Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IaqBcGKvqdSJroNH-p_31c9--n0.roa
File: IaqBcGKvqdSJroNH-p_31c9--n0.roa (raw, json)
Hash identifier: Y84NThEG5BfP+2o/L33zvWldTqI56NjsDY201rHKrig=
Subject key identifier: 21:AA:81:70:62:AF:A9:D4:89:AE:83:47:FA:9F:F7:D5:CF:7E:FA:7D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01925742CE70A9214E25BB0EE9CECA366528
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IaqBcGKvqdSJroNH-p_31c9--n0.roa
Signing time: Fri 04 Oct 2024 11:20:48 +0000
ROA not before: Fri 04 Oct 2024 11:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Dec 2024 10:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:57:42:ce:70:a9:21:4e:25:bb:0e:e9:ce:ca:36:65:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 4 11:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21aa817062afa9d489ae8347fa9ff7d5cf7efa7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8e:e1:96:f2:c6:07:6d:73:a7:b1:f0:65:94:
14:d3:16:f5:3d:8e:0c:d3:6c:29:b2:ab:3a:3f:38:
5b:fc:75:99:7e:7b:57:c3:c1:76:9d:39:5b:06:8f:
b8:6a:9a:5a:a2:4d:ad:a5:75:7a:8f:cb:47:a5:d0:
be:18:7a:d3:97:84:2f:25:18:d3:c0:0a:9d:19:18:
ad:82:fa:7e:6c:73:3d:4a:44:ac:1a:db:d2:6e:96:
ac:9b:89:04:64:f0:6e:2f:04:aa:99:b0:f8:f7:70:
b7:70:52:c2:bf:91:e0:01:f6:6b:71:75:cd:fa:93:
2e:c6:02:0a:91:f7:c0:ca:3a:e2:18:6f:55:1c:d7:
b2:4e:2d:a9:81:04:24:0a:5c:3f:41:88:fa:58:25:
4c:cf:ef:59:52:b7:b3:fb:a8:55:84:57:4f:d0:b9:
3a:cb:31:e4:86:77:91:ff:4d:4d:e2:23:2d:4e:ac:
8f:e0:ef:1c:ab:29:ef:81:53:85:c3:63:1f:39:8e:
2e:89:c3:58:b6:f1:7b:ee:e0:b4:8b:cd:be:cf:0e:
f3:c5:6d:e1:fc:dd:d0:4f:8f:d4:2a:6b:e5:b4:db:
95:99:1d:51:f0:c9:96:93:df:39:36:d1:67:15:9f:
ee:47:ba:60:60:26:ff:cb:a6:51:08:86:2b:ac:f9:
f1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:AA:81:70:62:AF:A9:D4:89:AE:83:47:FA:9F:F7:D5:CF:7E:FA:7D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IaqBcGKvqdSJroNH-p_31c9--n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
Signature Algorithm: sha256WithRSAEncryption
3e:cf:e9:9a:b7:8e:7a:98:ff:4c:b0:00:9d:77:ff:ce:98:17:
c6:92:75:55:4e:b4:75:1c:04:e2:cd:db:35:f7:09:04:84:90:
d1:7c:52:15:8d:dc:94:de:28:25:6f:e6:63:26:ee:03:8a:c3:
c6:9d:cf:25:96:74:de:e4:6d:e4:71:e9:b5:09:5f:65:6b:62:
58:90:7c:86:4a:b8:30:1c:45:0a:76:f1:3b:b8:5f:7a:57:2c:
25:60:26:5c:f7:f8:8d:55:24:6e:76:c4:08:6f:e0:02:29:10:
6d:9e:ab:15:d3:7c:29:f2:09:32:e4:d8:d1:20:37:f9:ff:52:
40:a9:2b:c7:d0:fb:2a:de:13:ad:c8:85:4f:af:71:27:28:9d:
01:0b:e5:75:d6:8a:ef:d2:46:8e:77:ef:78:77:c6:28:ec:80:
d4:2f:29:fb:70:2d:4d:5a:74:94:36:9d:69:c5:4f:01:2d:dc:
dc:40:1b:14:84:85:56:8d:5e:7f:9d:31:e7:5f:51:21:97:7a:
cd:a0:a1:9c:1d:ae:62:e4:b7:0a:fc:7e:f8:33:e3:75:9d:2a:
e0:34:84:ac:39:10:dd:6f:d6:d5:44:52:fa:3c:a0:fc:d5:3e:
fc:10:c4:0c:4a:5c:62:36:da:7d:53:c9:3a:80:87:58:5a:f3:
02:45:e8:44
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJXQs5wqSFOJbsO6c7KNmUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMDA0MTEyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWFhODE3MDYyYWZhOWQ0ODlhZTgzNDdmYTlmZjdkNWNmN2VmYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo7hlvLGB21zp7HwZZQU0xb1PY4M
02wpsqs6Pzhb/HWZfntXw8F2nTlbBo+4appaok2tpXV6j8tHpdC+GHrTl4QvJRjT
wAqdGRitgvp+bHM9SkSsGtvSbpasm4kEZPBuLwSqmbD493C3cFLCv5HgAfZrcXXN
+pMuxgIKkffAyjriGG9VHNeyTi2pgQQkClw/QYj6WCVMz+9ZUrez+6hVhFdP0Lk6
yzHkhneR/01N4iMtTqyP4O8cqynvgVOFw2MfOY4uicNYtvF77uC0i82+zw7zxW3h
/N3QT4/UKmvltNuVmR1R8MmWk985NtFnFZ/uR7pgYCb/y6ZRCIYrrPnxaQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCGqgXBir6nUia6DR/qf99XPfvp9MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSWFxQmNHS3ZxZFNKcm9OSC1wXzMxYzktLW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAJcrBMAwD
BAAlysMDBAElysgwDQYJKoZIhvcNAQELBQADggEBAD7P6Zq3jnqY/0ywAJ13/86Y
F8aSdVVOtHUcBOLN2zX3CQSEkNF8UhWN3JTeKCVv5mMm7gOKw8adzyWWdN7kbeRx
6bUJX2VrYliQfIZKuDAcRQp28Tu4X3pXLCVgJlz3+I1VJG52xAhv4AIpEG2eqxXT
fCnyCTLk2NEgN/n/UkCpK8fQ+yreE63IhU+vcSconQEL5XXWiu/SRo5373h3xijs
gNQvKftwLU1adJQ2nWnFTwEt3NxAGxSEhVaNXn+dMedfUSGXes2goZwdrmLktwr8
fvgz43WdKuA0hKw5EN1v1tVEUvo8oPzVPvwQxAxKXGI22n1TyTqAh1ha8wJF6EQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:14:41 2025 by rpki-client