Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/SzxbhUfb4uPQei_xyZMT1iNv6s0.roa
File: SzxbhUfb4uPQei_xyZMT1iNv6s0.roa (raw, json)
Hash identifier: sbfxwxcZDioQENalRSJVFDYUsiFIEO6YckWPxIj5Id4=
Subject key identifier: 4B:3C:5B:85:47:DB:E2:E3:D0:7A:2F:F1:C9:93:13:D6:23:6F:EA:CD
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 0190E6888374984503B57C5BAA0B1AF21F7E
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/SzxbhUfb4uPQei_xyZMT1iNv6s0.roa
Signing time: Wed 24 Jul 2024 20:57:04 +0000
ROA not before: Wed 24 Jul 2024 20:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215423
IP address blocks: 37.122.152.0/24 maxlen: 24
176.106.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 08:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e6:88:83:74:98:45:03:b5:7c:5b:aa:0b:1a:f2:1f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Jul 24 20:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b3c5b8547dbe2e3d07a2ff1c99313d6236feacd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c5:25:b3:72:6e:f2:0f:7c:b3:88:f4:10:a4:
33:58:19:1c:81:d6:6a:a4:2c:49:bf:06:24:99:aa:
08:18:c2:fd:a0:86:61:1f:72:f5:33:1c:ad:29:09:
76:e9:21:4d:e2:23:38:60:55:ed:c4:cd:81:c3:b3:
f4:61:fb:9c:42:4b:2b:6f:66:3d:b6:b5:4d:eb:e2:
83:b1:6d:ea:93:d3:25:05:60:f1:f3:e2:27:17:b1:
61:4a:e4:17:d9:2a:5d:7f:bc:8d:3f:92:d5:49:0a:
2a:38:58:6a:87:d7:fe:2b:30:8e:2a:16:a0:a9:47:
47:70:28:4e:da:9f:d6:da:6c:1c:9d:42:62:7e:a3:
10:0c:f4:b1:8f:50:5f:4e:58:0b:cb:a7:81:5f:fa:
44:13:ee:91:28:8c:53:22:7c:dd:65:24:7b:91:38:
d9:b7:f8:10:3c:81:80:23:89:cf:86:d8:ca:99:a6:
6f:31:d9:02:b6:df:56:d6:72:37:c6:f0:39:4f:a3:
aa:ea:ce:19:75:51:a7:e9:f2:01:bb:db:a3:18:76:
bd:e0:af:04:33:82:f1:d9:64:51:0f:8d:fa:bd:f6:
a9:68:aa:98:eb:56:35:47:1f:05:c5:5e:23:2c:a7:
5f:5a:cb:77:65:0b:08:b1:8d:2c:65:6e:b9:a1:77:
83:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:3C:5B:85:47:DB:E2:E3:D0:7A:2F:F1:C9:93:13:D6:23:6F:EA:CD
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/SzxbhUfb4uPQei_xyZMT1iNv6s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0/24
176.106.228.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:04:d5:d3:b6:d0:17:21:39:1e:33:17:f3:10:5c:cd:61:92:
91:36:2f:21:61:5e:6a:6d:35:62:ba:e4:36:27:60:63:8d:0f:
98:68:da:93:01:22:f1:e3:c7:1a:34:a9:03:fe:0d:77:80:38:
3b:dc:23:26:38:1b:b5:c5:85:25:96:6f:ab:ff:d7:6f:59:62:
14:b9:8e:d7:44:e5:e0:f5:63:3e:fd:e0:88:22:ae:d0:de:69:
ac:08:a6:db:d7:b9:d7:48:21:18:98:f9:1c:48:ff:dc:aa:03:
79:8c:f5:e8:68:d3:6f:b5:3d:d0:72:94:33:42:71:c6:bc:8b:
82:91:b2:bb:38:aa:17:2f:d1:12:f3:7e:0d:b9:72:2d:1a:dd:
92:20:ae:7b:62:19:a7:a3:cf:ec:c6:6b:d5:2e:6d:f5:bc:fb:
fd:2c:4d:4e:c8:f9:c5:da:e2:ca:81:64:80:e2:b7:3d:fd:dc:
8c:27:c0:be:45:42:ce:29:a5:51:37:c8:1f:fc:89:1f:fa:9b:
8e:97:b7:46:ee:94:d6:43:eb:76:b7:c4:26:bd:c5:c0:c6:3d:
09:c4:ef:23:54:f1:41:de:7b:56:51:91:d4:26:10:7e:d9:43:
94:30:40:0c:37:09:14:c7:a4:bc:7e:dc:5c:0b:89:2c:83:7f:
41:4c:ce:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDmiIN0mEUDtXxbqgsa8h9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjQwNzI0MjA1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjNjNWI4NTQ3ZGJlMmUzZDA3YTJmZjFjOTkzMTNkNjIzNmZlYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcUls3Ju8g98s4j0EKQzWBkcgdZq
pCxJvwYkmaoIGML9oIZhH3L1MxytKQl26SFN4iM4YFXtxM2Bw7P0YfucQksrb2Y9
trVN6+KDsW3qk9MlBWDx8+InF7FhSuQX2Spdf7yNP5LVSQoqOFhqh9f+KzCOKhag
qUdHcChO2p/W2mwcnUJifqMQDPSxj1BfTlgLy6eBX/pEE+6RKIxTInzdZSR7kTjZ
t/gQPIGAI4nPhtjKmaZvMdkCtt9W1nI3xvA5T6Oq6s4ZdVGn6fIBu9ujGHa94K8E
M4Lx2WRRD436vfapaKqY61Y1Rx8FxV4jLKdfWst3ZQsIsY0sZW65oXeDRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEs8W4VH2+Lj0Hov8cmTE9Yjb+rNMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvU3p4YmhVZmI0dVBRZWlfeHlaTVQxaU52NnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJXqYAwQA
sGrkMA0GCSqGSIb3DQEBCwUAA4IBAQBcBNXTttAXITkeMxfzEFzNYZKRNi8hYV5q
bTViuuQ2J2BjjQ+YaNqTASLx48caNKkD/g13gDg73CMmOBu1xYUllm+r/9dvWWIU
uY7XROXg9WM+/eCIIq7Q3mmsCKbb17nXSCEYmPkcSP/cqgN5jPXoaNNvtT3QcpQz
QnHGvIuCkbK7OKoXL9ES834NuXItGt2SIK57Yhmno8/sxmvVLm31vPv9LE1OyPnF
2uLKgWSA4rc9/dyMJ8C+RULOKaVRN8gf/Ikf+puOl7dG7pTWQ+t2t8QmvcXAxj0J
xO8jVPFB3ntWUZHUJhB+2UOUMEAMNwkUx6S8ftxcC4ksg39BTM6F
-----END CERTIFICATE-----
Generated at Fri Sep 13 12:22:10 2024 by rpki-client on console-ams.rpki-client.org