Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/69c389-17c9-4461-a390-7aa290e857e9/1/TsqM3kYceE7gFQ-duHc5vqPAZdg.roa
File: TsqM3kYceE7gFQ-duHc5vqPAZdg.roa (raw, json)
Hash identifier: /TykVagXsBlO3SUM1QBvo7l/GL6+oauVpd8o7P5tKDM=
Subject key identifier: 4E:CA:8C:DE:46:1C:78:4E:E0:15:0F:9D:B8:77:39:BE:A3:C0:65:D8
Certificate issuer: /CN=19ac1498860e2bb0958173854bd04c869a369017
Certificate serial: 018CC7272F192B699EB306D55F21A7A547FF
Authority key identifier: 19:AC:14:98:86:0E:2B:B0:95:81:73:85:4B:D0:4C:86:9A:36:90:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GawUmIYOK7CVgXOFS9BMhpo2kBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/69c389-17c9-4461-a390-7aa290e857e9/1/TsqM3kYceE7gFQ-duHc5vqPAZdg.roa
Signing time: Mon 01 Jan 2024 22:31:22 +0000
ROA not before: Mon 01 Jan 2024 22:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 37.143.130.0/24 maxlen: 24
37.143.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 13:17:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:2f:19:2b:69:9e:b3:06:d5:5f:21:a7:a5:47:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ac1498860e2bb0958173854bd04c869a369017
Validity
Not Before: Jan 1 22:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4eca8cde461c784ee0150f9db87739bea3c065d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c3:e3:dd:09:c1:ac:c7:a8:46:6f:3d:66:62:
4b:d7:4a:6c:0a:07:56:9d:93:46:8a:9f:60:ec:20:
de:d4:94:b4:08:7b:dd:c9:a2:59:75:06:52:72:d3:
a4:cd:43:2b:35:41:35:13:c5:27:0c:37:ba:8d:04:
6c:62:a7:26:aa:d7:92:fd:89:9a:e0:45:71:93:d7:
96:8a:38:d3:11:c6:ca:18:66:be:0c:9b:b5:37:8f:
57:4e:fb:9c:72:2c:ef:ef:d4:7c:14:e7:62:b3:e7:
98:de:bd:33:91:dd:2b:46:46:bb:ac:53:f3:36:db:
bd:b2:cf:d9:a8:9e:8d:68:74:e8:fb:d9:03:3c:b2:
c3:bc:53:e5:42:b4:77:9a:11:dd:21:ad:4d:ce:f5:
e6:e4:16:b0:bd:00:07:da:e4:23:2c:3e:45:e1:4e:
f1:de:5c:8f:a9:98:0b:8e:0f:bc:24:72:c0:20:8e:
fa:43:b5:ff:1b:f9:7b:2a:f0:8a:de:ad:8b:07:de:
8b:1b:d8:bb:8b:de:fe:df:eb:9f:b9:f4:08:88:ed:
83:fc:38:b4:42:60:0e:a6:0a:5e:bf:0a:eb:10:50:
05:47:78:28:bf:fb:74:57:9c:1d:7a:aa:68:d3:ce:
5a:a6:98:13:b8:af:75:ce:dd:78:c4:0b:dc:b7:d0:
d1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CA:8C:DE:46:1C:78:4E:E0:15:0F:9D:B8:77:39:BE:A3:C0:65:D8
X509v3 Authority Key Identifier:
keyid:19:AC:14:98:86:0E:2B:B0:95:81:73:85:4B:D0:4C:86:9A:36:90:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GawUmIYOK7CVgXOFS9BMhpo2kBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/69c389-17c9-4461-a390-7aa290e857e9/1/TsqM3kYceE7gFQ-duHc5vqPAZdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/69c389-17c9-4461-a390-7aa290e857e9/1/GawUmIYOK7CVgXOFS9BMhpo2kBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.128.0/24
