Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/SkA48vvlYuy1jJO5sUKk0ZOK3HI.roa
File: SkA48vvlYuy1jJO5sUKk0ZOK3HI.roa (raw, json)
Hash identifier: x8rZO3Gl5TS9o6IGtbaeeRllmpnkviIlUPv7jTx2FUw=
Subject key identifier: 4A:40:38:F2:FB:E5:62:EC:B5:8C:93:B9:B1:42:A4:D1:93:8A:DC:72
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 01856E141D673194668486EEEE1BA439F844
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/SkA48vvlYuy1jJO5sUKk0ZOK3HI.roa
Signing time: Sun 01 Jan 2023 16:04:49 +0000
ROA not before: Sun 01 Jan 2023 16:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60558
IP address blocks: 37.140.239.0/24 maxlen: 24
37.140.238.0/24 maxlen: 24
185.28.188.0/24 maxlen: 24
185.28.191.0/24 maxlen: 24
185.28.190.0/24 maxlen: 24
185.28.189.0/24 maxlen: 24
2a00:8860:100::/40 maxlen: 64
2a00:8861:100::/40 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:1d:67:31:94:66:84:86:ee:ee:1b:a4:39:f8:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 16:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a4038f2fbe562ecb58c93b9b142a4d1938adc72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d6:a3:d2:08:98:1b:b3:f3:78:d2:6a:15:cd:
df:f9:52:76:b7:02:dc:a5:7a:3b:70:05:f2:25:2c:
5f:3d:64:91:e0:5a:88:7b:13:b4:8c:27:aa:69:b6:
aa:59:e4:9d:e5:11:ed:43:2a:8a:9c:04:02:fe:f2:
1d:1f:e5:e2:f9:de:fc:2d:37:4c:ef:5d:e3:32:e6:
2b:1e:2e:f5:43:9a:8d:79:4e:b1:07:70:7f:6a:4e:
e7:e5:69:d9:e1:4d:43:e1:d3:a7:c1:42:77:ce:9d:
0c:ca:52:42:89:aa:4f:1f:1e:5f:1e:eb:0e:84:13:
e5:4b:13:3e:a1:51:21:54:21:d6:45:0a:fb:bf:0c:
33:55:94:8c:1a:40:04:c3:3b:74:4d:8a:35:6f:ce:
d3:08:29:70:ef:22:7d:4b:f9:25:28:b3:6b:0e:97:
05:bb:c3:59:10:27:58:7d:de:bf:2c:e4:bb:3b:af:
76:18:cc:ce:52:03:b6:17:24:b9:cb:ad:68:53:5c:
d2:99:15:fa:ad:20:2d:df:f7:82:8d:69:67:f1:1c:
5b:80:54:9b:2c:61:3d:1f:40:af:a0:06:13:eb:81:
96:8e:0b:99:c8:75:b1:48:aa:cb:13:7c:df:84:70:
3c:ae:6e:d3:77:69:91:80:66:ad:1c:70:63:6c:5e:
dc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:40:38:F2:FB:E5:62:EC:B5:8C:93:B9:B1:42:A4:D1:93:8A:DC:72
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/SkA48vvlYuy1jJO5sUKk0ZOK3HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.238.0/23
185.28.188.0/22
IPv6:
2a00:8860:100::/40
2a00:8861:100::/40
Signature Algorithm: sha256WithRSAEncryption
97:f1:ae:91:44:9d:7f:39:08:e7:c4:e5:1b:7f:60:02:6f:67:
06:27:b3:57:b3:1b:ec:ea:43:a9:0a:71:50:22:67:7b:ee:93:
8c:b8:db:5c:19:da:91:52:63:01:0b:d2:ca:48:60:ef:5b:2a:
45:c0:97:52:a0:94:3f:f2:7f:3e:b8:54:f0:15:31:ad:6a:67:
8b:1c:4a:85:d1:dc:82:14:d2:d2:1a:f7:09:fd:4f:1d:04:35:
72:cf:af:5f:80:45:1d:e9:bb:52:99:7b:8f:bd:01:33:dd:96:
8e:17:50:f3:05:9d:d3:01:fb:ab:66:49:76:63:b8:32:e2:cc:
dc:1c:12:b3:ee:a7:5f:d4:e0:21:ef:03:91:0e:6f:1b:de:18:
6c:ed:99:ba:df:63:2b:8e:55:e7:1a:93:f8:0b:72:25:22:af:
e5:e8:e3:55:f5:ef:ba:5d:dc:6a:6a:d8:7d:97:1f:19:e2:fc:
94:9a:42:d8:d5:3f:12:2c:69:e5:61:c0:ac:bd:97:0e:d0:67:
3e:a0:b7:46:b2:cb:a6:dc:89:a1:29:1d:04:57:c1:87:cf:4b:
dc:b2:c7:84:7b:33:ec:3b:4b:53:54:f3:2f:65:8f:2c:7e:3d:
17:8a:ad:e4:55:ee:9b:0b:6a:64:3d:d0:cc:42:a2:8f:94:7a:
32:a3:a8:eb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVuFB1nMZRmhIbu7hukOfhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjMwMTAxMTYwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQwMzhmMmZiZTU2MmVjYjU4YzkzYjliMTQyYTRkMTkzOGFkYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdaj0giYG7PzeNJqFc3f+VJ2twLc
pXo7cAXyJSxfPWSR4FqIexO0jCeqabaqWeSd5RHtQyqKnAQC/vIdH+Xi+d78LTdM
713jMuYrHi71Q5qNeU6xB3B/ak7n5WnZ4U1D4dOnwUJ3zp0MylJCiapPHx5fHusO
hBPlSxM+oVEhVCHWRQr7vwwzVZSMGkAEwzt0TYo1b87TCClw7yJ9S/klKLNrDpcF
u8NZECdYfd6/LOS7O692GMzOUgO2FyS5y61oU1zSmRX6rSAt3/eCjWln8RxbgFSb
LGE9H0CvoAYT64GWjguZyHWxSKrLE3zfhHA8rm7Td2mRgGatHHBjbF7cWwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEpAOPL75WLstYyTubFCpNGTitxyMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvU2tBNDh2dmxZdXkxakpPNXNVS2swWk9LM0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBJYzuAwQC
uRy8MBYEAgACMBADBgAqAIhgAQMGACoAiGEBMA0GCSqGSIb3DQEBCwUAA4IBAQCX
8a6RRJ1/OQjnxOUbf2ACb2cGJ7NXsxvs6kOpCnFQImd77pOMuNtcGdqRUmMBC9LK
SGDvWypFwJdSoJQ/8n8+uFTwFTGtameLHEqF0dyCFNLSGvcJ/U8dBDVyz69fgEUd
6btSmXuPvQEz3ZaOF1DzBZ3TAfurZkl2Y7gy4szcHBKz7qdf1OAh7wORDm8b3hhs
7Zm632MrjlXnGpP4C3IlIq/l6ONV9e+6Xdxqath9lx8Z4vyUmkLY1T8SLGnlYcCs
vZcO0Gc+oLdGssum3ImhKR0EV8GHz0vcsseEezPsO0tTVPMvZY8sfj0Xiq3kVe6b
C2pkPdDMQqKPlHoyo6jr
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:43 2024 by rpki-client on console-fra.rpki-client.org