Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/OUpgw2Epk6hSGN0NsLFm0Mr4WXs.roa
File: OUpgw2Epk6hSGN0NsLFm0Mr4WXs.roa (raw, json)
Hash identifier: qWWVux5To+Pahc33zXcx7wBDXEhANJsZZ1dGoCdpY10=
Subject key identifier: 39:4A:60:C3:61:29:93:A8:52:18:DD:0D:B0:B1:66:D0:CA:F8:59:7B
Certificate issuer: /CN=b7bc1adfbf362648fc635c3332f383bcbc01e774
Certificate serial: 01856F5DB97A0A5AF22B271BD0B4E28D5B63
Authority key identifier: B7:BC:1A:DF:BF:36:26:48:FC:63:5C:33:32:F3:83:BC:BC:01:E7:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t7wa3782Jkj8Y1wzMvODvLwB53Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/OUpgw2Epk6hSGN0NsLFm0Mr4WXs.roa
Signing time: Sun 01 Jan 2023 22:04:51 +0000
ROA not before: Sun 01 Jan 2023 22:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50572
IP address blocks: 37.49.240.0/20 maxlen: 20
91.211.169.0/24 maxlen: 24
91.211.170.0/23 maxlen: 23
91.211.168.0/24 maxlen: 24
109.205.216.0/21 maxlen: 21
185.5.20.0/22 maxlen: 22
2a02:1380::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b9:7a:0a:5a:f2:2b:27:1b:d0:b4:e2:8d:5b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7bc1adfbf362648fc635c3332f383bcbc01e774
Validity
Not Before: Jan 1 22:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=394a60c3612993a85218dd0db0b166d0caf8597b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:65:92:03:32:37:2d:0e:ae:25:0d:0f:bb:7c:
f3:12:f0:ba:ca:55:a6:2a:23:b1:e0:b1:19:c2:bc:
df:7d:09:37:96:51:4e:bb:6b:90:fa:ca:e5:13:ac:
21:86:04:bd:6f:fc:61:ea:4c:86:2a:b2:c7:6a:7a:
cd:5f:b6:59:21:47:f6:da:63:c1:19:c1:0c:4e:e0:
f0:6a:0c:34:6c:21:84:0c:26:9a:a2:b6:36:04:b6:
07:4f:7f:dd:17:23:c3:05:94:cb:7c:25:e4:cf:b1:
cc:5e:02:c9:8c:b0:3d:bb:c1:bf:9a:a9:74:e5:0b:
44:a9:86:e5:8c:b3:23:5c:31:90:68:6f:7e:b3:de:
ff:c4:7a:8b:31:08:5c:82:43:e7:d9:a9:64:ca:40:
35:4a:04:6e:c2:bd:ba:26:e9:98:e9:c9:0b:67:29:
6b:f9:04:7b:0a:2e:08:6b:c9:ad:df:58:67:ca:d7:
41:d2:d6:c0:1e:ff:4e:04:d4:61:f0:35:e1:df:d7:
94:7c:c4:12:7a:b0:f0:5b:26:32:be:25:5c:73:3f:
ed:31:ed:7e:43:28:79:61:a9:7f:8c:5c:62:49:d1:
93:50:57:d2:d0:64:b6:7c:41:c8:78:0e:5c:e2:f4:
b2:e2:b9:b5:ce:a4:da:40:31:77:39:2f:2b:8a:ca:
4a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4A:60:C3:61:29:93:A8:52:18:DD:0D:B0:B1:66:D0:CA:F8:59:7B
X509v3 Authority Key Identifier:
keyid:B7:BC:1A:DF:BF:36:26:48:FC:63:5C:33:32:F3:83:BC:BC:01:E7:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t7wa3782Jkj8Y1wzMvODvLwB53Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/OUpgw2Epk6hSGN0NsLFm0Mr4WXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/t7wa3782Jkj8Y1wzMvODvLwB53Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.240.0/20
91.211.168.0/22
