Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/vBJT_24oTrr0n6oSGygM4dbDCzU.roa
File: vBJT_24oTrr0n6oSGygM4dbDCzU.roa (raw, json)
Hash identifier: CTL0qVt85/7BLJUSg23qfcP1a1A0KLg5QeVbGuTGAL8=
Subject key identifier: BC:12:53:FF:6E:28:4E:BA:F4:9F:AA:12:1B:28:0C:E1:D6:C3:0B:35
Certificate issuer: /CN=40ec5d82a8eb5d98ce76e61dafe517661fc4e675
Certificate serial: 01856E66698867E8FD0BD77D5E169879C26C
Authority key identifier: 40:EC:5D:82:A8:EB:5D:98:CE:76:E6:1D:AF:E5:17:66:1F:C4:E6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOxdgqjrXZjOduYdr-UXZh_E5nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/vBJT_24oTrr0n6oSGygM4dbDCzU.roa
Signing time: Sun 01 Jan 2023 17:34:43 +0000
ROA not before: Sun 01 Jan 2023 17:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198436
IP address blocks: 37.72.54.0/24 maxlen: 24
37.72.55.0/24 maxlen: 24
37.72.56.0/24 maxlen: 24
37.72.57.0/24 maxlen: 24
37.72.58.0/24 maxlen: 24
37.72.52.0/24 maxlen: 24
37.72.53.0/24 maxlen: 24
37.72.61.0/24 maxlen: 24
37.72.62.0/24 maxlen: 24
37.72.63.0/24 maxlen: 24
37.72.59.0/24 maxlen: 24
37.72.60.0/24 maxlen: 24
37.72.48.0/24 maxlen: 24
37.72.49.0/24 maxlen: 24
37.72.50.0/24 maxlen: 24
37.72.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:66:69:88:67:e8:fd:0b:d7:7d:5e:16:98:79:c2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ec5d82a8eb5d98ce76e61dafe517661fc4e675
Validity
Not Before: Jan 1 17:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc1253ff6e284ebaf49faa121b280ce1d6c30b35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1b:ba:ac:bb:e6:51:17:66:e9:bb:a8:14:42:
83:bc:d7:7b:5f:7a:5c:c9:ea:a1:02:d2:16:52:56:
19:eb:55:2b:02:2f:9e:1b:81:e9:17:d4:7f:53:4b:
90:b5:7b:a1:b9:51:90:91:b4:76:31:6a:7a:e7:aa:
2e:eb:c9:b0:bf:99:09:27:45:83:8f:3e:1d:78:ad:
e5:07:13:4d:a7:e8:6e:1e:a9:37:85:58:23:2d:2d:
41:1d:6b:fa:a2:c0:60:d0:cd:dd:35:1c:d5:c0:83:
18:d0:f0:33:01:93:80:de:5c:c9:84:05:4a:a0:15:
29:b6:16:ab:4d:ca:38:22:4a:86:2a:e5:3b:83:d6:
b7:a5:76:f0:50:43:2c:ee:04:49:f1:a5:22:9f:c2:
81:8a:31:b9:31:b8:4f:36:97:1d:ef:a7:79:bf:81:
5a:70:f7:4e:11:16:65:33:3b:28:f8:b0:12:d1:60:
89:0c:2a:9c:54:f8:14:ee:30:95:0d:de:db:00:58:
4a:0a:47:76:df:ae:c1:5f:24:34:62:06:a3:e1:34:
3a:06:a8:29:7c:f6:a0:db:01:82:a4:c4:90:35:96:
5b:dc:03:29:21:71:5d:06:32:60:03:f1:e8:4d:7f:
fb:88:a2:b0:d8:82:74:2c:24:f0:41:6c:5a:c5:05:
46:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:12:53:FF:6E:28:4E:BA:F4:9F:AA:12:1B:28:0C:E1:D6:C3:0B:35
X509v3 Authority Key Identifier:
keyid:40:EC:5D:82:A8:EB:5D:98:CE:76:E6:1D:AF:E5:17:66:1F:C4:E6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOxdgqjrXZjOduYdr-UXZh_E5nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/vBJT_24oTrr0n6oSGygM4dbDCzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/QOxdgqjrXZjOduYdr-UXZh_E5nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.48.0/20
