Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/6jkpOXp2V8EuHifrqGmKaDN7N_4.roa
File: 6jkpOXp2V8EuHifrqGmKaDN7N_4.roa (raw, json)
Hash identifier: vM/BoNs/Q6e7hWNUr0MgHdu9XMAQhBXGxiusIvpTot4=
Subject key identifier: EA:39:29:39:7A:76:57:C1:2E:1E:27:EB:A8:69:8A:68:33:7B:37:FE
Certificate issuer: /CN=07da339e5cd3c1be02ce6802a0421856aa0b547b
Certificate serial: 01856C412B09EFBD41C010B1809CC61992A0
Authority key identifier: 07:DA:33:9E:5C:D3:C1:BE:02:CE:68:02:A0:42:18:56:AA:0B:54:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9oznlzTwb4CzmgCoEIYVqoLVHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/6jkpOXp2V8EuHifrqGmKaDN7N_4.roa
Signing time: Sun 01 Jan 2023 07:34:48 +0000
ROA not before: Sun 01 Jan 2023 07:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 37.252.111.0/24 maxlen: 24
185.19.39.0/24 maxlen: 24
37.1.166.0/23 maxlen: 24
185.19.38.0/24 maxlen: 24
185.19.37.0/24 maxlen: 24
185.19.36.0/24 maxlen: 24
185.19.36.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:2b:09:ef:bd:41:c0:10:b1:80:9c:c6:19:92:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07da339e5cd3c1be02ce6802a0421856aa0b547b
Validity
Not Before: Jan 1 07:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea3929397a7657c12e1e27eba8698a68337b37fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6d:af:b0:97:08:5b:b4:2b:04:17:24:47:8e:
b4:e6:d3:d9:ae:b8:54:14:b1:67:c6:21:c3:4e:b8:
a2:f9:cf:49:89:5d:b5:68:2c:e2:12:68:50:45:7f:
be:77:66:ec:c2:cf:49:a4:ad:89:8c:ad:b4:39:db:
92:2f:85:bf:5e:c9:15:7a:03:3b:d6:77:7a:e8:0e:
55:e9:2d:bb:e5:14:92:61:76:ae:b0:4a:46:45:92:
3c:f2:0d:fa:f4:49:05:e8:4e:40:0f:96:32:8e:4e:
06:45:e2:84:f9:22:c1:18:73:51:7c:ba:3c:85:f0:
a6:12:bd:24:47:15:2b:06:62:34:47:92:79:19:e4:
43:78:56:34:57:5f:69:4a:77:4e:3a:26:d4:f9:ee:
01:11:0a:52:8a:e1:03:d6:35:f5:0c:38:94:a2:fd:
e4:bb:e7:f2:a4:d4:cd:9e:43:3d:11:7d:05:39:fe:
a0:ec:14:b4:e5:94:b1:be:2a:2d:e1:a1:e5:b6:d3:
bb:e3:fe:3c:dc:ca:7d:8b:98:98:0a:a3:49:bd:b2:
9d:50:dd:fc:21:8b:1e:76:fd:93:94:8d:23:8c:7c:
b8:7d:ce:66:cc:7e:3b:5c:2b:c7:42:e4:8d:3e:de:
87:06:e3:44:5c:33:78:ed:bb:e1:48:71:60:5e:e8:
52:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:39:29:39:7A:76:57:C1:2E:1E:27:EB:A8:69:8A:68:33:7B:37:FE
X509v3 Authority Key Identifier:
keyid:07:DA:33:9E:5C:D3:C1:BE:02:CE:68:02:A0:42:18:56:AA:0B:54:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9oznlzTwb4CzmgCoEIYVqoLVHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/6jkpOXp2V8EuHifrqGmKaDN7N_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/B9oznlzTwb4CzmgCoEIYVqoLVHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.166.0/23
