Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/gxz7UShVsamlhbLQZwILfARe_Hs.roa
File: gxz7UShVsamlhbLQZwILfARe_Hs.roa (raw, json)
Hash identifier: zrzWg+VLfyHFf5A4/r7SAOWQMq/vUvWgEHgdigvuq6E=
Subject key identifier: 83:1C:FB:51:28:55:B1:A9:A5:85:B2:D0:67:02:0B:7C:04:5E:FC:7B
Certificate issuer: /CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Certificate serial: 01857082938A5106E40A45A08120546D9473
Authority key identifier: 85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/gxz7UShVsamlhbLQZwILfARe_Hs.roa
Signing time: Mon 02 Jan 2023 03:24:43 +0000
ROA not before: Mon 02 Jan 2023 03:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49974
IP address blocks: 185.18.0.0/22 maxlen: 22
37.35.96.0/22 maxlen: 22
37.35.101.0/24 maxlen: 24
37.35.103.0/24 maxlen: 24
37.35.100.0/24 maxlen: 24
37.35.102.0/24 maxlen: 24
213.5.32.0/21 maxlen: 21
45.157.164.0/22 maxlen: 22
2a00:9540::/32 maxlen: 32
2001:67c:238::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:93:8a:51:06:e4:0a:45:a0:81:20:54:6d:94:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b919a3feb0ec966299ff0fae8defcb415e22fe
Validity
Not Before: Jan 2 03:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=831cfb512855b1a9a585b2d067020b7c045efc7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:21:bf:fb:ae:aa:03:48:6f:25:a6:1f:80:
08:32:7a:82:20:e3:9f:66:bd:90:61:83:e6:dc:5a:
24:6c:96:aa:37:74:59:ba:ae:dc:0d:21:5a:75:2b:
a6:ae:c1:eb:0c:67:18:27:75:8d:bb:c8:c7:f6:16:
f5:39:82:84:2d:ed:4c:7b:a1:c7:69:73:b6:9a:3a:
9b:73:34:54:61:8c:a9:41:b9:08:af:f3:0b:b4:a9:
b2:56:4c:39:d9:c2:14:f0:7b:48:a3:ad:5b:84:89:
80:de:1a:e6:c9:66:cc:06:81:4d:cf:e6:0a:a7:54:
b1:71:28:f2:7f:cb:4e:e3:17:64:2c:91:4f:ed:3a:
51:5a:ba:4b:8a:99:a0:58:fd:cb:c9:d9:19:65:71:
43:df:cb:1f:81:9b:98:df:d9:cc:df:c2:22:cd:b7:
e2:b6:66:0e:4c:4d:5b:62:5d:43:ff:18:6f:40:5b:
da:9b:fb:23:de:e3:ff:25:0e:eb:9a:f5:3f:99:11:
a7:5a:ce:8a:45:a1:05:88:11:0a:13:4c:3a:e5:ac:
f9:ea:3e:e5:aa:9a:b3:9d:12:ac:3f:fc:2a:4f:28:
f6:42:22:e7:cd:ee:77:b4:d6:5c:b3:41:24:7d:fa:
23:50:d7:14:15:3c:15:a5:92:a2:dd:82:89:d2:7e:
b0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1C:FB:51:28:55:B1:A9:A5:85:B2:D0:67:02:0B:7C:04:5E:FC:7B
X509v3 Authority Key Identifier:
keyid:85:B9:19:A3:FE:B0:EC:96:62:99:FF:0F:AE:8D:EF:CB:41:5E:22:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbkZo_6w7JZimf8Pro3vy0FeIv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/gxz7UShVsamlhbLQZwILfARe_Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/5e0f5a-c6e7-43e8-bb21-47dc08d7e3ba/1/hbkZo_6w7JZimf8Pro3vy0FeIv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.96.0/21
45.157.164.0/22
