Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/k6MH5-pg98FQhwKhKcxGNNVzPgE.roa
File: k6MH5-pg98FQhwKhKcxGNNVzPgE.roa (raw, json)
Hash identifier: oXbNFuyZH4fPRZoMWKr0N0fAglBCBDfJJJAmDGSgWWg=
Subject key identifier: 93:A3:07:E7:EA:60:F7:C1:50:87:02:A1:29:CC:46:34:D5:73:3E:01
Certificate issuer: /CN=1517d4f58af84f50ce42f13293ede4aff12d173f
Certificate serial: 018CC7935BE346E22D5EE64B73836716FF33
Authority key identifier: 15:17:D4:F5:8A:F8:4F:50:CE:42:F1:32:93:ED:E4:AF:F1:2D:17:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/k6MH5-pg98FQhwKhKcxGNNVzPgE.roa
Signing time: Tue 02 Jan 2024 00:29:32 +0000
ROA not before: Tue 02 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51207
IP address blocks: 37.1.232.0/21 maxlen: 21
37.8.160.0/19 maxlen: 19
37.160.0.0/12 maxlen: 17
2a0d:e480::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:5b:e3:46:e2:2d:5e:e6:4b:73:83:67:16:ff:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1517d4f58af84f50ce42f13293ede4aff12d173f
Validity
Not Before: Jan 2 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93a307e7ea60f7c1508702a129cc4634d5733e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:15:20:3a:9b:f1:d1:50:9f:12:93:51:5c:f3:
c1:7c:00:17:1c:bc:f0:02:9e:4f:c4:59:45:31:cc:
16:75:16:40:7a:d2:7c:47:06:b4:f6:e4:85:be:18:
4a:d2:48:ff:eb:02:eb:27:15:7e:e4:2c:c7:db:47:
0a:32:ae:59:8c:ab:9b:35:58:ae:87:05:08:fa:27:
48:7d:fb:8d:ea:4a:29:cd:28:f3:ea:8f:bd:7f:e2:
46:a7:a3:dc:f6:84:ac:6c:f4:77:90:78:90:67:ca:
84:aa:74:18:2a:05:c0:5e:8f:eb:1f:9a:cb:f6:d5:
d2:be:54:d8:7b:36:88:fd:3a:ce:c8:d0:ae:ac:1e:
96:c3:84:8a:66:77:dd:38:62:eb:4e:22:b8:a5:9a:
01:58:29:6b:51:ef:4a:fe:38:fb:5c:0d:9d:c9:35:
5a:f5:8b:47:00:30:4b:f6:0e:28:31:5c:4e:b9:1b:
6a:6b:d6:1a:91:e5:78:f2:45:ff:20:f6:47:4a:94:
23:12:6b:c4:b7:22:e2:fc:4a:b6:17:79:47:db:36:
84:34:02:41:a5:32:bd:66:2b:a2:27:d9:bb:24:f2:
3a:ed:97:49:33:9f:1c:a1:ac:f9:7e:0f:fa:64:89:
53:aa:55:ee:22:6a:fd:88:f8:6b:c7:75:94:a7:77:
a9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A3:07:E7:EA:60:F7:C1:50:87:02:A1:29:CC:46:34:D5:73:3E:01
X509v3 Authority Key Identifier:
keyid:15:17:D4:F5:8A:F8:4F:50:CE:42:F1:32:93:ED:E4:AF:F1:2D:17:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/k6MH5-pg98FQhwKhKcxGNNVzPgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.232.0/21
37.8.160.0/19
37.160.0.0/12
IPv6:
2a0d:e480::/29
Signature Algorithm: sha256WithRSAEncryption
a8:c0:9a:d8:6d:ad:66:90:b9:0e:e3:5d:49:77:ef:59:ac:f0:
5d:34:ea:2d:ea:4c:8d:d4:c2:2a:3e:46:9d:02:62:72:3f:75:
3e:a1:1c:57:1c:67:4f:8f:3c:61:04:e5:70:cf:d5:62:3e:e8:
7d:48:00:e9:04:85:4a:03:75:d7:84:4a:fe:79:f6:f6:10:e8:
d7:7c:38:5f:3e:bf:44:1a:dc:3d:a5:49:7a:0c:0b:21:db:ad:
2f:1f:af:2a:55:06:56:6d:8c:3d:09:53:4b:3a:3d:2f:ff:6b:
3c:dd:52:2a:15:4d:6b:85:90:5a:ca:cf:d3:f1:16:1a:bf:8d:
4a:69:4e:52:15:da:e7:83:02:50:96:e2:41:67:81:e0:03:93:
89:ab:81:81:e4:40:b6:d8:15:43:2d:1b:6a:26:e0:a6:d2:33:
f4:24:0c:1c:74:d7:2e:28:f1:d0:4b:5d:27:82:58:5d:4e:3c:
5a:cc:b3:1e:e3:91:1d:66:44:3a:eb:97:8c:72:c1:8f:26:06:
82:5d:23:ae:ef:ef:25:76:19:41:24:e0:0f:55:97:5b:ff:f4:
42:0e:dd:56:59:05:f0:c8:c7:7c:73:5c:c2:10:b6:82:9b:8e:
7c:8d:47:d3:1f:31:fa:d2:11:b3:45:cf:ec:89:1d:5f:2e:09:
6a:97:57:2f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHk1vjRuItXuZLc4NnFv8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTdkNGY1OGFmODRmNTBjZTQyZjEzMjkzZWRlNGFmZjEy
ZDE3M2YwHhcNMjQwMTAyMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2EzMDdlN2VhNjBmN2MxNTA4NzAyYTEyOWNjNDYzNGQ1NzMzZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghUgOpvx0VCfEpNRXPPBfAAXHLzw
Ap5PxFlFMcwWdRZAetJ8Rwa09uSFvhhK0kj/6wLrJxV+5CzH20cKMq5ZjKubNViu
hwUI+idIffuN6kopzSjz6o+9f+JGp6Pc9oSsbPR3kHiQZ8qEqnQYKgXAXo/rH5rL
9tXSvlTYezaI/TrOyNCurB6Ww4SKZnfdOGLrTiK4pZoBWClrUe9K/jj7XA2dyTVa
9YtHADBL9g4oMVxOuRtqa9YakeV48kX/IPZHSpQjEmvEtyLi/Eq2F3lH2zaENAJB
pTK9ZiuiJ9m7JPI67ZdJM58coaz5fg/6ZIlTqlXuImr9iPhrx3WUp3epkQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJOjB+fqYPfBUIcCoSnMRjTVcz4BMB8GA1UdIwQY
MBaAFBUX1PWK+E9QzkLxMpPt5K/xLRc/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJmVTlZcjRUMURPUXZFeWstM2tyX0V0Rno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9jNGY4MGMtN2I2OS00ZmVjLWFhNTQt
ZTVmOThkZGFmYzk4LzEvazZNSDUtcGc5OEZRaHdLaEtjeEdOTlZ6UGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9jNGY4MGMtN2I2OS00ZmVjLWFhNTQtZTVmOThkZGFmYzk4
LzEvRlJmVTlZcjRUMURPUXZFeWstM2tyX0V0Rno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQDJQHoAwQF
JQigAwMEJaAwDQQCAAIwBwMFAyoN5IAwDQYJKoZIhvcNAQELBQADggEBAKjAmtht
rWaQuQ7jXUl371ms8F006i3qTI3Uwio+Rp0CYnI/dT6hHFccZ0+PPGEE5XDP1WI+
6H1IAOkEhUoDddeESv559vYQ6Nd8OF8+v0Qa3D2lSXoMCyHbrS8frypVBlZtjD0J
U0s6PS//azzdUioVTWuFkFrKz9PxFhq/jUppTlIV2ueDAlCW4kFngeADk4mrgYHk
QLbYFUMtG2om4KbSM/QkDBx01y4o8dBLXSeCWF1OPFrMsx7jkR1mRDrrl4xywY8m
BoJdI67v7yV2GUEk4A9Vl1v/9EIO3VZZBfDIx3xzXMIQtoKbjnyNR9MfMfrSEbNF
z+yJHV8uCWqXVy8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:29 2025 by rpki-client