Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/eeb26f-6790-42ce-8ccc-54a25e2cdaa9/1/7HSowDRdB7Uz53n68Nl019z6OlI.roa
File: 7HSowDRdB7Uz53n68Nl019z6OlI.roa (raw, json)
Hash identifier: QJEEZfMJlLjBt+OZFlzxCW7N8X7yr6WxgB147vOPOyo=
Subject key identifier: EC:74:A8:C0:34:5D:07:B5:33:E7:79:FA:F0:D9:74:D7:DC:FA:3A:52
Certificate issuer: /CN=13f8496b79d1c04d082af83f1be6a5eab0c66089
Certificate serial: 0185711553A9F0014702C733C9F2DDB3BB90
Authority key identifier: 13:F8:49:6B:79:D1:C0:4D:08:2A:F8:3F:1B:E6:A5:EA:B0:C6:60:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E_hJa3nRwE0IKvg_G-al6rDGYIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/eeb26f-6790-42ce-8ccc-54a25e2cdaa9/1/7HSowDRdB7Uz53n68Nl019z6OlI.roa
Signing time: Mon 02 Jan 2023 06:05:01 +0000
ROA not before: Mon 02 Jan 2023 06:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34625
IP address blocks: 195.242.236.0/24 maxlen: 24
212.119.57.0/24 maxlen: 24
212.119.58.0/24 maxlen: 24
212.119.56.0/24 maxlen: 24
212.119.59.0/24 maxlen: 24
37.75.232.0/24 maxlen: 24
37.75.233.0/24 maxlen: 24
37.75.236.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:53:a9:f0:01:47:02:c7:33:c9:f2:dd:b3:bb:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13f8496b79d1c04d082af83f1be6a5eab0c66089
Validity
Not Before: Jan 2 06:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec74a8c0345d07b533e779faf0d974d7dcfa3a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fa:f5:fd:13:e0:3c:5b:df:c7:a1:3d:df:b5:
5d:87:dd:22:03:f7:83:f2:e3:4c:9b:d5:23:dc:e1:
af:63:de:f4:5c:c0:cf:cd:3f:67:63:ec:a1:76:e1:
92:af:de:69:2b:cb:72:89:38:3c:4e:f4:fa:86:19:
08:af:5d:b4:87:29:94:4b:ec:e8:7a:eb:5f:1d:c2:
f8:d6:e0:30:6b:61:19:10:0e:d7:36:81:7c:a9:71:
0d:0b:82:8b:67:68:bf:bf:62:b0:0e:02:d2:69:c9:
47:fd:ad:d4:01:9f:73:c3:33:e5:87:df:24:19:11:
5d:cb:1b:36:20:f4:34:ce:4e:bd:4b:e9:2b:29:04:
3e:70:7a:6d:9f:03:c3:36:d2:8f:f0:4e:38:10:ad:
ba:2c:a7:b3:c4:17:5e:d5:51:5a:bd:e2:ac:f6:ad:
37:6e:19:e5:d5:03:3b:a8:07:78:89:b5:58:6c:4b:
3f:ba:74:72:17:af:e4:25:11:77:8f:a6:64:0f:12:
7b:1d:fc:f1:b7:7d:89:be:00:4b:30:0a:e3:f0:b5:
b6:6d:3b:01:29:71:e9:97:85:d5:05:77:d7:1c:a0:
fd:0d:4b:0b:92:91:fe:f4:55:dc:9b:b9:8c:32:84:
d8:71:8a:d7:53:64:67:15:21:93:05:57:53:e7:34:
c5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:74:A8:C0:34:5D:07:B5:33:E7:79:FA:F0:D9:74:D7:DC:FA:3A:52
X509v3 Authority Key Identifier:
keyid:13:F8:49:6B:79:D1:C0:4D:08:2A:F8:3F:1B:E6:A5:EA:B0:C6:60:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E_hJa3nRwE0IKvg_G-al6rDGYIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/eeb26f-6790-42ce-8ccc-54a25e2cdaa9/1/7HSowDRdB7Uz53n68Nl019z6OlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/eeb26f-6790-42ce-8ccc-54a25e2cdaa9/1/E_hJa3nRwE0IKvg_G-al6rDGYIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.232.0/23
