Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2f558b-4a6b-4827-8f01-d84b2b1e9133/1/4MX3pZl9hE8uN6N5SEgTd-TzubQ.roa
File: 4MX3pZl9hE8uN6N5SEgTd-TzubQ.roa (raw, json)
Hash identifier: TxW1PfoXPzoWhGPbJchvAr3V8NQWchNerEHBZv5wFx8=
Subject key identifier: E0:C5:F7:A5:99:7D:84:4F:2E:37:A3:79:48:48:13:77:E4:F3:B9:B4
Certificate issuer: /CN=030581eaa969036c33f92ebc4844dc22c55e7513
Certificate serial: 018CC3493736AD73A04B4EE750B3F92ECDC9
Authority key identifier: 03:05:81:EA:A9:69:03:6C:33:F9:2E:BC:48:44:DC:22:C5:5E:75:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AwWB6qlpA2wz-S68SETcIsVedRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/2f558b-4a6b-4827-8f01-d84b2b1e9133/1/4MX3pZl9hE8uN6N5SEgTd-TzubQ.roa
Signing time: Mon 01 Jan 2024 04:30:04 +0000
ROA not before: Mon 01 Jan 2024 04:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57873
IP address blocks: 37.143.64.0/21 maxlen: 21
185.14.216.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:37:36:ad:73:a0:4b:4e:e7:50:b3:f9:2e:cd:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=030581eaa969036c33f92ebc4844dc22c55e7513
Validity
Not Before: Jan 1 04:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0c5f7a5997d844f2e37a37948481377e4f3b9b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:09:21:4e:78:78:2a:aa:48:71:31:53:3e:b2:
8d:de:66:7f:d2:e0:2a:82:48:be:18:0e:9c:22:94:
e1:58:8e:0d:97:f8:fe:72:0c:9e:1d:78:a5:04:d0:
31:01:de:19:03:76:de:86:3b:b8:0d:8c:07:51:d8:
f8:ad:f6:7b:62:9b:c1:f0:01:9e:6c:8e:92:68:01:
7c:16:ef:79:e4:71:b6:51:90:48:b5:cc:3e:71:12:
e8:a1:fd:d3:85:0a:51:90:99:84:73:6a:03:6e:d9:
6b:3e:4d:0d:96:52:b7:8c:b1:04:bf:77:f9:87:e5:
f4:10:a4:30:58:4f:b6:28:7e:07:b6:2b:28:06:a3:
9e:d8:26:10:6b:de:d8:c7:e8:81:b5:bc:98:51:06:
b2:10:03:9c:7a:aa:9f:42:65:6a:66:59:f8:1b:ba:
25:0e:dd:2f:0c:af:f8:0c:c5:9a:81:d3:03:ea:82:
55:9a:93:b0:d4:c5:65:3a:99:59:0f:5b:78:27:ef:
64:53:1d:99:7b:cc:48:96:27:b3:89:7c:5b:e1:72:
0a:3e:4b:59:40:a1:4b:12:75:e5:ac:32:e3:04:bf:
a2:83:27:9c:46:5c:cf:93:bd:69:7b:65:28:9d:15:
8f:ca:65:54:d7:90:b6:aa:db:40:da:45:ee:bb:f0:
39:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C5:F7:A5:99:7D:84:4F:2E:37:A3:79:48:48:13:77:E4:F3:B9:B4
X509v3 Authority Key Identifier:
keyid:03:05:81:EA:A9:69:03:6C:33:F9:2E:BC:48:44:DC:22:C5:5E:75:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AwWB6qlpA2wz-S68SETcIsVedRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2f558b-4a6b-4827-8f01-d84b2b1e9133/1/4MX3pZl9hE8uN6N5SEgTd-TzubQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2f558b-4a6b-4827-8f01-d84b2b1e9133/1/AwWB6qlpA2wz-S68SETcIsVedRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.64.0/21
