Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/W6oh1KyVCmbJ-WykdNmFHRgqtu4.roa
File: W6oh1KyVCmbJ-WykdNmFHRgqtu4.roa (raw, json)
Hash identifier: AK//FnAXHS61hlI8BM+xCeuALRRROMemu4iFUFLGGs4=
Subject key identifier: 5B:AA:21:D4:AC:95:0A:66:C9:F9:6C:A4:74:D9:85:1D:18:2A:B6:EE
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEF7AB7BD6D1F95106F673F74DAC98
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/W6oh1KyVCmbJ-WykdNmFHRgqtu4.roa
Signing time: Sun 01 Jan 2023 09:34:44 +0000
ROA not before: Sun 01 Jan 2023 09:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28099
IP address blocks: 37.235.52.0/24 maxlen: 24
2a03:f80:56::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:f7:ab:7b:d6:d1:f9:51:06:f6:73:f7:4d:ac:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5baa21d4ac950a66c9f96ca474d9851d182ab6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2f:11:19:10:7c:96:f5:1a:0a:2a:ef:8a:22:
31:7b:4e:8b:72:59:23:5f:1c:7b:e5:46:72:d0:fa:
86:35:0b:82:de:6d:bb:be:be:b7:ff:e7:c6:db:e5:
05:9d:98:ee:ed:fb:81:de:94:78:ef:fb:27:2a:d4:
db:e3:cb:e1:10:0c:5c:09:f4:a4:cd:09:d0:e6:51:
22:32:fd:a9:8f:68:44:99:17:48:31:ca:e7:e4:83:
f3:10:06:5a:53:40:d4:82:89:06:a8:ba:1f:81:5b:
41:11:05:0c:c1:85:af:2e:2f:92:6c:0f:99:86:c3:
4c:47:32:2f:fd:7e:08:ea:03:8a:7d:2b:75:78:92:
30:7a:9a:61:b2:ac:3e:14:ff:ac:97:d5:48:bb:25:
34:dc:c5:10:8e:c1:46:14:46:89:a1:74:22:72:21:
2e:72:94:1c:6e:72:65:2b:e1:94:53:03:0a:57:69:
fa:cb:11:18:8d:58:ae:09:e1:ba:1d:66:52:8f:f2:
6e:88:84:33:5c:6d:1f:e7:22:28:a8:19:2e:41:41:
a8:57:2c:71:ea:46:1d:73:da:52:35:d4:95:2d:84:
f2:53:a7:3c:23:6c:ae:23:45:de:d5:33:40:7e:0e:
a8:02:35:dd:aa:72:ba:19:61:be:e4:3f:bd:4f:48:
51:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:AA:21:D4:AC:95:0A:66:C9:F9:6C:A4:74:D9:85:1D:18:2A:B6:EE
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/W6oh1KyVCmbJ-WykdNmFHRgqtu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.52.0/24
IPv6:
2a03:f80:56::/48
Signature Algorithm: sha256WithRSAEncryption
20:8a:bc:ae:db:bd:4b:e5:06:53:9e:73:93:16:f6:ea:18:10:
95:1a:67:c9:f7:57:82:4d:41:d4:f9:4d:53:53:9f:be:cc:4b:
2c:b3:15:98:0e:82:ea:4c:62:f9:70:05:f6:1d:d4:82:ea:64:
13:f8:18:4e:65:0d:09:92:14:7c:97:52:d9:d1:ec:cd:ec:06:
40:cb:cb:0b:b5:49:e2:7d:98:7b:48:d4:46:cf:57:dd:20:cd:
4b:35:34:cc:a2:e2:72:c7:4f:87:56:27:79:32:99:a5:13:87:
54:35:a4:94:c2:97:3a:0c:e3:c1:f3:60:dd:fc:1c:a5:a4:0e:
75:67:ef:ea:36:bc:b8:b9:64:96:e0:29:ea:4f:36:21:1a:fb:
9a:ed:11:6f:37:fb:09:5b:36:fc:25:16:56:42:1a:41:ad:05:
c1:4e:97:9f:4c:87:62:89:2f:63:a4:ba:d2:a9:3d:59:75:f2:
4a:0c:50:ce:5f:f1:61:47:31:30:55:1e:80:d3:a3:d6:25:04:
09:3a:01:27:11:91:10:df:ef:db:86:07:60:e5:a3:c0:c9:29:
6f:cf:42:0f:35:48:c9:72:8d:58:35:98:64:5a:5f:7f:4c:80:
ed:07:a8:57:ed:8d:65:ba:d8:d6:70:ab:3a:3b:5b:d1:06:86:
6a:07:fe:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsrvere9bR+VEG9nP3TayYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmFhMjFkNGFjOTUwYTY2YzlmOTZjYTQ3NGQ5ODUxZDE4MmFiNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmC8RGRB8lvUaCirviiIxe06Lclkj
Xxx75UZy0PqGNQuC3m27vr63/+fG2+UFnZju7fuB3pR47/snKtTb48vhEAxcCfSk
zQnQ5lEiMv2pj2hEmRdIMcrn5IPzEAZaU0DUgokGqLofgVtBEQUMwYWvLi+SbA+Z
hsNMRzIv/X4I6gOKfSt1eJIwepphsqw+FP+sl9VIuyU03MUQjsFGFEaJoXQiciEu
cpQcbnJlK+GUUwMKV2n6yxEYjViuCeG6HWZSj/JuiIQzXG0f5yIoqBkuQUGoVyxx
6kYdc9pSNdSVLYTyU6c8I2yuI0Xe1TNAfg6oAjXdqnK6GWG+5D+9T0hRPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFuqIdSslQpmyflspHTZhR0YKrbuMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvVzZvaDFLeVZDbWJKLVd5a2RObUZIUmdxdHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAJes0MA8E
AgACMAkDBwAqAw+AAFYwDQYJKoZIhvcNAQELBQADggEBACCKvK7bvUvlBlOec5MW
9uoYEJUaZ8n3V4JNQdT5TVNTn77MSyyzFZgOgupMYvlwBfYd1ILqZBP4GE5lDQmS
FHyXUtnR7M3sBkDLywu1SeJ9mHtI1EbPV90gzUs1NMyi4nLHT4dWJ3kymaUTh1Q1
pJTClzoM48HzYN38HKWkDnVn7+o2vLi5ZJbgKepPNiEa+5rtEW83+wlbNvwlFlZC
GkGtBcFOl59Mh2KJL2OkutKpPVl18koMUM5f8WFHMTBVHoDTo9YlBAk6AScRkRDf
79uGB2Dlo8DJKW/PQg81SMlyjVg1mGRaX39MgO0HqFftjWW62NZwqzo7W9EGhmoH
/iA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:03 2024 by rpki-client on console-fra.rpki-client.org