Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/2sYNum2z_CwIm1hDREF2h0rvV3E.roa
File: 2sYNum2z_CwIm1hDREF2h0rvV3E.roa (raw, json)
Hash identifier: FK1/a5QKa3sXf5Qi+nsHGkoJT4jy8ti3DAQ47nr9VkI=
Subject key identifier: DA:C6:0D:BA:6D:B3:FC:2C:08:9B:58:43:44:41:76:87:4A:EF:57:71
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018CC94CC7C622CE6E73740004131BF696F6
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/2sYNum2z_CwIm1hDREF2h0rvV3E.roa
Signing time: Tue 02 Jan 2024 08:31:41 +0000
ROA not before: Tue 02 Jan 2024 08:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12871
IP address blocks: 37.188.64.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c7:c6:22:ce:6e:73:74:00:04:13:1b:f6:96:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 2 08:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dac60dba6db3fc2c089b5843444176874aef5771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a3:b8:35:5b:b1:e2:b2:39:55:30:42:15:4d:
fb:4b:55:78:94:e1:fe:24:c4:c8:8c:14:5c:d4:17:
80:b6:55:7f:56:93:12:93:f3:b3:9a:54:54:78:13:
c3:11:74:83:2d:dc:9a:59:1b:54:00:36:6b:81:60:
d4:78:cc:bd:85:6f:48:92:7f:17:57:68:8d:cb:57:
26:c2:0c:fd:72:d7:84:a0:e2:90:36:18:7a:a1:30:
68:cf:6d:7f:70:31:76:30:ec:6b:b3:85:db:5e:09:
fa:17:af:43:51:7a:2a:be:1d:aa:d7:0f:17:f8:16:
da:5b:5f:41:9a:bc:e1:5a:09:f2:fd:4d:41:bc:af:
85:d4:a5:54:6d:cd:3c:72:5a:03:c0:6b:58:55:f0:
83:4c:0f:51:4a:d4:d7:59:00:54:ca:96:96:2d:0b:
8e:63:5a:88:2c:82:13:74:38:3a:c6:d4:1f:89:46:
3f:a4:9e:a2:e4:44:bc:44:af:c0:a8:4d:a4:ce:e7:
43:5d:47:8e:03:3e:89:d1:56:76:20:4a:45:ce:0e:
5a:4f:75:89:cb:20:50:95:06:9e:fa:3a:89:f1:0a:
87:d1:c9:91:14:07:27:8f:29:bf:ee:aa:76:44:93:
62:b5:84:57:e5:e8:e2:19:59:cb:f6:1b:ae:51:34:
0e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C6:0D:BA:6D:B3:FC:2C:08:9B:58:43:44:41:76:87:4A:EF:57:71
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/2sYNum2z_CwIm1hDREF2h0rvV3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.188.64.0/20
Signature Algorithm: sha256WithRSAEncryption
65:37:d4:77:8f:f3:ac:fa:7f:1e:89:9b:e9:b4:4f:b0:95:20:
02:30:2a:51:b4:86:38:dc:9b:cf:2a:5c:e2:b7:ca:ee:c3:ea:
9e:8c:fa:42:00:1a:38:e9:a3:fa:dc:7c:1c:46:31:ec:56:76:
48:e0:6b:22:cd:f3:15:bb:a1:ee:f7:d5:34:37:6f:48:32:4e:
5a:40:05:3c:91:1a:3d:48:02:70:27:b4:6e:5f:38:52:c8:41:
27:07:76:17:fa:c8:07:e7:a4:17:d8:71:5d:f7:3a:5c:73:f6:
50:9a:27:f7:fa:62:29:ef:1d:d1:c4:38:1b:02:c9:37:c0:ea:
73:2d:33:af:02:ed:32:f1:89:37:9c:6c:00:91:a0:22:07:21:
d1:c1:88:42:7a:73:1f:4c:c6:f2:db:e5:c5:c9:1b:98:e3:2d:
e8:22:d1:f1:5a:89:5f:f0:04:be:e5:c2:b5:f3:7b:23:29:e3:
48:3d:57:a7:c1:f3:1f:da:c3:be:c5:2c:d6:54:96:12:4a:d7:
d4:ff:c3:12:f3:f9:3f:01:08:f7:49:91:12:f6:ac:b6:1b:5e:
ca:e7:b9:1d:dd:e3:47:a7:35:bd:5f:f3:18:93:98:c2:7c:30:
29:49:d5:a1:e5:d2:84:56:56:a9:7f:19:34:7a:17:3d:10:bc:
30:22:0c:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTMfGIs5uc3QABBMb9pb2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjQwMTAyMDgzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM2MGRiYTZkYjNmYzJjMDg5YjU4NDM0NDQxNzY4NzRhZWY1NzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6O4NVux4rI5VTBCFU37S1V4lOH+
JMTIjBRc1BeAtlV/VpMSk/OzmlRUeBPDEXSDLdyaWRtUADZrgWDUeMy9hW9Ikn8X
V2iNy1cmwgz9cteEoOKQNhh6oTBoz21/cDF2MOxrs4XbXgn6F69DUXoqvh2q1w8X
+BbaW19BmrzhWgny/U1BvK+F1KVUbc08cloDwGtYVfCDTA9RStTXWQBUypaWLQuO
Y1qILIITdDg6xtQfiUY/pJ6i5ES8RK/AqE2kzudDXUeOAz6J0VZ2IEpFzg5aT3WJ
yyBQlQae+jqJ8QqH0cmRFAcnjym/7qp2RJNitYRX5ejiGVnL9huuUTQOBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrGDbpts/wsCJtYQ0RBdodK71dxMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvMnNZTnVtMnpfQ3dJbTFoRFJFRjJoMHJ2VjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJbxAMA0G
CSqGSIb3DQEBCwUAA4IBAQBlN9R3j/Os+n8eiZvptE+wlSACMCpRtIY43JvPKlzi
t8ruw+qejPpCABo46aP63HwcRjHsVnZI4GsizfMVu6Hu99U0N29IMk5aQAU8kRo9
SAJwJ7RuXzhSyEEnB3YX+sgH56QX2HFd9zpcc/ZQmif3+mIp7x3RxDgbAsk3wOpz
LTOvAu0y8Yk3nGwAkaAiByHRwYhCenMfTMby2+XFyRuY4y3oItHxWolf8AS+5cK1
83sjKeNIPVenwfMf2sO+xSzWVJYSStfU/8MS8/k/AQj3SZES9qy2G17K57kd3eNH
pzW9X/MYk5jCfDApSdWh5dKEVlapfxk0ehc9ELwwIgza
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:00:43 2025 by rpki-client