Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/372ngbIs98Rz6ubfWUd_UVxiVF4.roa
File: 372ngbIs98Rz6ubfWUd_UVxiVF4.roa (raw, json)
Hash identifier: okUMZZPwrDF+30/HqNK2vrsmnyfQ2I5zycboneaK3rw=
Subject key identifier: DF:BD:A7:81:B2:2C:F7:C4:73:EA:E6:DF:59:47:7F:51:5C:62:54:5E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0193B5442705556E1A45D3E10AE1E45BBC2F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/372ngbIs98Rz6ubfWUd_UVxiVF4.roa
Signing time: Wed 11 Dec 2024 10:29:22 +0000
ROA not before: Wed 11 Dec 2024 10:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31715
IP address blocks: 37.202.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:44:27:05:55:6e:1a:45:d3:e1:0a:e1:e4:5b:bc:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Dec 11 10:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfbda781b22cf7c473eae6df59477f515c62545e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:60:39:ee:95:dd:b6:d2:ba:df:8c:d9:af:7a:
29:94:6c:6c:d9:4e:1f:c9:57:61:68:e7:a8:5d:8b:
bd:93:d2:72:3f:b3:90:80:25:c0:b4:f7:78:85:82:
2e:5d:b3:4e:49:6d:25:b3:9c:2c:00:13:3c:bb:8a:
02:7f:ba:fc:3e:ac:5b:fd:b3:60:26:bf:ae:0e:99:
c2:59:1e:b7:6e:92:a3:62:8f:9f:45:37:40:bd:8d:
12:f6:86:a1:9b:c9:cc:f1:e2:e4:a6:50:da:08:23:
f6:94:3b:59:b7:3f:65:5c:57:eb:69:9a:1e:40:26:
20:70:1d:94:97:6f:66:b4:bb:0a:0d:2c:43:5e:a0:
9d:77:ba:44:f0:42:d0:b2:d9:01:43:68:f9:3c:23:
49:f1:da:dd:8c:0c:35:c7:0a:ae:e5:01:23:e4:d9:
10:91:7f:7b:d4:2a:1e:78:52:0a:6d:f0:8b:67:88:
c7:80:ed:ba:4b:93:58:ce:64:23:0f:b5:af:a7:f9:
a7:7c:2f:23:f0:02:9f:74:6e:89:6c:cc:16:fa:03:
b3:14:97:67:83:e8:98:a2:19:8d:b6:2b:17:ae:34:
13:a6:19:78:9b:3a:9d:70:a4:67:a8:5a:b4:29:05:
97:12:9d:aa:68:87:e5:a0:9e:8a:a8:e0:f3:6f:da:
f8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:BD:A7:81:B2:2C:F7:C4:73:EA:E6:DF:59:47:7F:51:5C:62:54:5E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/372ngbIs98Rz6ubfWUd_UVxiVF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.192.0/24
Signature Algorithm: sha256WithRSAEncryption
12:c7:67:cc:91:00:29:32:c5:f2:8c:23:38:0f:3d:d8:1f:2a:
ba:e0:a9:d4:34:bf:c0:35:b1:b9:81:d8:d9:92:b1:bf:29:66:
20:5d:57:87:de:ff:50:6d:00:f4:e4:e6:9a:39:57:8e:71:01:
6a:60:d1:47:0d:b3:43:39:4f:af:b3:b4:20:69:ba:a7:45:06:
98:8a:d0:f9:98:76:4c:17:7f:f9:7f:ba:c6:07:d4:a6:6c:20:
60:a4:cc:cf:d2:76:f4:a8:15:5d:67:c7:fe:a5:62:b3:5a:4e:
bf:09:42:62:96:87:50:ad:81:ec:70:f5:aa:6c:da:9a:00:9f:
19:61:6f:47:47:39:b8:27:f3:c5:ea:d4:e2:84:3b:e3:6b:c6:
90:f1:ff:1d:2a:f9:5c:db:24:20:24:15:94:08:0b:30:23:b2:
5d:9b:06:91:4e:c5:a6:c7:cb:81:08:27:76:65:d0:3a:a6:4a:
3e:5d:6a:3f:a6:9e:ae:df:e6:b8:50:be:3a:01:e9:49:36:da:
d0:e3:19:d6:8a:2f:5b:80:af:cb:be:ee:cf:c4:cd:f9:b5:d0:
a2:c6:2c:bd:3b:ef:37:43:93:74:0b:bd:6e:db:c7:13:c6:41:
12:e6:b9:53:0b:8d:24:28:41:04:45:30:be:96:47:a0:21:d8:
56:08:fe:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO1RCcFVW4aRdPhCuHkW7wvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMjExMTAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmJkYTc4MWIyMmNmN2M0NzNlYWU2ZGY1OTQ3N2Y1MTVjNjI1NDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGA57pXdttK634zZr3oplGxs2U4f
yVdhaOeoXYu9k9JyP7OQgCXAtPd4hYIuXbNOSW0ls5wsABM8u4oCf7r8Pqxb/bNg
Jr+uDpnCWR63bpKjYo+fRTdAvY0S9oahm8nM8eLkplDaCCP2lDtZtz9lXFfraZoe
QCYgcB2Ul29mtLsKDSxDXqCdd7pE8ELQstkBQ2j5PCNJ8drdjAw1xwqu5QEj5NkQ
kX971CoeeFIKbfCLZ4jHgO26S5NYzmQjD7Wvp/mnfC8j8AKfdG6JbMwW+gOzFJdn
g+iYohmNtisXrjQTphl4mzqdcKRnqFq0KQWXEp2qaIfloJ6KqODzb9r4RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+9p4GyLPfEc+rm31lHf1FcYlReMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMzcybmdiSXM5OFJ6NnViZldVZF9VVnhpVkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcrAMA0G
CSqGSIb3DQEBCwUAA4IBAQASx2fMkQApMsXyjCM4Dz3YHyq64KnUNL/ANbG5gdjZ
krG/KWYgXVeH3v9QbQD05OaaOVeOcQFqYNFHDbNDOU+vs7QgabqnRQaYitD5mHZM
F3/5f7rGB9SmbCBgpMzP0nb0qBVdZ8f+pWKzWk6/CUJilodQrYHscPWqbNqaAJ8Z
YW9HRzm4J/PF6tTihDvja8aQ8f8dKvlc2yQgJBWUCAswI7JdmwaRTsWmx8uBCCd2
ZdA6pko+XWo/pp6u3+a4UL46AelJNtrQ4xnWii9bgK/Lvu7PxM35tdCixiy9O+83
Q5N0C71u28cTxkES5rlTC40kKEEERTC+lkegIdhWCP5S
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:41:04 2025 by rpki-client