Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/UZdeJGv5lGmvvr_jIiNlkBD08-4.roa
File: UZdeJGv5lGmvvr_jIiNlkBD08-4.roa (raw, json)
Hash identifier: pukT8PicoEY11ayre6/W4u0KVRmhjmFF9NTbcDSAVLU=
Subject key identifier: 51:97:5E:24:6B:F9:94:69:AF:BE:BF:E3:22:23:65:90:10:F4:F3:EE
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 018CC94BEBC83B5D65E1C4937F0EF05662C1
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/UZdeJGv5lGmvvr_jIiNlkBD08-4.roa
Signing time: Tue 02 Jan 2024 08:30:45 +0000
ROA not before: Tue 02 Jan 2024 08:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/20 maxlen: 20
37.32.112.0/21 maxlen: 21
37.32.120.0/21 maxlen: 21
185.49.96.0/24 maxlen: 24
185.49.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:eb:c8:3b:5d:65:e1:c4:93:7f:0e:f0:56:62:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Jan 2 08:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51975e246bf99469afbebfe32223659010f4f3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c3:ed:7e:2a:fd:99:e5:a5:9e:21:98:66:5a:
2e:80:e2:6a:2d:7a:39:ef:61:d0:d6:f7:9f:2a:1c:
60:5f:c7:7d:9c:9c:53:a6:2e:f3:1c:f7:2f:a7:fd:
dc:8d:ed:c0:ac:6e:75:ca:38:9d:4d:9b:6a:12:67:
19:f4:da:c9:5b:4f:d1:b6:a7:dc:38:7d:fc:f9:40:
21:13:59:67:ff:ac:55:70:af:86:c5:f7:bb:3c:a0:
d0:ad:50:5f:d3:4e:4a:46:f7:4b:1d:51:42:ef:68:
54:b8:db:91:34:cf:1f:04:cb:3e:47:fb:1a:de:c7:
84:57:ba:29:4d:12:8d:8f:d3:e8:20:db:62:d5:17:
3a:b5:65:d4:38:7d:16:ac:da:76:c8:06:0c:3a:63:
d8:2b:a6:3f:c6:74:10:87:f8:71:5a:4a:31:f2:73:
a8:80:5e:ef:b6:67:53:4d:82:48:8c:9a:b8:e5:75:
1a:7f:d1:1a:8d:65:cd:e0:d3:a7:6d:ee:c9:78:f0:
32:cc:bb:e6:7d:0e:2b:0d:ae:52:70:c5:aa:94:fe:
ac:5a:ea:85:9b:9a:9c:11:d4:f7:b5:be:db:ea:3c:
6b:ae:e4:11:83:ca:fc:8d:ea:cb:ad:b8:75:9d:ce:
6d:19:e4:68:9f:a0:d5:f0:b0:b3:5a:62:23:15:87:
0f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:97:5E:24:6B:F9:94:69:AF:BE:BF:E3:22:23:65:90:10:F4:F3:EE
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/UZdeJGv5lGmvvr_jIiNlkBD08-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:18:80:d4:19:54:47:0e:ea:c0:35:18:ce:0a:47:d0:28:42:
f6:96:2e:4b:fb:a0:37:b2:60:11:d7:be:25:56:22:0e:a6:68:
54:7a:b2:0f:bb:43:e6:d1:d4:37:ca:b4:2e:a9:c2:9d:f8:01:
5c:7b:7d:7d:ed:cd:1f:48:dc:b5:d8:9a:5d:e3:ec:cf:5e:88:
f3:45:97:3e:2f:4d:39:79:d9:c2:9f:ee:a4:c6:35:ae:4e:ef:
63:06:4e:84:ac:3e:2e:7e:e4:99:79:bb:30:60:23:3d:8f:0e:
7c:bb:4e:33:ff:5e:63:c6:63:a4:11:3e:d6:71:98:c7:f1:54:
44:69:90:ab:b7:2e:98:1a:29:05:6b:27:e0:e0:0c:4e:4a:67:
9a:9a:f3:ba:cb:dc:ed:b1:9b:39:f6:ef:87:36:97:d2:31:90:
c9:b2:9c:7b:f3:cb:3a:8f:cf:c1:33:40:23:81:d6:0f:31:09:
e1:04:f2:22:29:f1:11:bd:02:57:ac:fa:e0:e7:28:7d:3d:21:
17:81:ea:36:3f:ba:11:49:0f:22:2a:a0:fa:8b:13:7a:43:61:
dc:ca:86:0e:b8:95:06:8d:dc:c4:5e:a7:a3:e8:73:77:e2:c3:
36:08:92:55:c4:b2:50:1a:7b:2e:ce:c4:49:a9:ae:63:fc:0e:
fd:c7:1b:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJS+vIO11l4cSTfw7wVmLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDIwMjk3ODM5YzczOTBkZjIwMjUxYTVjMDkzMGU2YTY3
MmJlZTMwHhcNMjQwMTAyMDgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTk3NWUyNDZiZjk5NDY5YWZiZWJmZTMyMjIzNjU5MDEwZjRmM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusPtfir9meWlniGYZlougOJqLXo5
72HQ1vefKhxgX8d9nJxTpi7zHPcvp/3cje3ArG51yjidTZtqEmcZ9NrJW0/Rtqfc
OH38+UAhE1ln/6xVcK+Gxfe7PKDQrVBf005KRvdLHVFC72hUuNuRNM8fBMs+R/sa
3seEV7opTRKNj9PoINti1Rc6tWXUOH0WrNp2yAYMOmPYK6Y/xnQQh/hxWkox8nOo
gF7vtmdTTYJIjJq45XUaf9EajWXN4NOnbe7JePAyzLvmfQ4rDa5ScMWqlP6sWuqF
m5qcEdT3tb7b6jxrruQRg8r8jerLrbh1nc5tGeRon6DV8LCzWmIjFYcPPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFGXXiRr+ZRpr76/4yIjZZAQ9PPuMB8GA1UdIwQY
MBaAFBwCApeDnHOQ3yAlGlwJMOamcr7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYt
MTQyYTJiOThmNGM4LzEvVVpkZUpHdjVsR212dnJfaklpTmxrQkQwOC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYtMTQyYTJiOThmNGM4
LzEvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEJSBwAwQC
uTFgMA0GCSqGSIb3DQEBCwUAA4IBAQB6GIDUGVRHDurANRjOCkfQKEL2li5L+6A3
smAR174lViIOpmhUerIPu0Pm0dQ3yrQuqcKd+AFce3197c0fSNy12Jpd4+zPXojz
RZc+L005ednCn+6kxjWuTu9jBk6ErD4ufuSZebswYCM9jw58u04z/15jxmOkET7W
cZjH8VREaZCrty6YGikFayfg4AxOSmeamvO6y9ztsZs59u+HNpfSMZDJspx788s6
j8/BM0AjgdYPMQnhBPIiKfERvQJXrPrg5yh9PSEXgeo2P7oRSQ8iKqD6ixN6Q2Hc
yoYOuJUGjdzEXqej6HN34sM2CJJVxLJQGnsuzsRJqa5j/A79xxsw
-----END CERTIFICATE-----
Generated at Tue Jan 2 23:02:00 2024 by rpki-client on console-fra.rpki-client.org