Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/h4C5gmYR_3_D7jsvrFpU5zCT0pY.roa
File: h4C5gmYR_3_D7jsvrFpU5zCT0pY.roa (raw, json)
Hash identifier: 3zygb5S+5+UrK3yuDJ6Kub0x8VHPSddMtTr1Ynx/lzQ=
Subject key identifier: 87:80:B9:82:66:11:FF:7F:C3:EE:3B:2F:AC:5A:54:E7:30:93:D2:96
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01856F26DB42BFF698C9BCC93C3595630031
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/h4C5gmYR_3_D7jsvrFpU5zCT0pY.roa
Signing time: Sun 01 Jan 2023 21:04:55 +0000
ROA not before: Sun 01 Jan 2023 21:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59627
IP address blocks: 37.252.2.0/24 maxlen: 24
37.252.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:db:42:bf:f6:98:c9:bc:c9:3c:35:95:63:00:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 1 21:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8780b9826611ff7fc3ee3b2fac5a54e73093d296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:74:13:d2:ac:94:ee:7d:7e:e5:45:82:24:e8:
33:48:eb:cb:db:6d:fc:da:a3:3a:d0:3b:03:af:79:
13:6b:0b:e7:97:56:05:ea:73:fe:7b:45:bc:ba:34:
d2:15:5b:fd:c8:96:e3:03:ff:97:71:74:40:de:f7:
a5:8a:f0:5e:21:a2:79:6d:8e:90:32:97:5c:d0:7b:
06:fb:df:d0:8b:b7:4c:72:94:8f:a2:be:9a:ca:4a:
b6:d2:40:de:c2:14:c2:bb:5c:8b:35:78:50:86:22:
e2:92:f2:12:70:49:ab:8c:78:98:26:94:6c:ce:ad:
aa:d1:9e:db:25:58:a5:c0:d1:d9:d9:d7:e3:54:23:
7a:00:70:7a:f5:a1:5c:4e:d7:9d:b8:30:0a:56:d3:
5a:2b:98:1d:0a:59:f0:ef:e7:3b:bd:83:27:d9:ee:
5d:c9:21:c1:e4:ce:ce:98:74:90:5c:b3:ac:2a:7a:
20:fa:72:81:47:29:74:fb:ec:56:16:b1:38:e7:ae:
cc:6a:a7:fd:52:cd:55:39:b3:86:0b:cd:c0:d3:9b:
e0:9b:ce:8f:af:6e:72:90:1d:b4:88:17:f2:ed:89:
ed:fc:9e:b3:47:97:cf:f0:e0:c7:d9:0d:f5:3d:15:
99:a2:e2:88:fe:ae:26:0d:38:24:7f:55:b7:6d:7e:
8a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:80:B9:82:66:11:FF:7F:C3:EE:3B:2F:AC:5A:54:E7:30:93:D2:96
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/h4C5gmYR_3_D7jsvrFpU5zCT0pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.2.0/24
37.252.12.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:5c:7d:7b:9a:12:9c:07:68:ed:e8:ea:93:0e:6a:09:e8:08:
cb:b3:b2:7e:70:f2:bf:22:48:92:e3:8f:bd:f2:c6:de:d1:93:
d3:f1:1c:6f:5a:dd:96:25:54:a1:ce:0f:88:5d:b5:c8:23:c0:
5d:47:8d:55:00:af:95:0e:f0:c1:1f:56:7f:fb:08:9f:42:6c:
6e:31:d7:15:b8:77:ec:0b:70:92:e8:d8:4f:5d:fc:12:ff:bb:
23:c9:4e:a2:9d:a8:5b:e6:26:92:f3:f5:cf:e5:50:71:e7:1b:
51:c9:eb:ec:f1:e5:41:23:94:f7:4e:2c:40:46:bd:da:25:f5:
37:0b:a6:57:50:64:73:36:60:a5:73:cf:2b:e0:bd:b7:ec:e7:
f8:48:3c:80:5d:a4:6a:af:f4:a5:c5:1b:4a:e2:84:48:79:a3:
55:9e:fa:72:a8:80:fe:93:33:f2:ee:47:a5:5e:38:60:0d:ea:
14:cd:8f:29:65:c6:67:e2:c0:d4:50:90:e3:3b:f8:a4:8f:3c:
e3:03:e9:2b:1b:5b:aa:32:2a:84:6e:fa:ea:a2:1a:2e:92:30:
ab:8a:76:98:23:2e:5b:6c:a9:49:52:bd:ec:d0:b8:fe:46:e6:
87:1f:b0:92:12:b1:9e:4a:fb:68:03:db:7f:77:74:49:e1:3f:
8f:1d:71:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvJttCv/aYybzJPDWVYwAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjMwMTAxMjEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzgwYjk4MjY2MTFmZjdmYzNlZTNiMmZhYzVhNTRlNzMwOTNkMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3QT0qyU7n1+5UWCJOgzSOvL2238
2qM60DsDr3kTawvnl1YF6nP+e0W8ujTSFVv9yJbjA/+XcXRA3velivBeIaJ5bY6Q
Mpdc0HsG+9/Qi7dMcpSPor6aykq20kDewhTCu1yLNXhQhiLikvIScEmrjHiYJpRs
zq2q0Z7bJVilwNHZ2dfjVCN6AHB69aFcTteduDAKVtNaK5gdClnw7+c7vYMn2e5d
ySHB5M7OmHSQXLOsKnog+nKBRyl0++xWFrE4567Maqf9Us1VObOGC83A05vgm86P
r25ykB20iBfy7Ynt/J6zR5fP8ODH2Q31PRWZouKI/q4mDTgkf1W3bX6KEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIeAuYJmEf9/w+47L6xaVOcwk9KWMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvaDRDNWdtWVJfM19EN2pzdnJGcFU1ekNUMHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJfwCAwQA
JfwMMA0GCSqGSIb3DQEBCwUAA4IBAQDYXH17mhKcB2jt6OqTDmoJ6AjLs7J+cPK/
IkiS44+98sbe0ZPT8RxvWt2WJVShzg+IXbXII8BdR41VAK+VDvDBH1Z/+wifQmxu
MdcVuHfsC3CS6NhPXfwS/7sjyU6inahb5iaS8/XP5VBx5xtRyevs8eVBI5T3TixA
Rr3aJfU3C6ZXUGRzNmClc88r4L237Of4SDyAXaRqr/SlxRtK4oRIeaNVnvpyqID+
kzPy7kelXjhgDeoUzY8pZcZn4sDUUJDjO/ikjzzjA+krG1uqMiqEbvrqohoukjCr
inaYIy5bbKlJUr3s0Lj+RuaHH7CSErGeSvtoA9t/d3RJ4T+PHXFK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:44 2024 by rpki-client on console-fra.rpki-client.org