Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/fi80haNcqhc7YUHzlb463trKWqQ.roa
File: fi80haNcqhc7YUHzlb463trKWqQ.roa (raw, json)
Hash identifier: hxON3cOz0D7eUaxAuV4PeiIQiQaJBVnRuQnM9Ubswp4=
Subject key identifier: 7E:2F:34:85:A3:5C:AA:17:3B:61:41:F3:95:BE:3A:DE:DA:CA:5A:A4
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 01919282AAE2C8B9AE0F8E449A3B3510D66E
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/fi80haNcqhc7YUHzlb463trKWqQ.roa
Signing time: Tue 27 Aug 2024 06:25:22 +0000
ROA not before: Tue 27 Aug 2024 06:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26737
IP address blocks: 37.143.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 06:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:92:82:aa:e2:c8:b9:ae:0f:8e:44:9a:3b:35:10:d6:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Aug 27 06:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e2f3485a35caa173b6141f395be3adedaca5aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3a:4c:dd:21:63:24:30:cf:80:2e:0d:58:80:
3c:6b:9c:64:db:f2:01:81:93:63:f6:39:99:fc:31:
7a:99:de:8c:8f:b2:a9:24:98:5e:e0:f3:d6:ef:ce:
51:da:46:ca:ae:62:f0:07:11:a6:c2:00:15:43:8c:
99:82:88:c9:4c:03:b4:61:4c:12:18:51:04:92:48:
3b:e7:d7:50:aa:8c:70:25:b7:6c:7c:81:7d:93:28:
8a:88:5b:c7:f3:85:3e:ab:f2:f7:95:ad:33:86:49:
d8:aa:ab:af:07:30:bc:e7:db:e9:6e:cd:2c:59:d5:
95:eb:3c:5e:12:84:db:eb:1a:f4:58:99:e5:ee:e2:
8e:e6:a8:82:04:f1:39:f3:f4:f3:0e:94:33:23:bd:
e6:0e:e3:b6:0b:6d:f1:49:3c:21:ee:0e:92:24:b7:
c3:52:50:8a:ff:b5:f7:bd:df:89:5a:ac:1b:d5:d5:
42:11:9c:dc:42:a1:a8:73:be:58:4b:c2:76:3e:3a:
2a:cc:42:b3:f3:60:33:01:62:99:68:52:86:d1:a9:
ca:f1:1e:56:98:83:8b:26:62:ec:bf:30:fa:3b:6e:
ce:1c:bf:7a:17:7b:c9:8c:70:50:a2:60:b3:54:20:
e5:a2:68:ba:6d:b3:f0:4d:39:6a:29:62:19:9c:38:
19:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2F:34:85:A3:5C:AA:17:3B:61:41:F3:95:BE:3A:DE:DA:CA:5A:A4
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/fi80haNcqhc7YUHzlb463trKWqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.4.0/22
Signature Algorithm: sha256WithRSAEncryption
11:8e:56:e4:39:6f:e3:bd:21:fa:6f:8d:72:7b:4e:20:5f:39:
8d:77:67:50:a6:ef:ea:a1:af:e6:b6:9d:67:82:e5:e6:8e:21:
cf:b8:72:70:89:b0:ad:8a:ca:35:36:e3:78:e4:14:e1:e0:b9:
b7:a3:77:70:d9:b4:51:be:98:4b:38:aa:a1:23:99:42:d9:ab:
c0:da:70:d2:6b:62:3c:99:7a:6a:a1:b3:12:ff:f3:19:14:de:
ab:19:e0:e9:34:42:6c:ce:ca:9f:aa:d9:42:38:6d:1f:68:63:
f9:78:3b:2f:17:aa:c7:e2:3f:7d:ee:b3:12:88:b3:61:e4:14:
d0:3e:31:0a:d4:b0:8d:ad:21:d9:30:f0:81:07:da:45:e3:15:
5e:ee:34:39:1d:1e:5a:22:f4:64:77:c2:f5:37:c3:98:a7:87:
61:30:94:e4:5c:d8:6c:62:51:c6:73:ff:2b:e1:de:e1:06:52:
1f:15:85:c6:bd:be:f7:cb:b2:c1:29:32:57:b6:43:28:a5:3f:
31:13:df:69:e3:44:fe:66:10:a1:a5:59:a8:7a:30:3c:23:9f:
28:68:54:14:f1:9d:5b:ef:19:37:7f:ea:56:ef:19:9e:eb:af:
46:5d:a7:3f:34:1a:47:c9:a3:ae:01:d9:21:3f:d5:09:7a:82:
78:a3:c8:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGSgqriyLmuD45Emjs1ENZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjQwODI3MDYyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTJmMzQ4NWEzNWNhYTE3M2I2MTQxZjM5NWJlM2FkZWRhY2E1YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTpM3SFjJDDPgC4NWIA8a5xk2/IB
gZNj9jmZ/DF6md6Mj7KpJJhe4PPW785R2kbKrmLwBxGmwgAVQ4yZgojJTAO0YUwS
GFEEkkg759dQqoxwJbdsfIF9kyiKiFvH84U+q/L3la0zhknYqquvBzC859vpbs0s
WdWV6zxeEoTb6xr0WJnl7uKO5qiCBPE58/TzDpQzI73mDuO2C23xSTwh7g6SJLfD
UlCK/7X3vd+JWqwb1dVCEZzcQqGoc75YS8J2PjoqzEKz82AzAWKZaFKG0anK8R5W
mIOLJmLsvzD6O27OHL96F3vJjHBQomCzVCDlomi6bbPwTTlqKWIZnDgZywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4vNIWjXKoXO2FB85W+Ot7aylqkMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvZmk4MGhhTmNxaGM3WVVIemxiNDYzdHJLV3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJY8EMA0G
CSqGSIb3DQEBCwUAA4IBAQARjlbkOW/jvSH6b41ye04gXzmNd2dQpu/qoa/mtp1n
guXmjiHPuHJwibCtiso1NuN45BTh4Lm3o3dw2bRRvphLOKqhI5lC2avA2nDSa2I8
mXpqobMS//MZFN6rGeDpNEJszsqfqtlCOG0faGP5eDsvF6rH4j997rMSiLNh5BTQ
PjEK1LCNrSHZMPCBB9pF4xVe7jQ5HR5aIvRkd8L1N8OYp4dhMJTkXNhsYlHGc/8r
4d7hBlIfFYXGvb73y7LBKTJXtkMopT8xE99p40T+ZhChpVmoejA8I58oaFQU8Z1b
7xk3f+pW7xme669GXac/NBpHyaOuAdkhP9UJeoJ4o8h1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:26 2025 by rpki-client