185.14.216.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:4d:88:a4:2e:74:f6:97:73:71:f8:92:67:fa:b5:ca:51:12:
b0:94:27:57:7e:1f:04:e7:46:8d:e7:24:87:2e:51:6c:2f:7e:
be:d4:ef:f5:a4:78:9b:c7:73:0c:ea:b9:ad:10:2a:9e:ea:2e:
f9:2e:af:c8:de:d3:07:bb:7f:1c:93:1b:9a:9b:b8:e7:ba:08:
ee:e2:71:03:03:78:fe:cc:0b:fa:65:5b:0f:43:90:e8:a3:61:
60:83:52:db:28:70:84:dd:91:e4:56:c6:b2:15:0f:9d:c6:69:
d5:9f:85:b7:ac:99:6d:7e:c5:41:cc:3a:21:4b:98:8d:33:ff:
70:45:a1:4d:df:3b:10:96:56:f2:c3:f0:68:2c:e6:a3:26:46:
30:5a:d7:d4:90:1f:0f:cc:e7:2e:f6:04:8e:26:fb:dc:a0:19:
c7:5d:f9:e1:6e:7c:1e:47:3f:37:9a:f3:98:bd:bb:e8:f3:e4:
e7:48:b2:d7:11:bc:03:a2:b0:ef:15:b6:2b:4b:cd:1a:1b:76:
08:8e:9a:21:8e:9b:89:b3:f5:fc:6d:61:3f:4d:5f:98:ff:7a:
0a:c6:f0:59:a0:42:d0:b6:c6:e7:a3:59:80:55:36:0f:21:98:
fa:df:4d:09:e8:e4:72:78:06:9e:57:9a:af:a1:d3:eb:8a:57:
63:17:d4:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSTc2rXOgS07nULP5Ls3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMDU4MWVhYTk2OTAzNmMzM2Y5MmViYzQ4NDRkYzIyYzU1
ZTc1MTMwHhcNMjQwMTAxMDQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM1ZjdhNTk5N2Q4NDRmMmUzN2EzNzk0ODQ4MTM3N2U0ZjNiOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggkhTnh4KqpIcTFTPrKN3mZ/0uAq
gki+GA6cIpThWI4Nl/j+cgyeHXilBNAxAd4ZA3behju4DYwHUdj4rfZ7YpvB8AGe
bI6SaAF8Fu955HG2UZBItcw+cRLoof3ThQpRkJmEc2oDbtlrPk0NllK3jLEEv3f5
h+X0EKQwWE+2KH4HtisoBqOe2CYQa97Yx+iBtbyYUQayEAOceqqfQmVqZln4G7ol
Dt0vDK/4DMWagdMD6oJVmpOw1MVlOplZD1t4J+9kUx2Ze8xIlieziXxb4XIKPktZ
QKFLEnXlrDLjBL+igyecRlzPk71pe2UonRWPymVU15C2qttA2kXuu/A5nwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFODF96WZfYRPLjejeUhIE3fk87m0MB8GA1UdIwQY
MBaAFAMFgeqpaQNsM/kuvEhE3CLFXnUTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXdXQjZxbHBBMnd6LVM2OFNFVGNJc1ZlZFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yZjU1OGItNGE2Yi00ODI3LThmMDEt
ZDg0YjJiMWU5MTMzLzEvNE1YM3BabDloRTh1TjZONVNFZ1RkLVR6dWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yZjU1OGItNGE2Yi00ODI3LThmMDEtZDg0YjJiMWU5MTMz
LzEvQXdXQjZxbHBBMnd6LVM2OFNFVGNJc1ZlZFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJY9AAwQC
uQ7YMA0GCSqGSIb3DQEBCwUAA4IBAQA7TYikLnT2l3Nx+JJn+rXKURKwlCdXfh8E
50aN5ySHLlFsL36+1O/1pHibx3MM6rmtECqe6i75Lq/I3tMHu38ckxuam7jnugju
4nEDA3j+zAv6ZVsPQ5Doo2Fgg1LbKHCE3ZHkVsayFQ+dxmnVn4W3rJltfsVBzDoh
S5iNM/9wRaFN3zsQllbyw/BoLOajJkYwWtfUkB8PzOcu9gSOJvvcoBnHXfnhbnwe
Rz83mvOYvbvo8+TnSLLXEbwDorDvFbYrS80aG3YIjpohjpuJs/X8bWE/TV+Y/3oK
xvBZoELQtsbno1mAVTYPIZj6300J6ORyeAaeV5qvodPrildjF9Qq
-----END CERTIFICATE-----
Generated at Thu May 1 01:06:21 2025 by rpki-client