Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/a7VDiuxDUZ-0oUAEF--YgH-C_Q8.roa
File: a7VDiuxDUZ-0oUAEF--YgH-C_Q8.roa (raw, json)
Hash identifier: TD3W0XOK1sPJnRyaz8QFfWo/GGbqVW9HNzeNUHB1jWY=
Subject key identifier: 6B:B5:43:8A:EC:43:51:9F:B4:A1:40:04:17:EF:98:80:7F:82:FD:0F
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018D7FB4DB37839363AE041DD90AC112BEED
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/a7VDiuxDUZ-0oUAEF--YgH-C_Q8.roa
Signing time: Tue 06 Feb 2024 18:36:15 +0000
ROA not before: Tue 06 Feb 2024 18:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
45.66.92.0/23 maxlen: 23
45.66.94.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 08:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b4:db:37:83:93:63:ae:04:1d:d9:0a:c1:12:be:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Feb 6 18:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bb5438aec43519fb4a1400417ef98807f82fd0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e2:d4:0b:b4:15:6a:68:af:ec:19:73:1b:70:
46:5f:ee:0c:1b:30:c2:a7:e9:94:69:4b:5c:55:b8:
18:9d:e3:06:56:e3:e3:90:42:9f:96:35:f2:a2:1b:
8b:6f:16:32:5d:19:59:17:4f:dd:d4:e8:92:66:e5:
b6:97:d2:03:4d:08:ef:52:94:f2:84:47:ce:b9:18:
4c:bb:bd:29:d9:e3:0f:74:9b:e6:3e:f9:c6:30:48:
a5:1b:25:37:86:69:0c:f6:fb:66:c7:f1:42:68:d8:
1a:44:bf:31:87:81:3b:64:89:75:be:ed:a2:84:44:
45:c6:fc:35:c4:52:67:25:95:7f:a3:5a:c2:f3:4e:
00:c0:d1:0b:72:a5:8f:ea:b2:f4:72:60:f1:f0:19:
73:86:86:ee:4a:01:26:63:1c:ff:df:b7:0a:4c:0f:
05:46:13:98:07:3c:6d:ef:4f:b9:c0:2f:c7:97:8e:
61:ae:2a:b8:2a:79:88:b0:2e:1a:6a:fd:b1:fe:bc:
00:94:98:33:48:41:b2:f1:9b:97:d6:6d:f1:6d:8a:
54:6f:6d:b3:85:36:21:a8:03:f3:ab:a2:fc:63:77:
98:a9:89:18:c5:73:67:33:d0:a5:83:4a:a7:d4:6f:
fd:f0:70:30:92:41:d9:88:c5:e0:5a:03:f4:df:3c:
a9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B5:43:8A:EC:43:51:9F:B4:A1:40:04:17:EF:98:80:7F:82:FD:0F
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/a7VDiuxDUZ-0oUAEF--YgH-C_Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/22
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
23:3a:a0:a3:14:85:14:70:34:47:f6:5b:6e:79:80:f4:11:76:
ce:55:5a:02:c3:a8:bf:4d:d6:5d:e3:06:99:a2:7f:61:0d:18:
62:a1:98:cd:07:d9:29:5c:9a:0e:66:1a:40:53:f9:3f:46:c8:
3a:2f:77:26:ad:a8:25:48:ce:15:ae:f4:6f:14:d2:5b:09:12:
6f:b2:b1:e0:92:69:a6:f1:a2:d2:ba:76:4b:82:3f:d1:7b:b4:
45:31:9e:d6:0c:ee:52:d2:87:5f:e5:6c:10:bf:0f:5b:6f:98:
79:e7:fe:b8:e3:eb:cd:08:54:66:a2:10:ac:ca:3d:72:1c:59:
3f:ef:a1:bf:df:67:8d:30:3c:50:50:ec:b2:09:58:eb:cf:e3:
bf:78:71:5f:ee:ce:b2:3b:c4:68:83:01:3c:ca:0b:00:4a:3c:
c5:9f:1b:19:3d:fb:65:2d:9b:66:71:50:94:9f:cf:11:28:bb:
88:b2:24:b6:c2:aa:e9:c1:6f:f4:4a:51:29:80:6f:3e:61:36:
d0:00:ca:e7:a1:89:30:73:0e:2b:57:f7:6a:8c:f3:6e:b5:16:
62:2f:0c:ea:a3:fe:c6:f9:a6:a1:b8:18:a6:5c:35:f7:1c:2c:
43:d9:3b:a1:b0:1a:8f:b9:e9:83:ef:cd:b7:db:86:2d:19:ac:
06:a2:ea:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1/tNs3g5NjrgQd2QrBEr7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjQwMjA2MTgzNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmI1NDM4YWVjNDM1MTlmYjRhMTQwMDQxN2VmOTg4MDdmODJmZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeLUC7QVamiv7BlzG3BGX+4MGzDC
p+mUaUtcVbgYneMGVuPjkEKfljXyohuLbxYyXRlZF0/d1OiSZuW2l9IDTQjvUpTy
hEfOuRhMu70p2eMPdJvmPvnGMEilGyU3hmkM9vtmx/FCaNgaRL8xh4E7ZIl1vu2i
hERFxvw1xFJnJZV/o1rC804AwNELcqWP6rL0cmDx8BlzhobuSgEmYxz/37cKTA8F
RhOYBzxt70+5wC/Hl45hriq4KnmIsC4aav2x/rwAlJgzSEGy8ZuX1m3xbYpUb22z
hTYhqAPzq6L8Y3eYqYkYxXNnM9Clg0qn1G/98HAwkkHZiMXgWgP03zyptwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGu1Q4rsQ1GftKFABBfvmIB/gv0PMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvYTdWRGl1eERVWi0wb1VBRUYtLVlnSC1DX1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQC
LUJcAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQAjOqCjFIUUcDRH9ltueYD0EXbO
VVoCw6i/TdZd4waZon9hDRhioZjNB9kpXJoOZhpAU/k/Rsg6L3cmraglSM4VrvRv
FNJbCRJvsrHgkmmm8aLSunZLgj/Re7RFMZ7WDO5S0odf5WwQvw9bb5h55/644+vN
CFRmohCsyj1yHFk/76G/32eNMDxQUOyyCVjrz+O/eHFf7s6yO8RogwE8ygsASjzF
nxsZPftlLZtmcVCUn88RKLuIsiS2wqrpwW/0SlEpgG8+YTbQAMrnoYkwcw4rV/dq
jPNutRZiLwzqo/7G+aahuBimXDX3HCxD2TuhsBqPuemD782324YtGawGouom
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org