Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/0xIRWfDmphQG84TY69AJPEbVCVc.roa
File: 0xIRWfDmphQG84TY69AJPEbVCVc.roa (raw, json)
Hash identifier: wcAhVPAm0OkE3tS/lRBQa8YGUEhsy1AqvjsXDK1QrVk=
Subject key identifier: D3:12:11:59:F0:E6:A6:14:06:F3:84:D8:EB:D0:09:3C:46:D5:09:57
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01856D53F26A1A718597740CFDFC6AB370F6
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/0xIRWfDmphQG84TY69AJPEbVCVc.roa
Signing time: Sun 01 Jan 2023 12:34:56 +0000
ROA not before: Sun 01 Jan 2023 12:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201909
IP address blocks: 37.35.53.0/24 maxlen: 24
188.119.159.0/24 maxlen: 24
188.119.158.0/24 maxlen: 24
188.119.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f2:6a:1a:71:85:97:74:0c:fd:fc:6a:b3:70:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 12:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3121159f0e6a61406f384d8ebd0093c46d50957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0e:bf:f2:fa:72:9b:62:d8:17:65:88:d8:93:
0d:0f:6e:50:9e:f5:a9:ad:66:18:07:a6:70:9d:0b:
3c:9d:63:2f:a3:22:c8:7d:51:66:f4:e6:69:76:c5:
e8:ff:d1:d1:c7:ce:39:63:34:4f:c4:ef:d4:22:ad:
5f:82:6a:1c:d7:a3:32:a9:3e:c0:53:22:1e:77:ce:
39:05:ec:d7:0f:d5:be:06:50:38:6d:8a:ce:2b:b2:
be:d2:3b:56:a9:3f:2c:f6:44:9b:90:e1:51:28:ba:
7d:96:5b:37:f1:c8:cf:56:94:8a:3d:bd:a8:97:79:
5c:4f:bb:3a:be:0c:35:ca:ae:a3:82:45:81:d3:e2:
cd:f2:59:11:8b:6e:8f:f0:d5:ca:e4:7a:47:81:6a:
84:d6:a3:21:c7:07:f8:27:27:4c:ee:e4:8f:b1:f8:
87:78:80:72:a8:4f:00:06:24:43:ac:03:0d:93:17:
87:75:4c:69:3d:11:cf:2a:bd:cf:fc:04:a6:a0:10:
c6:8b:34:41:57:d7:0f:bb:32:99:f0:8b:72:21:0b:
af:da:3b:80:d6:3a:58:67:19:6c:8e:2d:f7:55:44:
bc:4b:89:99:67:50:93:b4:9f:ef:3e:f1:25:ea:71:
aa:f9:76:ce:10:8c:6d:5c:90:ea:94:61:22:7d:52:
bf:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:12:11:59:F0:E6:A6:14:06:F3:84:D8:EB:D0:09:3C:46:D5:09:57
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/0xIRWfDmphQG84TY69AJPEbVCVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.53.0/24
188.119.158.0/23
188.119.163.0/24
Signature Algorithm: sha256WithRSAEncryption
18:25:ca:d9:16:db:bb:29:77:1f:99:30:e9:92:bb:a8:ad:de:
5f:a1:b0:ee:9c:83:e0:aa:a3:dc:50:a5:f7:47:19:83:ff:57:
3f:bb:08:44:6f:b5:87:12:ae:fc:92:4f:2f:e4:ea:a6:2c:0a:
36:fd:11:7e:60:92:49:72:77:20:24:60:c9:c9:3a:6e:de:62:
d6:96:be:40:c0:3f:fd:c7:7e:48:86:f1:0b:54:6c:43:a1:ed:
ff:2b:87:f0:fd:ed:c6:53:4a:b1:5c:cf:57:2b:01:59:d1:7f:
db:d0:7a:17:9a:43:b9:cb:37:79:57:59:b8:f3:24:f3:52:51:
ad:9e:9f:4d:3e:cd:90:c8:de:62:bb:71:92:c0:99:66:8c:1d:
b4:ea:f7:16:9c:9f:56:e0:84:f3:7d:e5:28:6d:31:33:a1:43:
77:62:fc:ca:7c:88:f6:ae:91:5d:22:58:a0:5b:98:d5:9b:30:
46:0a:a4:30:f7:98:77:8f:ec:24:aa:b4:a2:b9:b5:e4:31:76:
54:50:93:76:ee:1f:ea:ec:f0:e9:a9:38:81:0b:73:cb:2d:fb:
7f:bf:99:be:49:69:1c:35:cf:a5:39:e3:a0:49:9d:64:6d:78:
ae:d8:60:35:29:0d:d8:1c:ad:a5:a5:82:ea:a1:34:dc:a8:bb:
47:8d:f6:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtU/JqGnGFl3QM/fxqs3D2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzEyMTE1OWYwZTZhNjE0MDZmMzg0ZDhlYmQwMDkzYzQ2ZDUwOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ6/8vpym2LYF2WI2JMND25QnvWp
rWYYB6ZwnQs8nWMvoyLIfVFm9OZpdsXo/9HRx845YzRPxO/UIq1fgmoc16MyqT7A
UyIed845BezXD9W+BlA4bYrOK7K+0jtWqT8s9kSbkOFRKLp9lls38cjPVpSKPb2o
l3lcT7s6vgw1yq6jgkWB0+LN8lkRi26P8NXK5HpHgWqE1qMhxwf4JydM7uSPsfiH
eIByqE8ABiRDrAMNkxeHdUxpPRHPKr3P/ASmoBDGizRBV9cPuzKZ8ItyIQuv2juA
1jpYZxlsji33VUS8S4mZZ1CTtJ/vPvEl6nGq+XbOEIxtXJDqlGEifVK/MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNMSEVnw5qYUBvOE2OvQCTxG1QlXMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvMHhJUldmRG1waFFHODRUWTY5QUpQRWJWQ1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJSM1AwQB
vHeeAwQAvHejMA0GCSqGSIb3DQEBCwUAA4IBAQAYJcrZFtu7KXcfmTDpkruord5f
obDunIPgqqPcUKX3RxmD/1c/uwhEb7WHEq78kk8v5OqmLAo2/RF+YJJJcncgJGDJ
yTpu3mLWlr5AwD/9x35IhvELVGxDoe3/K4fw/e3GU0qxXM9XKwFZ0X/b0HoXmkO5
yzd5V1m48yTzUlGtnp9NPs2QyN5iu3GSwJlmjB206vcWnJ9W4ITzfeUobTEzoUN3
YvzKfIj2rpFdIligW5jVmzBGCqQw95h3j+wkqrSiubXkMXZUUJN27h/q7PDpqTiB
C3PLLft/v5m+SWkcNc+lOeOgSZ1kbXiu2GA1KQ3YHK2lpYLqoTTcqLtHjfbt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:50 2024 by rpki-client on console-ams.rpki-client.org