Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/y34oz5P9XOe5u0xpILxwhfcrcuM.roa
File: y34oz5P9XOe5u0xpILxwhfcrcuM.roa (raw, json)
Hash identifier: ibq2fymvi471cdZboffw4nGU50j9ONcXAgVydbj7nLc=
Subject key identifier: CB:7E:28:CF:93:FD:5C:E7:B9:BB:4C:69:20:BC:70:85:F7:2B:72:E3
Certificate issuer: /CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Certificate serial: 0185723102FD8E001FE7A909702BED2027D7
Authority key identifier: 35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/y34oz5P9XOe5u0xpILxwhfcrcuM.roa
Signing time: Mon 02 Jan 2023 11:14:52 +0000
ROA not before: Mon 02 Jan 2023 11:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57970
IP address blocks: 37.152.128.0/24 maxlen: 24
37.152.129.0/24 maxlen: 24
37.152.128.0/19 maxlen: 24
37.152.130.0/24 maxlen: 24
37.152.131.0/24 maxlen: 24
37.152.132.0/24 maxlen: 24
37.152.138.0/24 maxlen: 24
37.152.139.0/24 maxlen: 24
37.152.133.0/24 maxlen: 24
37.152.134.0/24 maxlen: 24
37.152.135.0/24 maxlen: 24
37.152.136.0/23 maxlen: 23
37.152.140.0/24 maxlen: 24
37.152.141.0/24 maxlen: 24
37.152.142.0/24 maxlen: 24
37.152.144.0/21 maxlen: 21
37.152.143.0/24 maxlen: 24
37.152.152.0/22 maxlen: 22
37.152.156.0/24 maxlen: 24
37.152.157.0/24 maxlen: 24
37.152.158.0/24 maxlen: 24
37.152.159.0/24 maxlen: 24
185.86.72.0/22 maxlen: 22
185.86.72.0/24 maxlen: 24
185.86.73.0/24 maxlen: 24
185.86.74.0/24 maxlen: 24
185.86.75.0/24 maxlen: 24
185.88.0.0/24 maxlen: 24
185.88.1.0/24 maxlen: 24
185.88.2.0/24 maxlen: 24
185.88.3.0/24 maxlen: 24
185.88.0.0/22 maxlen: 22
185.20.192.0/24 maxlen: 24
185.20.192.0/22 maxlen: 22
185.20.193.0/24 maxlen: 24
185.20.194.0/24 maxlen: 24
185.20.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:02:fd:8e:00:1f:e7:a9:09:70:2b:ed:20:27:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Validity
Not Before: Jan 2 11:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb7e28cf93fd5ce7b9bb4c6920bc7085f72b72e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:23:c5:a8:86:ad:e6:64:e3:14:a0:b4:a1:c7:
39:16:b4:d8:0c:d7:4c:c8:3c:df:5a:1b:17:e4:7c:
2a:d1:54:ae:3d:e3:bc:8c:cd:5a:95:ca:45:ed:84:
73:28:f2:54:de:b9:a2:7d:8a:7a:74:04:bd:55:7c:
41:ee:59:e6:b6:dc:f6:a3:90:b5:65:28:b6:72:6f:
d9:28:ea:dc:ed:df:36:71:46:79:d6:1d:15:c4:b7:
94:1b:85:b4:18:ff:f9:c9:e2:91:23:d3:37:c5:d0:
24:72:0d:33:0c:1e:42:7a:52:ac:01:13:3c:93:4c:
f7:c4:67:3a:f4:77:29:36:28:b1:bd:47:77:f5:0e:
d3:97:0a:6f:b9:66:95:ec:23:37:e8:8d:75:cb:03:
3a:08:9d:e3:b0:a5:2b:19:c1:9b:c7:82:f3:d7:41:
19:88:fa:6e:b2:62:76:d5:d2:de:37:29:84:cf:48:
44:f7:07:30:16:f7:e9:fb:81:c4:4d:9e:b2:1d:dd:
ba:00:2d:3a:61:63:44:07:2d:fd:36:b7:9e:43:28:
c6:83:44:3e:00:ed:50:11:04:e5:7f:34:3f:7d:85:
39:e5:3f:6c:0d:57:c8:a8:c8:75:e1:5a:6a:e5:67:
ee:b5:8b:5d:13:c9:9b:64:cd:fe:83:3c:17:b1:28:
84:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7E:28:CF:93:FD:5C:E7:B9:BB:4C:69:20:BC:70:85:F7:2B:72:E3
X509v3 Authority Key Identifier:
keyid:35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/y34oz5P9XOe5u0xpILxwhfcrcuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.128.0/19
185.20.192.0/22
185.86.72.0/22
185.88.0.0/22
Signature Algorithm: sha256WithRSAEncryption
39:0b:2b:9d:c8:14:3a:c0:6f:30:63:46:7b:e3:00:6b:22:da:
32:c6:92:99:6f:80:57:ec:0d:35:76:6c:73:29:33:6e:21:15:
ca:b6:b2:dd:d2:e4:6f:39:1e:aa:a3:5b:10:5b:f4:49:12:16:
c3:97:9c:7a:f9:2a:f9:38:8f:d3:9b:f5:0a:f3:da:2e:21:28:
60:d1:61:78:66:f0:2f:2b:bb:8d:46:0d:6d:40:df:d5:b2:1b:
e0:97:62:79:79:e1:16:84:42:04:10:4d:fa:4c:43:77:39:e0:
86:43:9c:fc:90:ed:12:3a:43:29:f9:3c:5b:3e:5d:55:3a:00:
da:af:09:a5:81:03:81:d1:9c:20:b8:e4:7f:59:93:fc:86:32:
35:6f:d9:0f:2e:3e:9a:68:32:10:19:6f:99:84:3e:b0:11:4c:
97:80:48:9f:8a:d5:d1:b0:b7:3d:9a:85:1d:6a:50:5d:f3:9a:
e0:89:b3:01:68:95:85:d1:8a:b6:59:b7:28:3a:93:ad:8f:4f:
19:dd:9c:2a:c7:3c:72:77:b0:22:20:44:63:d2:43:3e:f5:3b:
b9:bd:df:08:05:5b:2a:1a:6e:88:1c:ab:d1:8b:f1:dd:1d:92:
69:93:42:5a:0c:cf:e2:a5:18:10:ff:44:38:31:37:59:64:b3:
39:0d:f6:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyMQL9jgAf56kJcCvtICfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1M2UzZjI4ZTY0N2U5MmFjOGE3MTBjMzA1YzJlMjFiNjIz
ZWRjMWMwHhcNMjMwMTAyMTExNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdlMjhjZjkzZmQ1Y2U3YjliYjRjNjkyMGJjNzA4NWY3MmI3MmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyPFqIat5mTjFKC0occ5FrTYDNdM
yDzfWhsX5Hwq0VSuPeO8jM1alcpF7YRzKPJU3rmifYp6dAS9VXxB7lnmttz2o5C1
ZSi2cm/ZKOrc7d82cUZ51h0VxLeUG4W0GP/5yeKRI9M3xdAkcg0zDB5CelKsARM8
k0z3xGc69HcpNiixvUd39Q7TlwpvuWaV7CM36I11ywM6CJ3jsKUrGcGbx4Lz10EZ
iPpusmJ21dLeNymEz0hE9wcwFvfp+4HETZ6yHd26AC06YWNEBy39NreeQyjGg0Q+
AO1QEQTlfzQ/fYU55T9sDVfIqMh14Vpq5WfutYtdE8mbZM3+gzwXsSiErwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMt+KM+T/VznubtMaSC8cIX3K3LjMB8GA1UdIwQY
MBaAFDU+PyjmR+kqyKcQwwXC4htiPtwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQt
ZGFjYTI2ZGU2ZjdiLzEveTM0b3o1UDlYT2U1dTB4cElMeHdoZmNyY3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83Njc5MzMtNGE3My00YjJmLWFjODQtZGFjYTI2ZGU2Zjdi
LzEvTlQ0X0tPWkg2U3JJcHhEREJjTGlHMkktM0J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFJZiAAwQC
uRTAAwQCuVZIAwQCuVgAMA0GCSqGSIb3DQEBCwUAA4IBAQA5CyudyBQ6wG8wY0Z7
4wBrItoyxpKZb4BX7A01dmxzKTNuIRXKtrLd0uRvOR6qo1sQW/RJEhbDl5x6+Sr5
OI/Tm/UK89ouIShg0WF4ZvAvK7uNRg1tQN/Vshvgl2J5eeEWhEIEEE36TEN3OeCG
Q5z8kO0SOkMp+TxbPl1VOgDarwmlgQOB0ZwguOR/WZP8hjI1b9kPLj6aaDIQGW+Z
hD6wEUyXgEifitXRsLc9moUdalBd85rgibMBaJWF0Yq2WbcoOpOtj08Z3Zwqxzxy
d7AiIERj0kM+9Tu5vd8IBVsqGm6IHKvRi/HdHZJpk0JaDM/ipRgQ/0Q4MTdZZLM5
DfY6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:13 2024 by rpki-client on console-fra.rpki-client.org