bc:ef:c0:d4:f2:83:88:99:
06:46:13:a9:a7:a1:9e:f7:0c:22:3f:2a:7e:7d:fc:
57:b4:f2:35:08:67:25:6d:51:1b:54:94:6c:a7:90:
c8:1d:07:48:d1:c2:6c:75:af:8d:ac:55:55:d0:0d:
bb:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DB:FA:26:E0:14:A8:A5:D9:10:5F:02:57:B5:1C:34:57:8F:F5:ED
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/r9v6JuAUqKXZEF8CV7UcNFeP9e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
IPv6:
2a01:9180::/32
Signature Algorithm: sha256WithRSAEncryption
4c:06:a7:78:4b:ef:2a:7e:81:12:2a:e9:43:5a:96:cb:22:d7:
97:f1:25:30:9c:54:b6:14:c9:bb:b9:c9:28:39:79:66:26:2e:
10:5e:a8:06:d5:ef:76:8a:36:f0:ad:18:b1:9e:c2:cc:3e:db:
29:32:9e:ba:10:ba:8b:72:d0:3c:3c:39:0d:75:c7:37:16:a8:
98:7a:2d:c6:14:74:d0:5f:f1:fd:3f:c4:24:32:56:3f:77:ab:
70:e2:b3:7e:b9:b2:54:7b:04:6b:e2:19:26:3d:42:ac:ec:44:
83:63:2a:61:eb:9d:56:bd:38:b1:85:24:8b:b2:ed:43:79:b0:
63:fb:5e:6b:14:74:55:34:ee:7b:ec:71:ab:86:c1:cf:76:49:
aa:b5:cc:40:11:70:f7:a8:05:0c:92:43:62:45:42:27:6c:fd:
80:29:f3:cf:54:80:2c:64:86:ce:cd:e2:78:bf:3b:df:b6:6b:
13:c2:0f:a0:80:68:37:2f:50:74:2a:69:4d:fb:02:06:f1:2d:
1c:79:88:2d:5b:3d:0a:f0:5e:1d:7b:ee:3b:b8:43:0a:b6:d9:
20:a3:76:76:a6:72:81:6d:aa:d4:b5:66:35:8a:35:18:5c:99:
92:a8:18:e5:7d:ed:73:d5:a4:0d:b0:9f:51:67:d8:4e:51:42:
b5:38:7a:a0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZEjSJQnMx47T5PBuigA8FjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDIwMjk3ODM5YzczOTBkZjIwMjUxYTVjMDkzMGU2YTY3
MmJlZTMwHhcNMjQwODA1MTYwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmRiZmEyNmUwMTRhOGE1ZDkxMDVmMDI1N2I1MWMzNDU3OGZmNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9IlBOWariDfUyIHN/rvXlHETK1t+
JMumHx1iC0ZyHogh8ww/SsGfg1rbkh+FYs5VNU75CVXSUSYX24eag1cLqXM3lGIO
AhviQ+AIQwdCXajyUQWGigbCzkkgkXMqVycop3FxiI8Wil5RLttPlhxLNl+Sq48l
ODUwgDkM/LrJL8WRMwtwULzQOmqNCD0ckZM7316lVGGBBidK31JaQozse2IJ0Tlb
JV/6QaH5sGyH7JWb30T1cebcBgHx3wodpRqirH2fHLZblHbevO/A1PKDiJkGRhOp
p6Ge9wwiPyp+ffxXtPI1CGclbVEbVJRsp5DIHQdI0cJsda+NrFVV0A276wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK/b+ibgFKil2RBfAle1HDRXj/XtMB8GA1UdIwQY
MBaAFBwCApeDnHOQ3yAlGlwJMOamcr7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYt
MTQyYTJiOThmNGM4LzEvcjl2Nkp1QVVxS1haRUY4Q1Y3VWNORmVQOWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYtMTQyYTJiOThmNGM4
LzEvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEJSBwAwQC
uTFgMA0EAgACMAcDBQAqAZGAMA0GCSqGSIb3DQEBCwUAA4IBAQBMBqd4S+8qfoES
KulDWpbLIteX8SUwnFS2FMm7uckoOXlmJi4QXqgG1e92ijbwrRixnsLMPtspMp66
ELqLctA8PDkNdcc3FqiYei3GFHTQX/H9P8QkMlY/d6tw4rN+ubJUewRr4hkmPUKs
7ESDYyph651WvTixhSSLsu1DebBj+15rFHRVNO577HGrhsHPdkmqtcxAEXD3qAUM
kkNiRUInbP2AKfPPVIAsZIbOzeJ4vzvftmsTwg+ggGg3L1B0KmlN+wIG8S0ceYgt
Wz0K8F4de+47uEMKttkgo3Z2pnKBbarUtWY1ijUYXJmSqBjlfe1z1aQNsJ9RZ9hO
UUK1OHqg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:10 2025 by rpki-client