Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/G_wS3wOn6v82REKAF_ZoXDa7o1g.roa
File: G_wS3wOn6v82REKAF_ZoXDa7o1g.roa (raw, json)
Hash identifier: ADykOkTG2NL3JIDQemID0mpPhDFR0GvLzjYueyogJBs=
Subject key identifier: 1B:FC:12:DF:03:A7:EA:FF:36:44:42:80:17:F6:68:5C:36:BB:A3:58
Certificate issuer: /CN=4200982284a050d941dbebbd04b5d0c914f635b7
Certificate serial: 019108A879DA339EE4A12DAE788A8E720D38
Authority key identifier: 42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/G_wS3wOn6v82REKAF_ZoXDa7o1g.roa
Signing time: Wed 31 Jul 2024 11:59:04 +0000
ROA not before: Wed 31 Jul 2024 11:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200651
IP address blocks: 37.156.68.0/24 maxlen: 24
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:4::/48 maxlen: 48
2a06:1700:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 Aug 2024 12:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:a8:79:da:33:9e:e4:a1:2d:ae:78:8a:8e:72:0d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200982284a050d941dbebbd04b5d0c914f635b7
Validity
Not Before: Jul 31 11:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bfc12df03a7eaff3644428017f6685c36bba358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:13:ab:76:a1:05:35:2b:59:27:13:74:17:17:
2d:e9:93:a0:0a:48:92:5d:21:f0:b3:e4:83:01:22:
94:4d:86:6a:4a:53:2d:2e:a5:7d:5d:85:14:c4:99:
7f:dc:33:57:3f:dc:ff:1a:90:f8:86:bb:3c:d6:86:
58:22:6f:bc:fd:bb:d1:02:ac:b2:f0:42:88:c2:79:
0d:0c:d4:f1:47:64:00:7f:7e:57:82:66:9a:5f:ad:
86:dc:d0:ee:f5:f0:dd:a0:d9:4a:98:d4:04:35:3a:
b3:33:5b:b4:35:c8:c6:6a:84:35:e9:90:63:2d:7c:
0d:c7:e7:b5:c4:4e:9a:bb:66:34:52:ef:dd:d6:d0:
17:08:59:2b:f0:fd:79:6e:3a:8e:c2:42:10:7f:76:
7c:b7:8d:f9:a6:62:75:87:c4:6b:8a:96:6a:19:42:
c9:13:a2:b9:ca:bb:64:f0:07:4f:a8:29:50:a1:b7:
d1:2a:d3:e2:b9:ac:b2:e9:ce:24:e3:54:8f:a6:ba:
9c:18:35:c9:96:3c:d2:ee:41:4b:27:a7:c2:b8:69:
11:13:6d:d3:c5:71:9b:9e:b3:5f:0e:7c:89:a7:99:
39:b0:3e:40:e8:e4:00:28:f0:96:1a:65:fc:e3:cb:
28:b4:de:11:6c:13:2a:d9:94:33:5b:f0:2e:82:c3:
57:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:FC:12:DF:03:A7:EA:FF:36:44:42:80:17:F6:68:5C:36:BB:A3:58
X509v3 Authority Key Identifier:
keyid:42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/G_wS3wOn6v82REKAF_ZoXDa7o1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
IPv6:
2a06:1700::-2a06:1700:4:ffff:ffff:ffff:ffff:ffff
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
