Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/24c566-c74e-4232-a344-6072bb8b2bc0/1/GX2cNjuVREUv0V5XFjgNAlVx2tM.roa
File: GX2cNjuVREUv0V5XFjgNAlVx2tM.roa (raw, json)
Hash identifier: I36m396frIDAvOyVQyRwxM7P3rGG6P+PnH8ld4weetI=
Subject key identifier: 19:7D:9C:36:3B:95:44:45:2F:D1:5E:57:16:38:0D:02:55:71:DA:D3
Certificate issuer: /CN=4103292068ea3fb85bc5895379e20edbd0bc6506
Certificate serial: 018CC87116A650DAD9065A132D31BBE4CF17
Authority key identifier: 41:03:29:20:68:EA:3F:B8:5B:C5:89:53:79:E2:0E:DB:D0:BC:65:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQMpIGjqP7hbxYlTeeIO29C8ZQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/24c566-c74e-4232-a344-6072bb8b2bc0/1/GX2cNjuVREUv0V5XFjgNAlVx2tM.roa
Signing time: Tue 02 Jan 2024 04:31:43 +0000
ROA not before: Tue 02 Jan 2024 04:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58084
IP address blocks: 37.221.185.0/24 maxlen: 24
37.221.186.0/24 maxlen: 24
37.221.184.0/24 maxlen: 24
37.221.188.0/24 maxlen: 24
37.221.191.0/24 maxlen: 24
37.221.189.0/24 maxlen: 24
37.221.190.0/24 maxlen: 24
37.221.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:16:a6:50:da:d9:06:5a:13:2d:31:bb:e4:cf:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4103292068ea3fb85bc5895379e20edbd0bc6506
Validity
Not Before: Jan 2 04:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=197d9c363b9544452fd15e5716380d025571dad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:40:2d:6b:b5:dd:db:ef:23:d7:ff:e3:fc:30:
35:dc:ff:42:52:d9:5e:35:26:cb:a5:26:87:24:82:
55:c2:ca:be:be:1c:0a:9b:7e:43:c6:95:ed:f6:dc:
15:b3:10:f4:84:51:c2:52:66:d2:8f:c5:95:78:f9:
fe:3b:44:84:bf:e0:95:3e:e3:80:42:1f:a2:7e:e4:
ab:ee:69:80:fa:bb:0b:eb:e8:d7:70:8e:dd:6d:68:
0f:ed:cd:d6:04:ba:bc:e5:0b:fc:46:f3:1d:de:05:
ed:c3:cd:88:7e:d2:e8:32:9b:3e:b2:09:2c:24:86:
2d:8f:97:33:2b:1f:03:d8:e7:4e:e9:9b:3c:5d:c5:
ed:c8:a3:5a:19:7f:33:b3:fe:13:ab:0e:85:2e:d2:
d2:95:67:36:05:0f:58:5b:83:d8:92:7e:61:de:c2:
29:13:bf:55:f6:aa:0d:84:d0:42:f0:30:bf:9c:2c:
e0:85:96:c4:67:42:e9:02:6e:ba:5f:7d:f0:a5:9b:
f7:53:b1:e7:c1:8a:9c:da:b4:60:67:a9:ef:61:79:
9e:c6:68:36:c3:72:a3:72:41:09:b8:63:3a:d6:b5:
06:47:29:a7:cd:d6:f2:12:d8:a4:27:96:e3:b3:69:
e9:3f:b6:ab:16:fe:37:95:d0:84:82:d2:e6:9a:5c:
d4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7D:9C:36:3B:95:44:45:2F:D1:5E:57:16:38:0D:02:55:71:DA:D3
X509v3 Authority Key Identifier:
keyid:41:03:29:20:68:EA:3F:B8:5B:C5:89:53:79:E2:0E:DB:D0:BC:65:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQMpIGjqP7hbxYlTeeIO29C8ZQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/24c566-c74e-4232-a344-6072bb8b2bc0/1/GX2cNjuVREUv0V5XFjgNAlVx2tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/24c566-c74e-4232-a344-6072bb8b2bc0/1/QQMpIGjqP7hbxYlTeeIO29C8ZQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.184.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:d6:75:08:b6:04:62:8d:e8:af:95:1a:0f:14:d2:eb:a5:ff:
