Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/1-N1oVp6_UY6jjy91tnx-KfQo_uY.roa
File: 1-N1oVp6_UY6jjy91tnx-KfQo_uY.roa (raw, json)
Hash identifier: 91BfztVugsYcBq1gzWk4RbEH7R+SrMDV9LM9T4onfVE=
Subject key identifier: F8:DD:68:56:9E:BF:51:8E:A3:8F:2F:75:B6:7C:7E:29:F4:28:FE:E6
Certificate issuer: /CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Certificate serial: 01856B5313A2829D5E56059FABB614E89A97
Authority key identifier: 90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/1-N1oVp6_UY6jjy91tnx-KfQo_uY.roa
Signing time: Sun 01 Jan 2023 03:14:44 +0000
ROA not before: Sun 01 Jan 2023 03:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15874
IP address blocks: 37.130.0.0/18 maxlen: 24
185.237.56.0/22 maxlen: 24
46.174.232.0/21 maxlen: 24
2a0c:1680::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:13:a2:82:9d:5e:56:05:9f:ab:b6:14:e8:9a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Validity
Not Before: Jan 1 03:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8dd68569ebf518ea38f2f75b67c7e29f428fee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:73:ed:49:92:3e:4b:e4:9b:a8:18:48:78:f6:
53:df:54:2e:1f:15:9b:69:76:fd:f9:3f:43:e4:89:
65:d9:65:3a:40:d9:a7:48:43:4d:15:ca:04:ac:d5:
47:b5:28:a4:ad:50:52:cb:d0:99:4c:15:13:2c:59:
38:95:30:4f:6b:d3:a8:7e:9f:44:f4:da:f1:ab:a3:
51:b3:d3:6a:16:fe:10:c1:3c:f8:33:60:f4:81:3d:
17:e9:2b:1b:1c:d4:e9:7b:f3:d1:32:d6:8c:4e:49:
6f:70:bc:eb:e2:6b:bf:1b:c9:60:4e:6f:49:db:2b:
d2:d9:e3:52:56:82:c4:76:3e:4c:89:4f:d3:0c:01:
f9:62:30:a5:24:7b:3a:fc:cd:d6:8f:50:f3:47:d6:
52:d5:00:a8:a4:ad:d0:af:87:17:12:64:1b:a8:cc:
57:ba:2b:8a:32:d8:17:84:40:2c:8a:81:6a:93:30:
20:86:53:a1:a2:f8:f2:30:8b:6e:6f:bd:eb:f5:a7:
9f:3f:b0:ce:20:6d:88:ea:01:8c:f0:31:c6:5d:24:
ee:49:1d:e1:c6:36:6d:01:78:85:e7:f2:22:aa:67:
9f:41:09:1b:c6:13:27:e8:8f:ef:29:37:1a:eb:db:
52:aa:14:9c:89:eb:ec:61:27:60:b7:87:c3:20:51:
7c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DD:68:56:9E:BF:51:8E:A3:8F:2F:75:B6:7C:7E:29:F4:28:FE:E6
X509v3 Authority Key Identifier:
keyid:90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/1-N1oVp6_UY6jjy91tnx-KfQo_uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.0.0/18
46.174.232.0/21
185.237.56.0/22
IPv6:
2a0c:1680::/29
Signature Algorithm: sha256WithRSAEncryption
2f:fe:a3:1b:80:e0:08:ce:12:bd:5c:cd:06:f8:8f:67:52:77:
