Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/Uf3WPJ0RH4dx3kjRpK-IOoRWQPM.roa
File: Uf3WPJ0RH4dx3kjRpK-IOoRWQPM.roa (raw, json)
Hash identifier: HELfsQWjGOFdiUe/R8lZqJLhDpGTQ9qyJYIstI+XCzs=
Subject key identifier: 51:FD:D6:3C:9D:11:1F:87:71:DE:48:D1:A4:AF:88:3A:84:56:40:F3
Certificate issuer: /CN=8a31f8bea33b0056446e3321eede3a170fbd7c1f
Certificate serial: 018571FA0BB38754739826B62D3605898A39
Authority key identifier: 8A:31:F8:BE:A3:3B:00:56:44:6E:33:21:EE:DE:3A:17:0F:BD:7C:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ijH4vqM7AFZEbjMh7t46Fw-9fB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/Uf3WPJ0RH4dx3kjRpK-IOoRWQPM.roa
Signing time: Mon 02 Jan 2023 10:14:50 +0000
ROA not before: Mon 02 Jan 2023 10:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198370
IP address blocks: 37.18.187.0/24 maxlen: 24
37.18.186.0/24 maxlen: 24
37.18.184.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:0b:b3:87:54:73:98:26:b6:2d:36:05:89:8a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a31f8bea33b0056446e3321eede3a170fbd7c1f
Validity
Not Before: Jan 2 10:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51fdd63c9d111f8771de48d1a4af883a845640f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:08:fa:37:a1:7a:e9:a1:79:a8:15:4c:39:15:
b5:c2:48:3f:44:37:91:b8:48:0e:36:c2:a2:74:15:
b9:47:66:20:e7:86:f8:c9:84:14:80:d1:f5:4d:38:
10:b0:51:a4:31:a0:65:90:d7:83:05:9e:13:3b:d0:
6b:3d:68:a3:de:01:de:03:43:e9:73:14:9c:14:1c:
f6:ac:54:40:1a:92:2e:0e:a1:f4:be:d0:f2:e0:8d:
2d:ca:20:07:c1:73:bc:26:5b:6b:ab:e8:fe:6b:37:
1e:60:b4:15:40:ee:c4:0a:a4:16:c5:66:04:a7:07:
7a:c4:0e:23:23:56:5e:7c:cd:02:68:23:03:eb:a7:
a8:ee:5e:d9:50:16:36:a8:f3:97:42:87:51:c2:1f:
34:3d:b9:b4:2d:c7:c1:b7:2f:36:56:a1:6e:a3:b4:
ea:48:a9:51:c5:11:f0:80:98:d5:6a:e5:78:df:a3:
18:25:ac:41:0a:be:30:c9:5a:f4:11:97:6c:7d:5c:
a2:ed:12:b7:69:72:d9:3c:45:0a:3c:cc:58:a1:0d:
8e:f9:fd:50:9c:96:f8:2a:e4:90:e4:04:09:80:e1:
bb:cc:ef:b7:b4:07:e3:e0:20:94:22:c6:ac:0c:38:
fd:27:25:3c:32:7f:c9:35:30:70:3b:c9:17:bf:71:
f7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FD:D6:3C:9D:11:1F:87:71:DE:48:D1:A4:AF:88:3A:84:56:40:F3
X509v3 Authority Key Identifier:
keyid:8A:31:F8:BE:A3:3B:00:56:44:6E:33:21:EE:DE:3A:17:0F:BD:7C:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ijH4vqM7AFZEbjMh7t46Fw-9fB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/Uf3WPJ0RH4dx3kjRpK-IOoRWQPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/60fc0d-0eb9-424c-a630-9a5c73bffa23/1/ijH4vqM7AFZEbjMh7t46Fw-9fB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.184.0/24
