Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/9gQhXZhOiMKkdi2H4C4qFIyTxGQ.roa
File: 9gQhXZhOiMKkdi2H4C4qFIyTxGQ.roa (raw, json)
Hash identifier: t+oYcYbFAIyivFaPVTE8STogE/Vb2CvH9XFQWOf0pDY=
Subject key identifier: F6:04:21:5D:98:4E:88:C2:A4:76:2D:87:E0:2E:2A:14:8C:93:C4:64
Certificate issuer: /CN=336f6ac82f6f28e3d3e5b66475594d8318e75ab3
Certificate serial: 018847B10919D2EB8480AE500F64C749A7F9
Authority key identifier: 33:6F:6A:C8:2F:6F:28:E3:D3:E5:B6:64:75:59:4D:83:18:E7:5A:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M29qyC9vKOPT5bZkdVlNgxjnWrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/9gQhXZhOiMKkdi2H4C4qFIyTxGQ.roa
Signing time: Tue 23 May 2023 08:19:24 +0000
ROA not before: Tue 23 May 2023 08:19:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 37.19.97.0/24 maxlen: 24
37.19.96.0/21 maxlen: 21
37.19.98.0/24 maxlen: 24
37.19.99.0/24 maxlen: 24
37.19.100.0/24 maxlen: 24
185.109.163.0/24 maxlen: 24
37.203.192.0/24 maxlen: 24
37.203.192.0/21 maxlen: 21
37.203.193.0/24 maxlen: 24
37.203.194.0/24 maxlen: 24
37.203.195.0/24 maxlen: 24
37.203.196.0/24 maxlen: 24
37.203.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Jun 2023 18:36:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:b1:09:19:d2:eb:84:80:ae:50:0f:64:c7:49:a7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=336f6ac82f6f28e3d3e5b66475594d8318e75ab3
Validity
Not Before: May 23 08:19:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f604215d984e88c2a4762d87e02e2a148c93c464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ff:6c:91:f5:9c:29:55:7d:34:10:c0:c5:6c:
31:c4:dc:66:ed:e4:8e:f2:39:ee:20:fb:c0:51:07:
00:25:0b:94:e8:78:8e:11:a0:e9:df:24:29:c3:4d:
17:21:09:d2:66:ef:e6:79:9e:53:4a:2e:b3:20:13:
9d:04:b2:22:77:a3:a2:f7:a9:90:33:f4:55:a6:09:
64:f7:76:d1:02:f5:e1:e6:e4:c4:86:b0:ce:3e:62:
c3:d9:7e:02:0a:72:1f:76:22:8d:8f:8e:35:5f:ce:
ed:c6:25:dc:97:0b:9d:20:a2:cb:a9:61:c5:4a:a0:
41:bf:29:1e:90:a5:ea:e6:5f:65:51:92:8c:12:bf:
f3:b2:57:0a:dd:1d:97:4b:6d:88:37:e9:6f:f3:ef:
ff:64:29:28:c0:e6:c4:73:98:63:3c:29:b1:40:49:
d9:ce:d6:a1:af:a9:9a:fd:15:ed:17:e8:37:61:f7:
6e:86:80:d4:0f:fe:32:8c:a8:f6:66:b5:41:b3:85:
89:b7:13:96:b0:ed:55:75:87:06:dd:8e:3f:d4:43:
bc:32:9d:81:0d:a2:f9:f7:ac:26:86:01:2d:63:fe:
ca:fd:08:57:a4:d0:3c:1f:c4:95:8d:35:8b:51:6c:
70:3a:ec:a6:6d:c7:66:8a:d2:1f:20:e9:ab:1b:e7:
80:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:04:21:5D:98:4E:88:C2:A4:76:2D:87:E0:2E:2A:14:8C:93:C4:64
X509v3 Authority Key Identifier:
keyid:33:6F:6A:C8:2F:6F:28:E3:D3:E5:B6:64:75:59:4D:83:18:E7:5A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M29qyC9vKOPT5bZkdVlNgxjnWrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/9gQhXZhOiMKkdi2H4C4qFIyTxGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/M29qyC9vKOPT5bZkdVlNgxjnWrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.96.0/21
