Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/aXZvSAFpRSFamep-ltqtDqo4jP0.roa
File: aXZvSAFpRSFamep-ltqtDqo4jP0.roa (raw, json)
Hash identifier: rw8dfbd54EjHpaeyEUG3scSWzGF/P3oXGm343jDqT90=
Subject key identifier: 69:76:6F:48:01:69:45:21:5A:99:EA:7E:96:DA:AD:0E:AA:38:8C:FD
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01856F26D8B68F62EE986750BF4E5262E1B3
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/aXZvSAFpRSFamep-ltqtDqo4jP0.roa
Signing time: Sun 01 Jan 2023 21:04:54 +0000
ROA not before: Sun 01 Jan 2023 21:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34702
IP address blocks: 37.252.4.0/23 maxlen: 23
176.97.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:d8:b6:8f:62:ee:98:67:50:bf:4e:52:62:e1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 1 21:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69766f48016945215a99ea7e96daad0eaa388cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:48:df:b1:be:d1:77:27:7f:8d:ae:60:b8:51:
91:a7:e4:9d:07:2e:49:11:76:b0:26:9e:33:9e:44:
db:7b:a9:c1:8c:37:28:3d:7e:8a:9e:e7:da:1e:0e:
1d:6e:e3:4c:f1:19:08:60:5d:73:d2:63:71:fa:4f:
1f:8c:dd:79:36:9c:33:58:e4:e9:1f:be:7c:8d:50:
e6:7a:fa:59:62:da:92:34:c1:68:8a:c9:fe:e6:8e:
aa:9c:c4:ab:9b:32:05:89:6c:68:b3:76:1a:e1:98:
e4:30:25:a0:c6:89:7b:20:50:b7:fa:16:82:9c:43:
09:b0:cc:b6:ae:0f:46:60:59:74:7a:ab:09:58:df:
1b:5a:b9:43:8c:29:b4:7e:cc:97:07:36:8e:45:f8:
0b:b3:f7:7e:1c:23:eb:6f:bf:0e:7a:79:73:c9:99:
70:d4:32:59:5d:3a:dc:14:73:b0:68:0f:67:66:20:
eb:7a:dd:6e:d9:36:7a:11:b7:17:97:12:d1:98:45:
f1:66:4f:a3:e1:30:db:41:69:de:1c:b4:09:12:41:
95:39:86:9e:2c:a1:73:98:fd:42:e1:5a:65:13:0b:
8d:55:27:85:02:e0:c4:9a:be:ea:05:81:2a:b5:3e:
1e:f5:73:ad:12:a7:32:b4:11:e4:bc:11:0c:a1:15:
44:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:76:6F:48:01:69:45:21:5A:99:EA:7E:96:DA:AD:0E:AA:38:8C:FD
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/aXZvSAFpRSFamep-ltqtDqo4jP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.4.0/23
176.97.74.0/24
Signature Algorithm: sha256WithRSAEncryption
34:51:f6:b9:cb:18:c6:15:47:1c:ab:62:91:e8:c5:f4:13:19:
d4:c5:9b:60:27:50:31:90:d4:37:4a:c0:b1:6a:81:4a:61:a9:
ee:10:94:23:08:bc:64:84:6d:6a:94:61:ab:ea:8c:9c:3c:20:
60:fb:e1:9c:6b:f6:f6:e3:d7:02:d8:81:9e:7a:ad:7b:02:37:
e9:f0:ed:55:98:76:2c:a5:a5:3a:ff:4d:02:c1:03:21:15:4d:
d4:23:86:8b:0b:12:fd:d5:4f:8f:46:f9:b3:c1:5d:89:b2:ce:
44:68:f4:53:a7:e6:a6:d5:e9:fb:32:d6:70:b1:ee:3d:b9:b4:
1c:3c:6c:86:61:55:70:1e:ff:e7:10:4b:56:50:a4:a5:9d:74:
e9:89:55:dc:5a:b4:47:66:80:cb:2b:0b:3e:26:45:db:5a:a2:
0d:cd:53:60:1d:83:fe:72:82:5e:dd:d3:e7:66:7e:97:be:43:
19:c8:21:97:17:18:2f:f3:bd:4f:29:7d:f0:e4:c6:52:e3:ae:
38:c5:aa:03:ca:c5:de:d7:80:64:dd:b0:50:e7:89:41:7d:ab:
f6:0b:a4:60:99:a5:65:dd:8f:cc:ee:79:98:f3:f7:cd:73:0e:
c3:5c:33:6e:7b:df:1a:1e:ca:fc:0f:72:8d:1e:4b:b8:e8:35:
42:b0:c1:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvJti2j2LumGdQv05SYuGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjMwMTAxMjEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc2NmY0ODAxNjk0NTIxNWE5OWVhN2U5NmRhYWQwZWFhMzg4Y2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ejfsb7Rdyd/ja5guFGRp+SdBy5J
EXawJp4znkTbe6nBjDcoPX6KnufaHg4dbuNM8RkIYF1z0mNx+k8fjN15NpwzWOTp
H758jVDmevpZYtqSNMFoisn+5o6qnMSrmzIFiWxos3Ya4ZjkMCWgxol7IFC3+haC
nEMJsMy2rg9GYFl0eqsJWN8bWrlDjCm0fsyXBzaORfgLs/d+HCPrb78OenlzyZlw
1DJZXTrcFHOwaA9nZiDret1u2TZ6EbcXlxLRmEXxZk+j4TDbQWneHLQJEkGVOYae
LKFzmP1C4VplEwuNVSeFAuDEmr7qBYEqtT4e9XOtEqcytBHkvBEMoRVEcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGl2b0gBaUUhWpnqfpbarQ6qOIz9MB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvYVhadlNBRnBSU0ZhbWVwLWx0cXREcW80alAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJfwEAwQA
sGFKMA0GCSqGSIb3DQEBCwUAA4IBAQA0Ufa5yxjGFUccq2KR6MX0ExnUxZtgJ1Ax
kNQ3SsCxaoFKYanuEJQjCLxkhG1qlGGr6oycPCBg++Gca/b249cC2IGeeq17Ajfp
8O1VmHYspaU6/00CwQMhFU3UI4aLCxL91U+PRvmzwV2Jss5EaPRTp+am1en7MtZw
se49ubQcPGyGYVVwHv/nEEtWUKSlnXTpiVXcWrRHZoDLKws+JkXbWqINzVNgHYP+
coJe3dPnZn6XvkMZyCGXFxgv871PKX3w5MZS4644xaoDysXe14Bk3bBQ54lBfav2
C6RgmaVl3Y/M7nmY8/fNcw7DXDNue98aHsr8D3KNHku46DVCsMGc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:42 2024 by rpki-client on console-ams.rpki-client.org