Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/xIlPQ7wVpViYtxMDwBRIIY1me2A.roa
File: xIlPQ7wVpViYtxMDwBRIIY1me2A.roa (raw, json)
Hash identifier: UECIrnznipNLs4ZWR3wzhG88G8/etCD6VB0fDX2jyYk=
Subject key identifier: C4:89:4F:43:BC:15:A5:58:98:B7:13:03:C0:14:48:21:8D:66:7B:60
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018CD96B2A569228F1579F56C9B9636B349D
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/xIlPQ7wVpViYtxMDwBRIIY1me2A.roa
Signing time: Fri 05 Jan 2024 11:38:48 +0000
ROA not before: Fri 05 Jan 2024 11:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210892
IP address blocks: 37.44.230.0/24 maxlen: 24
37.44.231.0/24 maxlen: 24
37.44.228.0/24 maxlen: 24
37.44.228.0/22 maxlen: 24
37.44.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 11:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:6b:2a:56:92:28:f1:57:9f:56:c9:b9:63:6b:34:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Jan 5 11:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4894f43bc15a55898b71303c01448218d667b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c1:94:96:9b:34:d1:57:14:ca:49:c7:cb:7c:
5a:ac:c3:c7:b8:ed:08:01:4c:89:6c:bd:4b:01:8d:
c0:be:db:aa:92:86:db:48:c7:44:48:60:50:c7:cd:
a1:e5:8d:09:a9:bb:46:aa:73:5d:fc:d2:19:d0:fd:
97:0b:5c:d6:91:5b:46:0d:5c:79:30:d1:5f:cc:80:
be:1a:5b:d8:0e:31:e0:12:48:1f:78:6c:db:52:f5:
5e:10:50:75:9a:75:54:a9:1d:16:85:31:ac:32:e2:
a7:2f:6b:22:eb:3b:b2:1f:3b:48:11:a2:51:64:50:
4f:48:9b:ad:82:ba:63:2a:ec:f3:24:a6:51:8c:ac:
10:11:3a:74:08:9d:c3:ec:45:ea:38:2a:c3:70:36:
4a:ac:00:f2:29:5e:cc:68:e1:27:2b:cc:ed:e7:86:
60:71:2a:bc:89:a8:c6:2b:5b:35:0e:3a:bc:41:21:
e3:73:41:24:3b:a6:4e:19:af:cb:cf:87:0c:72:e3:
b7:39:06:c2:45:3e:e0:19:6d:0e:d7:06:46:d2:ea:
f7:12:1f:c3:cb:1a:02:31:5b:47:bd:a9:ef:2b:f8:
3d:1d:37:ed:df:a4:a4:14:ed:f3:fa:fc:b4:60:2b:
94:2d:a8:07:fc:74:62:fa:ce:74:08:76:54:f7:00:
3e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:89:4F:43:BC:15:A5:58:98:B7:13:03:C0:14:48:21:8D:66:7B:60
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/xIlPQ7wVpViYtxMDwBRIIY1me2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
Signature Algorithm: sha256WithRSAEncryption
01:86:75:21:94:7f:81:de:fd:80:bb:05:2c:a7:74:7f:99:17:
0f:7e:42:98:ea:98:ab:5c:bb:58:28:22:b8:74:ae:27:b9:4c:
7f:01:cb:c4:a0:f6:3c:c5:17:28:c5:a3:a9:f3:72:4b:57:8f:
a6:7a:a1:f4:32:0a:f6:8e:5f:98:5d:9c:c5:6d:72:1b:8f:c6:
46:ab:74:10:96:7f:57:73:bc:8e:e0:22:e2:5e:89:30:44:d8:
49:47:1c:70:90:8a:4f:e8:3f:e8:be:dc:98:94:b0:37:f3:b0:
ff:30:eb:f3:50:ca:07:48:ed:d4:1e:5e:02:d1:5f:f2:e5:ec:
01:82:4a:5d:fb:3a:0a:5e:9c:40:83:f7:bb:ff:a7:9e:1d:5b:
7a:ba:ba:56:d0:c2:0e:43:94:59:81:a3:72:b5:fd:b2:d5:6b:
c3:ea:0a:cd:eb:8e:1f:39:48:e4:ed:fe:6b:6c:4a:7c:75:0f:
eb:2d:cb:3b:68:9f:66:f1:0d:2a:3e:27:12:16:4b:7a:f3:6e:
9c:54:30:11:95:b1:6f:3a:ef:d0:5d:2d:50:de:7d:2f:07:f1:
e9:37:3b:3b:ef:2c:3f:8a:5c:e4:3c:2e:c4:d2:23:f9:6e:2a:
40:fd:bb:1a:2f:9e:39:f5:29:7a:60:f5:a6:cb:31:f7:6f:9f:
50:b0:e5:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzZaypWkijxV59WybljazSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjQwMTA1MTEzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDg5NGY0M2JjMTVhNTU4OThiNzEzMDNjMDE0NDgyMThkNjY3YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMGUlps00VcUyknHy3xarMPHuO0I
AUyJbL1LAY3AvtuqkobbSMdESGBQx82h5Y0JqbtGqnNd/NIZ0P2XC1zWkVtGDVx5
MNFfzIC+GlvYDjHgEkgfeGzbUvVeEFB1mnVUqR0WhTGsMuKnL2si6zuyHztIEaJR
ZFBPSJutgrpjKuzzJKZRjKwQETp0CJ3D7EXqOCrDcDZKrADyKV7MaOEnK8zt54Zg
cSq8iajGK1s1Djq8QSHjc0EkO6ZOGa/Lz4cMcuO3OQbCRT7gGW0O1wZG0ur3Eh/D
yxoCMVtHvanvK/g9HTft36SkFO3z+vy0YCuULagH/HRi+s50CHZU9wA+4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSJT0O8FaVYmLcTA8AUSCGNZntgMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEveElsUFE3d1ZwVmlZdHhNRHdCUklJWTFtZTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJSzkMA0G
CSqGSIb3DQEBCwUAA4IBAQABhnUhlH+B3v2AuwUsp3R/mRcPfkKY6pirXLtYKCK4
dK4nuUx/AcvEoPY8xRcoxaOp83JLV4+meqH0Mgr2jl+YXZzFbXIbj8ZGq3QQln9X
c7yO4CLiXokwRNhJRxxwkIpP6D/ovtyYlLA387D/MOvzUMoHSO3UHl4C0V/y5ewB
gkpd+zoKXpxAg/e7/6eeHVt6urpW0MIOQ5RZgaNytf2y1WvD6grN644fOUjk7f5r
bEp8dQ/rLcs7aJ9m8Q0qPicSFkt6826cVDARlbFvOu/QXS1Q3n0vB/HpNzs77yw/
ilzkPC7E0iP5bipA/bsaL5459Sl6YPWmyzH3b59QsOUO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:16 2024 by rpki-client on console-fra.rpki-client.org