Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/ut8xnhJk8Er8FaK8HP2fxfbWV9g.roa
File: ut8xnhJk8Er8FaK8HP2fxfbWV9g.roa (raw, json)
Hash identifier: KIrV/UoW+G4pk0ps303MOoL93lY1KO7xWeSUDfgJK4c=
Subject key identifier: BA:DF:31:9E:12:64:F0:4A:FC:15:A2:BC:1C:FD:9F:C5:F6:D6:57:D8
Certificate issuer: /CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Certificate serial: 01856E41C4EDBF4683F75D5290B45B8B492A
Authority key identifier: 3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/ut8xnhJk8Er8FaK8HP2fxfbWV9g.roa
Signing time: Sun 01 Jan 2023 16:54:41 +0000
ROA not before: Sun 01 Jan 2023 16:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60475
IP address blocks: 37.202.16.0/21 maxlen: 21
37.202.22.0/23 maxlen: 23
185.241.200.0/22 maxlen: 22
2a02:ff00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:c4:ed:bf:46:83:f7:5d:52:90:b4:5b:8b:49:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Validity
Not Before: Jan 1 16:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=badf319e1264f04afc15a2bc1cfd9fc5f6d657d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c8:b6:d2:59:9b:54:65:f8:08:f9:79:44:f8:
b5:90:3f:a6:f0:b1:4a:30:04:a9:98:f3:e9:66:cb:
70:c4:8c:3a:52:9f:91:79:c3:8b:88:76:d0:ec:e9:
de:51:5d:af:53:d9:e3:8a:d1:0c:a5:49:04:00:52:
20:1e:c5:21:ce:25:0f:11:3c:5e:e3:26:61:d1:e1:
e2:b8:32:ff:f0:60:fe:55:01:6a:0a:59:d3:29:c8:
b0:83:bd:34:4c:b1:a4:ad:b7:78:3d:ea:22:4e:d5:
a0:9e:00:27:c6:8e:47:6e:bc:4e:cd:b0:0c:af:98:
a6:51:03:c3:5f:69:3d:58:a1:58:7e:38:af:22:9a:
09:f3:0a:33:a6:17:51:6d:2f:9d:85:40:1a:c4:d2:
d2:74:63:77:25:6f:6c:30:96:e6:ba:9a:60:37:1c:
25:3a:1d:04:c2:d9:15:64:ce:01:25:5a:14:c5:1f:
b8:15:82:eb:21:93:14:82:0b:8d:2d:fc:e1:e8:a6:
5b:2c:ab:f7:93:94:65:c3:59:23:d6:ef:cc:3f:38:
4e:bf:0f:d5:22:41:e5:27:c4:77:2c:93:95:d7:a5:
b3:a0:8f:95:ad:e3:0b:3a:00:77:ba:6a:eb:c4:9c:
e3:ff:82:39:ca:1b:a6:9f:47:79:c1:c8:ff:13:73:
82:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:DF:31:9E:12:64:F0:4A:FC:15:A2:BC:1C:FD:9F:C5:F6:D6:57:D8
X509v3 Authority Key Identifier:
keyid:3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/ut8xnhJk8Er8FaK8HP2fxfbWV9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/PzGV9HCEyLDGcNA_fue1Fs-ATFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.16.0/21
185.241.200.0/22
IPv6:
2a02:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
89:35:70:82:d0:9f:83:e6:32:ff:20:87:b6:e0:94:7b:51:7e:
59:33:3f:a6:96:48:b7:01:04:2b:68:43:eb:ef:ba:d4:b0:16:
