Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OzkyL3c8khgFxCFMKGSvcPOdqfI.roa
File: OzkyL3c8khgFxCFMKGSvcPOdqfI.roa (raw, json)
Hash identifier: 3YCvkVVsVGz4TeO7glqEb5LPOZuZd9PpRyFg1utYae8=
Subject key identifier: 3B:39:32:2F:77:3C:92:18:05:C4:21:4C:28:64:AF:70:F3:9D:A9:F2
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0193B5651B7AC3FBF585ED0908DF82D8773C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OzkyL3c8khgFxCFMKGSvcPOdqfI.roa
Signing time: Wed 11 Dec 2024 11:05:22 +0000
ROA not before: Wed 11 Dec 2024 11:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.202.204.0/24 maxlen: 24
37.202.205.0/24 maxlen: 24
37.202.206.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Dec 2024 06:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:65:1b:7a:c3:fb:f5:85:ed:09:08:df:82:d8:77:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Dec 11 11:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b39322f773c921805c4214c2864af70f39da9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2e:2c:36:7e:11:fc:17:6f:cd:b0:83:d1:65:
22:be:30:0e:29:40:b5:4d:60:f0:cd:94:fc:ce:fe:
e3:3b:88:31:71:77:82:ee:7f:af:6b:01:d3:86:84:
7c:e1:cd:50:d6:76:95:34:7b:e9:6b:80:47:2c:4a:
34:35:b8:a1:89:e1:40:0e:58:c6:fe:03:d5:97:a9:
ad:82:67:2c:bb:c7:35:10:78:8a:f2:5a:b1:9c:ed:
88:b1:91:8d:8e:52:b9:11:7f:ba:0d:30:f1:db:8c:
3a:81:3c:9b:d9:e1:26:d9:2e:1c:e8:e7:79:14:1e:
c4:ac:2a:e5:cc:78:2a:c2:55:e4:86:b7:24:80:f6:
8d:71:00:0b:4a:30:06:bd:8b:81:e1:7a:e9:28:d0:
bc:6f:19:7e:be:30:36:d4:cc:43:3d:2d:cf:a6:df:
c0:42:27:a6:b4:5e:60:00:f8:0b:bc:af:9d:d1:b1:
5b:6b:0d:e0:30:99:56:f2:c8:8f:4e:6e:76:d6:ac:
51:59:31:7e:d4:a2:bc:42:30:f4:d9:35:4d:7f:ec:
30:25:2a:53:73:67:7c:16:ca:d2:b3:c9:30:7a:35:
92:92:c4:3c:b6:55:93:70:bd:8b:11:79:7a:c0:a6:
d8:79:7d:a9:33:2d:43:47:8c:67:f3:03:b5:39:50:
b7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:39:32:2F:77:3C:92:18:05:C4:21:4C:28:64:AF:70:F3:9D:A9:F2
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OzkyL3c8khgFxCFMKGSvcPOdqfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.204.0-37.202.206.255
37.202.208.0-37.202.210.255
37.202.212.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:79:44:04:5e:12:42:e9:9d:f0:1d:a8:0b:0f:51:77:d9:50:
b4:6a:85:0f:2b:15:6a:ce:5b:7a:07:54:ff:36:97:75:c9:6d:
25:28:e3:bb:a1:fd:f3:84:e3:d9:cb:7e:07:19:d1:f8:bb:eb:
f6:48:a4:17:5a:bb:f7:d5:7c:61:df:79:1e:d3:98:54:21:36:
1f:13:26:b3:17:6f:0d:6a:bb:f6:5b:bc:31:3d:70:18:df:4c:
90:be:3c:fe:77:4f:1c:92:f6:e4:91:4a:45:14:1e:0c:ae:80:
1e:58:bc:5e:91:4b:98:a2:2d:1a:5e:01:65:18:4b:9b:d0:90:
dc:f7:32:d8:51:4e:b5:b3:67:1b:58:df:83:99:51:a2:b1:05:
ba:35:92:34:bd:b3:d5:68:2f:75:71:db:53:f7:88:3a:5c:a2:
f7:1b:c5:d0:75:d2:a3:fe:39:84:2b:46:ab:48:7a:90:3c:45:
b0:9c:86:a8:0a:cb:c2:17:99:6a:ad:18:c3:45:6e:e4:f7:fa:
61:42:da:32:09:5b:92:fc:4e:70:1a:c2:b2:37:4e:9b:d2:4c:
87:6c:47:fa:8f:bb:86:35:29:ab:b3:5f:c5:05:35:bb:83:6d:
29:96:7d:b2:7f:cb:d3:3c:31:29:87:b8:ab:a8:15:c1:bc:a8:
8f:01:cd:69
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZO1ZRt6w/v1he0JCN+C2Hc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMjExMTEwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjM5MzIyZjc3M2M5MjE4MDVjNDIxNGMyODY0YWY3MGYzOWRhOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS4sNn4R/BdvzbCD0WUivjAOKUC1
TWDwzZT8zv7jO4gxcXeC7n+vawHThoR84c1Q1naVNHvpa4BHLEo0NbihieFADljG
/gPVl6mtgmcsu8c1EHiK8lqxnO2IsZGNjlK5EX+6DTDx24w6gTyb2eEm2S4c6Od5
FB7ErCrlzHgqwlXkhrckgPaNcQALSjAGvYuB4XrpKNC8bxl+vjA21MxDPS3Ppt/A
QiemtF5gAPgLvK+d0bFbaw3gMJlW8siPTm521qxRWTF+1KK8QjD02TVNf+wwJSpT
c2d8FsrSs8kwejWSksQ8tlWTcL2LEXl6wKbYeX2pMy1DR4xn8wO1OVC31wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDs5Mi93PJIYBcQhTChkr3DznanyMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvT3preUwzYzhraGdGeENGTUtHU3ZjUE9kcWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAIlyswD
BAAlys4wDAMEBCXK0AMEACXK0gMEASXK1DANBgkqhkiG9w0BAQsFAAOCAQEAb3lE
BF4SQumd8B2oCw9Rd9lQtGqFDysVas5begdU/zaXdcltJSjju6H984Tj2ct+BxnR
+Lvr9kikF1q799V8Yd95HtOYVCE2HxMmsxdvDWq79lu8MT1wGN9MkL48/ndPHJL2
5JFKRRQeDK6AHli8XpFLmKItGl4BZRhLm9CQ3Pcy2FFOtbNnG1jfg5lRorEFujWS
NL2z1WgvdXHbU/eIOlyi9xvF0HXSo/45hCtGq0h6kDxFsJyGqArLwheZaq0Yw0Vu
5Pf6YULaMglbkvxOcBrCsjdOm9JMh2xH+o+7hjUpq7NfxQU1u4NtKZZ9sn/L0zwx
KYe4q6gVwbyojwHNaQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:37:22 2025 by rpki-client