Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/3xGtYxNJrKAxZgYofYefUtRCM7k.roa
File: 3xGtYxNJrKAxZgYofYefUtRCM7k.roa (raw, json)
Hash identifier: or5URS+b5YN/pMjpQ5C2gk/6RZg5asqQEn9wHWlwCeY=
Subject key identifier: DF:11:AD:63:13:49:AC:A0:31:66:06:28:7D:87:9F:52:D4:42:33:B9
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 0186E22CB992C8E1433DA8B98260B4E15DAD
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/3xGtYxNJrKAxZgYofYefUtRCM7k.roa
Signing time: Tue 14 Mar 2023 22:10:27 +0000
ROA not before: Tue 14 Mar 2023 22:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 37.19.64.0/22 maxlen: 24
5.249.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 May 2023 11:10:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e2:2c:b9:92:c8:e1:43:3d:a8:b9:82:60:b4:e1:5d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Mar 14 22:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df11ad631349aca0316606287d879f52d44233b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:df:60:86:5d:18:fd:7d:23:52:78:b7:da:54:
8c:35:3b:a9:a4:1d:77:5c:2f:6a:3b:aa:f7:18:c0:
9d:de:a4:3c:02:57:16:7e:5f:34:72:d0:d2:30:d2:
8d:4a:f6:af:d3:36:b9:1a:2c:9f:fe:dd:b7:fd:de:
40:c4:a4:2d:fa:d6:11:14:e0:82:32:5a:eb:4b:50:
f8:0a:e5:2e:49:6c:db:88:a8:b4:39:58:8c:4b:49:
e8:8a:b7:e1:23:a9:71:b5:85:f9:99:9d:eb:9a:b5:
92:04:1b:07:fe:d0:41:65:2b:96:a6:86:4e:46:a1:
ba:e0:ff:af:62:8d:40:33:8d:2c:e7:ac:a0:ef:21:
e0:e1:ab:a8:54:e9:07:bc:0f:d1:45:16:50:ba:45:
54:d7:fc:37:bb:41:03:ee:cd:8e:94:51:c5:fb:5a:
17:33:b7:30:14:b9:5b:eb:1f:db:5b:1a:88:bd:c8:
d2:f3:dc:7a:2a:10:2d:ff:aa:70:e2:f3:96:bb:b1:
6e:f7:c5:a1:9d:67:72:0a:9f:22:7a:a5:f7:6b:a5:
3a:b7:3c:88:8d:8f:0b:45:97:75:18:6f:42:89:a4:
57:a6:22:74:09:99:2f:b1:54:ce:4a:d7:47:23:a3:
76:7e:b8:90:50:ae:27:9f:28:94:3f:47:21:e4:ab:
a6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:11:AD:63:13:49:AC:A0:31:66:06:28:7D:87:9F:52:D4:42:33:B9
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/3xGtYxNJrKAxZgYofYefUtRCM7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.176.0/22
37.19.64.0/22
Signature Algorithm: sha256WithRSAEncryption
dc:6c:f3:12:ed:2a:25:a9:28:d3:ab:18:7e:59:07:a7:1a:12:
83:7d:74:6b:ad:bf:cf:d8:0c:d1:b4:ea:8e:17:60:87:ad:03:
59:9b:6c:40:4f:fb:65:9c:df:6b:14:dc:d8:1a:f8:18:33:fa:
41:43:50:a1:f4:9c:13:c2:ed:09:62:c7:29:a8:d6:cf:9f:8c:
1b:04:94:0b:88:cf:14:9a:b4:cb:e7:5a:af:56:92:99:87:7a:
c4:90:ef:73:5a:dc:53:7a:99:70:d9:f4:a7:f2:18:cb:f3:46:
f2:69:fc:9a:b4:3b:ad:63:f5:31:bb:3b:2f:9a:5c:6e:0b:ea:
1a:66:12:d8:f3:82:b9:e8:4c:74:56:68:d3:71:54:23:99:9e:
46:34:b6:e6:12:c8:8a:0e:d3:dd:e6:9e:c3:c4:09:dc:17:0c:
07:5c:a4:de:a7:2b:f0:80:65:37:56:54:17:db:fc:dc:1e:02:
2a:cf:7d:1b:8b:db:c3:ec:13:4a:14:5f:00:2f:e0:f9:3f:f4:
6e:1c:de:53:c0:34:8e:fd:df:b5:14:1c:a7:05:79:8f:61:c7:
d7:38:8b:28:64:40:69:f1:b2:e3:3a:6f:0a:20:4b:4f:4b:49:
0c:8c:3b:f6:e9:89:23:43:6e:39:81:b5:3c:5d:ec:df:06:66:
5d:cc:a6:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbiLLmSyOFDPai5gmC04V2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMzE0MjIxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjExYWQ2MzEzNDlhY2EwMzE2NjA2Mjg3ZDg3OWY1MmQ0NDIzM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt9ghl0Y/X0jUni32lSMNTuppB13
XC9qO6r3GMCd3qQ8AlcWfl80ctDSMNKNSvav0za5Giyf/t23/d5AxKQt+tYRFOCC
MlrrS1D4CuUuSWzbiKi0OViMS0noirfhI6lxtYX5mZ3rmrWSBBsH/tBBZSuWpoZO
RqG64P+vYo1AM40s56yg7yHg4auoVOkHvA/RRRZQukVU1/w3u0ED7s2OlFHF+1oX
M7cwFLlb6x/bWxqIvcjS89x6KhAt/6pw4vOWu7Fu98WhnWdyCp8ieqX3a6U6tzyI
jY8LRZd1GG9CiaRXpiJ0CZkvsVTOStdHI6N2friQUK4nnyiUP0ch5KumkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN8RrWMTSaygMWYGKH2Hn1LUQjO5MB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvM3hHdFl4TkpyS0F4WmdZb2ZZZWZVdFJDTTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBfmwAwQC
JRNAMA0GCSqGSIb3DQEBCwUAA4IBAQDcbPMS7SolqSjTqxh+WQenGhKDfXRrrb/P
2AzRtOqOF2CHrQNZm2xAT/tlnN9rFNzYGvgYM/pBQ1Ch9JwTwu0JYscpqNbPn4wb
BJQLiM8UmrTL51qvVpKZh3rEkO9zWtxTeplw2fSn8hjL80byafyatDutY/Uxuzsv
mlxuC+oaZhLY84K56Ex0VmjTcVQjmZ5GNLbmEsiKDtPd5p7DxAncFwwHXKTepyvw
gGU3VlQX2/zcHgIqz30bi9vD7BNKFF8AL+D5P/RuHN5TwDSO/d+1FBynBXmPYcfX
OIsoZEBp8bLjOm8KIEtPS0kMjDv26YkjQ245gbU8XezfBmZdzKYD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:09 2024 by rpki-client on console-ams.rpki-client.org