Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/1--crIXs9_qR1Msk7Mb8wv5rPl3A.roa
File: 1--crIXs9_qR1Msk7Mb8wv5rPl3A.roa (raw, json)
Hash identifier: 1vimLMJ4Fyn2OiXzF8bXmVZWAfhdzlmpw5X10b3i1OE=
Subject key identifier: FB:E7:2B:21:7B:3D:FE:A4:75:32:C9:3B:31:BF:30:BF:9A:CF:97:70
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 01927CE19882605C02E3416382192779F6EE
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/1--crIXs9_qR1Msk7Mb8wv5rPl3A.roa
Signing time: Fri 11 Oct 2024 18:40:12 +0000
ROA not before: Fri 11 Oct 2024 18:40:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.143.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 17:16:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7c:e1:98:82:60:5c:02:e3:41:63:82:19:27:79:f6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Oct 11 18:40:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbe72b217b3dfea47532c93b31bf30bf9acf9770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:15:8c:b9:1a:1c:85:0a:5b:d8:7a:e9:20:f7:
5f:e8:33:6f:02:31:9b:ef:5d:5e:74:52:46:64:b1:
d1:75:f8:88:44:0f:df:e5:48:a8:06:3e:2b:19:85:
fe:11:f9:a1:94:b5:50:fc:72:37:45:1d:06:8d:db:
41:4e:fa:7c:a1:ff:76:fe:e9:bf:46:34:7d:8f:71:
59:0c:92:70:66:9d:55:8d:d3:be:c2:c8:71:bf:6a:
c0:f6:0e:d4:23:c4:af:9d:bb:d9:2e:e0:56:3f:52:
04:58:b3:7b:69:e2:d0:0c:74:3a:7e:e3:0a:20:1e:
26:c4:c5:31:61:aa:3d:5a:2f:8c:74:f5:39:cd:24:
c3:b2:d3:52:ed:05:b1:b1:7a:d5:74:80:3d:a4:34:
a1:f9:90:05:e0:e5:6c:5d:ec:30:53:47:ff:85:12:
4f:c3:4d:35:5a:24:f4:81:00:49:03:d9:38:d7:d9:
cb:ba:b0:99:dc:93:31:40:22:42:cd:fd:da:d1:50:
28:25:96:c3:8b:0a:8e:ac:19:9d:27:11:9b:e5:ea:
37:8e:14:e6:14:6f:43:b8:ca:1b:df:32:57:fa:96:
0f:e0:c0:5a:76:a4:d4:9c:df:c1:45:b2:7c:51:40:
a8:b7:d4:9b:ec:c0:0b:68:99:72:51:d4:f0:d7:97:
34:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E7:2B:21:7B:3D:FE:A4:75:32:C9:3B:31:BF:30:BF:9A:CF:97:70
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/1--crIXs9_qR1Msk7Mb8wv5rPl3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.4.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:2f:8e:ef:7a:0b:8f:c5:1f:ba:54:14:93:f5:31:dc:f9:a6:
6e:87:ca:a6:55:8e:1e:99:84:97:4c:d8:77:3d:e8:31:8c:20:
ec:74:ce:af:91:82:bf:12:a1:c8:bc:9b:dc:61:60:4d:99:9b:
46:15:60:9e:24:e7:4a:03:5d:81:c8:7f:32:80:4d:b8:47:b1:
8e:2d:59:da:8a:07:5e:90:0e:fc:c5:eb:d0:ae:99:f9:d2:b6:
55:06:ad:69:3b:b0:57:8e:79:a8:68:e7:e0:25:04:77:97:1b:
5d:6f:81:a6:a7:e8:e3:d7:83:c9:5c:26:5d:a0:e1:08:c8:36:
87:23:94:ad:d6:2d:9b:6e:f7:c6:95:ca:0a:ec:a5:44:22:e6:
02:e9:bd:32:d2:da:d6:5a:66:40:0b:75:a6:07:f8:b8:73:82:
b1:38:62:a0:ae:36:2e:1e:89:3e:10:19:9c:fa:7f:2a:47:48:
1c:45:af:30:b3:97:e0:56:a4:5e:9a:02:0f:39:8b:fe:44:27:
e7:d9:07:18:a9:1f:b2:db:1f:d9:1d:0b:16:94:2d:65:db:e8:
ac:0c:d1:42:b7:d7:a9:cb:82:7e:97:76:78:18:ac:96:26:de:
65:b9:88:5d:9e:c2:d3:f9:e3:5a:69:6d:25:34:de:f1:e6:1d:
21:35:94:5a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJ84ZiCYFwC40FjghknefbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjQxMDExMTg0MDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU3MmIyMTdiM2RmZWE0NzUzMmM5M2IzMWJmMzBiZjlhY2Y5NzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhWMuRochQpb2HrpIPdf6DNvAjGb
711edFJGZLHRdfiIRA/f5UioBj4rGYX+EfmhlLVQ/HI3RR0GjdtBTvp8of92/um/
RjR9j3FZDJJwZp1VjdO+wshxv2rA9g7UI8SvnbvZLuBWP1IEWLN7aeLQDHQ6fuMK
IB4mxMUxYao9Wi+MdPU5zSTDstNS7QWxsXrVdIA9pDSh+ZAF4OVsXewwU0f/hRJP
w001WiT0gQBJA9k419nLurCZ3JMxQCJCzf3a0VAoJZbDiwqOrBmdJxGb5eo3jhTm
FG9DuMob3zJX+pYP4MBadqTUnN/BRbJ8UUCot9Sb7MALaJlyUdTw15c0XQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPvnKyF7Pf6kdTLJOzG/ML+az5dwMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvMS0tY3JJWHM5X3FSMU1zazdNYjh3djVyUGwzQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDcvNmJlY2IwLTE4ZmQtNGFkZC1iYjQxLTJlMWMwYWY0ZmFh
NC8xL0QyTmoxQ2kza1Z3UWlDWHdsd1lBUzQ2ajFMVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiWPBDAN
BgkqhkiG9w0BAQsFAAOCAQEAyS+O73oLj8UfulQUk/Ux3PmmbofKplWOHpmEl0zY
dz3oMYwg7HTOr5GCvxKhyLyb3GFgTZmbRhVgniTnSgNdgch/MoBNuEexji1Z2ooH
XpAO/MXr0K6Z+dK2VQataTuwV455qGjn4CUEd5cbXW+Bpqfo49eDyVwmXaDhCMg2
hyOUrdYtm273xpXKCuylRCLmAum9MtLa1lpmQAt1pgf4uHOCsThioK42Lh6JPhAZ
nPp/KkdIHEWvMLOX4FakXpoCDzmL/kQn59kHGKkfstsf2R0LFpQtZdvorAzRQrfX
qcuCfpd2eBislibeZbmIXZ7C0/njWmltJTTe8eYdITWUWg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:35 2025 by rpki-client