Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/pXxaxUd6CN2_KjQZIwnJgP8Zmaw.roa
File: pXxaxUd6CN2_KjQZIwnJgP8Zmaw.roa (raw, json)
Hash identifier: OTZowaiUygijrOj86MAALf3zCf+F0ZLtd6OqlXtWcUg=
Subject key identifier: A5:7C:5A:C5:47:7A:08:DD:BF:2A:34:19:23:09:C9:80:FF:19:99:AC
Certificate issuer: /CN=e8f239a70043734172d26378bf2106ae72552187
Certificate serial: 01856CB86E50EB049775AA6FB71256759FA7
Authority key identifier: E8:F2:39:A7:00:43:73:41:72:D2:63:78:BF:21:06:AE:72:55:21:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/pXxaxUd6CN2_KjQZIwnJgP8Zmaw.roa
Signing time: Sun 01 Jan 2023 09:45:04 +0000
ROA not before: Sun 01 Jan 2023 09:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31042
IP address blocks: 37.0.64.0/21 maxlen: 24
79.140.144.0/20 maxlen: 24
185.12.40.0/22 maxlen: 24
185.80.96.0/22 maxlen: 24
89.207.192.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:6e:50:eb:04:97:75:aa:6f:b7:12:56:75:9f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8f239a70043734172d26378bf2106ae72552187
Validity
Not Before: Jan 1 09:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a57c5ac5477a08ddbf2a34192309c980ff1999ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:50:12:f7:db:3e:59:93:74:36:03:4b:14:73:
32:35:e8:26:c1:a1:c9:95:1f:e6:00:9b:4a:da:a9:
4b:da:d7:34:33:f2:db:86:06:07:22:d3:fd:ad:d9:
09:f6:e5:96:18:f5:5c:fd:1f:6f:5c:57:7c:00:f8:
23:cb:1b:64:8b:33:f4:33:13:3b:cc:2c:30:88:0c:
73:1b:fb:67:ba:67:ac:8a:02:dc:79:e5:bf:f5:5c:
5d:24:b2:64:f8:c1:ef:7f:d2:5e:27:6b:a2:2a:db:
67:8c:30:d3:92:3c:e0:b7:25:a9:84:93:3f:71:4b:
98:e6:8f:ed:9b:c8:5c:d7:50:3d:56:54:1a:60:7d:
bb:91:ad:39:05:44:83:a1:f6:a3:36:28:45:1a:1d:
e5:82:0a:af:0e:95:9b:b8:72:9d:f2:73:70:53:44:
01:60:80:b3:59:77:26:ad:df:86:03:58:fa:3d:f2:
1e:7e:be:ef:94:0f:20:a0:5c:26:f7:56:60:be:82:
17:b9:8a:9e:5c:b0:81:07:8f:8a:c5:fe:c5:38:82:
92:31:f1:ee:29:b9:50:c7:53:bc:07:e5:60:3d:1b:
3b:4b:a7:37:48:c4:82:ac:6f:de:6d:b1:3d:2b:34:
f8:d5:ba:f2:03:11:e4:00:73:ad:6c:e0:c0:9e:64:
d8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7C:5A:C5:47:7A:08:DD:BF:2A:34:19:23:09:C9:80:FF:19:99:AC
X509v3 Authority Key Identifier:
keyid:E8:F2:39:A7:00:43:73:41:72:D2:63:78:BF:21:06:AE:72:55:21:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/pXxaxUd6CN2_KjQZIwnJgP8Zmaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.64.0/21
79.140.144.0/20
89.207.192.0/21
185.12.40.0/22
185.80.96.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:ed:bc:a8:1a:95:5f:a6:db:a4:ad:f6:d9:93:15:21:81:71:
2f:5f:94:f2:32:b6:e6:e4:d5:40:ce:d6:ea:d8:e9:d8:db:68:
61:13:56:d5:37:32:92:d5:89:41:bc:0c:f6:30:00:68:44:f4:
89:03:04:18:cf:2c:d9:fb:3f:de:54:d0:9d:74:e4:6c:a0:83:
45:90:69:e7:57:fb:be:d9:0c:62:49:26:9c:ca:c3:a7:b9:4a:
bc:df:a4:6c:06:c9:9d:fb:63:d6:db:20:47:22:7b:d6:7b:d9:
c3:ff:2b:66:c6:04:e5:68:4b:0f:46:71:04:e1:2f:90:81:2a:
a9:0c:b4:95:98:ff:8f:69:f2:80:6b:92:01:71:57:3a:5f:44:
9d:50:4b:b4:2f:02:66:a5:be:97:3f:df:af:57:df:58:87:e9:
dc:92:49:77:aa:6d:ec:e0:79:ae:02:45:bc:6e:2d:28:d0:16:
a7:73:52:5c:a1:07:e7:d9:a8:46:3d:9a:00:cd:37:f0:e4:a6:
09:85:01:ee:3b:8c:3a:d7:96:9a:0a:fd:ff:fc:18:4f:ec:e1:
d9:5e:ca:b6:01:4b:2b:15:6c:88:41:64:b1:9b:66:ee:99:59:
80:6f:c6:c0:25:14:9b:35:a6:77:96:d6:1f:58:6a:46:87:63:
58:f0:d2:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsuG5Q6wSXdapvtxJWdZ+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZjIzOWE3MDA0MzczNDE3MmQyNjM3OGJmMjEwNmFlNzI1
NTIxODcwHhcNMjMwMTAxMDk0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTdjNWFjNTQ3N2EwOGRkYmYyYTM0MTkyMzA5Yzk4MGZmMTk5OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01AS99s+WZN0NgNLFHMyNegmwaHJ
lR/mAJtK2qlL2tc0M/LbhgYHItP9rdkJ9uWWGPVc/R9vXFd8APgjyxtkizP0MxM7
zCwwiAxzG/tnumesigLceeW/9VxdJLJk+MHvf9JeJ2uiKttnjDDTkjzgtyWphJM/
cUuY5o/tm8hc11A9VlQaYH27ka05BUSDofajNihFGh3lggqvDpWbuHKd8nNwU0QB
YICzWXcmrd+GA1j6PfIefr7vlA8goFwm91ZgvoIXuYqeXLCBB4+Kxf7FOIKSMfHu
KblQx1O8B+VgPRs7S6c3SMSCrG/ebbE9KzT41bryAxHkAHOtbODAnmTYPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKV8WsVHegjdvyo0GSMJyYD/GZmsMB8GA1UdIwQY
MBaAFOjyOacAQ3NBctJjeL8hBq5yVSGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlBJNXB3QkRjMEZ5MG1ONHZ5RUdybkpWSVljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy80ZTkwMmEtMjk5Zi00ZGE3LTlhNmQt
NjY5YmQxMTNhMTc4LzEvcFh4YXhVZDZDTjJfS2pRWkl3bkpnUDhabWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy80ZTkwMmEtMjk5Zi00ZGE3LTlhNmQtNjY5YmQxMTNhMTc4
LzEvNlBJNXB3QkRjMEZ5MG1ONHZ5RUdybkpWSVljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJQBAAwQE
T4yQAwQDWc/AAwQCuQwoAwQCuVBgMA0GCSqGSIb3DQEBCwUAA4IBAQBO7byoGpVf
ptukrfbZkxUhgXEvX5TyMrbm5NVAztbq2OnY22hhE1bVNzKS1YlBvAz2MABoRPSJ
AwQYzyzZ+z/eVNCddORsoINFkGnnV/u+2QxiSSacysOnuUq836RsBsmd+2PW2yBH
InvWe9nD/ytmxgTlaEsPRnEE4S+QgSqpDLSVmP+PafKAa5IBcVc6X0SdUEu0LwJm
pb6XP9+vV99Yh+nckkl3qm3s4HmuAkW8bi0o0Banc1JcoQfn2ahGPZoAzTfw5KYJ
hQHuO4w615aaCv3//BhP7OHZXsq2AUsrFWyIQWSxm2bumVmAb8bAJRSbNaZ3ltYf
WGpGh2NY8NKv
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:32 2024 by rpki-client on console-ams.rpki-client.org