Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/aRPIckANOlQW_zef8F3NaCRoZrI.roa
File: aRPIckANOlQW_zef8F3NaCRoZrI.roa (raw, json)
Hash identifier: m9Zaw/JvrezmlYs+kocCmjsXh+Kmd3KpiqNqvCWf1ic=
Subject key identifier: 69:13:C8:72:40:0D:3A:54:16:FF:37:9F:F0:5D:CD:68:24:68:66:B2
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018AD23B29896D706D1CFE2CFFAAF7B63559
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/aRPIckANOlQW_zef8F3NaCRoZrI.roa
Signing time: Tue 26 Sep 2023 16:03:27 +0000
ROA not before: Tue 26 Sep 2023 16:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34597
IP address blocks: 37.230.246.0/24 maxlen: 24
141.101.243.0/24 maxlen: 24
37.230.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d2:3b:29:89:6d:70:6d:1c:fe:2c:ff:aa:f7:b6:35:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Sep 26 16:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6913c872400d3a5416ff379ff05dcd68246866b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:49:75:de:d9:41:bc:fb:c5:43:dc:bf:e1:
ca:3d:9f:0a:0c:3f:a9:fd:31:c3:c7:0c:99:4d:eb:
8a:ef:64:9c:bd:bb:92:86:c4:75:1c:d8:74:68:f9:
02:cf:b8:df:4a:db:51:29:7c:28:e2:9f:1c:8d:dc:
37:e0:43:fa:5d:57:49:75:c7:b2:6c:e2:e2:cb:a4:
1d:f3:ce:06:07:04:44:55:fc:37:ff:20:1c:7e:c1:
b2:05:04:28:0c:b5:c4:81:f1:15:e6:f5:b0:28:8f:
74:1b:97:93:da:29:19:87:8c:fe:04:85:a4:dc:2f:
ee:a4:9c:0d:84:5f:e0:a6:95:e8:60:dc:64:79:72:
c9:db:a8:66:6f:a8:fa:23:e9:69:bc:22:2c:80:ed:
20:f4:b3:47:ff:82:9f:22:f6:af:e0:7d:01:92:bf:
68:d6:4c:0f:4d:51:41:cb:08:ae:02:2c:b1:bd:da:
e3:89:7c:e7:cb:f2:17:94:00:c8:69:a7:c2:c9:6b:
a1:44:c3:71:3e:8a:ea:ae:35:89:a9:b0:92:4d:63:
d1:61:83:fb:4e:a7:f5:c1:27:32:4e:48:b2:5a:1b:
26:95:20:50:ea:03:5e:c3:d9:b3:ce:ba:c1:6e:58:
91:55:6b:2c:8b:da:63:8c:2e:45:06:1c:e0:7a:ad:
25:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:13:C8:72:40:0D:3A:54:16:FF:37:9F:F0:5D:CD:68:24:68:66:B2
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/aRPIckANOlQW_zef8F3NaCRoZrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.232.0/24
37.230.246.0/24
141.101.243.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:eb:44:9f:aa:fc:a2:18:a1:de:3e:b7:9f:20:c8:2f:77:a5:
87:68:ef:04:c7:57:6d:a1:82:3b:25:49:c4:b0:88:22:74:4b:
87:61:4d:86:c9:7d:a6:72:be:d6:a4:0c:34:db:bc:d3:84:a6:
45:0d:e1:83:a6:43:ae:63:37:86:32:37:1b:b4:38:c2:45:da:
53:67:cf:fa:bd:a0:bf:47:ba:d0:e1:44:c3:60:d6:f2:1c:d2:
a2:39:56:e5:7c:3e:1b:ed:f3:d6:58:03:8c:bc:f8:a6:90:99:
68:d7:b9:d2:43:a5:47:b2:60:35:d7:f3:5b:83:cd:df:c8:a4:
8f:9f:dd:60:02:5e:f4:1e:ec:93:0c:c2:7a:7f:ab:d5:70:94:
91:45:29:47:13:89:16:e7:b4:58:46:b5:68:17:d9:28:6e:30:
a1:d0:8b:aa:26:b7:8b:35:fb:c0:58:f1:59:49:54:da:8c:4a:
b1:ef:f4:b3:c1:11:0c:46:34:b6:8d:36:d4:e1:37:7a:82:a6:
26:37:64:5f:e7:e5:d6:05:44:ed:19:12:6f:b5:9c:25:4d:b6:
a6:11:32:95:bb:7c:ce:f7:34:cb:ce:90:70:7a:b0:ca:fd:9c:
17:d4:e0:87:d3:0c:4b:93:16:61:9c:b1:e1:26:cf:81:a0:61:
37:dd:62:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrSOymJbXBtHP4s/6r3tjVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwOTI2MTYwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTEzYzg3MjQwMGQzYTU0MTZmZjM3OWZmMDVkY2Q2ODI0Njg2NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7JJdd7ZQbz7xUPcv+HKPZ8KDD+p
/THDxwyZTeuK72ScvbuShsR1HNh0aPkCz7jfSttRKXwo4p8cjdw34EP6XVdJdcey
bOLiy6Qd884GBwREVfw3/yAcfsGyBQQoDLXEgfEV5vWwKI90G5eT2ikZh4z+BIWk
3C/upJwNhF/gppXoYNxkeXLJ26hmb6j6I+lpvCIsgO0g9LNH/4KfIvav4H0Bkr9o
1kwPTVFBywiuAiyxvdrjiXzny/IXlADIaafCyWuhRMNxPorqrjWJqbCSTWPRYYP7
Tqf1wScyTkiyWhsmlSBQ6gNew9mzzrrBbliRVWssi9pjjC5FBhzgeq0lVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGkTyHJADTpUFv83n/BdzWgkaGayMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvYVJQSWNrQU5PbFFXX3plZjhGM05hQ1JvWnJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJeboAwQA
Jeb2AwQAjWXzMA0GCSqGSIb3DQEBCwUAA4IBAQC060SfqvyiGKHePrefIMgvd6WH
aO8Ex1dtoYI7JUnEsIgidEuHYU2GyX2mcr7WpAw027zThKZFDeGDpkOuYzeGMjcb
tDjCRdpTZ8/6vaC/R7rQ4UTDYNbyHNKiOVblfD4b7fPWWAOMvPimkJlo17nSQ6VH
smA11/Nbg83fyKSPn91gAl70HuyTDMJ6f6vVcJSRRSlHE4kW57RYRrVoF9kobjCh
0IuqJreLNfvAWPFZSVTajEqx7/SzwREMRjS2jTbU4Td6gqYmN2Rf5+XWBUTtGRJv
tZwlTbamETKVu3zO9zTLzpBwerDK/ZwX1OCH0wxLkxZhnLHhJs+BoGE33WJP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org