Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/vYqs0fSUcLATEz9-auNTTz1BBQA.roa
File: vYqs0fSUcLATEz9-auNTTz1BBQA.roa (raw, json)
Hash identifier: nyG2bzN7YhUdJxmPs+i9hfIORfu1b/H8YVR8CZAKuYI=
Subject key identifier: BD:8A:AC:D1:F4:94:70:B0:13:13:3F:7E:6A:E3:53:4F:3D:41:05:00
Certificate issuer: /CN=b7ed30e96ea56b980e6b793d1a86c62dd5c0bc1f
Certificate serial: 018C58229BA6BD626F48EE1035DE3147D24F
Authority key identifier: B7:ED:30:E9:6E:A5:6B:98:0E:6B:79:3D:1A:86:C6:2D:D5:C0:BC:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t-0w6W6la5gOa3k9GobGLdXAvB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/vYqs0fSUcLATEz9-auNTTz1BBQA.roa
Signing time: Mon 11 Dec 2023 09:08:32 +0000
ROA not before: Mon 11 Dec 2023 09:08:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213208
IP address blocks: 37.200.85.0/24 maxlen: 24
2a07:5201:1::/48 maxlen: 48
2a07:5202::/48 maxlen: 48
2a07:5200::/48 maxlen: 48
2a07:5202:1::/48 maxlen: 48
2a07:5200::/29 maxlen: 48
2a07:5201::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:22:9b:a6:bd:62:6f:48:ee:10:35:de:31:47:d2:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7ed30e96ea56b980e6b793d1a86c62dd5c0bc1f
Validity
Not Before: Dec 11 09:08:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd8aacd1f49470b013133f7e6ae3534f3d410500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0a:c5:dd:72:18:65:02:60:06:09:2d:fd:83:
5b:49:70:a8:57:fb:4a:1c:31:fe:98:41:5f:2e:9e:
74:34:13:ea:4b:3a:6b:db:73:b4:0e:2c:39:fa:7c:
1a:ac:93:26:88:5a:fd:f9:30:ba:11:92:a1:94:b7:
8f:56:51:87:92:a5:d5:30:9d:da:23:e9:bc:34:2c:
4a:64:62:fe:23:ed:c5:98:99:97:2f:f1:2c:1a:65:
fd:46:bf:07:b3:14:28:e9:dd:81:4a:cf:01:06:e9:
8a:28:bf:57:34:c1:1a:83:a0:34:70:f1:e4:5d:92:
09:2e:7e:f3:3a:e9:1f:d2:67:c8:70:c6:3c:14:47:
97:23:f3:3a:4e:00:ea:d1:ce:e6:31:47:b0:d3:cb:
b6:a9:10:1a:ca:fe:92:13:ad:fd:ed:b6:5c:28:31:
a1:fa:b7:0c:e8:4e:47:94:9a:09:5c:67:71:88:ff:
4a:20:ea:62:c5:b3:05:96:c0:91:a5:9f:9e:0a:2d:
42:f2:7f:7a:51:5e:29:32:1d:76:c7:d1:6d:7e:f2:
61:3e:15:12:e1:12:c1:67:1e:71:14:7a:70:d5:79:
18:9d:36:36:a4:2c:2c:9a:81:23:b9:4c:c9:35:64:
d1:17:dc:7f:34:2c:1d:2d:4a:88:a0:a8:86:0f:e9:
d4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8A:AC:D1:F4:94:70:B0:13:13:3F:7E:6A:E3:53:4F:3D:41:05:00
X509v3 Authority Key Identifier:
keyid:B7:ED:30:E9:6E:A5:6B:98:0E:6B:79:3D:1A:86:C6:2D:D5:C0:BC:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t-0w6W6la5gOa3k9GobGLdXAvB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/vYqs0fSUcLATEz9-auNTTz1BBQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/t-0w6W6la5gOa3k9GobGLdXAvB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.200.85.0/24
