Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/MlQ8erQArbzDw4t7GS_Itj3jI6s.roa
File: MlQ8erQArbzDw4t7GS_Itj3jI6s.roa (raw, json)
Hash identifier: 9HYwfmdj1pDE7g5q4NPyVdJ5nogwlAmOXrWO5WxnTHQ=
Subject key identifier: 32:54:3C:7A:B4:00:AD:BC:C3:C3:8B:7B:19:2F:C8:B6:3D:E3:23:AB
Certificate issuer: /CN=c7e8d959f1c9564a33f28fe44ab614b8f62b001b
Certificate serial: 018CC8715DCDEA3813B9EE8A749310069E51
Authority key identifier: C7:E8:D9:59:F1:C9:56:4A:33:F2:8F:E4:4A:B6:14:B8:F6:2B:00:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-jZWfHJVkoz8o_kSrYUuPYrABs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/MlQ8erQArbzDw4t7GS_Itj3jI6s.roa
Signing time: Tue 02 Jan 2024 04:32:01 +0000
ROA not before: Tue 02 Jan 2024 04:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198594
IP address blocks: 37.60.24.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:5d:cd:ea:38:13:b9:ee:8a:74:93:10:06:9e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7e8d959f1c9564a33f28fe44ab614b8f62b001b
Validity
Not Before: Jan 2 04:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32543c7ab400adbcc3c38b7b192fc8b63de323ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:ea:37:ea:48:b3:72:44:07:3d:b4:a2:b7:
e7:c3:4f:96:05:47:0c:e3:b2:32:03:06:6b:38:ec:
da:dd:a7:99:3b:54:43:cf:e5:15:e9:1d:a8:02:05:
a2:4f:35:f2:52:a3:03:c9:bd:6b:86:f4:f9:29:ec:
e1:88:9d:8f:6b:47:81:9c:b7:2a:07:6f:7e:1e:e0:
e4:f5:c7:1b:13:44:6f:45:6a:37:a1:9f:cd:08:3d:
eb:d5:7e:2d:90:9a:98:03:80:7c:62:7a:f5:a2:b5:
10:b1:a1:1e:52:92:fd:80:e5:8c:03:39:47:07:66:
c8:60:25:e8:b9:f2:3c:0d:9f:bb:82:12:b1:32:64:
f2:09:06:3e:d4:bf:5e:a7:e7:2a:96:54:94:af:03:
ae:65:bf:58:84:70:f9:dd:cb:22:c7:1b:6c:bb:68:
af:3a:29:04:32:7d:a6:e4:7a:5d:5f:e1:ae:dd:ee:
5c:82:23:d8:22:1a:56:bf:10:c3:ba:ed:00:48:d9:
ce:96:c2:2f:cc:e1:e2:df:fc:44:12:68:35:7c:32:
c8:19:4a:2e:22:61:67:06:10:23:f4:2f:be:a6:9e:
ec:07:09:17:75:6f:0b:3f:3c:f7:02:25:62:66:22:
3e:8e:8c:48:1e:30:09:74:0d:31:91:87:4a:36:dc:
e2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:54:3C:7A:B4:00:AD:BC:C3:C3:8B:7B:19:2F:C8:B6:3D:E3:23:AB
X509v3 Authority Key Identifier:
keyid:C7:E8:D9:59:F1:C9:56:4A:33:F2:8F:E4:4A:B6:14:B8:F6:2B:00:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-jZWfHJVkoz8o_kSrYUuPYrABs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/MlQ8erQArbzDw4t7GS_Itj3jI6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/24e327-7658-463c-8990-b1c9b789aaa9/1/x-jZWfHJVkoz8o_kSrYUuPYrABs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.24.0/21
