Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/gF3w9bIoZJoOg1EWOPd2ICgdW6Y.roa
File: gF3w9bIoZJoOg1EWOPd2ICgdW6Y.roa (raw, json)
Hash identifier: hjlKk70tXXUeUn4QEU6en+35D106N/AYIoJmSTdr2Ks=
Subject key identifier: 80:5D:F0:F5:B2:28:64:9A:0E:83:51:16:38:F7:76:20:28:1D:5B:A6
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 01929450BD093478F71BC4B26086FDECBC17
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/gF3w9bIoZJoOg1EWOPd2ICgdW6Y.roa
Signing time: Wed 16 Oct 2024 07:52:52 +0000
ROA not before: Wed 16 Oct 2024 07:52:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50436
IP address blocks: 37.120.0.0/17 maxlen: 17
92.206.8.0/21 maxlen: 24
92.206.32.0/20 maxlen: 24
92.206.48.0/20 maxlen: 24
92.206.209.0/24 maxlen: 24
92.206.254.0/23 maxlen: 24
94.139.0.0/19 maxlen: 20
217.68.167.0/24 maxlen: 24
2a02:2455:9000::/36 maxlen: 40
Validation: Failed, certificate revoked on Thu 17 Oct 2024 07:42:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:50:bd:09:34:78:f7:1b:c4:b2:60:86:fd:ec:bc:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Oct 16 07:52:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=805df0f5b228649a0e83511638f77620281d5ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:09:55:bd:c3:3a:03:76:87:1b:42:2d:86:76:
df:a6:b4:c7:69:6f:98:7a:1e:cd:41:aa:69:c9:58:
5d:a4:79:39:2b:ee:2f:21:9c:c8:ae:e3:e5:b4:e9:
61:1b:9c:50:69:52:8e:0f:a1:26:5a:c5:da:1b:fa:
e3:5d:1c:08:49:12:1d:db:84:54:1c:84:4e:0e:ba:
b7:68:d1:41:54:cb:b0:79:4d:04:a1:ee:e5:27:4a:
8b:c5:01:f6:99:a6:ed:4b:21:db:d5:72:d1:c0:a5:
ea:27:c6:21:64:1a:ea:16:51:cf:09:4a:2c:38:12:
72:b8:93:fa:a6:a3:03:8f:0e:3f:8f:b1:8a:45:f2:
ef:26:9f:92:bb:f1:1c:8f:1d:ec:f8:19:cc:87:5e:
bf:3a:34:9e:45:a7:8b:6a:b1:2d:24:4e:b9:47:07:
78:c7:ed:00:7b:66:0a:6c:63:83:e2:22:a5:2f:e6:
72:e1:4f:df:f8:aa:81:0f:8a:2d:3a:ac:0d:2c:af:
a6:d5:8c:02:43:6e:22:89:b3:bc:05:a5:42:4f:6c:
d8:37:8d:57:04:f9:cf:a5:5c:8a:d7:0c:46:63:a3:
f5:72:6f:ee:bc:6f:03:40:0f:d5:e0:ff:5e:0b:64:
b6:7b:2c:a0:3f:0a:65:f5:f6:a1:4d:f2:8d:d9:2c:
7e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:5D:F0:F5:B2:28:64:9A:0E:83:51:16:38:F7:76:20:28:1D:5B:A6
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/gF3w9bIoZJoOg1EWOPd2ICgdW6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.120.0.0/17
92.206.8.0/21
92.206.32.0/19
92.206.209.0/24
92.206.254.0/23