IPv6:
2a07:5200::/29
Signature Algorithm: sha256WithRSAEncryption
3e:f5:bd:c1:b7:f4:68:be:51:49:85:68:5c:ea:60:4c:e0:e0:
bf:58:1b:2c:71:83:80:6f:6c:3b:18:81:b5:7c:50:c0:a9:ae:
83:d4:4d:21:e5:16:11:91:d7:0e:71:a3:1a:67:d5:d8:38:a3:
ef:7d:1e:c1:ec:d5:00:1e:58:e2:70:ad:ed:11:cf:b7:f8:8f:
78:60:93:22:f1:3f:58:67:66:3b:1d:fe:5b:73:41:15:49:ed:
21:0b:56:0b:09:9b:17:a0:ed:bf:15:51:87:fa:48:51:f2:2d:
af:f9:e4:4c:08:c8:94:e1:0b:b5:6e:bf:5e:ad:f5:91:1d:38:
66:9b:6d:2c:d3:52:17:35:8b:41:ff:7b:ee:54:5e:fb:2b:a3:
e8:49:12:22:27:7a:7f:ec:cf:9d:ce:31:84:bb:26:3f:b8:5a:
5a:1b:bb:e0:8e:2d:d9:47:63:be:8e:c1:f2:9b:15:ab:05:a8:
d6:e8:77:68:92:f9:0a:39:e8:a7:f5:a0:b6:96:d7:80:fc:c2:
5e:bc:43:c8:d3:f1:85:9d:49:85:62:6c:50:71:91:e9:2d:36:
c8:fb:e1:ff:67:a9:df:09:5f:e7:99:86:24:37:7f:29:4b:a3:
86:61:31:d0:4c:3e:a6:a9:05:de:81:64:f6:73:d8:29:aa:95:
6e:2e:df:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxYIpumvWJvSO4QNd4xR9JPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZWQzMGU5NmVhNTZiOTgwZTZiNzkzZDFhODZjNjJkZDVj
MGJjMWYwHhcNMjMxMjExMDkwODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDhhYWNkMWY0OTQ3MGIwMTMxMzNmN2U2YWUzNTM0ZjNkNDEwNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQrF3XIYZQJgBgkt/YNbSXCoV/tK
HDH+mEFfLp50NBPqSzpr23O0Diw5+nwarJMmiFr9+TC6EZKhlLePVlGHkqXVMJ3a
I+m8NCxKZGL+I+3FmJmXL/EsGmX9Rr8HsxQo6d2BSs8BBumKKL9XNMEag6A0cPHk
XZIJLn7zOukf0mfIcMY8FEeXI/M6TgDq0c7mMUew08u2qRAayv6SE6397bZcKDGh
+rcM6E5HlJoJXGdxiP9KIOpixbMFlsCRpZ+eCi1C8n96UV4pMh12x9FtfvJhPhUS
4RLBZx5xFHpw1XkYnTY2pCwsmoEjuUzJNWTRF9x/NCwdLUqIoKiGD+nU8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL2KrNH0lHCwExM/fmrjU089QQUAMB8GA1UdIwQY
MBaAFLftMOlupWuYDmt5PRqGxi3VwLwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdC0wdzZXNmxhNWdPYTNrOUdvYkdMZFhBdkI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9mYTc5ZGQtMGZjYS00NjYxLTg4NjQt
OTU1NTM3Y2I2OWYyLzEvdllxczBmU1VjTEFURXo5LWF1TlRUejFCQlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9mYTc5ZGQtMGZjYS00NjYxLTg4NjQtOTU1NTM3Y2I2OWYy
LzEvdC0wdzZXNmxhNWdPYTNrOUdvYkdMZFhBdkI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAJchVMA0E
AgACMAcDBQMqB1IAMA0GCSqGSIb3DQEBCwUAA4IBAQA+9b3Bt/RovlFJhWhc6mBM
4OC/WBsscYOAb2w7GIG1fFDAqa6D1E0h5RYRkdcOcaMaZ9XYOKPvfR7B7NUAHlji
cK3tEc+3+I94YJMi8T9YZ2Y7Hf5bc0EVSe0hC1YLCZsXoO2/FVGH+khR8i2v+eRM
CMiU4Qu1br9erfWRHThmm20s01IXNYtB/3vuVF77K6PoSRIiJ3p/7M+dzjGEuyY/
uFpaG7vgji3ZR2O+jsHymxWrBajW6HdokvkKOein9aC2lteA/MJevEPI0/GFnUmF
YmxQcZHpLTbI++H/Z6nfCV/nmYYkN38pS6OGYTHQTD6mqQXegWT2c9gpqpVuLt+G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:43 2024 by rpki-client on console-fra.rpki-client.org