Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/TyQV84MM_gbi0ujQZeM0CxR7jRE.roa
File: TyQV84MM_gbi0ujQZeM0CxR7jRE.roa (raw, json)
Hash identifier: leV21ymYMnTBD2Ia1Z2NYMLHrcT3bNv+xKLRRZnkJfo=
Subject key identifier: 4F:24:15:F3:83:0C:FE:06:E2:D2:E8:D0:65:E3:34:0B:14:7B:8D:11
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A4217C9F3B3AB82F0131466C568C1
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/TyQV84MM_gbi0ujQZeM0CxR7jRE.roa
Signing time: Sun 01 Jan 2023 03:05:06 +0000
ROA not before: Sun 01 Jan 2023 03:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205675
IP address blocks: 37.18.103.0/24 maxlen: 24
37.18.24.0/24 maxlen: 24
178.170.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Apr 2023 08:11:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:42:17:c9:f3:b3:ab:82:f0:13:14:66:c5:68:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f2415f3830cfe06e2d2e8d065e3340b147b8d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:95:ce:a5:a1:8e:42:1a:b8:8c:78:0b:fe:35:
6a:c2:f7:86:9a:45:59:97:2f:8e:a9:3e:a8:fd:d8:
98:57:1a:4a:40:ee:61:4d:fc:7b:ed:49:1b:f4:7a:
47:c4:c8:5c:e6:4e:bb:69:68:bb:38:af:76:72:1b:
64:91:8b:07:d7:f9:c1:d9:df:95:fa:71:79:21:24:
d6:fb:6c:7e:cf:71:c8:de:7a:42:35:7c:f9:e9:a2:
90:15:fa:b1:6f:8f:aa:46:09:7e:57:fb:c4:e0:f8:
14:f1:47:65:74:60:e2:f2:5c:94:3b:01:0a:84:1e:
40:9b:ab:16:95:e8:14:c5:04:b8:53:79:93:7a:d0:
d2:b1:fe:20:25:79:c1:eb:71:6a:c7:6a:fa:ac:f3:
1b:1c:66:25:6c:a7:cf:29:9e:54:95:d9:3a:b4:56:
a0:ee:1d:33:61:1c:7d:9b:ce:69:17:51:13:cd:a4:
c3:1a:41:fc:13:6f:f5:0e:45:90:79:fb:a8:0c:42:
c0:f8:eb:4d:e7:0c:74:1f:54:a8:4c:eb:e9:a1:f5:
8f:67:65:75:ba:9e:51:c3:11:04:4f:99:94:61:cf:
87:12:6d:80:32:a1:22:37:f1:fd:09:80:b1:63:1d:
c7:a8:e9:a8:28:c6:ba:6e:a9:c8:b9:ef:fd:1b:d3:
cb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:24:15:F3:83:0C:FE:06:E2:D2:E8:D0:65:E3:34:0B:14:7B:8D:11
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/TyQV84MM_gbi0ujQZeM0CxR7jRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.24.0/24
37.18.103.0/24
178.170.172.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:aa:e9:95:b4:ad:76:8a:fc:2b:5f:7b:cf:df:82:90:8d:3c:
ff:31:f8:b1:83:06:3d:f2:39:72:17:29:4a:ba:1d:4b:27:37:
d3:1d:35:03:57:c3:d9:2b:91:9c:9b:f9:6c:b3:d5:e8:fa:de:
5e:7a:e6:11:af:78:ff:bf:89:fc:b0:18:73:d6:c7:d8:4b:63:
00:9f:ee:cb:bc:2f:7b:d8:68:81:37:f6:64:1d:f1:4d:34:b3:
f7:71:a9:57:f3:89:42:c5:ea:28:d6:35:a8:9f:3c:b4:24:29:
f8:68:a9:50:51:70:23:d2:0e:00:2a:fb:61:32:1e:58:cb:17:
7e:e1:59:1b:d7:a3:7e:85:80:22:bb:e2:24:c3:be:c9:d1:fb:
14:25:cb:af:63:91:c4:0b:37:71:76:2f:fa:12:4e:6c:15:8a:
9d:48:75:09:71:cc:d1:b6:e0:da:72:38:bf:63:3c:87:92:de:
be:cc:33:55:94:04:9d:7d:06:ab:04:e3:ac:84:6e:9e:29:ad:
60:cb:87:3f:eb:34:ef:34:e7:9b:6d:6d:a8:1c:70:ab:ca:bb:
fd:b7:b9:80:3e:37:de:31:65:c9:d2:80:77:b0:c8:16:2f:14:
98:75:09:c4:e0:f8:22:6b:1e:21:c6:1b:e7:45:08:05:c4:c8:
ee:65:2b:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrSkIXyfOzq4LwExRmxWjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjI0MTVmMzgzMGNmZTA2ZTJkMmU4ZDA2NWUzMzQwYjE0N2I4ZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpXOpaGOQhq4jHgL/jVqwveGmkVZ
ly+OqT6o/diYVxpKQO5hTfx77Ukb9HpHxMhc5k67aWi7OK92chtkkYsH1/nB2d+V
+nF5ISTW+2x+z3HI3npCNXz56aKQFfqxb4+qRgl+V/vE4PgU8UdldGDi8lyUOwEK
hB5Am6sWlegUxQS4U3mTetDSsf4gJXnB63Fqx2r6rPMbHGYlbKfPKZ5Uldk6tFag
7h0zYRx9m85pF1ETzaTDGkH8E2/1DkWQefuoDELA+OtN5wx0H1SoTOvpofWPZ2V1
up5RwxEET5mUYc+HEm2AMqEiN/H9CYCxYx3HqOmoKMa6bqnIue/9G9PL+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE8kFfODDP4G4tLo0GXjNAsUe40RMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvVHlRVjg0TU1fZ2JpMHVqUVplTTBDeFI3alJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJRIYAwQA
JRJnAwQAsqqsMA0GCSqGSIb3DQEBCwUAA4IBAQBKqumVtK12ivwrX3vP34KQjTz/
MfixgwY98jlyFylKuh1LJzfTHTUDV8PZK5Gcm/lss9Xo+t5eeuYRr3j/v4n8sBhz
1sfYS2MAn+7LvC972GiBN/ZkHfFNNLP3calX84lCxeoo1jWonzy0JCn4aKlQUXAj
0g4AKvthMh5Yyxd+4Vkb16N+hYAiu+Ikw77J0fsUJcuvY5HECzdxdi/6Ek5sFYqd
SHUJcczRtuDacji/YzyHkt6+zDNVlASdfQarBOOshG6eKa1gy4c/6zTvNOebbW2o
HHCryrv9t7mAPjfeMWXJ0oB3sMgWLxSYdQnE4Pgiax4hxhvnRQgFxMjuZSs9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org