Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/g6O8uLgcXtmz6MrjQvi3_q3M3sc.roa
File: g6O8uLgcXtmz6MrjQvi3_q3M3sc.roa (raw, json)
Hash identifier: HkwCr1C9a/a9Y5Q6ob04TQMtVuD97lctgaUfGf0YfJg=
Subject key identifier: 83:A3:BC:B8:B8:1C:5E:D9:B3:E8:CA:E3:42:F8:B7:FE:AD:CC:DE:C7
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 0186A27DF7153CBC242FFB4693B1358C5461
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/g6O8uLgcXtmz6MrjQvi3_q3M3sc.roa
Signing time: Thu 02 Mar 2023 13:23:29 +0000
ROA not before: Thu 02 Mar 2023 13:23:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 37.72.192.0/19 maxlen: 19
213.151.176.0/21 maxlen: 21
37.72.243.0/24 maxlen: 24
37.72.242.0/24 maxlen: 24
37.72.244.0/22 maxlen: 22
37.72.248.0/24 maxlen: 24
37.72.252.0/22 maxlen: 22
213.151.184.0/22 maxlen: 22
37.72.250.0/23 maxlen: 23
37.72.249.0/24 maxlen: 24
81.20.208.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 04 Apr 2023 07:20:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:7d:f7:15:3c:bc:24:2f:fb:46:93:b1:35:8c:54:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: Mar 2 13:23:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83a3bcb8b81c5ed9b3e8cae342f8b7feadccdec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:22:32:2b:3c:53:9f:36:c9:56:1b:d0:a6:d8:
94:b3:54:4c:87:70:85:cd:e6:46:ef:79:7a:d5:e0:
51:ab:a0:b4:1b:9e:39:43:22:6f:bc:20:31:a0:ce:
39:8b:4c:75:01:2f:13:10:01:b5:ca:7f:a5:9a:88:
67:8b:1a:31:0c:33:f7:7b:39:9a:df:65:e4:ac:aa:
64:6a:af:04:a3:25:71:e2:75:db:46:b3:bb:d3:07:
68:e5:ed:e1:74:1a:53:09:19:e9:3a:b0:54:c6:be:
a3:e6:49:49:af:95:58:5a:6c:14:94:48:3a:c6:72:
e9:b6:79:cc:d3:3b:8a:85:f8:76:c4:44:b1:3f:4c:
f3:2d:da:78:34:cc:62:a1:de:21:f8:3a:6e:f8:11:
1e:e8:74:37:aa:22:ac:d7:1f:7a:d4:b7:9c:16:23:
6d:03:8e:a8:80:b6:a8:02:4b:fe:2d:9e:2c:29:09:
2c:5a:bb:8e:f6:72:7f:69:0b:cb:1a:12:20:8b:8b:
ed:b4:7e:18:e9:46:66:ec:38:61:a1:11:96:cd:5e:
0f:1d:a5:52:8f:33:5f:89:36:d0:3c:94:e7:3e:8e:
28:92:03:57:04:cd:12:43:d1:51:bd:cb:4f:24:22:
41:b7:51:92:ab:f8:3a:24:72:b0:df:52:e2:12:21:
3c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A3:BC:B8:B8:1C:5E:D9:B3:E8:CA:E3:42:F8:B7:FE:AD:CC:DE:C7
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/g6O8uLgcXtmz6MrjQvi3_q3M3sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.192.0/19
37.72.242.0-37.72.255.255
81.20.208.0/20
213.151.176.0-213.151.187.255
Signature Algorithm: sha256WithRSAEncryption
40:7c:f6:df:c1:e3:6a:e2:4d:a0:58:96:ea:fc:61:60:4a:24:
24:49:4e:26:b5:2a:99:1b:30:2f:97:6e:39:b5:74:d1:b6:63:
9b:d2:37:62:4e:82:f5:9f:58:cf:a2:60:7a:94:bd:bc:f7:fe:
cd:ff:d3:e4:18:97:c6:62:09:93:87:8b:fb:f8:15:9f:93:1a:
20:95:1e:36:14:60:62:c0:91:6f:f0:6b:33:92:29:ae:49:c9:
4a:86:c2:cd:25:bc:79:ba:f8:56:3a:0e:79:2a:b5:b9:22:80:
3a:c6:de:bd:62:2a:25:45:89:61:71:47:c7:ed:7f:86:40:70:
62:a9:75:7a:fc:35:fb:1b:c5:36:3a:36:6a:c6:f4:a6:00:3e:
b5:39:e5:62:92:30:a9:f9:12:4b:1f:d4:db:af:3f:07:62:5a:
f4:86:55:50:cc:30:b7:87:07:ba:ed:57:50:78:31:31:22:da:
b4:8e:f7:9b:6b:e2:98:c5:52:ef:f9:71:52:3d:13:bc:b6:d2:
20:30:f9:0f:de:ce:e9:98:ee:8d:a9:61:a0:35:08:9e:28:98:
e9:3e:54:40:d5:9c:9e:68:85:ae:39:60:cd:3d:11:cf:eb:0c:
f2:0f:c8:8a:a2:cb:09:4e:94:3a:15:42:d2:9e:29:f3:a8:f6:
ce:6f:b6:6e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYaiffcVPLwkL/tGk7E1jFRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjMwMzAyMTMyMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2EzYmNiOGI4MWM1ZWQ5YjNlOGNhZTM0MmY4YjdmZWFkY2NkZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiIyKzxTnzbJVhvQptiUs1RMh3CF
zeZG73l61eBRq6C0G545QyJvvCAxoM45i0x1AS8TEAG1yn+lmohnixoxDDP3ezma
32XkrKpkaq8EoyVx4nXbRrO70wdo5e3hdBpTCRnpOrBUxr6j5klJr5VYWmwUlEg6
xnLptnnM0zuKhfh2xESxP0zzLdp4NMxiod4h+Dpu+BEe6HQ3qiKs1x961LecFiNt
A46ogLaoAkv+LZ4sKQksWruO9nJ/aQvLGhIgi4vttH4Y6UZm7DhhoRGWzV4PHaVS
jzNfiTbQPJTnPo4okgNXBM0SQ9FRvctPJCJBt1GSq/g6JHKw31LiEiE8mwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIOjvLi4HF7Zs+jK40L4t/6tzN7HMB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvZzZPOHVMZ2NYdG16Nk1yalF2aTNfcTNNM3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwQFJUjAMAsD
BAElSPIDAwAlSAMEBFEU0DAMAwQE1ZewAwQC1Ze4MA0GCSqGSIb3DQEBCwUAA4IB
AQBAfPbfweNq4k2gWJbq/GFgSiQkSU4mtSqZGzAvl245tXTRtmOb0jdiToL1n1jP
omB6lL289/7N/9PkGJfGYgmTh4v7+BWfkxoglR42FGBiwJFv8GszkimuSclKhsLN
Jbx5uvhWOg55KrW5IoA6xt69YiolRYlhcUfH7X+GQHBiqXV6/DX7G8U2OjZqxvSm
AD61OeVikjCp+RJLH9Tbrz8HYlr0hlVQzDC3hwe67VdQeDExItq0jveba+KYxVLv
+XFSPRO8ttIgMPkP3s7pmO6NqWGgNQieKJjpPlRA1ZyeaIWuOWDNPRHP6wzyD8iK
ossJTpQ6FULSninzqPbOb7Zu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:25 2024 by rpki-client on console-ams.rpki-client.org