Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ESXi-RJxtX9NXicpqNDGJ8HQd38.roa
File: ESXi-RJxtX9NXicpqNDGJ8HQd38.roa (raw, json)
Hash identifier: +AP3FT29PZ1SWQJQGVpvwSic/81pDbwmAzDeyv9pELQ=
Subject key identifier: 11:25:E2:F9:12:71:B5:7F:4D:5E:27:29:A8:D0:C6:27:C1:D0:77:7F
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018E030033076746E0405407D5235F02640E
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ESXi-RJxtX9NXicpqNDGJ8HQd38.roa
Signing time: Sun 03 Mar 2024 06:28:48 +0000
ROA not before: Sun 03 Mar 2024 06:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.120.0/24 maxlen: 24
46.37.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 13:41:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:03:00:33:07:67:46:e0:40:54:07:d5:23:5f:02:64:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Mar 3 06:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1125e2f91271b57f4d5e2729a8d0c627c1d0777f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:77:22:7d:a5:e6:1e:9b:c0:97:cd:8d:12:cc:
ec:a0:93:dd:ba:23:ba:8a:2f:e2:de:be:10:60:03:
4b:0d:55:42:80:76:b8:f0:28:51:a5:81:5a:7a:cf:
32:65:b9:a8:2c:bd:56:60:88:82:07:ae:ab:11:d8:
c9:dc:e5:f2:7f:a0:10:b1:ed:10:37:31:4c:19:04:
c9:10:b0:20:c4:b2:6a:3b:60:e2:88:7a:d5:10:b3:
99:79:9c:86:cd:1a:76:c6:dc:b5:1c:16:91:b5:84:
4f:02:c0:6a:8f:7e:de:ed:c1:57:c4:8a:81:fa:43:
3a:c0:60:dd:a4:97:df:2d:f3:2a:ae:63:94:af:95:
ea:7e:79:bc:79:d5:7d:68:5c:94:b3:93:ce:a7:c1:
27:04:a7:29:53:07:20:b8:6e:a9:21:aa:7e:3a:5d:
eb:9c:cb:77:f2:1f:32:2d:40:16:7e:19:80:36:a1:
43:c6:88:f7:1d:cb:e4:5a:b4:4d:2b:a6:bc:8f:72:
0b:c4:de:93:06:3c:f5:96:74:d3:c2:67:a4:d9:67:
d2:a6:ff:3d:95:5a:fb:b1:dc:d0:ea:53:10:ff:5f:
a5:c5:6c:a0:61:75:cd:7d:53:ff:64:8a:10:04:f2:
b6:99:3e:ff:8b:6b:4b:fc:e1:fd:d4:f1:e8:71:bb:
ed:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:25:E2:F9:12:71:B5:7F:4D:5E:27:29:A8:D0:C6:27:C1:D0:77:7F
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ESXi-RJxtX9NXicpqNDGJ8HQd38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.120.0/23
Signature Algorithm: sha256WithRSAEncryption
77:2b:f1:cd:e6:8a:9e:f0:76:f8:cf:04:6b:0a:77:7d:a3:40:
e7:62:f2:c2:79:eb:c5:df:8d:b2:e2:2b:70:24:57:fb:55:f4:
66:5b:b8:87:4b:4d:e5:ef:88:41:c1:6c:ef:58:80:14:86:c1:
30:5c:5b:32:c4:12:1e:bd:d8:b0:1c:a2:58:56:c7:22:b8:f2:
b8:64:d5:1e:5a:98:5a:86:5e:e5:7c:66:de:7e:fa:27:68:6f:
53:3a:33:22:5e:1d:78:26:3b:ac:ec:ea:7b:8c:c5:01:b5:ce:
90:42:42:e0:52:31:3f:ed:81:a5:31:bc:6f:4d:2c:60:11:37:
1c:cf:c2:79:04:c4:df:55:b6:5f:91:fc:d0:36:9c:46:03:07:
10:9b:ef:47:57:08:e6:fd:c0:f1:49:23:3a:65:2a:19:cc:7b:
df:c8:b0:25:59:f2:a4:28:19:0a:a1:9a:3c:92:5c:13:aa:27:
95:37:ba:30:f7:99:6a:fb:29:d8:bb:25:46:29:b8:80:a7:76:
a2:b8:cf:b9:26:00:5d:8f:16:d1:73:72:96:34:26:da:4b:79:
14:45:90:ad:69:61:22:9b:b6:a3:fc:58:84:98:a0:d7:48:8c:
04:60:32:38:5a:a7:89:00:c9:ea:ec:dd:f6:b7:31:f0:1f:23:
38:89:be:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4DADMHZ0bgQFQH1SNfAmQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMzAzMDYyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTI1ZTJmOTEyNzFiNTdmNGQ1ZTI3MjlhOGQwYzYyN2MxZDA3NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXcifaXmHpvAl82NEszsoJPduiO6
ii/i3r4QYANLDVVCgHa48ChRpYFaes8yZbmoLL1WYIiCB66rEdjJ3OXyf6AQse0Q
NzFMGQTJELAgxLJqO2DiiHrVELOZeZyGzRp2xty1HBaRtYRPAsBqj37e7cFXxIqB
+kM6wGDdpJffLfMqrmOUr5Xqfnm8edV9aFyUs5POp8EnBKcpUwcguG6pIap+Ol3r
nMt38h8yLUAWfhmANqFDxoj3HcvkWrRNK6a8j3ILxN6TBjz1lnTTwmek2WfSpv89
lVr7sdzQ6lMQ/1+lxWygYXXNfVP/ZIoQBPK2mT7/i2tL/OH91PHocbvtzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBEl4vkScbV/TV4nKajQxifB0Hd/MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvRVNYaS1SSnh0WDlOWGljcHFOREdKOEhRZDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQBLiV4MA0GCSqGSIb3DQEBCwUAA4IBAQB3K/HN5oqe8Hb4zwRrCnd9o0Dn
YvLCeevF342y4itwJFf7VfRmW7iHS03l74hBwWzvWIAUhsEwXFsyxBIevdiwHKJY
VsciuPK4ZNUeWphahl7lfGbefvonaG9TOjMiXh14Jjus7Op7jMUBtc6QQkLgUjE/
7YGlMbxvTSxgETccz8J5BMTfVbZfkfzQNpxGAwcQm+9HVwjm/cDxSSM6ZSoZzHvf
yLAlWfKkKBkKoZo8klwTqieVN7ow95lq+ynYuyVGKbiAp3aiuM+5JgBdjxbRc3KW
NCbaS3kURZCtaWEim7aj/FiEmKDXSIwEYDI4WqeJAMnq7N32tzHwHyM4ib7f
-----END CERTIFICATE-----
Generated at Mon Mar 4 17:22:43 2024 by rpki-client on console-ams.rpki-client.org