Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/awOn1FryXZJtlVdLhmO3C672UPA.roa
File: awOn1FryXZJtlVdLhmO3C672UPA.roa (raw, json)
Hash identifier: Qxq+xL2QiAGEre7IM5xfQU1Z0n+Oa55DgR+u18PLBPo=
Subject key identifier: 6B:03:A7:D4:5A:F2:5D:92:6D:95:57:4B:86:63:B7:0B:AE:F6:50:F0
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 01856DB8908F35C5EA1CDC90A27A0F71981C
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/awOn1FryXZJtlVdLhmO3C672UPA.roa
Signing time: Sun 01 Jan 2023 14:24:50 +0000
ROA not before: Sun 01 Jan 2023 14:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35766
IP address blocks: 37.130.206.0/23 maxlen: 24
37.130.204.0/23 maxlen: 23
37.130.204.0/24 maxlen: 24
37.130.204.0/22 maxlen: 22
37.130.206.0/24 maxlen: 24
37.130.205.0/24 maxlen: 24
37.130.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:90:8f:35:c5:ea:1c:dc:90:a2:7a:0f:71:98:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jan 1 14:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b03a7d45af25d926d95574b8663b70baef650f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2a:02:d9:ac:d4:b6:dd:8c:34:83:c8:61:f5:
ca:71:ae:ec:bd:35:fd:0a:f5:39:3e:80:05:31:87:
76:9f:93:90:bb:b7:0c:00:e8:2f:2b:ac:0c:f5:58:
de:4f:b6:5c:7c:42:7e:9d:84:34:ff:f7:23:7b:6d:
90:48:be:f8:f1:34:b8:4b:65:1f:f1:63:76:17:2d:
14:4a:c2:ef:c5:b5:e9:48:82:81:e6:a3:b3:10:a5:
78:9f:c7:af:2e:48:51:f4:d2:97:9a:29:07:bb:5a:
1d:55:4a:25:08:73:13:dd:e9:55:d7:38:98:00:e3:
db:fb:f4:9e:e1:89:23:4a:2c:38:13:70:de:dc:8f:
a0:25:68:66:c7:c1:3c:00:d0:ed:d3:d6:9d:0c:87:
cd:9c:71:b2:4c:85:6c:ab:c2:85:4f:b1:9e:32:fc:
c1:37:2b:de:a8:35:4c:c8:f8:eb:3c:af:f2:14:e9:
90:ed:0b:87:dc:9c:72:f0:00:9d:7a:5b:9a:66:96:
41:36:93:e7:e5:df:3f:c1:2f:a2:d6:e1:0b:ed:37:
1c:ee:87:b6:13:b8:77:80:1e:0b:99:71:32:92:09:
d6:89:f3:fb:26:c9:e9:2a:eb:07:96:d7:53:6d:a4:
39:91:9e:bd:7f:c0:33:1b:44:76:56:0c:79:bc:7f:
18:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:03:A7:D4:5A:F2:5D:92:6D:95:57:4B:86:63:B7:0B:AE:F6:50:F0
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/awOn1FryXZJtlVdLhmO3C672UPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.204.0/22
Signature Algorithm: sha256WithRSAEncryption
39:6f:ed:eb:e8:62:b5:66:f9:e3:e0:76:4c:a7:30:1b:6e:58:
f7:54:4e:27:9d:7d:0c:cb:b8:5b:9a:5c:b5:f5:2e:6c:63:91:
f9:9f:d1:cf:8b:bc:db:13:ec:d0:68:19:43:e7:52:22:94:44:
76:ce:7a:6b:ec:cb:67:51:ad:7e:ff:b1:fd:da:6e:f1:9d:8e:
92:da:6a:8b:38:b0:38:77:15:85:1d:b0:7b:c7:5f:6c:9a:6d:
67:34:15:3f:ea:06:08:c9:08:2a:4a:e4:8f:63:98:6e:bf:82:
a5:84:85:54:75:36:eb:63:5f:25:a1:96:45:4e:01:44:c8:7f:
c6:29:cc:70:87:1f:c1:fb:36:82:8f:ec:81:fe:85:fa:29:88:
1c:e9:b5:47:32:2d:16:db:64:ba:26:7f:3a:fc:10:6c:93:b9:
70:18:39:85:09:ff:0a:38:72:1e:52:43:81:50:6a:ba:23:74:
52:00:5a:5a:bf:e9:f7:9e:ab:16:96:f0:39:3d:4a:30:b8:96:
49:cf:80:ee:9d:5e:44:c8:8b:91:c1:60:55:6f:f9:76:5e:4f:
7f:53:5b:dc:0f:69:34:ed:80:dc:22:b3:d8:76:bc:a5:e9:31:
89:e6:11:b4:e9:54:50:12:f3:4a:b4:e8:b4:e1:1c:fc:78:2a:
46:04:97:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtuJCPNcXqHNyQonoPcZgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjMwMTAxMTQyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjAzYTdkNDVhZjI1ZDkyNmQ5NTU3NGI4NjYzYjcwYmFlZjY1MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSoC2azUtt2MNIPIYfXKca7svTX9
CvU5PoAFMYd2n5OQu7cMAOgvK6wM9VjeT7ZcfEJ+nYQ0//cje22QSL748TS4S2Uf
8WN2Fy0USsLvxbXpSIKB5qOzEKV4n8evLkhR9NKXmikHu1odVUolCHMT3elV1ziY
AOPb+/Se4YkjSiw4E3De3I+gJWhmx8E8ANDt09adDIfNnHGyTIVsq8KFT7GeMvzB
NyveqDVMyPjrPK/yFOmQ7QuH3Jxy8ACdeluaZpZBNpPn5d8/wS+i1uEL7Tcc7oe2
E7h3gB4LmXEykgnWifP7JsnpKusHltdTbaQ5kZ69f8AzG0R2Vgx5vH8Y/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGsDp9Ra8l2SbZVXS4Zjtwuu9lDwMB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvYXdPbjFGcnlYWkp0bFZkTGhtTzNDNjcyVVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2EtNmJhMGEwY2UwMWVk
LzEvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJYLMMA0G
CSqGSIb3DQEBCwUAA4IBAQA5b+3r6GK1Zvnj4HZMpzAbblj3VE4nnX0My7hbmly1
9S5sY5H5n9HPi7zbE+zQaBlD51IilER2znpr7MtnUa1+/7H92m7xnY6S2mqLOLA4
dxWFHbB7x19smm1nNBU/6gYIyQgqSuSPY5huv4KlhIVUdTbrY18loZZFTgFEyH/G
Kcxwhx/B+zaCj+yB/oX6KYgc6bVHMi0W22S6Jn86/BBsk7lwGDmFCf8KOHIeUkOB
UGq6I3RSAFpav+n3nqsWlvA5PUowuJZJz4DunV5EyIuRwWBVb/l2Xk9/U1vcD2k0
7YDcIrPYdryl6TGJ5hG06VRQEvNKtOi04Rz8eCpGBJeT
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:52 2024 by rpki-client on console-fra.rpki-client.org