185.18.0.0/22
213.5.32.0/21
IPv6:
2001:67c:238::/48
2a00:9540::/32
Signature Algorithm: sha256WithRSAEncryption
d6:cb:32:1a:3b:87:5e:5d:d6:3f:80:84:ca:4a:5c:50:a0:aa:
b6:61:4a:1b:2f:46:3a:d7:e3:9e:63:5f:ed:d5:86:9c:e9:35:
7c:30:31:62:d5:f5:27:27:5c:9d:e4:d2:f1:bb:7a:4f:51:c9:
94:27:7d:59:59:4e:56:3d:01:c0:8d:90:34:fe:7f:78:47:db:
b9:70:ce:40:20:ad:25:9a:c7:e2:5d:4f:43:e2:94:3a:bc:0c:
d8:70:d6:26:23:7e:2f:15:1d:e9:7c:b2:bc:48:0c:41:f7:7a:
9d:02:79:da:d1:8a:6e:3d:5c:93:eb:fc:a5:0b:83:53:f3:af:
4c:a8:13:36:18:03:2a:fd:1a:6f:1a:db:90:d4:a5:22:95:62:
0f:8e:f5:e9:c7:01:f0:78:bd:b8:7f:14:53:6a:c1:6d:55:05:
88:8a:4c:9f:a3:7c:25:1f:12:eb:ca:a5:1b:58:2d:3f:1c:ab:
1a:74:e2:cf:65:ca:5c:5a:5e:2c:e4:1e:68:79:74:49:02:a9:
3d:98:12:bc:59:c6:f5:bd:d6:5e:12:22:d7:27:64:6b:1b:6d:
bf:d5:4b:b3:79:f8:56:80:7f:80:b3:27:8a:09:2a:95:14:d8:
df:c3:10:00:29:c6:fb:c8:24:f9:c7:a6:b1:66:e3:fa:c6:a3:
11:b5:af:ea
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVwgpOKUQbkCkWggSBUbZRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjkxOWEzZmViMGVjOTY2Mjk5ZmYwZmFlOGRlZmNiNDE1
ZTIyZmUwHhcNMjMwMTAyMDMyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFjZmI1MTI4NTViMWE5YTU4NWIyZDA2NzAyMGI3YzA0NWVmYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2chv/uuqgNIbyWmH4AIMnqCIOOf
Zr2QYYPm3FokbJaqN3RZuq7cDSFadSumrsHrDGcYJ3WNu8jH9hb1OYKELe1Me6HH
aXO2mjqbczRUYYypQbkIr/MLtKmyVkw52cIU8HtIo61bhImA3hrmyWbMBoFNz+YK
p1SxcSjyf8tO4xdkLJFP7TpRWrpLipmgWP3LydkZZXFD38sfgZuY39nM38Iizbfi
tmYOTE1bYl1D/xhvQFvam/sj3uP/JQ7rmvU/mRGnWs6KRaEFiBEKE0w65az56j7l
qpqznRKsP/wqTyj2QiLnze53tNZcs0EkffojUNcUFTwVpZKi3YKJ0n6w4QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIMc+1EoVbGppYWy0GcCC3wEXvx7MB8GA1UdIwQY
MBaAFIW5GaP+sOyWYpn/D66N78tBXiL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJrWm9fNnc3SlppbWY4UHJvM3Z5MEZlSXY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81ZTBmNWEtYzZlNy00M2U4LWJiMjEt
NDdkYzA4ZDdlM2JhLzEvZ3h6N1VTaFZzYW1saGJMUVp3SUxmQVJlX0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81ZTBmNWEtYzZlNy00M2U4LWJiMjEtNDdkYzA4ZDdlM2Jh
LzEvaGJrWm9fNnc3SlppbWY4UHJvM3Z5MEZlSXY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQDJSNgAwQC
LZ2kAwQCuRIAAwQD1QUgMBYEAgACMBADBwAgAQZ8AjgDBQAqAJVAMA0GCSqGSIb3
DQEBCwUAA4IBAQDWyzIaO4deXdY/gITKSlxQoKq2YUobL0Y61+OeY1/t1Yac6TV8
MDFi1fUnJ1yd5NLxu3pPUcmUJ31ZWU5WPQHAjZA0/n94R9u5cM5AIK0lmsfiXU9D
4pQ6vAzYcNYmI34vFR3pfLK8SAxB93qdAnna0YpuPVyT6/ylC4NT869MqBM2GAMq
/RpvGtuQ1KUilWIPjvXpxwHweL24fxRTasFtVQWIikyfo3wlHxLryqUbWC0/HKsa
dOLPZcpcWl4s5B5oeXRJAqk9mBK8Wcb1vdZeEiLXJ2RrG22/1UuzefhWgH+AsyeK
CSqVFNjfwxAAKcb7yCT5x6axZuP6xqMRta/q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org