e5:70:8f:05:59:0b:bf:e2:56:bc:e9:e7:2a:27:ff:63:e9:65:
ab:e9:81:e2:62:bc:bf:f6:41:3c:ca:28:be:b7:14:7f:7d:ae:
a1:8e:ad:cc:e9:ab:f7:6b:2f:94:50:29:98:c8:8f:ef:55:d4:
72:9d:64:15:50:9d:04:00:39:23:4b:b5:94:89:a5:a9:5a:de:
c4:8d:32:66:98:a2:d1:7a:bb:76:34:71:29:88:23:a1:80:d6:
d2:5e:94:bf:fc:41:e4:92:f3:2d:90:4a:36:ea:89:26:d1:24:
79:0e:f6:b3:4e:bb:15:27:55:6d:1e:35:60:a2:d7:f9:37:da:
d6:3c:07:ef:24:9a:fe:3e:f6:50:46:b8:7f:be:8a:9e:2f:33:
99:a9:94:ed:c9:84:47:a8:96:cc:19:34:8f:e8:8f:14:c4:a2:
19:62:cf:d4:ec:b2:aa:6e:ac:2a:86:5c:42:9e:dc:55:ca:21:
0d:ba:73:37:7a:3f:7d:6e:ff:ca:fc:33:ef:b4:3f:24:12:f4:
5d:94:72:2a:75:cf:ae:12:c2:0c:7f:69:14:e4:a8:36:c3:43:
77:42:32:b6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuQcTtv0aD911SkLRbi0kqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzE5NWY0NzA4NGM4YjBjNjcwZDAzZjdlZTdiNTE2Y2Y4
MDRjNWMwHhcNMjMwMTAxMTY1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWRmMzE5ZTEyNjRmMDRhZmMxNWEyYmMxY2ZkOWZjNWY2ZDY1N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsi20lmbVGX4CPl5RPi1kD+m8LFK
MASpmPPpZstwxIw6Up+RecOLiHbQ7OneUV2vU9njitEMpUkEAFIgHsUhziUPETxe
4yZh0eHiuDL/8GD+VQFqClnTKciwg700TLGkrbd4PeoiTtWgngAnxo5HbrxOzbAM
r5imUQPDX2k9WKFYfjivIpoJ8wozphdRbS+dhUAaxNLSdGN3JW9sMJbmuppgNxwl
Oh0EwtkVZM4BJVoUxR+4FYLrIZMUgguNLfzh6KZbLKv3k5Rlw1kj1u/MPzhOvw/V
IkHlJ8R3LJOV16WzoI+VreMLOgB3umrrxJzj/4I5yhumn0d5wcj/E3OClQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLrfMZ4SZPBK/BWivBz9n8X21lfYMB8GA1UdIwQY
MBaAFD8xlfRwhMiwxnDQP37ntRbPgExcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpHVjlIQ0V5TERHY05BX2Z1ZTFGcy1BVEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hYjRmODctNzU2OS00N2UxLTkwMDYt
NjA0Mzc4ZTcxNzNmLzEvdXQ4eG5oSms4RXI4RmFLOEhQMmZ4ZmJXVjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hYjRmODctNzU2OS00N2UxLTkwMDYtNjA0Mzc4ZTcxNzNm
LzEvUHpHVjlIQ0V5TERHY05BX2Z1ZTFGcy1BVEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJcoQAwQC
ufHIMA0EAgACMAcDBQMqAv8AMA0GCSqGSIb3DQEBCwUAA4IBAQCJNXCC0J+D5jL/
IIe24JR7UX5ZMz+mlki3AQQraEPr77rUsBblcI8FWQu/4la86ecqJ/9j6WWr6YHi
Yry/9kE8yii+txR/fa6hjq3M6av3ay+UUCmYyI/vVdRynWQVUJ0EADkjS7WUiaWp
Wt7EjTJmmKLRert2NHEpiCOhgNbSXpS//EHkkvMtkEo26okm0SR5DvazTrsVJ1Vt
HjVgotf5N9rWPAfvJJr+PvZQRrh/voqeLzOZqZTtyYRHqJbMGTSP6I8UxKIZYs/U
7LKqbqwqhlxCntxVyiENunM3ej99bv/K/DPvtD8kEvRdlHIqdc+uEsIMf2kU5Kg2
w0N3QjK2
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:11 2024 by rpki-client on console-fra.rpki-client.org