Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/YdRaYFm1i0LbAWvfj0WM5iwagrs.roa
File: YdRaYFm1i0LbAWvfj0WM5iwagrs.roa (raw, json)
Hash identifier: /JJWL5CnmJEp6/YAmiNugTaoGOYcxoZg2yoCgRExJ4o=
Subject key identifier: 61:D4:5A:60:59:B5:8B:42:DB:01:6B:DF:8F:45:8C:E6:2C:1A:82:BB
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018CC64A80FA2DF2DF56D2BB18D6C17040E4
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/YdRaYFm1i0LbAWvfj0WM5iwagrs.roa
Signing time: Mon 01 Jan 2024 18:30:20 +0000
ROA not before: Mon 01 Jan 2024 18:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200197
IP address blocks: 37.230.171.0/24 maxlen: 24
37.230.170.0/24 maxlen: 24
178.170.172.0/24 maxlen: 24
37.230.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 15:15:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:80:fa:2d:f2:df:56:d2:bb:18:d6:c1:70:40:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 18:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61d45a6059b58b42db016bdf8f458ce62c1a82bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ba:0b:8c:ae:ea:9e:2b:fb:45:b0:59:90:28:
08:65:a2:9a:51:cf:1f:d6:d7:08:48:24:a1:44:1e:
60:3e:c4:11:72:23:e1:54:15:d2:ff:a0:a0:ab:97:
33:74:b4:60:20:e2:eb:07:47:b5:7b:61:d0:02:ac:
39:8d:dd:98:74:86:a4:7f:d3:76:6a:d0:de:80:51:
1e:07:39:85:47:a4:ee:6e:e2:2d:47:d8:2f:47:5a:
cc:e1:5d:d5:ca:2d:59:7d:99:48:9b:b7:a2:91:21:
10:7b:2f:09:48:b5:7a:ce:bb:ef:42:18:f7:83:70:
d7:33:7f:93:b8:a5:e4:58:21:84:47:6c:16:f6:6d:
1a:27:d0:e8:95:f7:7d:6b:df:0e:9a:80:1b:64:8f:
54:4a:94:2b:5d:a6:ea:9b:5e:07:50:17:85:68:2e:
bd:cd:c1:29:d6:29:c1:a7:8e:d9:35:e8:40:be:26:
51:78:c8:ef:d7:b2:c5:d3:07:74:b8:10:63:8a:06:
85:da:15:38:c4:9e:50:7a:eb:8c:42:c5:40:32:94:
e6:4a:f1:db:4e:e3:7a:b6:2e:56:8a:bf:06:ac:75:
af:79:f2:da:dc:ca:8a:23:cd:8b:5c:01:bd:4c:ba:
20:cb:13:20:14:a9:b6:18:d7:a5:bd:e3:52:1e:b5:
f4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D4:5A:60:59:B5:8B:42:DB:01:6B:DF:8F:45:8C:E6:2C:1A:82:BB
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/YdRaYFm1i0LbAWvfj0WM5iwagrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.131.0/24
37.230.170.0/23
178.170.172.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:c5:8e:4e:69:a7:dc:5d:f1:51:d8:dc:1a:0e:2e:75:98:cd:
79:ff:fd:27:70:b4:2c:ab:71:5d:ac:0c:b9:c7:63:39:c0:2f:
92:f5:ae:d3:95:9b:22:a0:0b:65:2c:f9:08:7e:e6:4f:72:08:
a1:d5:b3:2b:fd:44:8a:34:d0:0b:f4:c0:09:71:e2:0b:d2:66:
8c:81:b2:c5:6c:97:cf:0c:ce:e4:3a:99:71:4c:d0:29:c3:bf:
dc:a3:69:c1:1f:d3:e3:36:4f:c6:a3:9a:7a:3a:ee:c4:b2:34:
74:e2:07:9b:a8:fa:8c:5c:51:f6:2e:54:fc:ff:8e:1f:14:e2:
36:ef:48:55:b7:d6:0b:f9:a3:99:27:a2:e9:3f:2c:9c:58:fa:
58:73:d5:9f:fd:03:a4:d0:4a:4a:0c:3f:de:66:67:9a:bd:96:
da:e4:77:e8:ce:d8:3d:5d:06:bc:ce:97:24:a7:e9:c2:21:a3:
e0:9c:bb:33:b3:9e:a8:16:f0:58:41:3b:8e:32:c9:95:9c:05:
51:95:8b:57:8d:5b:f9:51:e2:41:ed:9e:00:fd:a7:9a:ae:bc:
69:96:43:89:e1:00:8b:46:3a:95:d3:3d:2e:d5:f9:44:90:e6:
c8:23:61:71:af:61:52:ed:37:3e:75:59:72:c8:cf:74:bd:a0:
b9:0d:61:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGSoD6LfLfVtK7GNbBcEDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQwMTAxMTgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ0NWE2MDU5YjU4YjQyZGIwMTZiZGY4ZjQ1OGNlNjJjMWE4MmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvroLjK7qniv7RbBZkCgIZaKaUc8f
1tcISCShRB5gPsQRciPhVBXS/6Cgq5czdLRgIOLrB0e1e2HQAqw5jd2YdIakf9N2
atDegFEeBzmFR6TubuItR9gvR1rM4V3Vyi1ZfZlIm7eikSEQey8JSLV6zrvvQhj3
g3DXM3+TuKXkWCGER2wW9m0aJ9Dolfd9a98OmoAbZI9USpQrXabqm14HUBeFaC69
zcEp1inBp47ZNehAviZReMjv17LF0wd0uBBjigaF2hU4xJ5QeuuMQsVAMpTmSvHb
TuN6ti5Wir8GrHWvefLa3MqKI82LXAG9TLogyxMgFKm2GNelveNSHrX0dwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGHUWmBZtYtC2wFr349FjOYsGoK7MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvWWRSYVlGbTFpMExiQVd2ZmowV001aXdhZ3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJeaDAwQB
JeaqAwQAsqqsMA0GCSqGSIb3DQEBCwUAA4IBAQDCxY5OaafcXfFR2NwaDi51mM15
//0ncLQsq3FdrAy5x2M5wC+S9a7TlZsioAtlLPkIfuZPcgih1bMr/USKNNAL9MAJ
ceIL0maMgbLFbJfPDM7kOplxTNApw7/co2nBH9PjNk/Go5p6Ou7EsjR04gebqPqM
XFH2LlT8/44fFOI270hVt9YL+aOZJ6LpPyycWPpYc9Wf/QOk0EpKDD/eZmeavZba
5Hfoztg9XQa8zpckp+nCIaPgnLszs56oFvBYQTuOMsmVnAVRlYtXjVv5UeJB7Z4A
/aearrxplkOJ4QCLRjqV0z0u1flEkObII2Fxr2FS7Tc+dVlyyM90vaC5DWFw
-----END CERTIFICATE-----
Generated at Tue Nov 5 19:27:10 2024 by rpki-client on console-ams.rpki-client.org