Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/IORqw9gLSHvmBWIEog3n0_OkedQ.roa
File: IORqw9gLSHvmBWIEog3n0_OkedQ.roa (raw, json)
Hash identifier: W3JOObOA9S5yeCfUJEcoDGf1CNqt+tSvXKZcoOAupr8=
Subject key identifier: 20:E4:6A:C3:D8:0B:48:7B:E6:05:62:04:A2:0D:E7:D3:F3:A4:79:D4
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56F01CFAFC016C06FDE67F6B79F7C75
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/IORqw9gLSHvmBWIEog3n0_OkedQ.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205663
IP address blocks: 37.153.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:01:cf:af:c0:16:c0:6f:de:67:f6:b7:9f:7c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20e46ac3d80b487be6056204a20de7d3f3a479d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7f:08:0f:df:c8:fe:6a:cc:2b:93:c5:d1:ac:
39:a0:3d:1f:f6:e8:e9:23:43:ce:e9:07:e2:b2:22:
22:5f:3c:11:2e:a6:02:8b:02:5d:a1:61:4e:a7:09:
0f:68:07:02:58:d5:0b:7e:23:a6:09:c1:3e:34:f0:
5c:21:16:58:82:c6:a9:01:a4:b9:35:cd:4f:c0:4a:
83:ba:dc:69:69:1c:6a:6b:7a:6b:04:43:56:63:5a:
96:0a:04:a5:de:7a:b1:02:e1:f5:c0:ed:5e:10:cd:
d4:ff:32:e1:51:7e:fd:ca:19:51:ee:18:b5:e7:c5:
a7:f4:e1:3d:35:0f:72:a0:23:84:a3:48:ea:2d:0b:
87:43:e3:59:aa:f0:08:01:e8:ea:7f:e8:df:9d:0a:
14:05:e4:67:4f:a8:89:9c:66:a2:f2:7a:aa:dc:33:
b9:64:f1:70:75:27:b6:c6:41:a5:fa:40:89:65:95:
1f:3f:3d:9e:a6:4c:0c:7c:32:83:4b:fb:4a:0f:be:
a5:02:8d:a7:1c:5b:38:44:66:2f:11:05:9e:06:4e:
2a:ff:e3:7a:b7:e0:b1:14:e1:7f:63:fc:ee:7f:a6:
65:b8:65:11:58:82:21:b7:2b:16:2c:d2:9e:af:43:
31:88:eb:00:0d:d3:e1:73:a9:05:01:b8:e8:d3:7c:
82:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E4:6A:C3:D8:0B:48:7B:E6:05:62:04:A2:0D:E7:D3:F3:A4:79:D4
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/IORqw9gLSHvmBWIEog3n0_OkedQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
Signature Algorithm: sha256WithRSAEncryption
23:29:ba:20:9c:1e:f9:07:66:d5:fa:36:2c:ff:43:77:b2:04:
b4:09:15:6f:b0:d2:a7:f6:a1:5f:13:3f:78:b6:af:93:f2:d4:
ed:fc:73:c3:ee:1c:db:aa:1f:bc:f2:fd:4e:98:7d:1a:5a:ab:
7c:3d:5a:58:84:47:44:b6:44:12:f5:e3:af:ed:30:e1:2c:ba:
c4:e0:62:ab:ab:71:97:b3:bc:88:fd:66:21:e7:d7:01:ff:70:
0e:31:8b:fa:71:40:20:da:56:fc:03:ff:2e:9a:fa:65:79:fe:
25:23:6d:c3:6a:9d:fd:ef:59:84:02:a4:65:b7:1f:26:10:cb:
a4:e7:66:26:09:62:a2:39:45:35:27:1a:35:4f:89:13:90:ad:
3e:3d:44:4b:07:5d:d1:e7:e1:8b:e1:28:cd:02:be:10:35:61:
e2:f6:eb:04:63:9d:8e:fd:5b:b1:95:a6:59:dd:2a:25:57:20:
4a:c4:49:3d:ca:6a:23:ff:42:5b:f4:04:e5:c9:63:59:f4:91:
56:1f:83:1f:46:23:34:bc:c9:a4:57:6a:a7:02:f4:f1:e7:ff:
b5:10:36:9e:ed:e3:bc:7d:3f:bc:6e:3b:0b:8e:c2:92:d7:27:
d0:60:a8:22:aa:dd:43:fc:84:7d:c6:1c:0c:1d:81:65:80:07:
e1:37:6a:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbwHPr8AWwG/eZ/a3n3x1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGU0NmFjM2Q4MGI0ODdiZTYwNTYyMDRhMjBkZTdkM2YzYTQ3OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn8ID9/I/mrMK5PF0aw5oD0f9ujp
I0PO6QfisiIiXzwRLqYCiwJdoWFOpwkPaAcCWNULfiOmCcE+NPBcIRZYgsapAaS5
Nc1PwEqDutxpaRxqa3prBENWY1qWCgSl3nqxAuH1wO1eEM3U/zLhUX79yhlR7hi1
58Wn9OE9NQ9yoCOEo0jqLQuHQ+NZqvAIAejqf+jfnQoUBeRnT6iJnGai8nqq3DO5
ZPFwdSe2xkGl+kCJZZUfPz2epkwMfDKDS/tKD76lAo2nHFs4RGYvEQWeBk4q/+N6
t+CxFOF/Y/zuf6ZluGURWIIhtysWLNKer0MxiOsADdPhc6kFAbjo03yC4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDkasPYC0h75gViBKIN59PzpHnUMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvSU9ScXc5Z0xTSHZtQldJRW9nM24wX09rZWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZmEMA0G
CSqGSIb3DQEBCwUAA4IBAQAjKbognB75B2bV+jYs/0N3sgS0CRVvsNKn9qFfEz94
tq+T8tTt/HPD7hzbqh+88v1OmH0aWqt8PVpYhEdEtkQS9eOv7TDhLLrE4GKrq3GX
s7yI/WYh59cB/3AOMYv6cUAg2lb8A/8umvplef4lI23Dap3971mEAqRltx8mEMuk
52YmCWKiOUU1Jxo1T4kTkK0+PURLB13R5+GL4SjNAr4QNWHi9usEY52O/VuxlaZZ
3SolVyBKxEk9ymoj/0Jb9ATlyWNZ9JFWH4MfRiM0vMmkV2qnAvTx5/+1EDae7eO8
fT+8bjsLjsKS1yfQYKgiqt1D/IR9xhwMHYFlgAfhN2qI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org