Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OwD5f7c8RBD8hyr2KiBeqPUmt5s.roa
File: OwD5f7c8RBD8hyr2KiBeqPUmt5s.roa (raw, json)
Hash identifier: GTxoEFxH+gXAgH9deQADj9l+CIqrNCrD2fOlQOq1/Zo=
Subject key identifier: 3B:00:F9:7F:B7:3C:44:10:FC:87:2A:F6:2A:20:5E:A8:F5:26:B7:9B
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEFC11BFE85A505A004655197E0FA1
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OwD5f7c8RBD8hyr2KiBeqPUmt5s.roa
Signing time: Sun 01 Jan 2023 09:34:45 +0000
ROA not before: Sun 01 Jan 2023 09:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39326
IP address blocks: 37.235.54.0/24 maxlen: 24
151.236.19.0/24 maxlen: 24
2a03:f80:441::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:fc:11:bf:e8:5a:50:5a:00:46:55:19:7e:0f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b00f97fb73c4410fc872af62a205ea8f526b79b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1b:c3:6f:9a:27:7e:02:b5:98:69:96:7a:2e:
01:13:38:a2:f0:fe:e7:28:1f:7d:e2:4a:8b:55:fe:
0b:5b:e1:c8:ee:4a:93:15:3c:55:01:1e:97:09:e4:
b8:85:af:c0:9f:b1:d2:9f:77:95:d4:92:d0:94:72:
28:b2:ff:db:ba:71:43:1a:3b:53:8b:3b:cd:84:bf:
f1:8f:50:1b:92:b9:1a:50:5e:a6:ab:ee:f8:4e:95:
9f:a1:87:14:41:00:b7:c8:e0:a3:8f:43:43:96:07:
8f:21:7c:0b:9c:76:20:60:61:9d:07:9f:f2:67:1f:
5e:d5:58:c8:8b:4d:60:d7:58:d1:64:4e:d2:5b:b1:
ef:6b:63:42:ae:7e:89:7e:78:4a:d4:93:2f:07:38:
bf:fc:da:60:19:d9:8f:7b:36:22:88:4d:05:2b:75:
2d:e3:18:7b:fa:68:10:b5:02:bb:89:16:7e:57:b6:
ff:ab:e1:57:64:69:e0:5f:0b:e5:b2:ac:f8:3d:87:
18:9e:3e:3a:1f:60:06:5a:27:08:b8:01:76:27:e3:
03:67:67:a8:31:0f:40:e2:69:42:73:71:26:58:bf:
6d:b8:0a:79:b4:2c:2d:b2:63:de:10:de:02:97:a2:
67:35:44:a4:4e:96:ab:63:bd:bc:2f:18:43:c9:00:
e7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:00:F9:7F:B7:3C:44:10:FC:87:2A:F6:2A:20:5E:A8:F5:26:B7:9B
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OwD5f7c8RBD8hyr2KiBeqPUmt5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.54.0/24
151.236.19.0/24
IPv6:
2a03:f80:44::/48
2a03:f80:441::/48
Signature Algorithm: sha256WithRSAEncryption
34:70:4c:98:7d:2a:6f:5c:a0:5b:d7:24:ed:07:f3:f0:b0:4d:
da:a2:6b:f8:a8:45:9e:9d:1e:ea:b4:eb:6d:1b:9b:ff:bc:e4:
59:b0:31:73:4b:89:fd:2a:92:3f:ed:a7:04:3b:87:15:80:8a:
b3:e7:cb:22:d3:0b:35:8b:28:78:28:39:5e:72:78:44:81:52:
b4:a0:cd:84:8b:2f:7e:0a:c3:04:25:2f:38:87:e8:6d:d0:cb:
5e:1a:1d:97:e1:ef:94:b2:7a:58:ce:75:ec:33:ef:4b:e2:93:
a5:cb:f1:9f:3f:6b:49:b6:96:56:5c:6a:ca:47:68:15:24:be:
ee:fe:63:88:8f:04:40:fe:54:85:5c:67:6e:1c:2f:3b:04:49:
86:35:08:ac:23:6f:02:bf:48:67:5f:47:f1:87:32:89:20:2f:
99:65:3d:04:8b:75:91:13:77:02:9e:a8:fa:c1:42:5c:5c:39:
e9:0f:42:41:70:c4:d0:62:93:74:7b:0a:a1:71:0d:e4:26:a2:
86:8a:ae:16:13:1c:17:7b:2f:ba:d9:fe:29:52:ea:8e:02:8a:
39:51:f7:74:40:c2:21:6c:56:9a:cd:da:1a:5b:ba:c2:e1:5d:
f8:a8:30:37:41:02:f0:69:1a:4b:f4:4a:26:84:ec:5d:c1:6c:
d8:d0:2b:5a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVsrvwRv+haUFoARlUZfg+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjAwZjk3ZmI3M2M0NDEwZmM4NzJhZjYyYTIwNWVhOGY1MjZiNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRvDb5onfgK1mGmWei4BEzii8P7n
KB994kqLVf4LW+HI7kqTFTxVAR6XCeS4ha/An7HSn3eV1JLQlHIosv/bunFDGjtT
izvNhL/xj1AbkrkaUF6mq+74TpWfoYcUQQC3yOCjj0NDlgePIXwLnHYgYGGdB5/y
Zx9e1VjIi01g11jRZE7SW7Hva2NCrn6JfnhK1JMvBzi//NpgGdmPezYiiE0FK3Ut
4xh7+mgQtQK7iRZ+V7b/q+FXZGngXwvlsqz4PYcYnj46H2AGWicIuAF2J+MDZ2eo
MQ9A4mlCc3EmWL9tuAp5tCwtsmPeEN4Cl6JnNUSkTparY728LxhDyQDnfQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDsA+X+3PEQQ/Icq9iogXqj1JrebMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvT3dENWY3YzhSQkQ4aHlyMktpQmVxUFVtdDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAJes2AwQA
l+wTMBgEAgACMBIDBwAqAw+AAEQDBwAqAw+ABEEwDQYJKoZIhvcNAQELBQADggEB
ADRwTJh9Km9coFvXJO0H8/CwTdqia/ioRZ6dHuq0620bm/+85FmwMXNLif0qkj/t
pwQ7hxWAirPnyyLTCzWLKHgoOV5yeESBUrSgzYSLL34KwwQlLziH6G3Qy14aHZfh
75SyeljOdewz70vik6XL8Z8/a0m2llZcaspHaBUkvu7+Y4iPBED+VIVcZ24cLzsE
SYY1CKwjbwK/SGdfR/GHMokgL5llPQSLdZETdwKeqPrBQlxcOekPQkFwxNBik3R7
CqFxDeQmooaKrhYTHBd7L7rZ/ilS6o4CijlR93RAwiFsVprN2hpbusLhXfioMDdB
AvBpGkv0SiaE7F3BbNjQK1o=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:24 2024 by rpki-client on console-ams.rpki-client.org