Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/PictA377iTjcIh36SFb-cgBUsVo.roa
File: PictA377iTjcIh36SFb-cgBUsVo.roa (raw, json)
Hash identifier: 3f7GYD67K82bIBz3TXKIA7qbil9djWa7jZAp49WatwY=
Subject key identifier: 3E:27:2D:03:7E:FB:89:38:DC:22:1D:FA:48:56:FE:72:00:54:B1:5A
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 018968FF91FF064D63F47BD841C7740047ED
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/PictA377iTjcIh36SFb-cgBUsVo.roa
Signing time: Tue 18 Jul 2023 12:35:26 +0000
ROA not before: Tue 18 Jul 2023 12:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51691
IP address blocks: 37.16.96.0/20 maxlen: 23
178.213.232.0/21 maxlen: 21
37.16.112.0/20 maxlen: 20
178.213.239.0/24 maxlen: 24
2a00:4cc1::/32 maxlen: 48
2a00:4cc1:2501::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:ff:91:ff:06:4d:63:f4:7b:d8:41:c7:74:00:47:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Jul 18 12:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e272d037efb8938dc221dfa4856fe720054b15a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:61:cc:30:14:14:bd:3e:a5:a0:6c:84:27:b4:
8a:ad:f1:16:f8:fe:d4:79:69:2a:b6:a3:42:62:2e:
60:c2:89:fb:c0:fb:0f:a2:7e:2f:47:c5:60:09:7f:
0d:2f:be:93:28:d2:5a:f9:14:56:8f:dd:6a:0f:f9:
8f:7e:1c:1a:51:ce:7c:1a:51:ba:0d:64:4d:db:14:
bf:dd:a7:d9:dd:e4:24:9c:66:77:e6:1c:f0:fa:05:
cb:a0:af:b1:23:ca:b4:8f:c3:a7:57:db:f4:c8:87:
7e:b2:92:f1:ba:3d:70:ac:4e:3e:49:07:2f:ac:f2:
46:aa:e1:29:fa:3b:59:a6:5a:5c:90:da:fe:15:fb:
91:41:99:d0:64:6f:bf:48:af:49:dc:48:70:99:26:
14:c4:f5:9a:12:e5:6b:72:e4:ad:af:0f:5d:07:8f:
1d:e9:8c:62:4c:69:24:fb:9d:0e:39:75:87:9d:23:
68:7f:d5:85:ee:72:39:f5:a3:71:5e:50:16:19:67:
db:00:e4:d1:3a:0b:d7:e3:6d:cb:14:92:3f:58:21:
e4:2c:5b:2d:3d:40:8b:b9:aa:81:27:d7:3c:c5:f1:
b3:ed:aa:f5:b0:55:52:b0:db:ae:a9:e7:0e:3c:d6:
63:88:66:59:5c:a8:8c:5a:d1:db:40:16:69:bc:9c:
27:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:27:2D:03:7E:FB:89:38:DC:22:1D:FA:48:56:FE:72:00:54:B1:5A
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/PictA377iTjcIh36SFb-cgBUsVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.96.0/19
178.213.232.0/21
IPv6:
2a00:4cc1::/32
Signature Algorithm: sha256WithRSAEncryption
46:e0:04:c4:b4:6a:37:a4:2c:cd:8b:2f:61:a8:83:98:0e:d8:
18:fc:5d:6f:a7:bb:7d:cd:bd:50:99:c8:66:1e:91:2f:48:ad:
b8:09:c6:ac:b4:1f:69:0d:18:e3:7d:21:7b:72:98:d2:a3:0f:
da:a9:c1:4a:c0:c3:90:e6:26:44:7a:83:9d:bd:a7:8b:3e:68:
d6:aa:42:23:cb:32:07:df:6c:73:48:db:d3:73:67:81:b5:23:
25:19:e6:70:5a:b1:b0:0d:d4:3e:14:08:2d:8b:67:a6:0d:58:
a5:74:88:b2:69:ea:df:48:7e:fa:96:a9:7b:a3:ad:d1:fe:35:
75:48:39:e7:9c:dd:95:f8:d3:c9:4e:bb:ee:0b:59:ba:1a:06:
b7:47:78:e0:5b:3c:63:31:2f:42:33:39:37:df:05:eb:34:9a:
cd:17:f9:58:11:bc:64:f2:73:e9:7d:50:36:01:76:9d:77:37:
15:b4:a8:a9:f9:10:46:df:80:68:5e:cf:e7:00:55:e2:19:3d:
0a:fe:bd:0d:0e:b0:58:37:5a:37:c6:25:44:ef:e5:c7:ee:aa:
e7:6c:54:d2:b2:45:79:0b:c6:0c:31:a2:5f:89:7a:b4:ed:1a:
5d:65:99:51:56:b4:2e:bb:0a:fa:64:f3:2e:8e:ad:e8:a4:d8:
5a:74:f1:5a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYlo/5H/Bk1j9HvYQcd0AEftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjMwNzE4MTIzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTI3MmQwMzdlZmI4OTM4ZGMyMjFkZmE0ODU2ZmU3MjAwNTRiMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGHMMBQUvT6loGyEJ7SKrfEW+P7U
eWkqtqNCYi5gwon7wPsPon4vR8VgCX8NL76TKNJa+RRWj91qD/mPfhwaUc58GlG6
DWRN2xS/3afZ3eQknGZ35hzw+gXLoK+xI8q0j8OnV9v0yId+spLxuj1wrE4+SQcv
rPJGquEp+jtZplpckNr+FfuRQZnQZG+/SK9J3EhwmSYUxPWaEuVrcuStrw9dB48d
6YxiTGkk+50OOXWHnSNof9WF7nI59aNxXlAWGWfbAOTROgvX423LFJI/WCHkLFst
PUCLuaqBJ9c8xfGz7ar1sFVSsNuuqecOPNZjiGZZXKiMWtHbQBZpvJwnuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD4nLQN++4k43CId+khW/nIAVLFaMB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEvUGljdEEzNzdpVGpjSWgzNlNGYi1jZ0JVc1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFJRBgAwQD
stXoMA0EAgACMAcDBQAqAEzBMA0GCSqGSIb3DQEBCwUAA4IBAQBG4ATEtGo3pCzN
iy9hqIOYDtgY/F1vp7t9zb1QmchmHpEvSK24CcastB9pDRjjfSF7cpjSow/aqcFK
wMOQ5iZEeoOdvaeLPmjWqkIjyzIH32xzSNvTc2eBtSMlGeZwWrGwDdQ+FAgti2em
DVildIiyaerfSH76lql7o63R/jV1SDnnnN2V+NPJTrvuC1m6Gga3R3jgWzxjMS9C
Mzk33wXrNJrNF/lYEbxk8nPpfVA2AXaddzcVtKip+RBG34BoXs/nAFXiGT0K/r0N
DrBYN1o3xiVE7+XH7qrnbFTSskV5C8YMMaJfiXq07RpdZZlRVrQuuwr6ZPMujq3o
pNhadPFa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:31 2024 by rpki-client on console-ams.rpki-client.org