37.203.192.0/21
185.109.163.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f6:75:95:8f:f1:d6:a0:4b:f0:a4:8d:f6:9f:88:33:e7:0c:
1e:d3:90:8b:dd:b5:f1:26:ba:a6:bb:60:16:92:39:57:14:fe:
07:3c:2b:f7:95:bf:b1:56:16:c4:dd:f1:a0:db:3b:0d:99:58:
d9:a7:0f:eb:01:85:69:7e:11:37:46:5a:8e:d9:6d:97:cf:0b:
74:1d:25:5b:e3:23:2f:dc:be:74:51:84:78:fa:e2:1a:b6:bd:
9a:2a:56:53:aa:17:dd:e9:32:61:95:ff:a5:77:45:a7:6a:e9:
91:2c:af:a6:0e:6b:a7:af:07:3d:95:47:4a:90:e6:b3:53:2e:
c5:2a:50:67:d1:2a:fc:81:cf:61:2f:2a:31:06:55:d5:0d:53:
0a:aa:5c:bd:5f:b4:41:47:d2:18:eb:23:42:fa:a2:75:0b:0b:
c9:1c:f5:de:cd:d1:44:24:94:14:05:2d:b5:6d:de:cc:06:89:
ea:69:a0:8f:96:65:0e:c2:90:5b:98:b7:24:1a:35:ff:02:3c:
ff:98:17:3e:89:0a:24:91:b6:b7:83:c8:e1:44:a1:d9:26:20:
3a:25:e9:41:9d:de:7b:21:be:39:08:ab:03:0a:33:80:90:ea:
e0:9a:a4:99:11:b8:94:7f:f3:0a:f6:7c:8d:a2:16:fa:54:43:
10:38:78:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhHsQkZ0uuEgK5QD2THSaf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNmY2YWM4MmY2ZjI4ZTNkM2U1YjY2NDc1NTk0ZDgzMThl
NzVhYjMwHhcNMjMwNTIzMDgxOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjA0MjE1ZDk4NGU4OGMyYTQ3NjJkODdlMDJlMmExNDhjOTNjNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv9skfWcKVV9NBDAxWwxxNxm7eSO
8jnuIPvAUQcAJQuU6HiOEaDp3yQpw00XIQnSZu/meZ5TSi6zIBOdBLIid6Oi96mQ
M/RVpglk93bRAvXh5uTEhrDOPmLD2X4CCnIfdiKNj441X87txiXclwudIKLLqWHF
SqBBvykekKXq5l9lUZKMEr/zslcK3R2XS22IN+lv8+//ZCkowObEc5hjPCmxQEnZ
ztahr6ma/RXtF+g3YfduhoDUD/4yjKj2ZrVBs4WJtxOWsO1VdYcG3Y4/1EO8Mp2B
DaL596wmhgEtY/7K/QhXpNA8H8SVjTWLUWxwOuymbcdmitIfIOmrG+eAPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPYEIV2YTojCpHYth+AuKhSMk8RkMB8GA1UdIwQY
MBaAFDNvasgvbyjj0+W2ZHVZTYMY51qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTI5cXlDOXZLT1BUNWJaa2RWbE5neGpuV3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85MTVjYmItNTY4YS00ZjQyLThiODAt
Y2NiMDE2YWUxNTEzLzEvOWdRaFhaaE9pTUtrZGkySDRDNHFGSXlUeEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85MTVjYmItNTY4YS00ZjQyLThiODAtY2NiMDE2YWUxNTEz
LzEvTTI5cXlDOXZLT1BUNWJaa2RWbE5neGpuV3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJRNgAwQD
JcvAAwQAuW2jMA0GCSqGSIb3DQEBCwUAA4IBAQBn9nWVj/HWoEvwpI32n4gz5wwe
05CL3bXxJrqmu2AWkjlXFP4HPCv3lb+xVhbE3fGg2zsNmVjZpw/rAYVpfhE3RlqO
2W2Xzwt0HSVb4yMv3L50UYR4+uIatr2aKlZTqhfd6TJhlf+ld0WnaumRLK+mDmun
rwc9lUdKkOazUy7FKlBn0Sr8gc9hLyoxBlXVDVMKqly9X7RBR9IY6yNC+qJ1CwvJ
HPXezdFEJJQUBS21bd7MBonqaaCPlmUOwpBbmLckGjX/Ajz/mBc+iQokkba3g8jh
RKHZJiA6JelBnd57Ib45CKsDCjOAkOrgmqSZEbiUf/MK9nyNohb6VEMQOHgh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org