Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/0zwXFLG_hCjeHScVQ44UAMKugII.roa
File: 0zwXFLG_hCjeHScVQ44UAMKugII.roa (raw, json)
Hash identifier: 1R/2d2uLx294pRvls1mm2FV8Wz4fSsC5cKRTRUV8uK8=
Subject key identifier: D3:3C:17:14:B1:BF:84:28:DE:1D:27:15:43:8E:14:00:C2:AE:80:82
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01924C8A0F4C13EDD463586985EC1699A494
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/0zwXFLG_hCjeHScVQ44UAMKugII.roa
Signing time: Wed 02 Oct 2024 09:22:49 +0000
ROA not before: Wed 02 Oct 2024 09:22:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 37.26.112.0/20 maxlen: 20
93.191.168.0/21 maxlen: 21
93.191.173.0/24 maxlen: 24
94.127.72.0/21 maxlen: 21
95.100.147.0/24 maxlen: 24
194.35.38.0/23 maxlen: 23
2a02:2370:fe::/47 maxlen: 48
2a0b:35c0::/29 maxlen: 31
Validation: Failed, certificate revoked on Thu 10 Oct 2024 09:41:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:8a:0f:4c:13:ed:d4:63:58:69:85:ec:16:99:a4:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Oct 2 09:22:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d33c1714b1bf8428de1d2715438e1400c2ae8082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7a:10:6b:c0:85:3d:bc:ab:2a:4d:6f:17:e9:
b7:16:20:48:04:a1:35:c0:62:c3:a4:1c:36:cb:16:
83:0c:c8:56:4e:fb:71:48:a0:70:0c:48:a4:d5:be:
8b:dd:e3:38:df:0d:e2:77:ec:a8:e2:c4:fb:06:b9:
1f:67:a0:53:d5:1b:3b:4e:5b:a5:47:95:5f:09:fe:
e7:0f:9c:b9:81:31:44:3b:f1:fb:19:bd:ed:31:22:
59:1c:99:e5:d2:b3:02:27:0c:78:7a:7a:82:26:c0:
30:5c:63:ab:22:16:37:07:c8:7b:02:af:89:15:af:
02:4e:4a:d1:26:1f:d7:9f:33:4e:53:cc:2e:34:30:
7d:a3:b7:71:89:41:f2:11:76:39:90:14:8d:83:ca:
63:4e:d3:79:25:82:3e:ca:df:88:86:14:59:dc:ad:
a8:03:cc:e5:6f:c7:32:2d:fa:cb:09:3e:b7:c5:55:
b9:87:5a:2f:f3:39:48:33:44:34:71:05:10:0a:a2:
31:e8:d4:aa:d6:ec:9e:2c:d2:b4:80:0e:b4:1d:ce:
0c:4a:22:a9:42:ae:72:c6:dd:8b:a3:19:79:29:88:
d4:2f:66:33:2f:2a:d4:66:d3:0d:b1:ae:bf:cd:be:
3c:65:db:3e:f9:11:33:1b:c6:50:5e:2f:0a:bc:22:
3c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3C:17:14:B1:BF:84:28:DE:1D:27:15:43:8E:14:00:C2:AE:80:82
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/0zwXFLG_hCjeHScVQ44UAMKugII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.112.0/20
93.191.168.0/21
94.127.72.0/21
95.100.147.0/24
194.35.38.0/23
IPv6:
2a02:2370:fe::/47
2a0b:35c0::/29
Signature Algorithm: sha256WithRSAEncryption
78:1a:08:e4:85:b4:99:dc:a9:d1:fc:39:48:62:42:6f:aa:69:
46:1e:e8:57:94:93:23:5a:aa:74:01:ab:74:c9:22:5c:4d:ba:
e8:4b:e0:3c:14:1b:03:2f:74:c9:c0:d0:7a:95:cb:60:ed:ca:
8a:13:42:4c:04:24:bb:e4:a2:2e:d2:1f:e5:4c:87:f6:51:48:
be:b9:3b:c7:57:96:9c:a3:a6:79:aa:60:7a:00:c7:d6:35:ed:
d5:d1:10:2c:a6:d0:51:ea:d2:2e:2f:b0:00:10:d9:7e:5e:10:
3e:30:16:94:f2:f6:53:65:2d:6c:67:75:94:a7:b4:27:28:28:
4b:64:06:e6:df:2b:f2:9c:aa:45:a2:c2:21:4e:6b:0f:9a:6b:
cc:71:fd:8d:e5:7d:29:87:61:ba:68:41:53:e2:b3:57:15:3f:
3b:ca:eb:3e:82:ee:b5:12:2f:f2:f6:0b:70:45:bf:7a:37:41:
79:19:1a:f4:86:93:01:9a:2d:d5:ac:f4:2b:9b:46:e8:e6:b3:
90:49:b9:d9:0a:50:a3:1b:12:f4:47:7e:0d:f4:4b:fb:5a:98:
78:7f:47:be:b6:05:03:bd:bd:24:ec:d8:d0:a6:47:d8:2b:33:
25:51:54:6e:80:fb:8d:d5:92:de:45:37:88:b8:55:4d:10:8c:
93:63:32:7e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZJMig9ME+3UY1hphewWmaSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQxMDAyMDkyMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNjMTcxNGIxYmY4NDI4ZGUxZDI3MTU0MzhlMTQwMGMyYWU4MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnoQa8CFPbyrKk1vF+m3FiBIBKE1
wGLDpBw2yxaDDMhWTvtxSKBwDEik1b6L3eM43w3id+yo4sT7BrkfZ6BT1Rs7Tlul
R5VfCf7nD5y5gTFEO/H7Gb3tMSJZHJnl0rMCJwx4enqCJsAwXGOrIhY3B8h7Aq+J
Fa8CTkrRJh/XnzNOU8wuNDB9o7dxiUHyEXY5kBSNg8pjTtN5JYI+yt+IhhRZ3K2o
A8zlb8cyLfrLCT63xVW5h1ov8zlIM0Q0cQUQCqIx6NSq1uyeLNK0gA60Hc4MSiKp
Qq5yxt2Loxl5KYjUL2YzLyrUZtMNsa6/zb48Zds++REzG8ZQXi8KvCI8vwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNM8FxSxv4Qo3h0nFUOOFADCroCCMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvMHp3WEZMR19oQ2plSFNjVlE0NFVBTUt1Z0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQEJRpwAwQD
Xb+oAwQDXn9IAwQAX2STAwQBwiMmMBYEAgACMBADBwEqAiNwAP4DBQMqCzXAMA0G
CSqGSIb3DQEBCwUAA4IBAQB4GgjkhbSZ3KnR/DlIYkJvqmlGHuhXlJMjWqp0Aat0
ySJcTbroS+A8FBsDL3TJwNB6lctg7cqKE0JMBCS75KIu0h/lTIf2UUi+uTvHV5ac
o6Z5qmB6AMfWNe3V0RAsptBR6tIuL7AAENl+XhA+MBaU8vZTZS1sZ3WUp7QnKChL
ZAbm3yvynKpFosIhTmsPmmvMcf2N5X0ph2G6aEFT4rNXFT87yus+gu61Ei/y9gtw
Rb96N0F5GRr0hpMBmi3VrPQrm0bo5rOQSbnZClCjGxL0R34N9Ev7Wph4f0e+tgUD
vb0k7NjQpkfYKzMlUVRugPuN1ZLeRTeIuFVNEIyTYzJ+
-----END CERTIFICATE-----
Generated at Thu Oct 10 14:31:20 2024 by rpki-client on console-ams.rpki-client.org