37.252.111.0/24
185.19.36.0/22
Signature Algorithm: sha256WithRSAEncryption
65:23:25:2f:3a:a2:66:99:a0:bc:db:c4:52:97:1f:99:88:cf:
13:af:bd:92:c9:35:62:5f:f5:1d:25:a4:5d:47:db:48:22:5b:
0e:53:e7:00:a0:55:d5:93:a9:20:4a:de:d2:91:ce:db:35:30:
37:e6:81:e3:e2:95:ae:b0:a6:ee:9d:22:b5:66:ec:eb:f9:da:
c4:7f:f0:cb:d9:88:62:11:ec:38:d9:c7:c1:25:a8:1b:48:18:
fb:d1:b1:a7:75:e8:54:6d:55:08:a4:4f:42:86:44:b3:f5:a0:
b2:4f:66:96:8d:f5:f7:5c:01:4a:3d:dd:ea:5d:de:16:4b:b3:
79:b7:71:77:91:88:80:f4:ce:23:2a:5c:21:61:06:a9:1b:ad:
2f:1c:b5:c3:80:c0:d6:f7:8e:0b:6c:fe:e3:5f:76:85:db:d0:
f5:45:05:42:36:ea:14:ba:ed:82:73:75:a6:45:cc:43:42:43:
4e:ee:6a:da:00:50:20:53:40:20:32:ee:10:e6:f8:dc:21:55:
eb:1b:ef:36:89:59:df:13:7d:ea:40:27:56:3e:c2:89:e3:74:
4d:ab:02:b2:fb:d3:d2:31:3c:5a:59:26:d0:df:b4:c0:b3:cc:
41:34:25:49:e5:54:07:06:8e:71:37:eb:be:a6:bb:c9:41:0b:
6a:8e:d0:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsQSsJ771BwBCxgJzGGZKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZGEzMzllNWNkM2MxYmUwMmNlNjgwMmEwNDIxODU2YWEw
YjU0N2IwHhcNMjMwMTAxMDczNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTM5MjkzOTdhNzY1N2MxMmUxZTI3ZWJhODY5OGE2ODMzN2IzN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgW2vsJcIW7QrBBckR4605tPZrrhU
FLFnxiHDTrii+c9JiV21aCziEmhQRX++d2bsws9JpK2JjK20OduSL4W/XskVegM7
1nd66A5V6S275RSSYXausEpGRZI88g369EkF6E5AD5Yyjk4GReKE+SLBGHNRfLo8
hfCmEr0kRxUrBmI0R5J5GeRDeFY0V19pSndOOibU+e4BEQpSiuED1jX1DDiUov3k
u+fypNTNnkM9EX0FOf6g7BS05ZSxviot4aHlttO74/483Mp9i5iYCqNJvbKdUN38
IYsedv2TlI0jjHy4fc5mzH47XCvHQuSNPt6HBuNEXDN47bvhSHFgXuhSMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOo5KTl6dlfBLh4n66hpimgzezf+MB8GA1UdIwQY
MBaAFAfaM55c08G+As5oAqBCGFaqC1R7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlvem5selR3YjRDem1nQ29FSVlWcW9MVkhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jNjJlMGMtNDQ1NC00M2M4LTk3YmMt
ODE2NzRkOTUzZDU2LzEvNmprcE9YcDJWOEV1SGlmcnFHbUthRE43Tl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jNjJlMGMtNDQ1NC00M2M4LTk3YmMtODE2NzRkOTUzZDU2
LzEvQjlvem5selR3YjRDem1nQ29FSVlWcW9MVkhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBJQGmAwQA
JfxvAwQCuRMkMA0GCSqGSIb3DQEBCwUAA4IBAQBlIyUvOqJmmaC828RSlx+ZiM8T
r72SyTViX/UdJaRdR9tIIlsOU+cAoFXVk6kgSt7Skc7bNTA35oHj4pWusKbunSK1
Zuzr+drEf/DL2YhiEew42cfBJagbSBj70bGndehUbVUIpE9ChkSz9aCyT2aWjfX3
XAFKPd3qXd4WS7N5t3F3kYiA9M4jKlwhYQapG60vHLXDgMDW944LbP7jX3aF29D1
RQVCNuoUuu2Cc3WmRcxDQkNO7mraAFAgU0AgMu4Q5vjcIVXrG+82iVnfE33qQCdW
PsKJ43RNqwKy+9PSMTxaWSbQ37TAs8xBNCVJ5VQHBo5xN+u+prvJQQtqjtDt
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org