21:8f:fc:2c:55:62:23:a9:c7:99:6d:41:db:43:da:02:0d:e5:
ce:df:e5:1d:5a:ba:59:c3:bb:e4:51:d2:6c:cd:62:7b:37:25:
6c:c9:9d:a6:c3:bf:cf:ff:05:0d:07:2e:c3:ab:23:66:dc:e6:
7c:57:ba:a6:21:d4:bc:90:78:18:70:f7:9f:32:f4:b7:70:e8:
81:49:a6:ca:6c:18:53:d9:a6:e5:93:f4:72:02:83:81:e2:79:
90:2a:8b:da:a6:a7:63:f4:5d:52:73:74:4d:44:55:b5:b2:c0:
dc:82:41:74:0a:09:dd:06:ca:5d:b4:5e:72:82:1d:4e:55:08:
2b:7c:46:db:fa:d6:bc:96:0e:04:ba:b7:64:f6:74:1b:8c:7b:
ef:01:97:32:6d:61:fb:77:7c:25:4a:ec:66:f6:24:a4:8e:34:
a8:d4:23:d8:ce:84:72:9a:9b:61:87:f6:8d:43:0a:86:f7:41:
76:f6:b4:24:aa:8f:73:77:f5:56:99:50:f1:3c:d6:dc:1a:cc:
44:9e:69:6c:3d:48:73:d6:93:49:9c:41:47:34:90:9d:1a:23:
d0:5f:61:3f:66:83:85:56:5d:ee:c6:94:d7:c4:1c:73:5d:0e:
5e:bb:ea:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcRamUNrZBloTLTG75M8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDMyOTIwNjhlYTNmYjg1YmM1ODk1Mzc5ZTIwZWRiZDBi
YzY1MDYwHhcNMjQwMTAyMDQzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTdkOWMzNjNiOTU0NDQ1MmZkMTVlNTcxNjM4MGQwMjU1NzFkYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkAta7Xd2+8j1//j/DA13P9CUtle
NSbLpSaHJIJVwsq+vhwKm35DxpXt9twVsxD0hFHCUmbSj8WVePn+O0SEv+CVPuOA
Qh+ifuSr7mmA+rsL6+jXcI7dbWgP7c3WBLq85Qv8RvMd3gXtw82IftLoMps+sgks
JIYtj5czKx8D2OdO6Zs8XcXtyKNaGX8zs/4Tqw6FLtLSlWc2BQ9YW4PYkn5h3sIp
E79V9qoNhNBC8DC/nCzghZbEZ0LpAm66X33wpZv3U7HnwYqc2rRgZ6nvYXmexmg2
w3KjckEJuGM61rUGRymnzdbyEtikJ5bjs2npP7arFv43ldCEgtLmmlzUPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBl9nDY7lURFL9FeVxY4DQJVcdrTMB8GA1UdIwQY
MBaAFEEDKSBo6j+4W8WJU3niDtvQvGUGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFNcElHanFQN2hieFlsVGVlSU8yOUM4WlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yNGM1NjYtYzc0ZS00MjMyLWEzNDQt
NjA3MmJiOGIyYmMwLzEvR1gyY05qdVZSRVV2MFY1WEZqZ05BbFZ4MnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yNGM1NjYtYzc0ZS00MjMyLWEzNDQtNjA3MmJiOGIyYmMw
LzEvUVFNcElHanFQN2hieFlsVGVlSU8yOUM4WlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJd24MA0G
CSqGSIb3DQEBCwUAA4IBAQAM1nUItgRijeivlRoPFNLrpf8hj/wsVWIjqceZbUHb
Q9oCDeXO3+UdWrpZw7vkUdJszWJ7NyVsyZ2mw7/P/wUNBy7DqyNm3OZ8V7qmIdS8
kHgYcPefMvS3cOiBSabKbBhT2ablk/RyAoOB4nmQKovapqdj9F1Sc3RNRFW1ssDc
gkF0CgndBspdtF5ygh1OVQgrfEbb+ta8lg4Eurdk9nQbjHvvAZcybWH7d3wlSuxm
9iSkjjSo1CPYzoRympthh/aNQwqG90F29rQkqo9zd/VWmVDxPNbcGsxEnmlsPUhz
1pNJnEFHNJCdGiPQX2E/ZoOFVl3uxpTXxBxzXQ5eu+pz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:03 2025 by rpki-client