Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/iicADrPcQvOPk9oPrH74hatGkII.roa
File: iicADrPcQvOPk9oPrH74hatGkII.roa (raw, json)
Hash identifier: hil1JdhMZLfPJW3MD+NFf4HFbUAjGhG+04+S69avVTY=
Subject key identifier: 8A:27:00:0E:B3:DC:42:F3:8F:93:DA:0F:AC:7E:F8:85:AB:46:90:82
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 019173A2EB9CED9A785B980BF3AE47E7D1B1
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/iicADrPcQvOPk9oPrH74hatGkII.roa
Signing time: Wed 21 Aug 2024 06:32:22 +0000
ROA not before: Wed 21 Aug 2024 06:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26737
IP address blocks: 37.143.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Aug 2024 12:34:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:73:a2:eb:9c:ed:9a:78:5b:98:0b:f3:ae:47:e7:d1:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Aug 21 06:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a27000eb3dc42f38f93da0fac7ef885ab469082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c5:4b:d6:c2:70:04:4a:d5:1c:2a:c7:04:5e:
e0:65:23:d9:8e:47:ff:5d:03:a9:11:78:30:66:ef:
4b:5d:7c:c9:53:4c:c9:8e:e7:37:cd:ae:b8:ab:4a:
a2:c5:e3:30:91:8c:98:33:22:d6:e9:18:ef:1a:c6:
a0:81:27:1e:f1:7e:0a:3d:a8:0b:7f:dc:8e:e8:62:
37:97:4f:ba:64:a4:39:73:01:e5:65:f4:79:f3:77:
f0:e7:07:d4:7b:de:0d:3b:8e:83:9e:fb:60:c6:c3:
52:78:e2:11:20:8c:5b:e0:db:21:7e:49:0b:76:98:
5d:ab:0c:48:f9:c5:0b:4c:32:6b:76:00:d4:f5:5b:
28:fd:13:0a:f9:f8:8c:eb:79:f0:79:1e:2c:76:26:
0b:be:f3:e7:0e:7a:b4:c9:b7:79:4d:93:d0:e0:73:
61:39:70:c1:cd:df:72:0e:51:1d:0d:3f:df:5c:e0:
6e:32:fb:f6:2e:df:be:a9:7f:34:d1:c6:76:7c:86:
9b:bf:c5:14:c0:d0:ed:9a:64:31:75:64:e3:74:0b:
ec:75:e2:d9:dd:34:5f:6e:5a:7e:da:2e:7e:ed:15:
0c:16:44:23:ca:31:a4:a5:54:54:af:96:f3:21:fd:
88:4d:2e:3d:1e:2d:d5:c4:f2:d9:94:ab:1e:4f:ba:
8d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:27:00:0E:B3:DC:42:F3:8F:93:DA:0F:AC:7E:F8:85:AB:46:90:82
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/iicADrPcQvOPk9oPrH74hatGkII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.4.0/22
Signature Algorithm: sha256WithRSAEncryption
11:ac:fa:5b:83:92:a4:d5:dc:38:94:6c:49:e3:a5:2e:fe:a3:
fd:5e:de:41:c4:57:f6:78:ed:67:5a:72:a9:6a:96:07:6d:cf:
62:1c:2a:df:bf:7f:1a:df:a1:98:08:77:64:e3:0f:77:39:6a:
85:36:76:b5:97:32:bb:e0:c2:1e:16:97:4c:a0:e8:c8:de:6d:
52:20:f0:53:ba:0e:e1:5c:aa:17:8e:6a:83:03:ce:20:46:2f:
86:f2:a3:e4:10:28:23:7c:ee:33:4f:e1:5a:00:e7:b4:14:32:
6c:07:94:b1:b9:78:7e:db:41:85:c8:4a:91:2d:b5:2b:c8:c4:
93:1b:80:a2:48:ba:5b:99:4b:3d:be:3d:7b:ff:50:d4:8b:b8:
e6:df:3e:f3:cf:a6:22:da:32:23:39:8b:9a:60:c0:f4:3f:e0:
57:3f:54:33:94:82:30:1f:ff:b4:23:b0:1c:3f:e0:88:99:83:
b7:a6:54:af:fa:ab:83:b3:77:01:2e:66:8d:d0:4a:16:4c:5e:
23:9b:1e:f6:04:9c:fe:75:4f:a5:6a:53:bb:a6:95:a2:5e:5d:
e4:5a:e4:c3:28:90:c1:d6:b7:c0:57:c9:8b:fc:f4:0c:68:8b:
e2:45:d4:ad:2c:7f:27:2a:25:22:5c:ef:c1:f1:b6:c6:b2:c7:
56:bb:59:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFzouuc7Zp4W5gL865H59GxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjQwODIxMDYzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTI3MDAwZWIzZGM0MmYzOGY5M2RhMGZhYzdlZjg4NWFiNDY5MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMVL1sJwBErVHCrHBF7gZSPZjkf/
XQOpEXgwZu9LXXzJU0zJjuc3za64q0qixeMwkYyYMyLW6RjvGsaggSce8X4KPagL
f9yO6GI3l0+6ZKQ5cwHlZfR583fw5wfUe94NO46DnvtgxsNSeOIRIIxb4NshfkkL
dphdqwxI+cULTDJrdgDU9Vso/RMK+fiM63nweR4sdiYLvvPnDnq0ybd5TZPQ4HNh
OXDBzd9yDlEdDT/fXOBuMvv2Lt++qX800cZ2fIabv8UUwNDtmmQxdWTjdAvsdeLZ
3TRfblp+2i5+7RUMFkQjyjGkpVRUr5bzIf2ITS49Hi3VxPLZlKseT7qNXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIonAA6z3ELzj5PaD6x++IWrRpCCMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvaWljQURyUGNRdk9QazlvUHJINzRoYXRHa0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJY8EMA0G
CSqGSIb3DQEBCwUAA4IBAQARrPpbg5Kk1dw4lGxJ46Uu/qP9Xt5BxFf2eO1nWnKp
apYHbc9iHCrfv38a36GYCHdk4w93OWqFNna1lzK74MIeFpdMoOjI3m1SIPBTug7h
XKoXjmqDA84gRi+G8qPkECgjfO4zT+FaAOe0FDJsB5SxuXh+20GFyEqRLbUryMST
G4CiSLpbmUs9vj17/1DUi7jm3z7zz6Yi2jIjOYuaYMD0P+BXP1QzlIIwH/+0I7Ac
P+CImYO3plSv+quDs3cBLmaN0EoWTF4jmx72BJz+dU+lalO7ppWiXl3kWuTDKJDB
1rfAV8mL/PQMaIviRdStLH8nKiUiXO/B8bbGssdWu1nk
-----END CERTIFICATE-----
Generated at Sun Aug 25 14:54:10 2024 by rpki-client on console-fra.rpki-client.org