Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/uPf5kNPlh9xkYpvYxfZ50aSU5Zk.roa
File: uPf5kNPlh9xkYpvYxfZ50aSU5Zk.roa (raw, json)
Hash identifier: M6zqaMZMIBCDr+0oMnhHsD9NCfBdzmTsu8VM1Y24g/0=
Subject key identifier: B8:F7:F9:90:D3:E5:87:DC:64:62:9B:D8:C5:F6:79:D1:A4:94:E5:99
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 01872462068FDD8805E13460552BB3CA18F2
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/uPf5kNPlh9xkYpvYxfZ50aSU5Zk.roa
Signing time: Mon 27 Mar 2023 18:43:36 +0000
ROA not before: Mon 27 Mar 2023 18:43:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/21 maxlen: 21
37.32.112.0/20 maxlen: 20
37.32.120.0/21 maxlen: 21
37.32.120.0/24 maxlen: 24
185.49.96.0/24 maxlen: 24
185.49.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:24:62:06:8f:dd:88:05:e1:34:60:55:2b:b3:ca:18:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Mar 27 18:43:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8f7f990d3e587dc64629bd8c5f679d1a494e599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1c:4e:76:89:15:8c:a4:d7:04:0e:5c:7b:4f:
f0:b0:4d:69:a9:ba:4e:15:7c:44:ba:a2:c2:a3:bd:
cb:8d:e8:f2:ac:05:a0:ce:6f:6a:e1:b4:bc:d8:1e:
8f:c7:b3:97:c9:68:57:31:36:e4:8e:88:c1:92:9b:
94:2f:34:66:ab:9b:a7:44:d3:16:dd:69:d6:ab:99:
28:78:ac:52:bb:48:57:d6:f5:ac:3c:a7:26:ef:b1:
1e:5c:fb:65:7f:65:a3:40:cd:98:49:13:37:2e:ad:
d5:ee:4f:c7:4d:78:32:4b:5c:f9:10:a6:bb:f8:02:
62:40:b7:d5:4b:01:db:fa:4a:02:43:c4:fa:47:f9:
c9:b8:27:00:78:0f:08:49:54:a3:39:03:87:73:42:
64:77:2d:9e:7f:12:1a:67:e8:fb:34:53:91:6b:b2:
40:f4:88:66:e6:98:c4:8a:ae:d8:65:5a:64:5f:36:
8c:a7:37:e3:8a:67:40:f0:30:20:29:75:b4:a8:71:
d8:5a:01:4a:f7:8e:bd:0c:53:b8:bc:1a:dc:2e:a2:
48:15:96:fc:61:76:8c:ec:3e:67:6d:d3:84:b9:6c:
90:e0:0f:74:6c:fe:8a:83:69:e1:25:7a:52:d8:fb:
25:a5:7c:74:0a:fc:20:ee:ee:47:19:a4:ac:6e:72:
44:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F7:F9:90:D3:E5:87:DC:64:62:9B:D8:C5:F6:79:D1:A4:94:E5:99
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/uPf5kNPlh9xkYpvYxfZ50aSU5Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:01:a3:ef:86:38:5b:8c:1b:49:7b:6c:34:ab:a6:52:66:93:
76:80:b0:40:0e:3a:5e:2c:aa:32:b0:76:78:d5:87:db:d4:08:
00:1f:7f:5c:af:d1:e5:6f:eb:0e:89:52:eb:11:04:22:e7:e9:
78:e3:a3:ba:e3:10:23:02:eb:3d:cf:ef:56:53:c3:1a:5e:f2:
88:79:83:74:24:aa:93:7b:f2:95:b5:d3:a0:16:7e:ef:ef:2a:
21:9e:79:21:b3:fe:9a:20:d8:2e:1b:cc:68:9c:d7:ad:42:8a:
d0:23:f4:00:3d:82:c1:d9:75:04:94:2d:3f:89:6f:3c:e0:44:
d5:28:49:2a:11:7d:c0:c5:a4:20:df:b3:22:9d:f0:22:8e:e3:
e9:20:4c:6b:d0:ab:f0:14:88:a4:2b:e6:f3:fc:d4:3a:51:2b:
1e:a1:5a:63:a4:e1:26:b9:db:e4:fe:f9:63:46:8a:9a:59:7c:
89:74:7b:e1:89:bf:68:c7:f0:ba:d1:67:6c:8f:af:4f:69:e7:
63:7c:6d:3a:33:92:27:b1:84:fd:e9:bf:c4:cc:93:95:36:b4:
55:68:56:02:f6:8d:3c:2a:5b:b3:a1:f9:25:56:5b:0c:56:8c:
99:94:89:46:57:e5:f2:62:20:7b:60:bb:dc:0d:54:b8:66:25:
b9:ca:4d:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYckYgaP3YgF4TRgVSuzyhjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDIwMjk3ODM5YzczOTBkZjIwMjUxYTVjMDkzMGU2YTY3
MmJlZTMwHhcNMjMwMzI3MTg0MzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGY3Zjk5MGQzZTU4N2RjNjQ2MjliZDhjNWY2NzlkMWE0OTRlNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBxOdokVjKTXBA5ce0/wsE1pqbpO
FXxEuqLCo73LjejyrAWgzm9q4bS82B6Px7OXyWhXMTbkjojBkpuULzRmq5unRNMW
3WnWq5koeKxSu0hX1vWsPKcm77EeXPtlf2WjQM2YSRM3Lq3V7k/HTXgyS1z5EKa7
+AJiQLfVSwHb+koCQ8T6R/nJuCcAeA8ISVSjOQOHc0Jkdy2efxIaZ+j7NFORa7JA
9Ihm5pjEiq7YZVpkXzaMpzfjimdA8DAgKXW0qHHYWgFK9469DFO4vBrcLqJIFZb8
YXaM7D5nbdOEuWyQ4A90bP6Kg2nhJXpS2PslpXx0Cvwg7u5HGaSsbnJEWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLj3+ZDT5YfcZGKb2MX2edGklOWZMB8GA1UdIwQY
MBaAFBwCApeDnHOQ3yAlGlwJMOamcr7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYt
MTQyYTJiOThmNGM4LzEvdVBmNWtOUGxoOXhrWXB2WXhmWjUwYVNVNVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYtMTQyYTJiOThmNGM4
LzEvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEJSBwAwQC
uTFgMA0GCSqGSIb3DQEBCwUAA4IBAQAaAaPvhjhbjBtJe2w0q6ZSZpN2gLBADjpe
LKoysHZ41Yfb1AgAH39cr9Hlb+sOiVLrEQQi5+l446O64xAjAus9z+9WU8MaXvKI
eYN0JKqTe/KVtdOgFn7v7yohnnkhs/6aINguG8xonNetQorQI/QAPYLB2XUElC0/
iW884ETVKEkqEX3AxaQg37MinfAijuPpIExr0KvwFIikK+bz/NQ6USseoVpjpOEm
udvk/vljRoqaWXyJdHvhib9ox/C60Wdsj69PaedjfG06M5InsYT96b/EzJOVNrRV
aFYC9o08KluzofklVlsMVoyZlIlGV+XyYiB7YLvcDVS4ZiW5yk03
-----END CERTIFICATE-----
Generated at Wed Sep 20 04:53:34 2023 by rpki-client on console-fra.rpki-client.org