d1:9e:e0:27:55:11:7b:36:64:64:ea:47:4b:fb:8d:70:9d:0f:
6c:0b:c4:82:e4:d8:bf:3b:d8:f4:a6:6f:31:0e:4f:e0:ba:8e:
62:f2:9b:bb:02:1e:92:48:5f:96:2e:09:d0:e4:18:67:48:c2:
0c:01:30:bb:6f:d2:de:34:94:80:13:61:29:6f:aa:8e:92:7e:
2b:8b:fc:cf:0d:7d:b9:81:d0:c7:67:44:c2:b1:70:54:12:99:
2b:29:a7:b5:9d:45:3d:43:9c:7d:e0:4a:b6:a6:c3:82:39:2d:
d0:46:78:bd:50:c7:0e:de:09:06:95:80:0f:ee:96:02:28:07:
1a:65:88:42:1f:c8:ba:d4:83:ff:d9:6e:4b:77:ae:16:29:69:
2f:23:1c:60:6b:6f:8a:79:05:58:d7:d5:3a:bc:d1:e8:0d:36:
93:37:73:78:1e:7e:c8:8d:d9:b7:97:cb:3d:64:ef:f2:85:d8:
3f:d6:16:64:3e:58:d6:18:b0:48:da:c8:39:3b:58:56:69:c3:
fb:0c:8c:63:64:cd:cc:af:e1:fb:66:08:61:ad:2b:6b:45:a3:
f0:d8:87:eb:20:27:1c:f5:9e:d7:c0:35:ac:20:2d:ab:bb:f3:
dd:d4:d2:62
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVrUxOigp1eVgWfq7YU6JqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjhhMTU0NjZjM2ZmMWU5MTVkNzgwYTEwYjBiYWE5YWQ2
OTQ4NjAwHhcNMjMwMTAxMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGRkNjg1NjllYmY1MThlYTM4ZjJmNzViNjdjN2UyOWY0MjhmZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3PtSZI+S+SbqBhIePZT31QuHxWb
aXb9+T9D5Ill2WU6QNmnSENNFcoErNVHtSikrVBSy9CZTBUTLFk4lTBPa9Oofp9E
9Nrxq6NRs9NqFv4QwTz4M2D0gT0X6SsbHNTpe/PRMtaMTklvcLzr4mu/G8lgTm9J
2yvS2eNSVoLEdj5MiU/TDAH5YjClJHs6/M3Wj1DzR9ZS1QCopK3Qr4cXEmQbqMxX
uiuKMtgXhEAsioFqkzAghlOhovjyMItub73r9aefP7DOIG2I6gGM8DHGXSTuSR3h
xjZtAXiF5/IiqmefQQkbxhMn6I/vKTca69tSqhScievsYSdgt4fDIFF8OwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPjdaFaev1GOo48vdbZ8fin0KP7mMB8GA1UdIwQY
MBaAFJC4oVRmw/8ekV14ChCwuqmtaUhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDct
NzhlOTk3ODY5OTUyLzEvMS1OMW9WcDZfVVk2amp5OTF0bngtS2ZRb191WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTUvYTJkZjQ0LTM4YjItNGQxMi04MzQ3LTc4ZTk5Nzg2OTk1
Mi8xL2tMaWhWR2JEX3g2UlhYZ0tFTEM2cWExcFNHQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBiWCAAME
Ay6u6AMEArntODANBAIAAjAHAwUDKgwWgDANBgkqhkiG9w0BAQsFAAOCAQEAL/6j
G4DgCM4SvVzNBviPZ1J30Z7gJ1URezZkZOpHS/uNcJ0PbAvEguTYvzvY9KZvMQ5P
4LqOYvKbuwIekkhfli4J0OQYZ0jCDAEwu2/S3jSUgBNhKW+qjpJ+K4v8zw19uYHQ
x2dEwrFwVBKZKymntZ1FPUOcfeBKtqbDgjkt0EZ4vVDHDt4JBpWAD+6WAigHGmWI
Qh/IutSD/9luS3euFilpLyMcYGtvinkFWNfVOrzR6A02kzdzeB5+yI3Zt5fLPWTv
8oXYP9YWZD5Y1hiwSNrIOTtYVmnD+wyMY2TNzK/h+2YIYa0ra0Wj8NiH6yAnHPWe
18A1rCAtq7vz3dTSYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:13 2024 by rpki-client on console-fra.rpki-client.org