Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/5r7l3VaqCVCpne0PpvUkNz1X1io.roa
File: 5r7l3VaqCVCpne0PpvUkNz1X1io.roa (raw, json)
Hash identifier: GOjX2xlA3XGjBtBbx9r0pX6VKdH9kX21EQEw2DvwZxs=
Subject key identifier: E6:BE:E5:DD:56:AA:09:50:A9:9D:ED:0F:A6:F5:24:37:3D:57:D6:2A
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018D7DF18038813A6BD1CA67949D3BBEDD67
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/5r7l3VaqCVCpne0PpvUkNz1X1io.roa
Signing time: Tue 06 Feb 2024 10:23:15 +0000
ROA not before: Tue 06 Feb 2024 10:23:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201909
IP address blocks: 37.35.53.0/24 maxlen: 24
178.157.111.0/24 maxlen: 24
188.119.158.0/24 maxlen: 24
188.119.159.0/24 maxlen: 24
188.119.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 15:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:f1:80:38:81:3a:6b:d1:ca:67:94:9d:3b:be:dd:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Feb 6 10:23:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6bee5dd56aa0950a99ded0fa6f524373d57d62a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:29:c8:d4:6d:6e:8b:cb:22:c9:71:18:59:d5:
26:88:66:4e:22:18:74:88:6d:73:5c:50:50:a8:c3:
60:a4:db:0c:c9:d2:0c:fc:c9:11:ad:b0:e1:59:7f:
69:0f:94:cf:44:67:5f:fd:a7:5a:a9:58:e1:0b:22:
a3:d6:e0:20:a5:8e:a7:47:5d:99:38:98:54:ac:63:
de:d6:18:21:91:70:dd:25:e9:ff:bb:51:3c:24:fa:
8b:db:f4:62:38:71:35:72:ed:1a:df:b5:19:30:c5:
52:1f:97:f4:be:94:a0:00:46:30:df:4a:cb:aa:2e:
4b:40:70:67:c9:06:b8:0c:51:9e:01:62:b7:af:c8:
40:82:e3:b8:13:6e:40:2e:fb:7e:9f:b7:a6:51:5e:
c2:77:bb:36:bd:25:43:3f:80:4c:ef:d3:7c:0a:e3:
bf:5f:7c:ee:e6:f8:d6:c3:73:2d:32:74:b0:22:36:
69:8f:3d:d3:30:bf:f2:44:d4:fd:89:8a:50:69:0c:
eb:1e:93:f4:97:2e:98:21:2a:78:2c:66:93:19:ce:
63:3b:23:05:c8:05:a9:a3:b5:c7:90:5c:ea:75:f6:
89:be:e9:53:cb:1a:0b:e6:d4:d0:29:db:e6:50:24:
d5:6d:b0:42:e0:6b:ce:4f:3c:38:64:92:fa:dc:5e:
65:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:BE:E5:DD:56:AA:09:50:A9:9D:ED:0F:A6:F5:24:37:3D:57:D6:2A
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/5r7l3VaqCVCpne0PpvUkNz1X1io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.53.0/24
178.157.111.0/24
188.119.158.0/23
188.119.163.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:46:32:67:d9:8a:fe:71:74:3c:ab:1b:46:9a:fe:cc:f9:b0:
05:00:2e:ea:5d:f6:f8:7e:f9:38:fa:35:f9:90:30:93:3a:b9:
2a:14:fa:a3:ff:49:0b:1e:a8:5f:44:31:e1:88:a4:df:97:f0:
bc:16:df:52:17:25:0e:45:b8:4f:f4:05:68:2c:5e:76:b1:47:
0a:b4:50:9a:ac:2c:d0:f2:a8:a2:4a:65:b4:43:c3:b6:45:b7:
9e:75:c3:0c:ce:fa:e2:6a:42:ed:f2:89:59:bd:30:d2:14:04:
d5:11:d7:bc:f6:3b:49:58:f4:92:3a:f2:e2:00:4c:9d:0e:4b:
e8:58:93:58:5b:15:e4:f9:c4:29:ab:9f:ce:91:3a:7e:14:88:
2d:81:64:71:40:47:5c:ab:db:09:02:f4:30:c6:f0:8d:55:04:
15:ec:28:82:97:f1:d7:e1:be:29:80:90:d5:92:ca:15:06:9e:
3e:db:30:ea:5d:4b:15:bf:2b:45:75:dd:fc:10:41:94:52:e3:
b4:85:f0:22:fd:35:3d:12:9f:2d:d3:db:52:aa:72:ee:65:20:
35:34:33:29:f3:48:83:04:bf:28:d4:40:02:d5:6d:9a:04:66:
fe:7c:b2:0d:e5:88:6a:ca:63:15:ac:da:73:67:aa:db:59:81:
b8:2c:94:3d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY198YA4gTpr0cpnlJ07vt1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMjA2MTAyMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmJlZTVkZDU2YWEwOTUwYTk5ZGVkMGZhNmY1MjQzNzNkNTdkNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApynI1G1ui8siyXEYWdUmiGZOIhh0
iG1zXFBQqMNgpNsMydIM/MkRrbDhWX9pD5TPRGdf/adaqVjhCyKj1uAgpY6nR12Z
OJhUrGPe1hghkXDdJen/u1E8JPqL2/RiOHE1cu0a37UZMMVSH5f0vpSgAEYw30rL
qi5LQHBnyQa4DFGeAWK3r8hAguO4E25ALvt+n7emUV7Cd7s2vSVDP4BM79N8CuO/
X3zu5vjWw3MtMnSwIjZpjz3TML/yRNT9iYpQaQzrHpP0ly6YISp4LGaTGc5jOyMF
yAWpo7XHkFzqdfaJvulTyxoL5tTQKdvmUCTVbbBC4GvOTzw4ZJL63F5lWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOa+5d1WqglQqZ3tD6b1JDc9V9YqMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvNXI3bDNWYXFDVkNwbmUwUHB2VWtOejFYMWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJSM1AwQA
sp1vAwQBvHeeAwQAvHejMA0GCSqGSIb3DQEBCwUAA4IBAQBNRjJn2Yr+cXQ8qxtG
mv7M+bAFAC7qXfb4fvk4+jX5kDCTOrkqFPqj/0kLHqhfRDHhiKTfl/C8Ft9SFyUO
RbhP9AVoLF52sUcKtFCarCzQ8qiiSmW0Q8O2RbeedcMMzvriakLt8olZvTDSFATV
Ede89jtJWPSSOvLiAEydDkvoWJNYWxXk+cQpq5/OkTp+FIgtgWRxQEdcq9sJAvQw
xvCNVQQV7CiCl/HX4b4pgJDVksoVBp4+2zDqXUsVvytFdd38EEGUUuO0hfAi/TU9
Ep8t09tSqnLuZSA1NDMp80iDBL8o1EAC1W2aBGb+fLIN5YhqymMVrNpzZ6rbWYG4
LJQ9
-----END CERTIFICATE-----
Generated at Fri Sep 20 19:25:34 2024 by rpki-client on console-fra.rpki-client.org