37.75.236.0/24
195.242.236.0/24
212.119.56.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:80:18:c7:ab:90:33:9f:c9:a4:0c:8d:47:56:49:ff:e3:5d:
e1:4e:a3:c5:dd:65:1c:83:e3:70:0a:96:46:5f:e2:50:4d:8c:
f4:d7:4e:e8:de:f1:e5:13:f9:58:df:cc:4e:a8:8f:38:5b:f2:
11:63:d4:69:38:45:e8:db:0e:79:2a:2e:04:95:e6:fa:e9:87:
2c:fe:03:49:09:7c:f6:ca:68:3a:ae:e3:7c:3c:13:26:1b:36:
dc:e6:63:17:98:e0:79:42:76:69:b1:84:f8:a6:48:0a:9d:21:
4e:cc:3e:91:b2:c4:2f:a9:b3:87:f4:a8:b4:00:72:63:86:97:
09:66:aa:70:b4:f7:36:d6:b3:d3:d8:69:35:5d:30:44:89:b1:
fe:ca:9e:f7:c1:5b:50:c9:af:9a:15:02:48:7b:51:6e:dd:ef:
2a:a4:1a:21:7a:85:2b:63:d3:0e:ba:46:72:8d:93:54:f6:46:
3a:21:e2:1d:ec:58:a3:98:79:0b:71:7a:51:af:03:70:82:0c:
c7:d1:bb:57:45:cf:8d:e7:7d:a1:ef:7f:25:59:d4:26:1e:e6:
a8:9b:31:bf:8e:8b:09:ee:bc:b3:71:11:be:36:fc:71:25:67:
cf:6c:23:19:ae:a9:51:b3:18:8d:69:9d:2f:01:bd:76:91:e4:
f3:0f:61:4b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxFVOp8AFHAsczyfLds7uQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZjg0OTZiNzlkMWMwNGQwODJhZjgzZjFiZTZhNWVhYjBj
NjYwODkwHhcNMjMwMTAyMDYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc0YThjMDM0NWQwN2I1MzNlNzc5ZmFmMGQ5NzRkN2RjZmEzYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/r1/RPgPFvfx6E937Vdh90iA/eD
8uNMm9Uj3OGvY970XMDPzT9nY+yhduGSr95pK8tyiTg8TvT6hhkIr120hymUS+zo
eutfHcL41uAwa2EZEA7XNoF8qXENC4KLZ2i/v2KwDgLSaclH/a3UAZ9zwzPlh98k
GRFdyxs2IPQ0zk69S+krKQQ+cHptnwPDNtKP8E44EK26LKezxBde1VFaveKs9q03
bhnl1QM7qAd4ibVYbEs/unRyF6/kJRF3j6ZkDxJ7Hfzxt32JvgBLMArj8LW2bTsB
KXHpl4XVBXfXHKD9DUsLkpH+9FXcm7mMMoTYcYrXU2RnFSGTBVdT5zTFAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOx0qMA0XQe1M+d5+vDZdNfc+jpSMB8GA1UdIwQY
MBaAFBP4SWt50cBNCCr4PxvmpeqwxmCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRV9oSmEzblJ3RTBJS3ZnX0ctYWw2ckRHWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9lZWIyNmYtNjc5MC00MmNlLThjY2Mt
NTRhMjVlMmNkYWE5LzEvN0hTb3dEUmRCN1V6NTNuNjhObDAxOXo2T2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9lZWIyNmYtNjc5MC00MmNlLThjY2MtNTRhMjVlMmNkYWE5
LzEvRV9oSmEzblJ3RTBJS3ZnX0ctYWw2ckRHWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBJUvoAwQA
JUvsAwQAw/LsAwQC1Hc4MA0GCSqGSIb3DQEBCwUAA4IBAQBdgBjHq5Azn8mkDI1H
Vkn/413hTqPF3WUcg+NwCpZGX+JQTYz0107o3vHlE/lY38xOqI84W/IRY9RpOEXo
2w55Ki4Eleb66Ycs/gNJCXz2ymg6ruN8PBMmGzbc5mMXmOB5QnZpsYT4pkgKnSFO
zD6RssQvqbOH9Ki0AHJjhpcJZqpwtPc21rPT2Gk1XTBEibH+yp73wVtQya+aFQJI
e1Fu3e8qpBoheoUrY9MOukZyjZNU9kY6IeId7FijmHkLcXpRrwNwggzH0btXRc+N
532h738lWdQmHuaomzG/josJ7ryzcRG+NvxxJWfPbCMZrqlRsxiNaZ0vAb12keTz
D2FL
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:43 2024 by rpki-client on console-ams.rpki-client.org