Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/2-G0YqyxRUU6wBjsv1ZcnxcVleE.roa
File: 2-G0YqyxRUU6wBjsv1ZcnxcVleE.roa (raw, json)
Hash identifier: WzefYBy1SfGRjXvGxDeKrzwaUHNUi9tyFqQbwgaIvEU=
Subject key identifier: DB:E1:B4:62:AC:B1:45:45:3A:C0:18:EC:BF:56:5C:9F:17:15:95:E1
Certificate issuer: /CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Certificate serial: 0185737AA2B6BA5F5C9B982C0968BCF3FCEE
Authority key identifier: 6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/2-G0YqyxRUU6wBjsv1ZcnxcVleE.roa
Signing time: Mon 02 Jan 2023 17:14:54 +0000
ROA not before: Mon 02 Jan 2023 17:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205473
IP address blocks: 37.205.112.0/24 maxlen: 24
37.205.112.0/22 maxlen: 22
37.205.115.0/24 maxlen: 24
37.205.113.0/24 maxlen: 24
37.205.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Dec 2023 13:07:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:a2:b6:ba:5f:5c:9b:98:2c:09:68:bc:f3:fc:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Validity
Not Before: Jan 2 17:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbe1b462acb145453ac018ecbf565c9f171595e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e7:ce:f4:81:c7:0c:ad:bd:1f:f3:e8:00:d0:
8b:b8:f8:11:d3:8e:a7:4c:65:a3:7f:6b:4b:68:6f:
b3:7f:8f:cc:4c:89:df:b0:97:50:dd:13:c2:37:8f:
a4:fd:5f:04:35:8f:3c:cb:4e:18:29:86:55:07:e1:
09:69:83:c5:b1:45:d3:1c:fa:50:e4:cb:fc:cc:cc:
18:eb:5c:d3:17:fc:2e:e3:d2:d6:6a:66:8b:38:f3:
f8:f5:d2:82:fd:e0:af:47:52:e3:d9:5c:b8:21:56:
21:32:1e:e6:94:a9:74:69:17:f0:60:a6:00:4a:38:
4f:5b:47:37:7e:d1:16:42:c3:c2:6e:94:33:b2:ba:
1b:24:1f:78:e7:1f:2c:e3:fc:6c:a7:c9:a7:cf:42:
2f:ef:97:e5:74:f1:4a:c3:85:84:77:a0:04:b3:82:
96:0d:fb:3a:48:2f:03:c7:5f:ff:4c:f0:b3:ac:01:
15:39:80:68:bb:d3:d2:38:cd:88:f9:86:54:ee:e9:
15:10:24:c9:88:37:60:bf:59:0f:fe:a8:d1:6e:5e:
00:79:28:c7:83:e2:ed:64:35:28:9e:3d:d8:ee:5c:
ab:92:56:c9:a9:48:12:cb:6d:c0:e9:fc:d4:7a:8b:
cb:a8:52:38:23:68:28:6e:ae:d9:8c:6b:da:43:42:
db:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E1:B4:62:AC:B1:45:45:3A:C0:18:EC:BF:56:5C:9F:17:15:95:E1
X509v3 Authority Key Identifier:
keyid:6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/2-G0YqyxRUU6wBjsv1ZcnxcVleE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.112.0/22
Signature Algorithm: sha256WithRSAEncryption
89:37:27:1a:cd:50:b7:d4:33:d4:16:b5:a2:f1:9c:3a:37:a0:
50:42:2e:0d:0d:7a:ab:0a:d4:f8:92:3b:df:08:77:5f:79:b0:
fa:e9:b7:52:e9:b4:a3:79:64:e0:30:19:e7:22:c9:cb:0e:4c:
d2:b2:22:da:72:54:af:8f:eb:49:00:9e:60:2a:13:6e:39:29:
33:2f:ab:a6:f0:9f:68:0c:42:6a:37:e9:33:6b:d7:ea:be:ad:
3b:01:60:3d:c6:6c:cb:1b:d3:94:38:b6:84:80:bc:a9:23:a6:
84:58:8b:b3:69:8e:69:55:24:55:57:19:99:0d:11:7f:08:aa:
3a:46:6f:b4:56:23:e5:00:71:90:63:96:49:8e:a7:3e:3d:63:
32:09:55:be:02:d3:4c:6a:4e:62:b6:cb:de:b4:22:3a:af:ab:
b5:33:de:9c:87:d0:01:aa:e3:86:ef:b1:df:db:41:f3:c7:64:
6e:0d:a1:e7:b6:d6:6b:f8:e7:3a:48:73:d3:86:2b:e3:ce:a9:
97:a5:f6:04:70:62:5e:8a:5e:2f:ca:92:9b:31:1c:5b:37:b1:
27:1b:3b:b1:f3:f7:2c:18:1b:48:73:76:df:11:cb:6f:3c:0b:
6e:73:b2:b5:4f:05:f6:20:12:1e:6f:54:db:fa:3d:f8:bd:ea:
a8:e3:e0:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzeqK2ul9cm5gsCWi88/zuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2Q1Y2FkNGQzMzA2YzRmNzJjNDJhZmMwNmU1Y2QxZmJh
ZmUzYTMwHhcNMjMwMTAyMTcxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmUxYjQ2MmFjYjE0NTQ1M2FjMDE4ZWNiZjU2NWM5ZjE3MTU5NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOfO9IHHDK29H/PoANCLuPgR046n
TGWjf2tLaG+zf4/MTInfsJdQ3RPCN4+k/V8ENY88y04YKYZVB+EJaYPFsUXTHPpQ
5Mv8zMwY61zTF/wu49LWamaLOPP49dKC/eCvR1Lj2Vy4IVYhMh7mlKl0aRfwYKYA
SjhPW0c3ftEWQsPCbpQzsrobJB945x8s4/xsp8mnz0Iv75fldPFKw4WEd6AEs4KW
Dfs6SC8Dx1//TPCzrAEVOYBou9PSOM2I+YZU7ukVECTJiDdgv1kP/qjRbl4AeSjH
g+LtZDUonj3Y7lyrklbJqUgSy23A6fzUeovLqFI4I2gobq7ZjGvaQ0Lb1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvhtGKssUVFOsAY7L9WXJ8XFZXhMB8GA1UdIwQY
MBaAFG7NXK1NMwbE9yxCr8BuXNH7r+OjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgt
NWZiYzIzMGFiZGMyLzEvMi1HMFlxeXhSVVU2d0Jqc3YxWmNueGNWbGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgtNWZiYzIzMGFiZGMy
LzEvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJc1wMA0G
CSqGSIb3DQEBCwUAA4IBAQCJNycazVC31DPUFrWi8Zw6N6BQQi4NDXqrCtT4kjvf
CHdfebD66bdS6bSjeWTgMBnnIsnLDkzSsiLaclSvj+tJAJ5gKhNuOSkzL6um8J9o
DEJqN+kza9fqvq07AWA9xmzLG9OUOLaEgLypI6aEWIuzaY5pVSRVVxmZDRF/CKo6
Rm+0ViPlAHGQY5ZJjqc+PWMyCVW+AtNMak5itsvetCI6r6u1M96ch9ABquOG77Hf
20Hzx2RuDaHnttZr+Oc6SHPThivjzqmXpfYEcGJeil4vypKbMRxbN7EnGzux8/cs
GBtIc3bfEctvPAtuc7K1TwX2IBIeb1Tb+j34veqo4+CN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:23 2024 by rpki-client on console-fra.rpki-client.org