Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/roHxx5VsAbemUcUUJKbQhgmq3d0.roa
File: roHxx5VsAbemUcUUJKbQhgmq3d0.roa (raw, json)
Hash identifier: 4flGrJKRLO/BYIBPMhY7ugdcNUrsIFFdV0d3WmEFlI0=
Subject key identifier: AE:81:F1:C7:95:6C:01:B7:A6:51:C5:14:24:A6:D0:86:09:AA:DD:DD
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018C82B012574B8EAD154731C5644FAB52C4
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/roHxx5VsAbemUcUUJKbQhgmq3d0.roa
Signing time: Tue 19 Dec 2023 15:27:06 +0000
ROA not before: Tue 19 Dec 2023 15:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204720
IP address blocks: 37.18.15.0/24 maxlen: 24
37.18.14.0/24 maxlen: 24
46.243.232.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:b0:12:57:4b:8e:ad:15:47:31:c5:64:4f:ab:52:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Dec 19 15:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae81f1c7956c01b7a651c51424a6d08609aadddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f2:c4:ef:d2:5e:99:f3:0a:be:d6:80:5e:f6:
d3:84:db:a8:93:de:0d:b3:d5:c8:1a:06:6f:9f:a3:
82:ba:6d:4a:c7:8d:13:e9:f0:c7:c8:a0:a4:54:ef:
99:22:d9:a6:a6:2d:52:95:2e:10:19:ad:61:e2:26:
1e:a6:8b:7b:4c:06:01:e1:18:c7:ed:74:81:47:8a:
e3:ea:ed:07:5c:5b:e5:fc:34:81:3a:72:01:0d:aa:
e9:65:aa:c8:2c:30:f5:11:2d:61:a3:6d:a4:13:8e:
a6:3b:ea:91:2a:59:e3:57:75:ca:e8:18:60:0f:e4:
ef:ee:ed:97:96:1d:03:20:bc:3e:80:5d:a1:a0:dc:
a9:54:ba:2c:ac:53:2c:54:c9:4a:28:a3:4f:07:d4:
99:b0:9e:c8:ae:d1:54:42:48:dd:50:ab:09:dc:e3:
7b:65:1f:41:29:22:f3:a6:be:7d:7f:86:b4:0c:10:
cc:dd:d1:e8:db:f3:a6:3f:fb:d8:65:8f:09:fa:37:
54:ba:dd:b5:e6:66:57:67:55:04:7d:3a:ae:f6:df:
d4:ce:be:c0:47:24:cb:e5:86:e8:22:9c:58:46:7a:
cb:45:9e:76:c6:01:f9:c8:af:3b:00:ca:f8:95:4a:
c4:ad:c6:d3:6b:41:92:f9:a0:7d:a6:c3:48:c8:af:
b4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:81:F1:C7:95:6C:01:B7:A6:51:C5:14:24:A6:D0:86:09:AA:DD:DD
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/roHxx5VsAbemUcUUJKbQhgmq3d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.14.0/23
46.243.232.0/22
Signature Algorithm: sha256WithRSAEncryption
39:69:a3:e1:c0:e5:19:f0:4f:de:21:5e:3b:6b:5a:c5:af:cc:
02:bb:51:4d:9e:90:63:fb:48:a5:21:89:fa:6c:b6:15:a9:ad:
d2:98:05:86:25:44:56:43:91:19:ed:2d:03:73:de:dc:f7:67:
5d:d0:93:8c:34:be:8c:28:b8:75:85:c5:94:9c:bf:8d:15:2e:
10:40:c0:66:d3:f8:33:2e:d5:72:74:40:ab:97:1d:21:ba:27:
0f:5d:16:d3:d7:40:02:1b:9f:17:f3:d7:94:2c:5f:30:8f:e1:
c3:eb:c4:c6:db:22:c9:a2:b4:b5:08:9a:e3:95:d1:01:a0:e9:
0b:4e:21:ed:fe:6b:c2:96:fe:a2:f0:53:17:79:cc:81:61:68:
48:e1:6c:5f:a3:f6:f4:6c:c0:61:27:60:cb:36:44:10:8f:b8:
ab:e1:32:28:cc:d9:98:cf:c6:0e:54:ba:be:4f:ae:c7:16:36:
c9:47:ea:ec:dd:5e:f6:f2:5b:cd:c4:b9:75:4e:e8:cc:ea:0f:
44:69:83:fc:85:cc:e9:da:ba:79:d0:07:ae:25:ec:ff:3e:9e:
0e:3d:81:e2:12:cf:7b:81:bf:16:de:15:6f:07:21:21:5d:36:
bc:a3:91:5c:03:99:9e:4c:32:1c:bc:09:cc:b9:33:4e:07:65:
23:5f:40:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyCsBJXS46tFUcxxWRPq1LEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMxMjE5MTUyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTgxZjFjNzk1NmMwMWI3YTY1MWM1MTQyNGE2ZDA4NjA5YWFkZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfLE79JemfMKvtaAXvbThNuok94N
s9XIGgZvn6OCum1Kx40T6fDHyKCkVO+ZItmmpi1SlS4QGa1h4iYepot7TAYB4RjH
7XSBR4rj6u0HXFvl/DSBOnIBDarpZarILDD1ES1ho22kE46mO+qRKlnjV3XK6Bhg
D+Tv7u2Xlh0DILw+gF2hoNypVLosrFMsVMlKKKNPB9SZsJ7IrtFUQkjdUKsJ3ON7
ZR9BKSLzpr59f4a0DBDM3dHo2/OmP/vYZY8J+jdUut215mZXZ1UEfTqu9t/Uzr7A
RyTL5YboIpxYRnrLRZ52xgH5yK87AMr4lUrErcbTa0GS+aB9psNIyK+08wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK6B8ceVbAG3plHFFCSm0IYJqt3dMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvcm9IeHg1VnNBYmVtVWNVVUpLYlFoZ21xM2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJRIOAwQC
LvPoMA0GCSqGSIb3DQEBCwUAA4IBAQA5aaPhwOUZ8E/eIV47a1rFr8wCu1FNnpBj
+0ilIYn6bLYVqa3SmAWGJURWQ5EZ7S0Dc97c92dd0JOMNL6MKLh1hcWUnL+NFS4Q
QMBm0/gzLtVydECrlx0huicPXRbT10ACG58X89eULF8wj+HD68TG2yLJorS1CJrj
ldEBoOkLTiHt/mvClv6i8FMXecyBYWhI4Wxfo/b0bMBhJ2DLNkQQj7ir4TIozNmY
z8YOVLq+T67HFjbJR+rs3V728lvNxLl1TujM6g9EaYP8hczp2rp50AeuJez/Pp4O
PYHiEs97gb8W3hVvByEhXTa8o5FcA5meTDIcvAnMuTNOB2UjX0CU
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:50 2024 by rpki-client on console-fra.rpki-client.org