Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/cqOn9kiOjdkxIBUmxkfkG_EP2SI.roa
File: cqOn9kiOjdkxIBUmxkfkG_EP2SI.roa (raw, json)
Hash identifier: wNdvJ45jmQd/STBkdkzULfSg3eyxCoA9xj4jCg0LOnU=
Subject key identifier: 72:A3:A7:F6:48:8E:8D:D9:31:20:15:26:C6:47:E4:1B:F1:0F:D9:22
Certificate issuer: /CN=f39f96c20e10f76f03ed47815b7a6a5efdbe03d5
Certificate serial: 01856C4A5CDC6AEF7559CD8B885FDED98FD0
Authority key identifier: F3:9F:96:C2:0E:10:F7:6F:03:ED:47:81:5B:7A:6A:5E:FD:BE:03:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/85-Wwg4Q928D7UeBW3pqXv2-A9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/cqOn9kiOjdkxIBUmxkfkG_EP2SI.roa
Signing time: Sun 01 Jan 2023 07:44:50 +0000
ROA not before: Sun 01 Jan 2023 07:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49158
IP address blocks: 37.60.64.0/19 maxlen: 19
37.60.64.0/18 maxlen: 18
37.60.96.0/19 maxlen: 19
2a00:5bc0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:5c:dc:6a:ef:75:59:cd:8b:88:5f:de:d9:8f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f39f96c20e10f76f03ed47815b7a6a5efdbe03d5
Validity
Not Before: Jan 1 07:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72a3a7f6488e8dd931201526c647e41bf10fd922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6e:cd:11:01:54:d6:af:43:06:dd:60:34:0e:
f5:8b:54:35:8d:7e:b7:e7:47:aa:ec:52:6c:5f:7d:
b5:64:b6:02:9a:20:52:f4:71:90:6d:dd:97:30:b5:
c0:fe:b1:d9:bb:42:5e:f4:0f:55:e9:cf:30:95:d1:
8a:e8:d7:f5:4d:e0:7a:ad:ba:2f:f7:5f:ad:fe:57:
08:f7:e7:5b:75:42:72:56:cb:a6:12:08:ac:03:bf:
24:fa:71:53:e0:86:57:4b:1f:ff:32:b9:97:5c:0b:
ce:d7:75:ab:70:5d:23:3c:97:f5:8c:10:83:c7:8f:
a3:45:21:b4:7a:22:ba:d8:43:43:04:71:8d:84:95:
f9:14:f7:bb:ec:0f:2c:ae:31:f1:57:87:b8:5e:4f:
27:b7:18:92:70:79:6a:c0:34:64:d1:51:17:e1:72:
26:c0:aa:97:3f:a1:fa:dc:d3:30:bd:ec:70:29:d4:
22:0d:f1:82:48:60:97:ab:d8:08:1a:85:21:d6:66:
e6:5a:d2:fb:bc:f6:89:22:28:88:27:88:ab:37:19:
2c:2e:f0:f9:d5:52:55:2c:b3:b6:04:fa:77:cd:04:
f4:d6:46:9e:b1:15:a4:eb:62:f0:5f:86:b4:63:2b:
47:5e:da:ce:bb:5d:42:52:f6:e8:a6:bc:d1:59:08:
a5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A3:A7:F6:48:8E:8D:D9:31:20:15:26:C6:47:E4:1B:F1:0F:D9:22
X509v3 Authority Key Identifier:
keyid:F3:9F:96:C2:0E:10:F7:6F:03:ED:47:81:5B:7A:6A:5E:FD:BE:03:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/85-Wwg4Q928D7UeBW3pqXv2-A9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/cqOn9kiOjdkxIBUmxkfkG_EP2SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/0b45e9-3f4a-4bd8-bab9-fb9081a16139/1/85-Wwg4Q928D7UeBW3pqXv2-A9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.64.0/18
IPv6:
2a00:5bc0::/32
Signature Algorithm: sha256WithRSAEncryption
19:de:c7:a6:1c:7c:50:1e:38:da:af:f8:ae:61:ba:13:a4:dc:
70:68:d4:14:85:a3:0e:e8:02:f5:eb:6f:1d:d8:0c:3e:fc:1e:
76:48:dd:d4:fa:dc:77:f4:6c:5f:9a:8a:3d:e5:27:30:2e:1c:
d0:ac:f1:3d:e6:4b:75:fc:78:8b:34:91:d0:9a:8b:05:03:76:
24:02:99:d7:29:0f:56:fe:ab:a8:75:b1:6b:79:6e:41:64:3c:
10:b7:5d:b2:e7:b6:6b:85:27:0d:b8:e9:a3:16:43:d2:ab:be:
1f:44:92:75:1d:86:98:99:53:b8:93:6c:c7:11:ef:ec:d7:60:
e7:ca:c1:d7:6f:80:e7:00:13:cc:89:92:97:96:5f:77:b8:2b:
4d:90:67:c9:28:1d:29:d3:79:5e:30:be:88:dd:cb:67:85:b3:
99:bf:16:dc:30:62:28:5b:05:d0:28:36:6b:5f:91:06:0e:bd:
16:d8:16:ee:32:1c:ce:a6:e4:c2:34:bc:2e:a9:eb:27:3f:e5:
83:8c:e9:55:35:2b:90:df:8a:71:0e:33:01:ba:0f:ad:7c:18:
3e:37:dd:c8:18:33:63:c2:e5:46:7e:95:c3:9a:ff:79:db:90:
87:c7:ab:f5:ea:49:a8:f2:17:85:e1:95:66:c3:f0:a0:da:45:
3f:00:53:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsSlzcau91Wc2LiF/e2Y/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzOWY5NmMyMGUxMGY3NmYwM2VkNDc4MTViN2E2YTVlZmRi
ZTAzZDUwHhcNMjMwMTAxMDc0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmEzYTdmNjQ4OGU4ZGQ5MzEyMDE1MjZjNjQ3ZTQxYmYxMGZkOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG7NEQFU1q9DBt1gNA71i1Q1jX63
50eq7FJsX321ZLYCmiBS9HGQbd2XMLXA/rHZu0Je9A9V6c8wldGK6Nf1TeB6rbov
91+t/lcI9+dbdUJyVsumEgisA78k+nFT4IZXSx//MrmXXAvO13WrcF0jPJf1jBCD
x4+jRSG0eiK62ENDBHGNhJX5FPe77A8srjHxV4e4Xk8ntxiScHlqwDRk0VEX4XIm
wKqXP6H63NMwvexwKdQiDfGCSGCXq9gIGoUh1mbmWtL7vPaJIiiIJ4irNxksLvD5
1VJVLLO2BPp3zQT01kaesRWk62LwX4a0YytHXtrOu11CUvboprzRWQilywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHKjp/ZIjo3ZMSAVJsZH5BvxD9kiMB8GA1UdIwQY
MBaAFPOflsIOEPdvA+1HgVt6al79vgPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODUtV3dnNFE5MjhEN1VlQlczcHFYdjItQTlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8wYjQ1ZTktM2Y0YS00YmQ4LWJhYjkt
ZmI5MDgxYTE2MTM5LzEvY3FPbjlraU9qZGt4SUJVbXhrZmtHX0VQMlNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8wYjQ1ZTktM2Y0YS00YmQ4LWJhYjktZmI5MDgxYTE2MTM5
LzEvODUtV3dnNFE5MjhEN1VlQlczcHFYdjItQTlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGJTxAMA0E
AgACMAcDBQAqAFvAMA0GCSqGSIb3DQEBCwUAA4IBAQAZ3semHHxQHjjar/iuYboT
pNxwaNQUhaMO6AL1628d2Aw+/B52SN3U+tx39Gxfmoo95ScwLhzQrPE95kt1/HiL
NJHQmosFA3YkApnXKQ9W/quodbFreW5BZDwQt12y57ZrhScNuOmjFkPSq74fRJJ1
HYaYmVO4k2zHEe/s12DnysHXb4DnABPMiZKXll93uCtNkGfJKB0p03leML6I3ctn
hbOZvxbcMGIoWwXQKDZrX5EGDr0W2BbuMhzOpuTCNLwuqesnP+WDjOlVNSuQ34px
DjMBug+tfBg+N93IGDNjwuVGfpXDmv9525CHx6v16kmo8heF4ZVmw/Cg2kU/AFOu
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:24 2024 by rpki-client on console-ams.rpki-client.org