Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/W9v_KYQZHhbbqL11ynVNmSj-G1g.roa
File: W9v_KYQZHhbbqL11ynVNmSj-G1g.roa (raw, json)
Hash identifier: MLuHyctRm3+xwAWYQzikKpN3S+dT+2y4VwEmi1+MNJc=
Subject key identifier: 5B:DB:FF:29:84:19:1E:16:DB:A8:BD:75:CA:75:4D:99:28:FE:1B:58
Certificate issuer: /CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Certificate serial: 01856D6F4AE68D49A1DE840E491A5B2CBA09
Authority key identifier: 4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/W9v_KYQZHhbbqL11ynVNmSj-G1g.roa
Signing time: Sun 01 Jan 2023 13:04:48 +0000
ROA not before: Sun 01 Jan 2023 13:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51440
IP address blocks: 37.122.159.0/24 maxlen: 24
37.122.158.0/24 maxlen: 24
37.122.158.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:4a:e6:8d:49:a1:de:84:0e:49:1a:5b:2c:ba:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Validity
Not Before: Jan 1 13:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bdbff2984191e16dba8bd75ca754d9928fe1b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5f:e0:57:4b:4b:e3:55:5f:e8:f1:e7:a5:ef:
29:2b:81:0b:83:1f:1f:86:eb:4e:6a:4c:b6:b2:83:
5c:cd:f9:28:52:7b:2d:18:d5:d7:fc:cd:e3:60:3e:
90:3e:a3:57:63:1b:3f:d2:21:77:47:f1:d9:bc:c2:
d0:28:7f:83:74:13:92:47:ca:a8:7f:b6:d0:41:4a:
57:6a:b3:c1:26:fb:73:85:a2:61:84:8c:a7:89:33:
d3:3f:24:d6:5d:a6:bb:3d:17:72:00:11:c7:5d:cf:
fc:0a:34:3d:ca:98:54:41:71:6d:58:4b:af:a8:23:
ae:43:b1:60:ff:8e:7b:90:84:10:d2:ce:da:a6:21:
57:68:3c:ca:01:ab:f1:c1:aa:db:d6:1f:07:51:01:
0b:ab:df:fc:92:2e:74:06:2b:21:b2:09:55:f2:a9:
3f:20:3c:6e:a8:a2:ed:0b:db:2f:ab:e2:7a:38:5c:
5f:43:f2:6b:86:b8:55:19:54:86:dc:14:e2:34:b5:
90:0a:0b:6c:c2:d8:e5:ca:d0:76:bd:01:bd:55:b8:
d8:fa:d8:28:ab:f8:0b:ae:d8:51:07:c7:0e:c1:e5:
16:bd:ff:d3:56:bf:f8:36:36:1c:6a:23:fc:ad:6d:
2b:23:18:7d:43:81:6e:ae:38:a6:31:b5:3f:bf:73:
16:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DB:FF:29:84:19:1E:16:DB:A8:BD:75:CA:75:4D:99:28:FE:1B:58
X509v3 Authority Key Identifier:
keyid:4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/W9v_KYQZHhbbqL11ynVNmSj-G1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/S1dyWwpgXU3cxGS3Dcs6FipfBVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.158.0/23
Signature Algorithm: sha256WithRSAEncryption
19:3f:97:42:d0:7d:2e:c4:b4:ee:c4:28:dc:dc:90:15:1a:c3:
5a:2f:1f:35:d6:50:6b:42:38:36:c3:b8:8b:e7:d1:dd:ab:6c:
