Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/tLcqeTYUCifw4BL4YhZUZ8dAlMc.roa
File: tLcqeTYUCifw4BL4YhZUZ8dAlMc.roa (raw, json)
Hash identifier: +Rx/QHg63DRajKOVSV98pSLiAG7Ee4u83oegKM3otTQ=
Subject key identifier: B4:B7:2A:79:36:14:0A:27:F0:E0:12:F8:62:16:54:67:C7:40:94:C7
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018B7097752771F14F6FE7F29FFE9272FBCE
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/tLcqeTYUCifw4BL4YhZUZ8dAlMc.roa
Signing time: Fri 27 Oct 2023 10:04:15 +0000
ROA not before: Fri 27 Oct 2023 10:04:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200197
IP address blocks: 37.230.171.0/24 maxlen: 24
37.230.170.0/24 maxlen: 24
178.170.172.0/24 maxlen: 24
37.230.131.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:97:75:27:71:f1:4f:6f:e7:f2:9f:fe:92:72:fb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Oct 27 10:04:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4b72a7936140a27f0e012f862165467c74094c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e5:4f:e2:ec:90:ca:c0:a5:bb:6f:f3:11:8f:
48:00:34:19:92:10:65:d2:25:c6:55:07:e4:80:00:
2c:a9:ca:0c:29:05:8d:10:28:14:b3:c6:e2:f1:63:
d2:a9:ad:c5:81:a0:33:28:0e:ce:f1:c2:24:66:91:
14:cf:b8:96:f1:33:2c:d6:a6:9a:43:3b:dc:65:23:
88:17:4a:bd:12:fc:63:4a:b9:4a:b3:d6:f8:d6:c5:
d7:3c:23:bf:76:45:6e:98:49:77:1c:d0:b8:d2:eb:
16:88:91:07:9f:92:a8:96:5a:b1:58:4d:d5:5a:1a:
cd:fe:f2:1f:0b:bc:dc:6e:ae:f6:31:69:25:48:97:
de:d6:25:fd:82:a1:cb:d3:61:a0:cb:dd:4e:33:5e:
53:d6:3a:87:b4:24:1d:55:16:1d:26:c0:49:97:8b:
85:62:be:35:e4:97:e2:d6:32:25:f8:7a:be:85:90:
9a:1e:2f:bb:d9:ad:50:f0:bd:99:73:55:01:52:9a:
37:08:4c:c4:15:50:f1:f9:6b:03:f0:ad:4b:94:94:
2a:1a:be:b4:b0:f1:a7:3a:ed:b3:20:41:5a:38:3c:
e4:34:59:bb:b3:af:ce:4a:e2:07:f8:ac:f2:46:16:
db:8b:0f:bb:dc:ff:7d:8d:04:f9:ae:66:fe:55:80:
44:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B7:2A:79:36:14:0A:27:F0:E0:12:F8:62:16:54:67:C7:40:94:C7
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/tLcqeTYUCifw4BL4YhZUZ8dAlMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.131.0/24
37.230.170.0/23
178.170.172.0/24
Signature Algorithm: sha256WithRSAEncryption
53:f1:b7:47:aa:af:c4:ea:b8:dd:eb:81:f8:b6:22:6f:06:9e:
eb:d4:e8:68:ad:f1:45:01:03:2c:8f:ce:90:b9:02:40:70:86:
84:73:b7:11:f6:40:ed:d5:04:2e:ce:b1:46:2f:fb:ba:08:45:
cd:86:68:d2:2b:09:dc:2a:0c:5f:64:bb:6e:7e:ba:48:8c:15:
8c:76:f4:d8:06:bb:6b:62:65:60:e7:65:d4:ea:d9:23:08:0c:
84:1e:c3:1f:7f:e9:4f:4b:74:74:46:86:b4:cf:cb:0f:10:6b:
d0:42:b8:d7:42:c3:a1:29:a3:4d:8e:4c:ec:dc:01:d5:fc:ef:
dd:f0:77:b8:c6:b3:8f:9d:16:a4:68:4b:59:61:1f:fe:b3:1c:
da:a2:77:90:15:52:65:28:3b:2b:39:b0:cc:a4:86:34:5c:d3:
77:e9:5d:4c:41:c5:64:2f:53:a1:47:92:0d:40:b1:6e:42:33:
a4:f7:e2:50:b8:a4:8b:25:1f:1c:d5:03:5b:96:ed:f4:2e:70:
06:a8:88:05:92:93:d1:76:83:41:ba:c3:01:e4:d5:a6:cd:b3:
77:b0:ae:04:9b:56:38:8b:69:3b:73:a0:77:e3:cf:3a:f6:14:
72:bc:4c:71:db:c7:8d:aa:f8:69:29:73:29:70:c1:ce:62:97:
c0:6a:68:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtwl3UncfFPb+fyn/6ScvvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMxMDI3MTAwNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGI3MmE3OTM2MTQwYTI3ZjBlMDEyZjg2MjE2NTQ2N2M3NDA5NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+VP4uyQysClu2/zEY9IADQZkhBl
0iXGVQfkgAAsqcoMKQWNECgUs8bi8WPSqa3FgaAzKA7O8cIkZpEUz7iW8TMs1qaa
QzvcZSOIF0q9EvxjSrlKs9b41sXXPCO/dkVumEl3HNC40usWiJEHn5KollqxWE3V
WhrN/vIfC7zcbq72MWklSJfe1iX9gqHL02Ggy91OM15T1jqHtCQdVRYdJsBJl4uF
Yr415Jfi1jIl+Hq+hZCaHi+72a1Q8L2Zc1UBUpo3CEzEFVDx+WsD8K1LlJQqGr60
sPGnOu2zIEFaODzkNFm7s6/OSuIH+KzyRhbbiw+73P99jQT5rmb+VYBEqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLS3Knk2FAon8OAS+GIWVGfHQJTHMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvdExjcWVUWVVDaWZ3NEJMNFloWlVaOGRBbE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJeaDAwQB
JeaqAwQAsqqsMA0GCSqGSIb3DQEBCwUAA4IBAQBT8bdHqq/E6rjd64H4tiJvBp7r
1OhorfFFAQMsj86QuQJAcIaEc7cR9kDt1QQuzrFGL/u6CEXNhmjSKwncKgxfZLtu
frpIjBWMdvTYBrtrYmVg52XU6tkjCAyEHsMff+lPS3R0Roa0z8sPEGvQQrjXQsOh
KaNNjkzs3AHV/O/d8He4xrOPnRakaEtZYR/+sxzaoneQFVJlKDsrObDMpIY0XNN3
6V1MQcVkL1OhR5INQLFuQjOk9+JQuKSLJR8c1QNblu30LnAGqIgFkpPRdoNBusMB
5NWmzbN3sK4Em1Y4i2k7c6B348869hRyvExx28eNqvhpKXMpcMHOYpfAamjT
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:50 2024 by rpki-client on console-fra.rpki-client.org