109.205.216.0/21
185.5.20.0/22
IPv6:
2a02:1380::/32
Signature Algorithm: sha256WithRSAEncryption
83:50:91:f6:35:9f:85:81:98:e4:6c:4f:d9:3d:41:31:95:96:
63:bd:4f:7f:8b:d1:08:39:ae:b6:67:f9:73:8e:4d:69:78:e1:
12:7e:b7:1d:0a:6e:be:3b:ed:f4:52:d4:e0:b7:bb:e8:65:97:
a3:52:7a:f6:89:c8:ed:72:93:5b:88:2c:46:4c:89:51:e3:08:
37:6c:0f:35:50:95:26:9d:1a:6a:c9:09:d0:67:8c:a7:9f:4d:
e2:c0:7f:1b:e0:1b:52:5e:8c:1a:c2:95:db:b2:02:ae:bb:7e:
05:f0:7d:7c:b3:96:0c:d7:55:d7:d5:65:b3:a1:a6:24:11:2d:
4c:2a:f9:f9:79:11:50:e3:9a:75:02:47:19:98:e0:80:00:3f:
4e:79:2e:98:bf:ed:a5:f8:f9:68:87:d1:12:4a:a3:df:96:76:
eb:08:9b:7e:fc:2a:5b:68:60:2e:1b:fe:c0:f8:06:a2:a9:05:
c2:df:25:73:1f:88:f7:4a:9a:cf:88:e0:ec:e8:ed:1c:09:f2:
81:e2:74:f1:e7:1c:a5:d4:40:e3:7b:a4:41:73:67:ce:34:19:
5f:8d:dc:6f:13:86:a6:b4:fb:32:ed:e8:f1:1a:63:d2:c9:0d:
51:f4:14:e1:1c:d2:fe:d5:6a:30:94:ce:cd:01:74:ea:1a:fa:
31:c7:69:ea
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvXbl6ClryKycb0LTijVtjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YmMxYWRmYmYzNjI2NDhmYzYzNWMzMzMyZjM4M2JjYmMw
MWU3NzQwHhcNMjMwMTAxMjIwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTRhNjBjMzYxMjk5M2E4NTIxOGRkMGRiMGIxNjZkMGNhZjg1OTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmWSAzI3LQ6uJQ0Pu3zzEvC6ylWm
KiOx4LEZwrzffQk3llFOu2uQ+srlE6whhgS9b/xh6kyGKrLHanrNX7ZZIUf22mPB
GcEMTuDwagw0bCGEDCaaorY2BLYHT3/dFyPDBZTLfCXkz7HMXgLJjLA9u8G/mql0
5QtEqYbljLMjXDGQaG9+s97/xHqLMQhcgkPn2alkykA1SgRuwr26JumY6ckLZylr
+QR7Ci4Ia8mt31hnytdB0tbAHv9OBNRh8DXh39eUfMQSerDwWyYyviVccz/tMe1+
Qyh5Yal/jFxiSdGTUFfS0GS2fEHIeA5c4vSy4rm1zqTaQDF3OS8rispKHwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDlKYMNhKZOoUhjdDbCxZtDK+Fl7MB8GA1UdIwQY
MBaAFLe8Gt+/NiZI/GNcMzLzg7y8Aed0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDd3YTM3ODJKa2o4WTF3ek12T0R2THdCNTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xYzlkYzctNzhhNS00ZDhhLWIxODUt
ZmQ2MDZiMDZhMDFhLzEvT1VwZ3cyRXBrNmhTR04wTnNMRm0wTXI0V1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xYzlkYzctNzhhNS00ZDhhLWIxODUtZmQ2MDZiMDZhMDFh
LzEvdDd3YTM3ODJKa2o4WTF3ek12T0R2THdCNTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJTHwAwQC
W9OoAwQDbc3YAwQCuQUUMA0EAgACMAcDBQAqAhOAMA0GCSqGSIb3DQEBCwUAA4IB
AQCDUJH2NZ+FgZjkbE/ZPUExlZZjvU9/i9EIOa62Z/lzjk1peOESfrcdCm6+O+30
UtTgt7voZZejUnr2icjtcpNbiCxGTIlR4wg3bA81UJUmnRpqyQnQZ4ynn03iwH8b
4BtSXowawpXbsgKuu34F8H18s5YM11XX1WWzoaYkES1MKvn5eRFQ45p1AkcZmOCA
AD9OeS6Yv+2l+Ploh9ESSqPflnbrCJt+/CpbaGAuG/7A+AaiqQXC3yVzH4j3SprP
iODs6O0cCfKB4nTx5xyl1EDje6RBc2fONBlfjdxvE4amtPsy7ejxGmPSyQ1R9BTh
HNL+1WowlM7NAXTqGvoxx2nq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:50 2024 by rpki-client on console-ams.rpki-client.org