Signature Algorithm: sha256WithRSAEncryption
57:01:0a:44:d1:f4:dd:a9:de:b4:9a:17:3b:33:49:41:cd:02:
13:4e:5b:c3:ea:5e:bd:e0:70:c7:6b:91:70:fc:6a:18:67:bc:
dc:d0:8f:d9:25:69:df:96:74:df:4f:70:a5:84:9b:41:7b:3d:
6e:09:80:62:c5:3d:c6:5f:7a:7b:37:50:dc:24:b8:33:3d:72:
8c:5f:96:ce:f0:17:e4:2d:81:5a:15:1e:7f:aa:b2:fd:7e:30:
08:12:6f:22:d5:16:20:67:cc:57:e6:86:83:80:ce:a0:fb:78:
74:a5:c6:b2:3d:21:21:48:7f:da:0c:a2:db:29:ff:a9:9e:6a:
6f:ca:79:85:bd:5a:01:95:87:d8:75:7b:6c:46:74:3b:39:f7:
33:68:9e:6f:35:dd:d9:95:98:72:b1:9c:a4:e7:5f:a5:e8:24:
fc:01:44:32:fe:14:75:37:58:51:9d:1a:3b:af:27:70:e1:7f:
77:33:9b:43:e3:c8:8d:a4:5d:6f:e8:17:f1:dd:43:32:93:44:
9f:80:a4:b5:36:2f:c1:11:72:29:9f:36:8d:f8:bc:67:53:59:
e8:62:a1:bc:82:1b:71:e3:d4:e7:99:1c:ed:dd:0f:46:da:c3:
35:68:2e:2e:07:ed:cb:95:80:9b:4d:a3:50:7c:d6:9f:64:dc:
ef:19:1f:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcV3N6jgTue6KdJMQBp5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZThkOTU5ZjFjOTU2NGEzM2YyOGZlNDRhYjYxNGI4ZjYy
YjAwMWIwHhcNMjQwMTAyMDQzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjU0M2M3YWI0MDBhZGJjYzNjMzhiN2IxOTJmYzhiNjNkZTMyM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOPqN+pIs3JEBz20orfnw0+WBUcM
47IyAwZrOOza3aeZO1RDz+UV6R2oAgWiTzXyUqMDyb1rhvT5KezhiJ2Pa0eBnLcq
B29+HuDk9ccbE0RvRWo3oZ/NCD3r1X4tkJqYA4B8Ynr1orUQsaEeUpL9gOWMAzlH
B2bIYCXoufI8DZ+7ghKxMmTyCQY+1L9ep+cqllSUrwOuZb9YhHD53csixxtsu2iv
OikEMn2m5HpdX+Gu3e5cgiPYIhpWvxDDuu0ASNnOlsIvzOHi3/xEEmg1fDLIGUou
ImFnBhAj9C++pp7sBwkXdW8LPzz3AiViZiI+joxIHjAJdA0xkYdKNtzifwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJUPHq0AK28w8OLexkvyLY94yOrMB8GA1UdIwQY
MBaAFMfo2VnxyVZKM/KP5Eq2FLj2KwAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC1qWldmSEpWa296OG9fa1NyWVV1UFlyQUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yNGUzMjctNzY1OC00NjNjLTg5OTAt
YjFjOWI3ODlhYWE5LzEvTWxROGVyUUFyYnpEdzR0N0dTX0l0ajNqSTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yNGUzMjctNzY1OC00NjNjLTg5OTAtYjFjOWI3ODlhYWE5
LzEveC1qWldmSEpWa296OG9fa1NyWVV1UFlyQUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJTwYMA0G
CSqGSIb3DQEBCwUAA4IBAQBXAQpE0fTdqd60mhc7M0lBzQITTlvD6l694HDHa5Fw
/GoYZ7zc0I/ZJWnflnTfT3ClhJtBez1uCYBixT3GX3p7N1DcJLgzPXKMX5bO8Bfk
LYFaFR5/qrL9fjAIEm8i1RYgZ8xX5oaDgM6g+3h0pcayPSEhSH/aDKLbKf+pnmpv
ynmFvVoBlYfYdXtsRnQ7OfczaJ5vNd3ZlZhysZyk51+l6CT8AUQy/hR1N1hRnRo7
rydw4X93M5tD48iNpF1v6Bfx3UMyk0SfgKS1Ni/BEXIpnzaN+LxnU1noYqG8ghtx
49TnmRzt3Q9G2sM1aC4uB+3LlYCbTaNQfNafZNzvGR8h
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:55 2025 by rpki-client