41:9e:5b:7d:03:05:a5:33:91:b9:a5:9a:f2:3a:cf:0f:5d:8b:
af:f3:22:11:ef:9e:4d:94:ac:74:e1:32:b6:7b:4b:84:09:38:
05:e0:06:d0:25:ae:be:8d:49:63:c2:68:08:15:6d:cd:1a:d3:
3f:bb:f1:35:bd:90:00:29:8f:ed:d6:08:7b:dc:bf:ac:08:bf:
5a:5d:41:a5:0c:8f:7d:4f:d4:ad:1e:bd:3d:5a:70:ac:2f:3e:
18:2b:d7:25:91:a4:47:e0:e7:c9:e4:f5:d7:ec:ae:af:48:bd:
bc:9c:94:c9:8b:5f:96:0f:a4:ce:3c:e6:39:ea:c1:9f:50:32:
bb:a3:90:f7:02:62:e4:21:db:b4:2a:34:bd:d7:d1:23:0d:52:
2c:94:f4:e6:52:94:dd:9f:dc:46:e1:0f:1e:71:ac:c9:47:18:
cc:30:47:a9:8d:b3:8b:a2:09:ac:e2:ca:a9:85:a7:e7:f8:5d:
d5:ea:5b:cc:11:e7:72:b7:9e:c8:a2:55:f5:0c:95:d2:7d:3b:
c7:44:c8:b6:e2:d6:71:3f:6a:c5:db:f5:4d:7d:3c:39:90:53:
84:01:95:d1:e4:a8:33:74:78:3c:a8:2c:00:17:e7:e8:f5:22:
bc:bd:63:5b:ad:38:a9:1e:eb:d6:a4:ac:9b:26:e0:71:6a:99:
13:24:b5:7d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZEIqHnaM57koS2ueIqOcg04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA5ODIyODRhMDUwZDk0MWRiZWJiZDA0YjVkMGM5MTRm
NjM1YjcwHhcNMjQwNzMxMTE1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmZjMTJkZjAzYTdlYWZmMzY0NDQyODAxN2Y2Njg1YzM2YmJhMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApROrdqEFNStZJxN0Fxct6ZOgCkiS
XSHws+SDASKUTYZqSlMtLqV9XYUUxJl/3DNXP9z/GpD4hrs81oZYIm+8/bvRAqyy
8EKIwnkNDNTxR2QAf35XgmaaX62G3NDu9fDdoNlKmNQENTqzM1u0NcjGaoQ16ZBj
LXwNx+e1xE6au2Y0Uu/d1tAXCFkr8P15bjqOwkIQf3Z8t435pmJ1h8RripZqGULJ
E6K5yrtk8AdPqClQobfRKtPiuayy6c4k41SPprqcGDXJljzS7kFLJ6fCuGkRE23T
xXGbnrNfDnyJp5k5sD5A6OQAKPCWGmX848sotN4RbBMq2ZQzW/AugsNXtwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBv8Et8Dp+r/NkRCgBf2aFw2u6NYMB8GA1UdIwQY
MBaAFEIAmCKEoFDZQdvrvQS10MkU9jW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAt
NTFkYzJiMDk2ZGVmLzEvR193UzN3T242djgyUkVLQUZfWm9YRGE3bzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAtNTFkYzJiMDk2ZGVm
LzEvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAMBAIAATAGAwQAJZxEMCAE
AgACMBowDwMEACoGFwMHACoGFwAABAMHACoGFwABADANBgkqhkiG9w0BAQsFAAOC
AQEAQZ5bfQMFpTORuaWa8jrPD12Lr/MiEe+eTZSsdOEytntLhAk4BeAG0CWuvo1J
Y8JoCBVtzRrTP7vxNb2QACmP7dYIe9y/rAi/Wl1BpQyPfU/UrR69PVpwrC8+GCvX
JZGkR+DnyeT11+yur0i9vJyUyYtflg+kzjzmOerBn1Ayu6OQ9wJi5CHbtCo0vdfR
Iw1SLJT05lKU3Z/cRuEPHnGsyUcYzDBHqY2zi6IJrOLKqYWn5/hd1epbzBHncree
yKJV9QyV0n07x0TItuLWcT9qxdv1TX08OZBThAGV0eSoM3R4PKgsABfn6PUivL1j
W604qR7r1qSsmybgcWqZEyS1fQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:32:28 2025 by rpki-client