Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/vXRyXw-gt3TWUNe1s4cbb7SrcZQ.roa
File: vXRyXw-gt3TWUNe1s4cbb7SrcZQ.roa (raw, json)
Hash identifier: K+buj8L7ubuHzaQY9of2MzubynVQ8avNv11BGJgEwxk=
Subject key identifier: BD:74:72:5F:0F:A0:B7:74:D6:50:D7:B5:B3:87:1B:6F:B4:AB:71:94
Certificate issuer: /CN=6f3c5408b2f67233f60d63f749ac483eb66ae7c8
Certificate serial: 01856B4A0296028BC0739177FA1FF88B8AB4
Authority key identifier: 6F:3C:54:08:B2:F6:72:33:F6:0D:63:F7:49:AC:48:3E:B6:6A:E7:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzxUCLL2cjP2DWP3SaxIPrZq58g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/vXRyXw-gt3TWUNe1s4cbb7SrcZQ.roa
Signing time: Sun 01 Jan 2023 03:04:50 +0000
ROA not before: Sun 01 Jan 2023 03:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198672
IP address blocks: 37.230.32.0/21 maxlen: 21
37.230.32.0/24 maxlen: 24
37.230.35.0/24 maxlen: 24
37.230.33.0/24 maxlen: 24
185.59.129.0/24 maxlen: 24
185.59.128.0/22 maxlen: 22
185.59.128.0/24 maxlen: 24
185.59.131.0/24 maxlen: 24
185.59.130.0/24 maxlen: 24
2a00:baa0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:02:96:02:8b:c0:73:91:77:fa:1f:f8:8b:8a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3c5408b2f67233f60d63f749ac483eb66ae7c8
Validity
Not Before: Jan 1 03:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd74725f0fa0b774d650d7b5b3871b6fb4ab7194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fe:b5:ef:5a:fb:92:0d:48:f9:9d:c3:a5:d7:
a1:76:48:ae:06:71:90:8d:92:5c:44:00:64:20:1a:
fb:d5:fd:12:6a:8f:e2:61:aa:10:56:09:1a:22:79:
23:e1:48:af:0a:e6:8f:c8:b4:5d:00:99:ab:b6:0d:
b5:e6:99:12:1f:10:05:ef:0e:29:a1:24:6f:51:bb:
ec:81:e8:58:48:44:78:92:21:e8:0c:cb:54:6f:47:
b2:20:33:bc:4a:10:bc:88:ea:4e:10:b2:f7:ae:1a:
04:0f:fc:41:0d:bb:66:04:cc:76:03:56:22:f7:90:
c2:9a:cd:f7:94:a5:2f:04:14:51:53:91:2a:ac:8b:
31:6d:2a:10:f7:c2:b9:bc:9b:3d:e1:1d:81:28:83:
15:1a:6f:43:64:36:e8:1f:a1:25:c1:a4:7d:8c:b1:
7b:0c:12:18:ec:ad:05:c5:21:e4:23:bf:93:d0:f5:
6e:33:c4:e1:d3:90:81:fd:ed:43:d0:0c:d9:34:5c:
71:2c:a1:df:75:0a:f1:68:12:aa:f2:55:9e:f4:5a:
0c:db:90:0f:b8:a7:c6:9c:e5:a6:6d:51:ac:5e:30:
b6:ac:33:af:a3:26:3f:d1:b6:30:9c:6c:6d:e4:3e:
e7:6b:c0:82:fa:39:43:b1:71:4c:14:83:b5:7a:52:
fe:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:74:72:5F:0F:A0:B7:74:D6:50:D7:B5:B3:87:1B:6F:B4:AB:71:94
X509v3 Authority Key Identifier:
keyid:6F:3C:54:08:B2:F6:72:33:F6:0D:63:F7:49:AC:48:3E:B6:6A:E7:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzxUCLL2cjP2DWP3SaxIPrZq58g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/vXRyXw-gt3TWUNe1s4cbb7SrcZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/bzxUCLL2cjP2DWP3SaxIPrZq58g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.32.0/21
