Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/g3aYGPFY2XHuyNeFipdh-YM-edQ.roa
File: g3aYGPFY2XHuyNeFipdh-YM-edQ.roa (raw, json)
Hash identifier: 13uBpXOvgFUmv/3y3LZ5LrxBTcNVk/3XSIqd9R1BZRw=
Subject key identifier: 83:76:98:18:F1:58:D9:71:EE:C8:D7:85:8A:97:61:F9:83:3E:79:D4
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018618849D5E9DCB41BEBA028A4F5CADCA3E
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/g3aYGPFY2XHuyNeFipdh-YM-edQ.roa
Signing time: Fri 03 Feb 2023 18:23:09 +0000
ROA not before: Fri 03 Feb 2023 18:23:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 37.19.68.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:84:9d:5e:9d:cb:41:be:ba:02:8a:4f:5c:ad:ca:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Feb 3 18:23:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83769818f158d971eec8d7858a9761f9833e79d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e1:2c:6d:cc:ce:e3:be:63:7a:69:b1:91:76:
4c:a4:16:9a:b1:e4:98:0c:ef:f9:3f:cf:71:48:b9:
63:fa:50:af:bb:82:aa:a4:82:6a:25:a0:d4:ac:26:
44:ea:8c:20:e4:f8:9f:6d:dd:be:88:a2:ea:9c:09:
af:9b:ee:b0:44:8d:d3:6d:47:64:73:b6:22:a1:b4:
b7:a9:19:d4:44:15:de:9d:21:d4:60:d1:cb:74:43:
e9:5b:54:11:e7:20:9a:a4:8f:8f:a6:cd:5f:ff:cc:
84:dd:4a:aa:4f:b1:4f:fc:f2:7c:8d:1f:f9:f3:42:
e0:d1:ed:52:4b:a8:65:96:4c:cc:ed:e1:7b:b0:66:
9d:cb:27:76:01:13:86:3e:14:a3:9e:d9:60:db:6e:
28:64:44:99:77:36:d8:89:2f:5b:29:fb:3c:b0:1a:
01:f6:fa:0d:db:2e:c1:45:b9:74:40:6c:66:60:be:
c8:4d:57:74:01:2d:b8:9e:04:30:63:81:2a:55:0f:
e3:0d:43:a9:4c:7f:a4:90:bb:59:02:12:d1:50:4e:
d9:7c:38:55:23:2a:86:9a:34:48:89:36:e3:27:5e:
7e:e4:8e:78:31:a9:1b:cd:36:7c:20:af:fd:8c:f2:
df:c0:5e:15:a1:26:eb:de:8e:a6:a8:e6:7a:4d:d6:
42:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:76:98:18:F1:58:D9:71:EE:C8:D7:85:8A:97:61:F9:83:3E:79:D4
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/g3aYGPFY2XHuyNeFipdh-YM-edQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.68.0/22
Signature Algorithm: sha256WithRSAEncryption
d4:d8:1d:16:72:3e:a2:fc:d3:f3:9f:a1:65:67:64:bf:97:f1:
9c:34:01:89:44:30:30:08:05:9e:ef:1e:e1:a4:df:d2:e2:c0:
b6:ba:75:dc:f3:ac:1b:dd:87:0a:82:16:43:4f:b0:2c:e6:2e:
88:6a:97:27:7a:88:57:3f:c1:a7:62:3d:c1:db:52:20:27:3f:
89:a9:7c:48:28:d5:64:20:5f:09:5c:7f:ca:9b:09:5f:33:5d:
b3:cb:eb:2b:00:f8:99:1f:67:77:d0:8b:e5:57:53:4e:f4:b3:
6b:86:5d:5a:2b:88:b7:ec:f9:94:4a:64:c2:96:8c:18:3c:4a:
55:ef:61:35:ff:2b:77:b4:15:11:d0:ac:e1:93:91:04:06:ce:
ea:fe:bb:fe:7f:ef:5d:e0:ad:56:be:70:ec:67:eb:60:e7:60:
73:ae:53:c8:1e:69:48:dd:98:13:cc:24:f2:79:6f:27:06:db:
81:bd:94:83:93:2c:02:fa:26:1b:fe:c8:9e:5f:d7:3c:b1:c4:
20:1c:da:b8:3b:7a:e8:5d:d1:fd:df:68:8c:9d:46:47:19:3a:
92:4a:ea:45:3e:03:20:06:18:33:f5:50:82:c0:3f:88:90:e9:
ca:45:e4:3e:56:36:5a:09:ec:70:d3:72:de:c1:49:33:bb:b1:
b8:b1:13:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYYhJ1enctBvroCik9crco+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMjAzMTgyMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzc2OTgxOGYxNThkOTcxZWVjOGQ3ODU4YTk3NjFmOTgzM2U3OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+EsbczO475jemmxkXZMpBaaseSY
DO/5P89xSLlj+lCvu4KqpIJqJaDUrCZE6owg5Pifbd2+iKLqnAmvm+6wRI3TbUdk
c7YiobS3qRnURBXenSHUYNHLdEPpW1QR5yCapI+Pps1f/8yE3UqqT7FP/PJ8jR/5
80Lg0e1SS6hllkzM7eF7sGadyyd2AROGPhSjntlg224oZESZdzbYiS9bKfs8sBoB
9voN2y7BRbl0QGxmYL7ITVd0AS24ngQwY4EqVQ/jDUOpTH+kkLtZAhLRUE7ZfDhV
IyqGmjRIiTbjJ15+5I54MakbzTZ8IK/9jPLfwF4VoSbr3o6mqOZ6TdZCjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIN2mBjxWNlx7sjXhYqXYfmDPnnUMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvZzNhWUdQRlkyWEh1eU5lRmlwZGgtWU0tZWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJRNEMA0G
CSqGSIb3DQEBCwUAA4IBAQDU2B0Wcj6i/NPzn6FlZ2S/l/GcNAGJRDAwCAWe7x7h
pN/S4sC2unXc86wb3YcKghZDT7As5i6IapcneohXP8GnYj3B21IgJz+JqXxIKNVk
IF8JXH/KmwlfM12zy+srAPiZH2d30IvlV1NO9LNrhl1aK4i37PmUSmTClowYPEpV
72E1/yt3tBUR0Kzhk5EEBs7q/rv+f+9d4K1WvnDsZ+tg52BzrlPIHmlI3ZgTzCTy
eW8nBtuBvZSDkywC+iYb/sieX9c8scQgHNq4O3roXdH932iMnUZHGTqSSupFPgMg
Bhgz9VCCwD+IkOnKReQ+VjZaCexw03LewUkzu7G4sRMZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:30 2023 by rpki-client on console-ams.rpki-client.org