Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Cxk1nUIml4R0oPDvGnQk-gXCoYs.roa
File: Cxk1nUIml4R0oPDvGnQk-gXCoYs.roa (raw, json)
Hash identifier: +411BykaAygnpP2c5vvlnCTskUAJNM5PLs1Fbl3aPsw=
Subject key identifier: 0B:19:35:9D:42:26:97:84:74:A0:F0:EF:1A:74:24:FA:05:C2:A1:8B
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CC5DCDF3C9598BC51FA848C7E1CC6BAA4
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Cxk1nUIml4R0oPDvGnQk-gXCoYs.roa
Signing time: Mon 01 Jan 2024 16:30:35 +0000
ROA not before: Mon 01 Jan 2024 16:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 996
IP address blocks: 37.34.80.0/21 maxlen: 24
37.218.208.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 20:42:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:df:3c:95:98:bc:51:fa:84:8c:7e:1c:c6:ba:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 1 16:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b19359d4226978474a0f0ef1a7424fa05c2a18b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2d:86:a7:ae:11:06:9b:84:ec:88:c0:9b:29:
f9:a0:1c:86:f3:a3:fc:57:b4:c9:7b:c0:57:66:40:
35:f6:c0:ef:6d:49:2a:39:88:65:be:97:5c:17:36:
e8:2f:28:b9:63:d6:2e:a5:f8:e3:fe:cf:cc:90:aa:
94:43:6c:3c:85:9e:61:c8:62:45:95:8d:2b:b5:4e:
54:7c:f8:30:6f:9d:2c:29:ac:06:36:a6:86:35:91:
24:3a:15:c9:b0:49:c0:65:f3:34:2c:c2:59:e2:ad:
33:b5:c8:e4:5c:d6:fe:e3:4e:ab:2f:c8:6f:58:e5:
56:6e:a2:65:b7:89:08:b1:ea:c3:cf:3d:5c:1d:1c:
68:6e:a9:e4:13:66:07:02:6f:f9:35:40:22:39:b6:
dd:aa:1c:80:86:97:c9:e9:ff:ce:f2:b0:3c:b4:9c:
ba:c3:4d:b1:39:21:c8:54:d5:82:ac:64:d3:17:6e:
ab:56:11:00:43:02:96:37:f2:b7:ac:5d:8c:50:cb:
be:dd:0b:dc:86:57:62:5c:75:16:d0:4b:d5:0e:df:
94:d9:e0:6d:d7:5e:f0:46:21:b6:d6:9c:26:1e:ec:
0a:94:2a:40:1f:03:84:fe:69:f8:cd:c6:be:a8:e7:
9b:f9:21:77:fa:6e:bb:20:39:8c:54:17:6a:cd:7a:
c3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:19:35:9D:42:26:97:84:74:A0:F0:EF:1A:74:24:FA:05:C2:A1:8B
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Cxk1nUIml4R0oPDvGnQk-gXCoYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.80.0/21
37.218.208.0/21
Signature Algorithm: sha256WithRSAEncryption
20:2e:0d:b9:5b:9d:0f:b3:f8:56:32:75:f4:fc:ed:96:69:c1:
f3:24:f7:69:62:d6:2b:b8:f6:cd:51:e2:51:d3:92:4e:0b:69:
02:74:67:12:0d:6f:dd:6b:70:b8:e8:90:6c:f0:b0:f9:a7:f8:
7e:0e:a2:8b:f8:fe:ac:1b:32:46:1e:7c:b1:56:c5:d9:bf:ec:
05:59:db:12:6b:a6:7a:47:73:7e:7b:83:cd:68:a5:78:33:24:
d2:13:82:a1:1c:86:be:04:5e:62:f2:e0:b5:dc:27:b3:a3:26:
31:a3:57:f1:44:c6:11:98:74:70:49:44:b0:4e:95:9d:e4:78:
15:c4:cb:4b:16:91:b6:93:ee:e8:17:ea:a0:71:fd:ec:cb:cf:
5c:f5:56:98:7e:68:90:17:b9:9f:88:66:e2:de:bb:04:7c:3a:
16:b2:57:68:e8:46:2f:f1:0c:93:b7:07:2f:71:f4:8c:d9:38:
e6:24:00:2d:d0:01:ce:d2:a7:7b:fd:ea:8f:f1:33:a0:13:ef:
f6:77:c6:f5:25:79:af:9d:f3:35:f5:3c:1c:56:80:11:92:86:
ee:b7:52:8a:b7:47:98:1c:cf:21:b5:7a:81:a8:40:e5:bf:e4:
09:2d:4d:eb:03:b6:98:b2:6f:f0:8f:80:52:52:b0:d6:72:56:
fb:16:8a:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3N88lZi8UfqEjH4cxrqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAxMTYzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjE5MzU5ZDQyMjY5Nzg0NzRhMGYwZWYxYTc0MjRmYTA1YzJhMThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi2Gp64RBpuE7IjAmyn5oByG86P8
V7TJe8BXZkA19sDvbUkqOYhlvpdcFzboLyi5Y9Yupfjj/s/MkKqUQ2w8hZ5hyGJF
lY0rtU5UfPgwb50sKawGNqaGNZEkOhXJsEnAZfM0LMJZ4q0ztcjkXNb+406rL8hv
WOVWbqJlt4kIserDzz1cHRxobqnkE2YHAm/5NUAiObbdqhyAhpfJ6f/O8rA8tJy6
w02xOSHIVNWCrGTTF26rVhEAQwKWN/K3rF2MUMu+3QvchldiXHUW0EvVDt+U2eBt
117wRiG21pwmHuwKlCpAHwOE/mn4zca+qOeb+SF3+m67IDmMVBdqzXrDpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAsZNZ1CJpeEdKDw7xp0JPoFwqGLMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvQ3hrMW5VSW1sNFIwb1BEdkduUWstZ1hDb1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJSJQAwQD
JdrQMA0GCSqGSIb3DQEBCwUAA4IBAQAgLg25W50Ps/hWMnX0/O2WacHzJPdpYtYr
uPbNUeJR05JOC2kCdGcSDW/da3C46JBs8LD5p/h+DqKL+P6sGzJGHnyxVsXZv+wF
WdsSa6Z6R3N+e4PNaKV4MyTSE4KhHIa+BF5i8uC13CezoyYxo1fxRMYRmHRwSUSw
TpWd5HgVxMtLFpG2k+7oF+qgcf3sy89c9VaYfmiQF7mfiGbi3rsEfDoWsldo6EYv
8QyTtwcvcfSM2TjmJAAt0AHO0qd7/eqP8TOgE+/2d8b1JXmvnfM19TwcVoARkobu
t1KKt0eYHM8htXqBqEDlv+QJLU3rA7aYsm/wj4BSUrDWclb7FoqX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org