37.18.186.0/23
Signature Algorithm: sha256WithRSAEncryption
34:d2:69:40:0b:a3:9c:b6:db:0b:63:81:a3:2d:2c:c2:08:44:
6e:07:b0:1c:18:9c:40:50:e1:4d:22:f6:e0:69:0b:e0:14:a8:
ab:9a:82:68:12:30:9e:50:07:1b:79:e0:ab:49:51:36:94:c1:
6e:4c:86:8f:81:74:e4:88:97:f4:d9:fd:e6:67:5b:4a:50:9a:
9a:d7:0b:79:53:2a:6d:63:6d:95:d9:bf:14:15:ab:90:40:eb:
cf:af:9e:b9:bd:7a:db:3e:48:86:bb:04:e2:e9:89:cd:67:ff:
8f:2d:57:43:6c:75:af:36:a4:b5:67:3c:cc:4b:a6:b9:63:70:
87:98:60:bc:a6:6e:62:ab:4d:6d:12:62:a0:03:ec:18:56:dc:
bc:e7:39:c8:09:0d:63:c7:8b:c3:9c:c0:fa:bd:b2:c5:81:21:
c1:ae:79:5a:0f:cc:ab:b4:5f:2b:a6:5a:6b:1d:1e:18:dd:31:
79:8c:90:eb:42:00:36:dd:3d:92:a6:13:4d:29:f4:e4:d5:fd:
38:eb:8f:ae:58:fd:d2:52:bc:08:0d:5c:b0:7c:f6:6a:f9:f1:
62:3b:95:6a:96:f1:43:6d:f7:b7:1d:bc:83:ab:cc:de:72:29:
ac:cc:5c:3e:10:4d:ed:16:0a:03:5b:5d:b8:fa:b1:d0:48:ae:
54:3a:04:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx+guzh1RzmCa2LTYFiYo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMzFmOGJlYTMzYjAwNTY0NDZlMzMyMWVlZGUzYTE3MGZi
ZDdjMWYwHhcNMjMwMTAyMTAxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZkZDYzYzlkMTExZjg3NzFkZTQ4ZDFhNGFmODgzYTg0NTY0MGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgj6N6F66aF5qBVMORW1wkg/RDeR
uEgONsKidBW5R2Yg54b4yYQUgNH1TTgQsFGkMaBlkNeDBZ4TO9BrPWij3gHeA0Pp
cxScFBz2rFRAGpIuDqH0vtDy4I0tyiAHwXO8Jltrq+j+azceYLQVQO7ECqQWxWYE
pwd6xA4jI1ZefM0CaCMD66eo7l7ZUBY2qPOXQodRwh80Pbm0LcfBty82VqFuo7Tq
SKlRxRHwgJjVauV436MYJaxBCr4wyVr0EZdsfVyi7RK3aXLZPEUKPMxYoQ2O+f1Q
nJb4KuSQ5AQJgOG7zO+3tAfj4CCUIsasDDj9JyU8Mn/JNTBwO8kXv3H3UwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFH91jydER+Hcd5I0aSviDqEVkDzMB8GA1UdIwQY
MBaAFIox+L6jOwBWRG4zIe7eOhcPvXwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWpINHZxTTdBRlpFYmpNaDd0NDZGdy05ZkI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC82MGZjMGQtMGViOS00MjRjLWE2MzAt
OWE1YzczYmZmYTIzLzEvVWYzV1BKMFJINGR4M2tqUnBLLUlPb1JXUVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC82MGZjMGQtMGViOS00MjRjLWE2MzAtOWE1YzczYmZmYTIz
LzEvaWpINHZxTTdBRlpFYmpNaDd0NDZGdy05ZkI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJRK4AwQB
JRK6MA0GCSqGSIb3DQEBCwUAA4IBAQA00mlAC6OcttsLY4GjLSzCCERuB7AcGJxA
UOFNIvbgaQvgFKirmoJoEjCeUAcbeeCrSVE2lMFuTIaPgXTkiJf02f3mZ1tKUJqa
1wt5UyptY22V2b8UFauQQOvPr565vXrbPkiGuwTi6YnNZ/+PLVdDbHWvNqS1ZzzM
S6a5Y3CHmGC8pm5iq01tEmKgA+wYVty85znICQ1jx4vDnMD6vbLFgSHBrnlaD8yr
tF8rplprHR4Y3TF5jJDrQgA23T2SphNNKfTk1f0464+uWP3SUrwIDVywfPZq+fFi
O5VqlvFDbfe3HbyDq8zecimszFw+EE3tFgoDW124+rHQSK5UOgRX
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:29 2024 by rpki-client on console-ams.rpki-client.org