94.139.0.0/19
217.68.167.0/24
IPv6:
2a02:2455:9000::/36
Signature Algorithm: sha256WithRSAEncryption
6a:40:51:cc:ae:fc:dd:7a:a7:05:41:75:1b:58:20:a3:c6:6d:
dc:f0:3f:4d:e4:c5:c6:ff:f2:78:3c:02:36:b1:15:42:e3:eb:
5f:70:0b:55:55:c5:f7:88:ab:c0:46:7a:c6:c6:52:33:9b:a6:
70:12:c2:6c:b8:40:c7:56:1a:77:dc:33:ca:2a:83:28:03:b6:
34:fa:8b:77:29:78:e0:5c:7e:35:6d:5f:25:2a:d5:d7:07:64:
c0:f8:f6:31:25:4f:c3:76:5c:cd:e5:56:bb:43:81:90:e9:f4:
67:db:e2:e1:c1:da:bb:b5:e0:b2:d1:4c:bf:54:b6:a6:86:c0:
c6:4d:9f:1e:cc:e8:d8:0f:f4:d5:ab:1e:c9:c8:2a:92:48:3f:
b7:38:2c:ec:3b:d7:f7:5b:88:a4:48:b4:14:d0:c9:fa:6c:b0:
4e:31:0e:11:bd:82:00:40:94:af:58:0d:a1:d6:67:10:f5:7d:
c0:38:37:bf:c8:c0:6b:88:fa:3a:8a:70:d1:da:c3:80:e3:2f:
0d:1e:b1:b2:84:80:fb:94:5c:a9:cf:eb:3b:b0:94:24:7d:9c:
39:6a:35:09:33:4e:4b:67:de:46:5f:de:3f:75:67:e6:5a:47:
ac:6c:82:0b:d8:02:f5:14:b0:c5:17:02:30:df:60:e7:66:c2:
63:93:b8:7c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZKUUL0JNHj3G8SyYIb97LwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjQxMDE2MDc1MjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDVkZjBmNWIyMjg2NDlhMGU4MzUxMTYzOGY3NzYyMDI4MWQ1YmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QlVvcM6A3aHG0IthnbfprTHaW+Y
eh7NQappyVhdpHk5K+4vIZzIruPltOlhG5xQaVKOD6EmWsXaG/rjXRwISRId24RU
HIRODrq3aNFBVMuweU0Eoe7lJ0qLxQH2mabtSyHb1XLRwKXqJ8YhZBrqFlHPCUos
OBJyuJP6pqMDjw4/j7GKRfLvJp+Su/Ecjx3s+BnMh16/OjSeRaeLarEtJE65Rwd4
x+0Ae2YKbGOD4iKlL+Zy4U/f+KqBD4otOqwNLK+m1YwCQ24iibO8BaVCT2zYN41X
BPnPpVyK1wxGY6P1cm/uvG8DQA/V4P9eC2S2eyygPwpl9fahTfKN2Sx+IwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFIBd8PWyKGSaDoNRFjj3diAoHVumMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvZ0YzdzliSW9aSm9PZzFFV09QZDJJQ2dkVzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAwBAIAATAqAwQHJXgAAwQD
XM4IAwQFXM4gAwQAXM7RAwQBXM7+AwQFXosAAwQA2USnMA4EAgACMAgDBgQqAiRV
kDANBgkqhkiG9w0BAQsFAAOCAQEAakBRzK783XqnBUF1G1ggo8Zt3PA/TeTFxv/y
eDwCNrEVQuPrX3ALVVXF94irwEZ6xsZSM5umcBLCbLhAx1Yad9wzyiqDKAO2NPqL
dyl44Fx+NW1fJSrV1wdkwPj2MSVPw3ZczeVWu0OBkOn0Z9vi4cHau7XgstFMv1S2
pobAxk2fHszo2A/01aseycgqkkg/tzgs7DvX91uIpEi0FNDJ+mywTjEOEb2CAECU
r1gNodZnEPV9wDg3v8jAa4j6Oopw0drDgOMvDR6xsoSA+5Rcqc/rO7CUJH2cOWo1
CTNOS2feRl/eP3Vn5lpHrGyCC9gC9RSwxRcCMN9g52bCY5O4fA==
-----END CERTIFICATE-----
Generated at Thu Oct 17 10:58:36 2024 by rpki-client on console-ams.rpki-client.org