Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/mGA7BOvPwDKabqChikdKrFJs47o.roa
File: mGA7BOvPwDKabqChikdKrFJs47o.roa (raw, json)
Hash identifier: FkpsHdh6yRPwkm1PZPAItRmEvo6yxAcR3DSrjR3YVRE=
Subject key identifier: 98:60:3B:04:EB:CF:C0:32:9A:6E:A0:A1:8A:47:4A:AC:52:6C:E3:BA
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0185714C43EEC767512A31018A6C94C25E64
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/mGA7BOvPwDKabqChikdKrFJs47o.roa
Signing time: Mon 02 Jan 2023 07:05:01 +0000
ROA not before: Mon 02 Jan 2023 07:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51453
IP address blocks: 37.235.0.0/23 maxlen: 23
37.235.2.0/24 maxlen: 24
185.81.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:43:ee:c7:67:51:2a:31:01:8a:6c:94:c2:5e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 2 07:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98603b04ebcfc0329a6ea0a18a474aac526ce3ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ab:5b:e3:0d:91:c8:32:2f:90:2b:fe:97:c3:
a4:85:ed:90:81:c5:94:ed:5d:22:1f:46:a9:27:d4:
fd:23:df:d1:5f:10:b8:80:9b:a9:35:56:c1:47:a2:
48:52:ec:e2:b9:7f:b3:1a:32:77:c9:1b:5f:f4:6f:
28:f2:50:fa:f6:c1:c2:17:f9:b0:bf:7c:a9:15:46:
8b:71:58:4d:03:21:c7:91:0b:92:0f:5a:2d:17:4b:
11:bc:d1:9c:87:92:20:fe:0e:40:5a:9e:00:1e:95:
bc:bc:9a:82:e0:f3:73:97:26:b4:87:d9:52:02:24:
03:70:f0:90:01:e4:31:0b:1c:ba:a1:aa:12:35:c1:
2e:8a:1f:45:f7:f0:8c:30:6b:32:06:b1:2e:14:1e:
81:92:8a:5d:5a:76:dd:b7:7a:c9:68:98:cb:cb:34:
53:e4:1a:42:40:37:f2:77:78:16:f3:cd:29:ca:7f:
75:6d:8d:27:22:38:0b:a7:34:5f:9f:75:ee:0d:cb:
87:87:66:50:df:0d:3b:ef:5c:ab:78:1f:7b:83:a3:
63:11:e3:2d:01:8d:1c:3b:8c:56:a7:01:aa:85:11:
8d:06:5e:9c:b7:a9:ef:61:db:89:05:bb:ab:d2:44:
9d:3d:52:c5:f0:64:3e:25:ea:c3:32:1e:f5:cc:96:
39:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:60:3B:04:EB:CF:C0:32:9A:6E:A0:A1:8A:47:4A:AC:52:6C:E3:BA
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/mGA7BOvPwDKabqChikdKrFJs47o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.0.0-37.235.2.255
185.81.204.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:a9:c3:66:29:2e:5c:9c:9e:36:e7:0f:b2:01:dd:a5:9e:05:
4a:62:57:57:e8:f5:bd:c1:b7:84:8d:4f:1c:9e:64:5b:b6:59:
bd:38:33:09:f3:86:af:32:7a:1b:a1:10:47:9d:bd:20:7a:d7:
89:86:c6:39:36:5c:e3:41:fc:57:cf:2f:c5:35:07:31:25:a3:
7a:85:70:26:06:2d:a5:aa:12:66:32:71:a1:18:01:f5:4d:d2:
11:02:6d:ff:da:16:a9:0f:d6:ca:54:fc:c6:d6:db:20:4d:c4:
88:6e:d1:4f:8e:74:f8:aa:82:65:20:a4:b1:47:67:98:c2:85:
b9:e2:4f:9c:16:98:16:bc:f3:9f:b6:9b:dc:f8:64:94:7e:9b:
53:b9:a3:cc:da:c8:50:50:4f:1a:21:bc:4c:5d:5d:39:f8:ad:
f4:f2:2d:8e:1e:c7:84:10:d9:57:fe:f4:84:fa:d6:b5:e3:f5:
ba:b4:f7:87:a9:32:1e:02:ec:c2:ed:e7:07:44:81:66:9a:46:
96:30:19:69:7b:89:4f:8c:23:30:6f:c3:1d:65:98:6e:f5:5b:
7b:1e:9c:41:4c:99:0f:99:d5:b3:a5:71:3f:3a:b6:f7:56:46:
05:ac:2b:be:bf:53:b0:6b:9c:0b:b5:49:0a:00:43:ec:4f:51:
3e:91:c0:bc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVxTEPux2dRKjEBimyUwl5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwMTAyMDcwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODYwM2IwNGViY2ZjMDMyOWE2ZWEwYTE4YTQ3NGFhYzUyNmNlM2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKtb4w2RyDIvkCv+l8Okhe2QgcWU
7V0iH0apJ9T9I9/RXxC4gJupNVbBR6JIUuziuX+zGjJ3yRtf9G8o8lD69sHCF/mw
v3ypFUaLcVhNAyHHkQuSD1otF0sRvNGch5Ig/g5AWp4AHpW8vJqC4PNzlya0h9lS
AiQDcPCQAeQxCxy6oaoSNcEuih9F9/CMMGsyBrEuFB6BkopdWnbdt3rJaJjLyzRT
5BpCQDfyd3gW880pyn91bY0nIjgLpzRfn3XuDcuHh2ZQ3w0771yreB97g6NjEeMt
AY0cO4xWpwGqhRGNBl6ct6nvYduJBbur0kSdPVLF8GQ+JerDMh71zJY5lQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJhgOwTrz8Aymm6goYpHSqxSbOO6MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvbUdBN0JPdlB3REthYnFDaGlrZEtyRkpzNDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwAl6wME
ACXrAgMEALlRzDANBgkqhkiG9w0BAQsFAAOCAQEAW6nDZikuXJyeNucPsgHdpZ4F
SmJXV+j1vcG3hI1PHJ5kW7ZZvTgzCfOGrzJ6G6EQR529IHrXiYbGOTZc40H8V88v
xTUHMSWjeoVwJgYtpaoSZjJxoRgB9U3SEQJt/9oWqQ/WylT8xtbbIE3EiG7RT450
+KqCZSCksUdnmMKFueJPnBaYFrzzn7ab3PhklH6bU7mjzNrIUFBPGiG8TF1dOfit
9PItjh7HhBDZV/70hPrWteP1urT3h6kyHgLswu3nB0SBZppGljAZaXuJT4wjMG/D
HWWYbvVbex6cQUyZD5nVs6VxPzq291ZGBawrvr9TsGucC7VJCgBD7E9RPpHAvA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:33 2024 by rpki-client on console-ams.rpki-client.org