37.143.130.0/24
Signature Algorithm: sha256WithRSAEncryption
66:36:02:37:0f:a4:a0:76:34:98:23:54:de:4c:62:43:ff:4b:
bc:5c:38:13:81:79:06:73:43:8b:55:6c:c6:ef:52:16:42:1a:
a5:9f:44:19:5f:36:6c:0b:18:90:c0:e8:a9:54:c8:9a:3d:89:
08:1f:d3:f0:ce:17:21:a1:fe:86:e9:94:da:53:b2:06:83:17:
a3:d6:8e:a3:79:5e:3c:4a:dd:c8:4d:d2:ce:53:c0:5c:09:aa:
f6:e5:00:0a:c0:27:fe:cd:68:0d:0b:f4:3b:c3:58:4a:01:02:
6d:ad:20:0b:8e:22:81:df:36:4b:82:86:f6:16:d6:2c:d2:59:
c7:ce:2f:c7:76:9a:f1:b1:34:b5:96:23:b2:bc:c2:5d:42:5b:
37:76:16:b9:a6:fc:ad:1e:ff:5a:c5:ce:3c:24:25:c3:a7:bc:
22:56:e1:a3:6f:b7:fb:46:94:fb:87:a6:7c:3d:9e:ba:e3:22:
f0:7c:86:22:c2:bb:3c:82:35:0b:e7:62:ae:b0:13:0e:e1:24:
f4:99:99:68:3d:f4:88:cb:ec:82:22:3b:06:1f:95:0f:ad:38:
b5:b8:b5:23:7c:9c:0d:04:7f:77:66:95:d1:09:4d:34:0c:19:
19:99:d2:1a:5f:85:7f:0a:df:fc:db:64:1c:9f:4d:af:ce:37:
8e:84:38:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJy8ZK2meswbVXyGnpUf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YWMxNDk4ODYwZTJiYjA5NTgxNzM4NTRiZDA0Yzg2OWEz
NjkwMTcwHhcNMjQwMTAxMjIzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWNhOGNkZTQ2MWM3ODRlZTAxNTBmOWRiODc3MzliZWEzYzA2NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsPj3QnBrMeoRm89ZmJL10psCgdW
nZNGip9g7CDe1JS0CHvdyaJZdQZSctOkzUMrNUE1E8UnDDe6jQRsYqcmqteS/Yma
4EVxk9eWijjTEcbKGGa+DJu1N49XTvuccizv79R8FOdis+eY3r0zkd0rRka7rFPz
Ntu9ss/ZqJ6NaHTo+9kDPLLDvFPlQrR3mhHdIa1NzvXm5BawvQAH2uQjLD5F4U7x
3lyPqZgLjg+8JHLAII76Q7X/G/l7KvCK3q2LB96LG9i7i97+3+ufufQIiO2D/Di0
QmAOpgpevwrrEFAFR3gov/t0V5wdeqpo085appgTuK91zt14xAvct9DRIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE7KjN5GHHhO4BUPnbh3Ob6jwGXYMB8GA1UdIwQY
MBaAFBmsFJiGDiuwlYFzhUvQTIaaNpAXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2F3VW1JWU9LN0NWZ1hPRlM5Qk1ocG8ya0JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82OWMzODktMTdjOS00NDYxLWEzOTAt
N2FhMjkwZTg1N2U5LzEvVHNxTTNrWWNlRTdnRlEtZHVIYzV2cVBBWmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82OWMzODktMTdjOS00NDYxLWEzOTAtN2FhMjkwZTg1N2U5
LzEvR2F3VW1JWU9LN0NWZ1hPRlM5Qk1ocG8ya0JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJY+AAwQA
JY+CMA0GCSqGSIb3DQEBCwUAA4IBAQBmNgI3D6SgdjSYI1TeTGJD/0u8XDgTgXkG
c0OLVWzG71IWQhqln0QZXzZsCxiQwOipVMiaPYkIH9Pwzhchof6G6ZTaU7IGgxej
1o6jeV48St3ITdLOU8BcCar25QAKwCf+zWgNC/Q7w1hKAQJtrSALjiKB3zZLgob2
FtYs0lnHzi/HdprxsTS1liOyvMJdQls3dha5pvytHv9axc48JCXDp7wiVuGjb7f7
RpT7h6Z8PZ664yLwfIYiwrs8gjUL52KusBMO4ST0mZloPfSIy+yCIjsGH5UPrTi1
uLUjfJwNBH93ZpXRCU00DBkZmdIaX4V/Ct/822Qcn02vzjeOhDgm
-----END CERTIFICATE-----
Generated at Tue Mar 5 17:53:07 2024 by rpki-client on console-ams.rpki-client.org