aa:9b:c0:0e:38:f7:6f:81:5f:ff:68:62:8a:f3:b6:0a:03:b9:
df:c2:39:92:2e:eb:f3:48:9e:79:eb:30:2e:cb:44:7b:eb:f0:
1f:b8:eb:d5:f8:98:4b:2b:dc:c6:7f:bb:27:a1:03:3b:72:76:
89:94:62:95:ee:2a:f5:80:82:b3:44:40:c4:1f:d6:24:61:1e:
c8:82:e5:ad:7c:8b:98:03:84:3d:e3:cb:70:2a:e4:45:9a:c6:
e1:f5:e2:87:7c:c9:89:d7:ec:39:83:bc:81:1b:8d:00:74:42:
cc:eb:ce:40:8d:cc:34:c4:ef:6a:c5:6b:a5:0e:67:e7:18:ef:
78:c8:7e:eb:df:dd:64:2a:c5:84:cd:49:be:3b:25:54:86:f2:
46:bd:2a:46:00:bf:a6:18:63:ed:c6:fa:98:2d:e3:7f:60:ed:
0c:fa:b4:d0:d6:04:31:92:c1:82:7a:07:cf:e7:33:a3:dc:ce:
1a:32:b3:fd:dd:c7:d1:fb:db:ca:03:11:14:13:08:bf:e5:aa:
c3:7c:00:2e:f6:18:7b:ad:7a:1c:f6:96:84:cd:51:eb:36:c3:
2b:f8:18:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb0rmjUmh3oQOSRpbLLoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTc3MjViMGE2MDVkNGRkY2M0NjRiNzBkY2IzYTE2MmE1
ZjA1NWIwHhcNMjMwMTAxMTMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmRiZmYyOTg0MTkxZTE2ZGJhOGJkNzVjYTc1NGQ5OTI4ZmUxYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1/gV0tL41Vf6PHnpe8pK4ELgx8f
hutOaky2soNczfkoUnstGNXX/M3jYD6QPqNXYxs/0iF3R/HZvMLQKH+DdBOSR8qo
f7bQQUpXarPBJvtzhaJhhIyniTPTPyTWXaa7PRdyABHHXc/8CjQ9yphUQXFtWEuv
qCOuQ7Fg/457kIQQ0s7apiFXaDzKAavxwarb1h8HUQELq9/8ki50BishsglV8qk/
IDxuqKLtC9svq+J6OFxfQ/JrhrhVGVSG3BTiNLWQCgtswtjlytB2vQG9VbjY+tgo
q/gLrthRB8cOweUWvf/TVr/4NjYcaiP8rW0rIxh9Q4FurjimMbU/v3MWuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFvb/ymEGR4W26i9dcp1TZko/htYMB8GA1UdIwQY
MBaAFEtXclsKYF1N3MRktw3LOhYqXwVbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFkeVd3cGdYVTNjeEdTM0RjczZGaXBmQlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9lMDA1YzItYWZmYS00NThmLWFhZjgt
OGFmNTZlNzMzNjAwLzEvVzl2X0tZUVpIaGJicUwxMXluVk5tU2otRzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9lMDA1YzItYWZmYS00NThmLWFhZjgtOGFmNTZlNzMzNjAw
LzEvUzFkeVd3cGdYVTNjeEdTM0RjczZGaXBmQlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJXqeMA0G
CSqGSIb3DQEBCwUAA4IBAQAZP5dC0H0uxLTuxCjc3JAVGsNaLx811lBrQjg2w7iL
59Hdq2yqm8AOOPdvgV//aGKK87YKA7nfwjmSLuvzSJ556zAuy0R76/AfuOvV+JhL
K9zGf7snoQM7cnaJlGKV7ir1gIKzREDEH9YkYR7IguWtfIuYA4Q948twKuRFmsbh
9eKHfMmJ1+w5g7yBG40AdELM685Ajcw0xO9qxWulDmfnGO94yH7r391kKsWEzUm+
OyVUhvJGvSpGAL+mGGPtxvqYLeN/YO0M+rTQ1gQxksGCegfP5zOj3M4aMrP93cfR
+9vKAxEUEwi/5arDfAAu9hh7rXoc9paEzVHrNsMr+Bhu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:07 2024 by rpki-client on console-fra.rpki-client.org