Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/mHadEPTuAaG0n6j_XCUGyqZUCjU.roa
File: mHadEPTuAaG0n6j_XCUGyqZUCjU.roa (raw, json)
Hash identifier: 9NRRINwRohKcqCAbVDcp246eZC1Jw6kUSVu/sd8gJmg=
Subject key identifier: 98:76:9D:10:F4:EE:01:A1:B4:9F:A8:FF:5C:25:06:CA:A6:54:0A:35
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 0185C34F6BFA5868AD7FB83A9CD703F2F9EF
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/mHadEPTuAaG0n6j_XCUGyqZUCjU.roa
Signing time: Wed 18 Jan 2023 05:17:19 +0000
ROA not before: Wed 18 Jan 2023 05:17:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57675
IP address blocks: 37.32.64.0/24 maxlen: 24
37.32.70.0/24 maxlen: 24
37.32.68.0/24 maxlen: 24
37.32.69.0/24 maxlen: 24
37.32.66.0/24 maxlen: 24
37.32.67.0/24 maxlen: 24
37.32.71.0/24 maxlen: 24
37.32.65.0/24 maxlen: 24
37.32.76.0/24 maxlen: 24
37.32.73.0/24 maxlen: 24
2a0f:1300::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c3:4f:6b:fa:58:68:ad:7f:b8:3a:9c:d7:03:f2:f9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Jan 18 05:17:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98769d10f4ee01a1b49fa8ff5c2506caa6540a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b2:25:0f:d2:d5:d6:c0:3f:e2:9c:2f:26:8c:
16:66:df:78:c9:ad:85:6f:3c:31:2d:59:e4:33:6b:
32:63:e2:89:ed:d8:98:1b:27:f2:92:b9:63:e4:99:
15:5e:a5:3d:d1:82:67:63:6b:af:5f:ec:7f:cd:59:
0d:f4:e8:35:01:6b:3f:83:f8:58:f1:c5:c9:53:ef:
49:b2:f1:40:3d:10:d3:be:17:63:53:91:dd:52:ae:
38:3f:31:92:47:02:b8:6b:fe:9c:29:df:67:33:bc:
21:3f:5c:52:69:be:c2:d9:be:56:4e:a3:7f:bb:b2:
3b:e5:6f:20:45:42:23:31:40:88:66:09:c8:61:c6:
ce:55:95:72:69:eb:05:28:49:92:fa:17:9f:e6:d5:
de:d0:0c:e9:a3:71:16:5a:d5:76:11:6a:99:a1:7e:
05:71:01:5f:c8:5d:a4:26:a2:69:ff:19:70:a8:7a:
e8:fa:ea:8e:0a:05:52:a8:e9:ee:61:8a:02:66:69:
0a:13:a9:6e:58:ef:b0:ce:ad:2b:2a:3e:a3:54:c1:
24:87:29:0b:16:0b:15:97:35:83:ba:de:4a:68:b1:
58:88:c1:52:8e:33:82:d4:d4:9c:ca:48:18:13:c2:
cc:16:be:0c:db:81:1b:55:e8:c9:86:61:e4:a7:db:
69:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:76:9D:10:F4:EE:01:A1:B4:9F:A8:FF:5C:25:06:CA:A6:54:0A:35
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/mHadEPTuAaG0n6j_XCUGyqZUCjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0/21
37.32.73.0/24
37.32.76.0/24
IPv6:
2a0f:1300::/29
Signature Algorithm: sha256WithRSAEncryption
3c:b6:79:de:dd:37:a8:8a:41:eb:ad:61:7b:a2:69:2f:20:db:
f3:b0:ac:0c:4c:8b:07:dd:5b:44:ff:a2:da:d0:26:22:ce:92:
07:1c:0f:61:38:aa:ab:c7:c1:ce:c1:a2:17:84:fc:f6:50:67:
58:52:a0:e4:79:86:96:ce:75:2f:70:c2:7c:62:77:54:94:66:
ff:5c:37:93:25:f5:e2:fe:c4:46:e5:10:f8:77:99:e4:c2:7b:
68:34:f7:c1:bc:28:1a:67:34:d4:44:d5:c9:69:3d:55:d1:47:
b6:04:66:02:7f:48:20:59:bb:5f:10:43:b9:bd:6f:9c:44:f6:
0a:b9:f7:eb:21:47:c3:8e:e8:b7:52:71:41:62:a7:78:12:c8:
4d:f6:1c:c5:a5:58:a3:00:8c:24:e7:ab:e0:5d:49:00:8b:ea:
48:15:71:fb:e4:fe:8f:41:2c:d9:dd:18:2c:46:26:99:ee:7c:
f2:de:25:f4:ba:e9:8d:00:a1:9d:73:68:1b:03:65:f1:7d:76:
77:a7:5e:2f:71:89:8e:7d:ff:67:41:aa:16:d2:0d:64:ac:f2:
9a:28:ec:6d:90:6f:3c:7a:11:b7:09:a2:bf:17:aa:25:91:40:
dd:2e:2b:87:1d:80:0f:a3:0b:b8:52:68:5f:b5:0d:03:f1:31:
9e:fd:38:2d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYXDT2v6WGitf7g6nNcD8vnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjMwMTE4MDUxNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODc2OWQxMGY0ZWUwMWExYjQ5ZmE4ZmY1YzI1MDZjYWE2NTQwYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrIlD9LV1sA/4pwvJowWZt94ya2F
bzwxLVnkM2syY+KJ7diYGyfykrlj5JkVXqU90YJnY2uvX+x/zVkN9Og1AWs/g/hY
8cXJU+9JsvFAPRDTvhdjU5HdUq44PzGSRwK4a/6cKd9nM7whP1xSab7C2b5WTqN/
u7I75W8gRUIjMUCIZgnIYcbOVZVyaesFKEmS+hef5tXe0Azpo3EWWtV2EWqZoX4F
cQFfyF2kJqJp/xlwqHro+uqOCgVSqOnuYYoCZmkKE6luWO+wzq0rKj6jVMEkhykL
FgsVlzWDut5KaLFYiMFSjjOC1NScykgYE8LMFr4M24EbVejJhmHkp9tpqQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJh2nRD07gGhtJ+o/1wlBsqmVAo1MB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvbUhhZEVQVHVBYUcwbjZqX1hDVUd5cVpVQ2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJSBAAwQA
JSBJAwQAJSBMMA0EAgACMAcDBQMqDxMAMA0GCSqGSIb3DQEBCwUAA4IBAQA8tnne
3TeoikHrrWF7omkvINvzsKwMTIsH3VtE/6La0CYizpIHHA9hOKqrx8HOwaIXhPz2
UGdYUqDkeYaWznUvcMJ8YndUlGb/XDeTJfXi/sRG5RD4d5nkwntoNPfBvCgaZzTU
RNXJaT1V0Ue2BGYCf0ggWbtfEEO5vW+cRPYKuffrIUfDjui3UnFBYqd4EshN9hzF
pVijAIwk56vgXUkAi+pIFXH75P6PQSzZ3RgsRiaZ7nzy3iX0uumNAKGdc2gbA2Xx
fXZ3p14vcYmOff9nQaoW0g1krPKaKOxtkG88ehG3CaK/F6olkUDdLiuHHYAPowu4
UmhftQ0D8TGe/Tgt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:02 2024 by rpki-client on console-ams.rpki-client.org