Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4TDCBaWnxlaN9fKfiVvml4Okyvg.roa
File: 4TDCBaWnxlaN9fKfiVvml4Okyvg.roa (raw, json)
Hash identifier: KFbiK2X3ISNCjtCzAEUFkvOiJ1TxMJUw4NAkpp3Zao0=
Subject key identifier: E1:30:C2:05:A5:A7:C6:56:8D:F5:F2:9F:89:5B:E6:97:83:A4:CA:F8
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0185710C36EB71BB34778E60A45CA696E999
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4TDCBaWnxlaN9fKfiVvml4Okyvg.roa
Signing time: Mon 02 Jan 2023 05:55:03 +0000
ROA not before: Mon 02 Jan 2023 05:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 104.232.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:36:eb:71:bb:34:77:8e:60:a4:5c:a6:96:e9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 05:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e130c205a5a7c6568df5f29f895be69783a4caf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:16:17:fa:09:7f:01:76:e5:f1:77:ea:de:ee:
ff:c5:ed:25:02:33:70:6f:94:d7:6a:dd:7a:e7:b9:
74:20:7c:f4:16:49:fb:b3:cb:8d:b7:0c:37:38:2c:
0f:ef:a6:aa:a6:01:73:22:13:31:1d:b1:c3:57:bc:
17:f8:a7:4c:f2:e5:b5:18:97:93:7a:5e:8b:c5:fe:
f4:00:4e:21:bf:be:13:79:f5:85:f3:12:52:9a:c7:
2a:0d:ae:a1:5a:47:a2:7e:05:d2:90:b7:ac:99:a8:
c5:f7:1a:44:84:20:af:df:81:ff:a2:4c:1c:ed:41:
7d:86:c3:db:0c:86:ce:ec:f5:f1:d2:bc:7d:12:08:
29:95:63:8f:32:68:d5:a5:ae:ea:7a:67:2d:d2:4d:
e1:a3:72:e3:df:7f:90:8e:4f:85:25:41:39:d8:6b:
31:92:1c:37:10:0d:22:20:b5:09:9b:91:70:dc:bb:
c7:df:16:3d:8b:57:e6:96:bb:8b:dd:64:1e:0e:a0:
5b:3b:2a:ef:60:42:c6:89:b4:4d:0b:8b:91:c5:04:
fe:d9:b4:d0:05:8f:d6:25:70:a8:e8:ef:f1:2f:2b:
b4:60:32:f0:5e:bb:22:70:62:7e:3b:9b:6f:9b:38:
9e:40:3d:f0:f8:01:c2:86:2c:56:dc:cf:07:a2:dd:
c7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:30:C2:05:A5:A7:C6:56:8D:F5:F2:9F:89:5B:E6:97:83:A4:CA:F8
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4TDCBaWnxlaN9fKfiVvml4Okyvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.232.37.0/24
Signature Algorithm: sha256WithRSAEncryption
79:f3:8c:bf:6a:da:2d:01:10:29:70:5e:7c:98:e0:59:e8:d4:
bb:1e:61:69:98:68:e3:d2:c7:21:c1:02:7c:32:15:69:c5:56:
90:d8:57:43:a4:c8:e6:e9:75:08:37:71:7e:4e:f3:cc:f9:1d:
af:9f:2d:d4:fc:aa:f7:1a:b4:70:69:d1:81:ed:e9:dc:a5:f2:
78:2f:8e:7d:d6:0d:93:aa:aa:d1:3f:5e:54:6f:87:ee:2c:5a:
9b:f1:ec:ca:9d:06:19:d5:06:50:c9:63:d2:4c:66:8b:5b:4d:
4a:32:40:f3:8b:cd:2e:e5:2c:e8:d7:ef:aa:60:7b:69:44:4e:
a4:12:8e:8a:c8:5a:df:da:87:a7:10:e7:f9:6a:9a:11:3e:24:
aa:f4:c0:81:31:44:e0:0d:be:e3:d0:01:61:51:73:c9:bc:52:
61:51:91:c8:aa:75:6f:cf:35:f7:98:47:11:af:65:ac:bc:b7:
cc:7a:66:4c:61:df:ce:14:b0:c6:73:27:19:b5:ce:4b:7a:09:
b8:fe:00:b6:d8:08:a3:6e:2c:0f:4d:3e:3e:0b:d8:21:51:2d:
8f:f8:17:ee:cd:e0:97:40:29:52:4a:2b:f3:d6:2c:10:45:ab:
04:b3:aa:05:49:1a:da:95:2f:5b:58:05:9f:5f:36:3d:f9:cf:
02:dd:79:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDDbrcbs0d45gpFymlumZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMwYzIwNWE1YTdjNjU2OGRmNWYyOWY4OTViZTY5NzgzYTRjYWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRYX+gl/AXbl8Xfq3u7/xe0lAjNw
b5TXat1657l0IHz0Fkn7s8uNtww3OCwP76aqpgFzIhMxHbHDV7wX+KdM8uW1GJeT
el6Lxf70AE4hv74TefWF8xJSmscqDa6hWkeifgXSkLesmajF9xpEhCCv34H/okwc
7UF9hsPbDIbO7PXx0rx9EggplWOPMmjVpa7qemct0k3ho3Lj33+Qjk+FJUE52Gsx
khw3EA0iILUJm5Fw3LvH3xY9i1fmlruL3WQeDqBbOyrvYELGibRNC4uRxQT+2bTQ
BY/WJXCo6O/xLyu0YDLwXrsicGJ+O5tvmzieQD3w+AHChixW3M8Hot3HrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEwwgWlp8ZWjfXyn4lb5peDpMr4MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNFREQ0JhV254bGFOOWZLZmlWdm1sNE9reXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaOglMA0G
CSqGSIb3DQEBCwUAA4IBAQB584y/atotARApcF58mOBZ6NS7HmFpmGjj0schwQJ8
MhVpxVaQ2FdDpMjm6XUIN3F+TvPM+R2vny3U/Kr3GrRwadGB7encpfJ4L4591g2T
qqrRP15Ub4fuLFqb8ezKnQYZ1QZQyWPSTGaLW01KMkDzi80u5Szo1++qYHtpRE6k
Eo6KyFrf2oenEOf5apoRPiSq9MCBMUTgDb7j0AFhUXPJvFJhUZHIqnVvzzX3mEcR
r2WsvLfMemZMYd/OFLDGcycZtc5Legm4/gC22AijbiwPTT4+C9ghUS2P+BfuzeCX
QClSSivz1iwQRasEs6oFSRralS9bWAWfXzY9+c8C3Xny
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:40 2024 by rpki-client on console-fra.rpki-client.org