Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/1-aINTZuEA44GwMcS1Q_0wYddlx8.roa
File: 1-aINTZuEA44GwMcS1Q_0wYddlx8.roa (raw, json)
Hash identifier: Ac8UfhqtE29CJhcHXyasd3mODnhCfqZfyGukFcQIIbg=
Subject key identifier: F9:A2:0D:4D:9B:84:03:8E:06:C0:C7:12:D5:0F:F4:C1:87:5D:97:1F
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 018CC3B73DD0CEBCE06C3442336F8125C8CB
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/1-aINTZuEA44GwMcS1Q_0wYddlx8.roa
Signing time: Mon 01 Jan 2024 06:30:15 +0000
ROA not before: Mon 01 Jan 2024 06:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57675
IP address blocks: 37.32.64.0/24 maxlen: 24
37.32.70.0/24 maxlen: 24
37.32.68.0/24 maxlen: 24
37.32.69.0/24 maxlen: 24
37.32.66.0/24 maxlen: 24
37.32.67.0/24 maxlen: 24
37.32.71.0/24 maxlen: 24
37.32.65.0/24 maxlen: 24
37.32.76.0/24 maxlen: 24
37.32.73.0/24 maxlen: 24
2a0f:1300::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 01 Nov 2024 13:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3d:d0:ce:bc:e0:6c:34:42:33:6f:81:25:c8:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Jan 1 06:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9a20d4d9b84038e06c0c712d50ff4c1875d971f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b0:90:e2:4c:cb:57:af:c7:57:e6:03:df:60:
cb:b0:55:b4:d3:30:39:d1:6b:b4:37:1c:ce:68:d1:
d1:cf:b7:55:e8:be:77:e0:5d:35:6e:bc:59:f0:b1:
f7:24:42:75:1a:ca:ea:50:bb:be:e3:05:0e:c9:29:
24:78:04:23:1d:1a:c6:bd:14:02:c1:28:f4:09:2b:
f1:3b:ca:e2:b4:0a:67:1d:b3:a6:0c:69:f8:e5:02:
8e:e6:b1:55:80:43:75:f5:57:e8:82:cd:26:77:a3:
2a:93:6b:47:93:cf:2d:0d:7b:4e:bc:9c:d6:64:1c:
fe:db:73:a6:5d:c3:79:5b:85:d8:7d:5b:ce:a7:5a:
2e:f4:b4:d2:7b:8f:15:06:1d:5e:b9:5d:8b:40:0f:
54:85:86:9e:23:80:6b:92:a6:a9:a6:70:be:d3:d4:
c3:cb:66:3a:5d:ee:5f:27:43:c3:2d:9d:5d:4e:70:
cd:b5:f4:63:5f:35:5d:44:d7:eb:2f:28:75:2b:f0:
ae:84:1c:8d:5f:d4:1b:06:4e:1d:9b:81:5d:03:53:
82:b0:be:1c:34:76:04:9b:0b:40:ea:69:ec:9e:b6:
ec:97:b3:6e:cc:07:7e:bd:f9:3c:23:de:5a:59:55:
ea:8b:b6:cf:41:ac:20:1b:f1:fc:a8:6a:2f:4e:1c:
68:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A2:0D:4D:9B:84:03:8E:06:C0:C7:12:D5:0F:F4:C1:87:5D:97:1F
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/1-aINTZuEA44GwMcS1Q_0wYddlx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0/21
37.32.73.0/24
37.32.76.0/24
IPv6:
2a0f:1300::/29
