Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/aByOvkEs6ZLOG26y-84ovKq5rqc.roa
File: aByOvkEs6ZLOG26y-84ovKq5rqc.roa (raw, json)
Hash identifier: cIQYfIIWfsNW9umWhZckE4VStiOm3bAGaVW+gbMCLuY=
Subject key identifier: 68:1C:8E:BE:41:2C:E9:92:CE:1B:6E:B2:FB:CE:28:BC:AA:B9:AE:A7
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01856F26DBA178B27F6E6790279041233875
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/aByOvkEs6ZLOG26y-84ovKq5rqc.roa
Signing time: Sun 01 Jan 2023 21:04:55 +0000
ROA not before: Sun 01 Jan 2023 21:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 37.252.6.0/23 maxlen: 23
37.252.10.0/23 maxlen: 23
188.116.21.0/24 maxlen: 24
188.116.23.0/24 maxlen: 24
188.116.25.0/24 maxlen: 24
188.116.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Jun 2023 08:57:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:db:a1:78:b2:7f:6e:67:90:27:90:41:23:38:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 1 21:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=681c8ebe412ce992ce1b6eb2fbce28bcaab9aea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:45:28:a6:f8:5b:af:89:35:07:50:8f:c9:54:
07:7c:d8:76:a5:d0:d0:f2:da:a8:56:07:f8:b2:f8:
dc:68:9e:71:7b:a5:2e:86:dd:ca:d2:07:04:5e:a8:
2e:67:5e:da:c3:7d:e6:3c:83:4f:f1:51:14:06:b3:
70:65:f3:44:5a:97:0f:73:38:30:03:56:e3:1e:29:
e9:08:65:f8:32:14:7c:4f:eb:a5:40:3a:82:61:64:
dd:17:49:c7:be:fd:b8:c3:93:0b:ec:7a:cb:e3:f7:
cc:25:1a:91:c5:c5:16:b4:c4:10:5d:d2:e8:bf:8e:
4b:93:26:6c:87:5e:cb:08:6f:d7:4e:c1:59:eb:ec:
b0:d5:d9:fd:bb:30:ad:a4:16:58:35:fc:d9:cc:e6:
cd:ca:d4:5a:77:63:53:9a:ad:65:de:c2:54:aa:9c:
4a:54:fd:08:ed:37:4b:d3:c9:75:c8:66:58:f6:1b:
c1:3d:f9:5e:2b:7f:0f:80:8e:58:1c:27:81:d2:49:
5b:7d:12:2f:dc:88:07:a5:51:21:c3:58:8f:99:21:
cc:7d:11:bc:b9:72:d8:fb:ea:6e:f5:52:f4:71:74:
97:ab:44:41:ff:8d:80:a2:37:21:2d:fd:61:0b:fc:
5b:77:fd:a0:7d:4e:3c:6d:57:94:6a:2a:b5:37:8f:
c1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1C:8E:BE:41:2C:E9:92:CE:1B:6E:B2:FB:CE:28:BC:AA:B9:AE:A7
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/aByOvkEs6ZLOG26y-84ovKq5rqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.6.0/23
37.252.10.0/23
188.116.21.0/24
188.116.23.0/24
188.116.25.0/24
188.116.27.0/24
Signature Algorithm: sha256WithRSAEncryption
af:0b:60:51:8d:0f:ef:22:f7:ce:fe:84:e1:ab:9d:0a:96:72:
d3:1f:1b:2d:7a:28:c5:5c:73:d3:7d:32:75:2f:2d:28:9a:59:
21:c9:d6:a7:c1:08:c9:d9:62:c0:0a:05:0b:fa:ef:88:9d:57:
b7:8c:bd:7b:78:19:cd:bf:7c:26:73:d3:78:b5:91:66:a3:c2:
cc:50:52:b3:0e:e5:1c:ed:86:bf:c9:29:02:6e:1c:4f:bf:94:
0a:e4:60:95:7e:c3:52:e9:09:40:bf:7f:f4:55:46:dd:ee:06:
d8:50:fc:a9:87:71:98:c9:04:26:79:ea:29:11:cd:b1:f3:bd:
17:7e:c8:af:cc:e6:19:7c:e4:97:52:50:0e:0f:c3:67:67:88:
f6:d2:80:9a:a0:c3:da:ac:cc:2d:f5:7a:08:03:18:50:59:d4:
02:1e:08:07:8b:d4:92:82:33:9e:10:4a:e4:85:a1:7b:60:7f:
69:42:87:ad:3f:b7:e7:e5:e6:1f:3d:66:1b:96:d2:1f:7a:51:
04:98:cc:73:e3:62:43:71:24:64:dd:c2:3c:5d:72:b4:48:76:
64:c5:c6:1f:d3:c2:35:77:6a:38:2f:87:29:89:de:8a:9f:f5:
5a:fd:3e:c2:3e:68:75:e5:2f:88:5e:b3:74:05:7e:0e:4a:5c:
df:97:ff:e6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvJtuheLJ/bmeQJ5BBIzh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjMwMTAxMjEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODFjOGViZTQxMmNlOTkyY2UxYjZlYjJmYmNlMjhiY2FhYjlhZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0Uopvhbr4k1B1CPyVQHfNh2pdDQ
8tqoVgf4svjcaJ5xe6Uuht3K0gcEXqguZ17aw33mPINP8VEUBrNwZfNEWpcPczgw
A1bjHinpCGX4MhR8T+ulQDqCYWTdF0nHvv24w5ML7HrL4/fMJRqRxcUWtMQQXdLo
v45LkyZsh17LCG/XTsFZ6+yw1dn9uzCtpBZYNfzZzObNytRad2NTmq1l3sJUqpxK
VP0I7TdL08l1yGZY9hvBPfleK38PgI5YHCeB0klbfRIv3IgHpVEhw1iPmSHMfRG8
uXLY++pu9VL0cXSXq0RB/42AojchLf1hC/xbd/2gfU48bVeUaiq1N4/B/wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGgcjr5BLOmSzhtusvvOKLyqua6nMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvYUJ5T3ZrRXM2WkxPRzI2eS04NG92S3E1cnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBJfwGAwQB
JfwKAwQAvHQVAwQAvHQXAwQAvHQZAwQAvHQbMA0GCSqGSIb3DQEBCwUAA4IBAQCv
C2BRjQ/vIvfO/oThq50KlnLTHxsteijFXHPTfTJ1Ly0omlkhydanwQjJ2WLACgUL
+u+InVe3jL17eBnNv3wmc9N4tZFmo8LMUFKzDuUc7Ya/ySkCbhxPv5QK5GCVfsNS
6QlAv3/0VUbd7gbYUPyph3GYyQQmeeopEc2x870XfsivzOYZfOSXUlAOD8NnZ4j2
0oCaoMParMwt9XoIAxhQWdQCHggHi9SSgjOeEErkhaF7YH9pQoetP7fn5eYfPWYb
ltIfelEEmMxz42JDcSRk3cI8XXK0SHZkxcYf08I1d2o4L4cpid6Kn/Va/T7CPmh1
5S+IXrN0BX4OSlzfl//m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:44 2024 by rpki-client on console-fra.rpki-client.org