Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/Td6wHeR-bDub5aaQ6F90MIel8Bs.roa
File: Td6wHeR-bDub5aaQ6F90MIel8Bs.roa (raw, json)
Hash identifier: QxLq++PNM4hCU6uz1+Vd58D0g6Svm7nLimkavcQV83s=
Subject key identifier: 4D:DE:B0:1D:E4:7E:6C:3B:9B:E5:A6:90:E8:5F:74:30:87:A5:F0:1B
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018DE9BDD43225E3F2B03B3BEEE5DFA164C3
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/Td6wHeR-bDub5aaQ6F90MIel8Bs.roa
Signing time: Tue 27 Feb 2024 08:45:48 +0000
ROA not before: Tue 27 Feb 2024 08:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
45.66.92.0/23 maxlen: 23
45.66.94.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
192.145.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 08:19:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:bd:d4:32:25:e3:f2:b0:3b:3b:ee:e5:df:a1:64:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Feb 27 08:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ddeb01de47e6c3b9be5a690e85f743087a5f01b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:54:a0:73:04:1a:43:69:cb:80:40:b7:d1:
da:b8:c8:bf:69:1b:30:64:e4:05:15:06:ef:16:0a:
8e:8b:fc:53:29:51:fb:7b:b8:71:10:70:6b:13:ee:
ef:41:35:b2:7c:eb:f1:f1:65:e0:08:05:f2:b4:2f:
4c:6e:b3:2e:e3:8a:7d:eb:32:7a:27:f2:dc:cd:30:
0d:fa:64:50:23:0e:d0:28:4d:55:a0:77:aa:bc:8e:
6f:c1:2b:15:f4:42:48:7a:a0:d5:b0:16:83:7b:74:
2f:5c:e2:eb:28:ee:40:0a:1e:4f:2c:4b:65:61:3f:
ed:5c:d5:90:3b:09:fb:8e:71:8c:bc:30:a7:89:70:
d1:0f:4f:f8:b2:2c:be:1e:be:d8:de:f8:44:5c:15:
07:2d:f4:08:98:83:97:83:b1:5f:d2:8b:1a:2d:fb:
d1:a1:3a:36:d3:c6:87:d4:1a:eb:d1:a1:26:56:53:
9e:59:f7:00:03:47:4a:1b:5e:6a:92:14:ae:0a:f9:
6a:c7:b0:6c:8b:07:70:c4:db:e7:b2:29:23:c4:13:
1f:d5:54:d3:4b:23:02:96:ad:64:e9:42:3c:c4:de:
a4:9f:22:7c:97:19:ec:76:a8:98:18:4f:42:7b:99:
1e:39:69:2e:1a:2a:9e:4a:0b:86:8b:95:d1:55:e5:
3c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DE:B0:1D:E4:7E:6C:3B:9B:E5:A6:90:E8:5F:74:30:87:A5:F0:1B
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/Td6wHeR-bDub5aaQ6F90MIel8Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/22
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:36:5e:5a:6a:98:49:e6:67:e7:72:9f:db:06:87:db:03:f9:
b6:2c:71:e3:4c:ca:be:63:9d:88:7f:59:69:3a:09:d5:dc:40:
dc:4d:8d:5c:f6:b5:0d:57:11:89:b2:7e:0c:18:a9:58:99:d7:
24:4d:04:f5:a7:3b:73:1b:af:68:61:58:56:6f:49:f2:23:8b:
27:75:2c:58:12:61:f7:38:0e:d4:a1:c9:d6:ec:0f:f9:05:cd:
97:8f:6a:5e:4e:db:0e:34:93:9c:94:70:92:63:a7:da:d2:fa:
73:36:cc:ba:08:ce:55:23:43:2a:93:35:dd:99:46:d3:85:ec:
77:a9:17:56:ae:aa:f9:81:bb:4e:05:96:fb:c4:0d:e4:cb:6e:
25:4d:d8:66:0e:a6:89:49:c6:91:78:17:1f:6f:88:51:cb:18:
a8:a5:5f:f1:5e:58:4f:ca:f8:0e:04:b4:d9:87:9b:26:17:e1:
ec:33:12:17:16:b0:a6:3b:4d:aa:50:1b:9a:f3:7b:2d:0b:a2:
99:73:43:61:df:78:9f:04:84:1f:4b:47:50:5c:29:0a:9b:58:
28:f0:7c:bf:0c:f9:24:38:a0:7f:e6:76:6c:d1:28:28:60:ff:
9f:be:8c:13:c4:3a:7a:1d:97:b1:54:7c:df:2a:07:a8:8b:44:
25:1f:ff:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3pvdQyJePysDs77uXfoWTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjQwMjI3MDg0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRlYjAxZGU0N2U2YzNiOWJlNWE2OTBlODVmNzQzMDg3YTVmMDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyVUoHMEGkNpy4BAt9HauMi/aRsw
ZOQFFQbvFgqOi/xTKVH7e7hxEHBrE+7vQTWyfOvx8WXgCAXytC9MbrMu44p96zJ6
J/LczTAN+mRQIw7QKE1VoHeqvI5vwSsV9EJIeqDVsBaDe3QvXOLrKO5ACh5PLEtl
YT/tXNWQOwn7jnGMvDCniXDRD0/4siy+Hr7Y3vhEXBUHLfQImIOXg7Ff0osaLfvR
oTo208aH1Brr0aEmVlOeWfcAA0dKG15qkhSuCvlqx7BsiwdwxNvnsikjxBMf1VTT
SyMClq1k6UI8xN6knyJ8lxnsdqiYGE9Ce5keOWkuGiqeSguGi5XRVeU8ewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE3esB3kfmw7m+WmkOhfdDCHpfAbMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvVGQ2d0hlUi1iRHViNWFhUTZGOTBNSWVsOEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQC
LUJcAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQAsNl5aaphJ5mfncp/bBofbA/m2
LHHjTMq+Y52If1lpOgnV3EDcTY1c9rUNVxGJsn4MGKlYmdckTQT1pztzG69oYVhW
b0nyI4sndSxYEmH3OA7UocnW7A/5Bc2Xj2peTtsONJOclHCSY6fa0vpzNsy6CM5V
I0MqkzXdmUbThex3qRdWrqr5gbtOBZb7xA3ky24lTdhmDqaJScaReBcfb4hRyxio
pV/xXlhPyvgOBLTZh5smF+HsMxIXFrCmO02qUBua83stC6KZc0Nh33ifBIQfS0dQ
XCkKm1go8Hy/DPkkOKB/5nZs0SgoYP+fvowTxDp6HZexVHzfKgeoi0QlH/+f
-----END CERTIFICATE-----
Generated at Fri Apr 19 12:30:19 2024 by rpki-client on console-ams.rpki-client.org