Signature Algorithm: sha256WithRSAEncryption
73:df:11:e8:b3:34:b0:79:40:fd:3a:4f:68:b1:d7:e0:42:bd:
32:93:f1:de:c1:b6:ee:d9:8d:7d:b5:04:9c:86:5a:cd:23:63:
cd:35:7b:ed:4f:93:d4:44:8b:7f:28:54:66:1d:ff:40:8d:9f:
a4:ba:47:42:c2:6b:da:45:3a:de:15:36:0d:14:1f:a3:b9:3f:
71:83:c8:6a:5d:ac:0c:20:35:a1:93:7f:9a:c2:a8:f9:1b:7c:
ae:13:86:ba:3d:cd:d5:25:aa:0a:80:79:22:ae:cc:c2:41:63:
1b:11:9a:92:3b:74:56:a1:a5:63:65:fe:8b:b3:89:14:6a:d9:
e1:2e:27:16:e0:e5:32:dc:c6:5c:7a:b1:5b:ee:b3:30:de:10:
5b:c4:ef:b8:02:7c:f6:9e:2c:82:8d:ab:5b:5b:99:d3:be:cf:
e5:19:fc:72:67:50:0f:d3:c9:51:fb:57:14:be:01:fa:53:9a:
ba:67:a0:29:bc:90:4b:28:1f:ed:cd:01:00:df:34:59:a6:1d:
0e:fb:56:99:37:d6:4a:05:fd:ad:9d:ea:8f:d1:ad:95:5e:5b:
d5:1c:eb:7d:bd:f7:9e:88:3d:1e:07:a5:e4:72:80:c7:bf:da:
6d:20:05:eb:bb:a8:e4:e4:e1:28:39:ff:76:a6:d8:69:81:04:
51:9d:25:85
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDtz3QzrzgbDRCM2+BJcjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjQwMTAxMDYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWEyMGQ0ZDliODQwMzhlMDZjMGM3MTJkNTBmZjRjMTg3NWQ5NzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrCQ4kzLV6/HV+YD32DLsFW00zA5
0Wu0NxzOaNHRz7dV6L534F01brxZ8LH3JEJ1GsrqULu+4wUOySkkeAQjHRrGvRQC
wSj0CSvxO8ritApnHbOmDGn45QKO5rFVgEN19Vfogs0md6Mqk2tHk88tDXtOvJzW
ZBz+23OmXcN5W4XYfVvOp1ou9LTSe48VBh1euV2LQA9UhYaeI4BrkqappnC+09TD
y2Y6Xe5fJ0PDLZ1dTnDNtfRjXzVdRNfrLyh1K/CuhByNX9QbBk4dm4FdA1OCsL4c
NHYEmwtA6mnsnrbsl7NuzAd+vfk8I95aWVXqi7bPQawgG/H8qGovThxo/QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPmiDU2bhAOOBsDHEtUP9MGHXZcfMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvMS1hSU5UWnVFQTQ0R3dNY1MxUV8wd1lkZGx4OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTcvOTE1MWMwLTMzMjYtNDgwMS05MzYzLWM3ZDE5OTMwZDY2
ZC8xL3RPZ3JvWEZkYXVybHNCQW5KZl9neURSelhYMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAyUgQAME
ACUgSQMEACUgTDANBAIAAjAHAwUDKg8TADANBgkqhkiG9w0BAQsFAAOCAQEAc98R
6LM0sHlA/TpPaLHX4EK9MpPx3sG27tmNfbUEnIZazSNjzTV77U+T1ESLfyhUZh3/
QI2fpLpHQsJr2kU63hU2DRQfo7k/cYPIal2sDCA1oZN/msKo+Rt8rhOGuj3N1SWq
CoB5Iq7MwkFjGxGakjt0VqGlY2X+i7OJFGrZ4S4nFuDlMtzGXHqxW+6zMN4QW8Tv
uAJ89p4sgo2rW1uZ077P5Rn8cmdQD9PJUftXFL4B+lOaumegKbyQSygf7c0BAN80
WaYdDvtWmTfWSgX9rZ3qj9GtlV5b1Rzrfb33nog9Hgel5HKAx7/abSAF67uo5OTh
KDn/dqbYaYEEUZ0lhQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:40 2025 by rpki-client