Signature Algorithm: sha256WithRSAEncryption
0d:26:58:f5:de:c5:07:e1:9c:3b:b0:2b:e6:25:d2:19:9b:09:
43:d7:bd:9b:c8:f3:c3:59:3b:f5:99:4a:94:83:64:98:5f:56:
42:f7:bb:64:d0:61:2f:3e:d0:9a:35:84:70:ec:88:51:a7:f1:
ec:8a:bc:a4:13:c7:fb:2f:ab:bd:52:ed:60:e0:b3:24:33:8b:
50:5f:a2:64:c3:09:f1:22:41:11:43:c1:a2:8e:ca:87:08:32:
3f:c8:96:ce:e5:5e:4c:3c:7c:13:a0:0e:d3:62:d3:7a:3c:e6:
e2:4d:7a:0d:aa:7c:39:b1:66:81:cd:5a:32:2c:99:3f:ff:ce:
af:9a:31:9d:16:e5:ab:a6:56:bc:7a:ae:cd:1d:11:08:d1:55:
f1:be:5e:c2:1b:fb:66:1c:e7:24:52:4a:7f:b0:13:18:fa:74:
2a:01:6d:79:34:70:0e:20:bf:ae:29:3d:6d:8b:98:aa:a7:2a:
4d:e6:b9:0d:a1:5b:9d:29:ae:b6:76:ec:29:c5:35:9b:32:0f:
b9:8a:4a:c9:d9:d0:0f:e2:48:68:b1:a1:b1:98:a0:a5:d8:ad:
34:4c:43:fb:3a:f1:ce:80:0c:f5:fc:80:8d:75:6e:c5:57:54:
01:b3:d3:d4:0f:d6:9b:e2:c1:4e:e2:31:ff:81:36:40:6f:9b:
3d:84:1a:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZmmIZ+j9C9d9XhaYecJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWM1ZDgyYThlYjVkOThjZTc2ZTYxZGFmZTUxNzY2MWZj
NGU2NzUwHhcNMjMwMTAxMTczNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzEyNTNmZjZlMjg0ZWJhZjQ5ZmFhMTIxYjI4MGNlMWQ2YzMwYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhu6rLvmURdm6buoFEKDvNd7X3pc
yeqhAtIWUlYZ61UrAi+eG4HpF9R/U0uQtXuhuVGQkbR2MWp656ou68mwv5kJJ0WD
jz4deK3lBxNNp+huHqk3hVgjLS1BHWv6osBg0M3dNRzVwIMY0PAzAZOA3lzJhAVK
oBUptharTco4IkqGKuU7g9a3pXbwUEMs7gRJ8aUin8KBijG5MbhPNpcd76d5v4Fa
cPdOERZlMzso+LAS0WCJDCqcVPgU7jCVDd7bAFhKCkd2367BXyQ0Ygaj4TQ6Bqgp
fPag2wGCpMSQNZZb3AMpIXFdBjJgA/HoTX/7iKKw2IJ0LCTwQWxaxQVGzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwSU/9uKE669J+qEhsoDOHWwws1MB8GA1UdIwQY
MBaAFEDsXYKo612YznbmHa/lF2YfxOZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU94ZGdxanJYWmpPZHVZZHItVVhaaF9FNW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82N2U3NTUtM2M1NC00NWRiLTg5YjUt
ZGYzMTc0NWNjMjI5LzEvdkJKVF8yNG9UcnIwbjZvU0d5Z000ZGJEQ3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82N2U3NTUtM2M1NC00NWRiLTg5YjUtZGYzMTc0NWNjMjI5
LzEvUU94ZGdxanJYWmpPZHVZZHItVVhaaF9FNW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJUgwMA0G
CSqGSIb3DQEBCwUAA4IBAQANJlj13sUH4Zw7sCvmJdIZmwlD172byPPDWTv1mUqU
g2SYX1ZC97tk0GEvPtCaNYRw7IhRp/HsirykE8f7L6u9Uu1g4LMkM4tQX6Jkwwnx
IkERQ8GijsqHCDI/yJbO5V5MPHwToA7TYtN6PObiTXoNqnw5sWaBzVoyLJk//86v
mjGdFuWrpla8eq7NHREI0VXxvl7CG/tmHOckUkp/sBMY+nQqAW15NHAOIL+uKT1t
i5iqpypN5rkNoVudKa62duwpxTWbMg+5ikrJ2dAP4khosaGxmKCl2K00TEP7OvHO
gAz1/ICNdW7FV1QBs9PUD9ab4sFO4jH/gTZAb5s9hBoX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:29 2024 by rpki-client on console-ams.rpki-client.org