185.59.128.0/22
IPv6:
2a00:baa0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:33:ba:18:29:36:22:45:1a:40:f9:05:6d:a1:17:6f:4b:ab:
f8:f9:23:10:1d:e4:f1:5a:df:b1:93:34:5e:7e:88:ca:46:06:
1d:be:eb:48:d9:f5:94:c5:1b:c0:64:89:aa:f6:9e:73:69:77:
1e:c2:f9:78:ff:f6:b2:e2:30:e9:43:53:c2:b7:80:c1:68:ed:
7c:8c:1c:ca:e5:69:3c:66:c7:c3:b4:e5:36:83:13:c3:53:6c:
b3:25:ad:7d:b0:71:91:89:72:d5:99:f5:04:f1:8c:75:f4:be:
d4:9f:12:e2:49:fc:23:40:8c:a9:b5:e3:0a:60:85:17:4a:f1:
d2:2c:49:ff:06:93:12:51:62:04:fe:83:ee:27:e6:92:ed:c1:
84:5c:89:90:d0:ab:7a:25:8d:6f:fb:37:08:5f:dd:05:69:93:
0d:05:4d:a5:93:8d:00:92:22:63:b4:d3:a0:20:75:5f:de:59:
2e:9b:80:c3:2f:ce:68:dd:5b:14:a4:ab:22:aa:e3:ed:cb:36:
05:b7:cf:44:34:ce:37:0e:43:f2:08:f3:9d:e8:6f:6c:65:42:
3f:a8:bf:62:05:a6:f3:aa:a3:cb:46:7f:43:ad:38:e2:77:f7:
48:2a:b1:f9:e9:50:1a:ec:a9:2e:be:03:51:34:9c:4e:94:8a:
6c:d0:23:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrSgKWAovAc5F3+h/4i4q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmM2M1NDA4YjJmNjcyMzNmNjBkNjNmNzQ5YWM0ODNlYjY2
YWU3YzgwHhcNMjMwMTAxMDMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDc0NzI1ZjBmYTBiNzc0ZDY1MGQ3YjViMzg3MWI2ZmI0YWI3MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv6171r7kg1I+Z3DpdehdkiuBnGQ
jZJcRABkIBr71f0Sao/iYaoQVgkaInkj4UivCuaPyLRdAJmrtg215pkSHxAF7w4p
oSRvUbvsgehYSER4kiHoDMtUb0eyIDO8ShC8iOpOELL3rhoED/xBDbtmBMx2A1Yi
95DCms33lKUvBBRRU5EqrIsxbSoQ98K5vJs94R2BKIMVGm9DZDboH6ElwaR9jLF7
DBIY7K0FxSHkI7+T0PVuM8Th05CB/e1D0AzZNFxxLKHfdQrxaBKq8lWe9FoM25AP
uKfGnOWmbVGsXjC2rDOvoyY/0bYwnGxt5D7na8CC+jlDsXFMFIO1elL++QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL10cl8PoLd01lDXtbOHG2+0q3GUMB8GA1UdIwQY
MBaAFG88VAiy9nIz9g1j90msSD62aufIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnp4VUNMTDJjalAyRFdQM1NheElQclpxNThnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85NjQ4NDgtMTAyOC00ZDIyLTkzNDUt
MThmMzRhN2RiZGQ5LzEvdlhSeVh3LWd0M1RXVU5lMXM0Y2JiN1NyY1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85NjQ4NDgtMTAyOC00ZDIyLTkzNDUtMThmMzRhN2RiZGQ5
LzEvYnp4VUNMTDJjalAyRFdQM1NheElQclpxNThnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJeYgAwQC
uTuAMA0EAgACMAcDBQAqALqgMA0GCSqGSIb3DQEBCwUAA4IBAQANM7oYKTYiRRpA
+QVtoRdvS6v4+SMQHeTxWt+xkzRefojKRgYdvutI2fWUxRvAZImq9p5zaXcewvl4
//ay4jDpQ1PCt4DBaO18jBzK5Wk8ZsfDtOU2gxPDU2yzJa19sHGRiXLVmfUE8Yx1
9L7UnxLiSfwjQIypteMKYIUXSvHSLEn/BpMSUWIE/oPuJ+aS7cGEXImQ0Kt6JY1v
+zcIX90FaZMNBU2lk40AkiJjtNOgIHVf3lkum4DDL85o3VsUpKsiquPtyzYFt89E
NM43DkPyCPOd6G9sZUI/qL9iBabzqqPLRn9DrTjid/dIKrH56VAa7KkuvgNRNJxO
lIps0CMX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org