Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/r7bnA41c8gqBpkPM25onSLmJKxI.roa
File: r7bnA41c8gqBpkPM25onSLmJKxI.roa (raw, json)
Hash identifier: AHDUy8d8hHzrK3vTMCsit6c8FTOimSTw4LvdcbcsHAI=
Subject key identifier: AF:B6:E7:03:8D:5C:F2:0A:81:A6:43:CC:DB:9A:27:48:B9:89:2B:12
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 01856FD51B8392D1E9706D1C19370FBBF127
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/r7bnA41c8gqBpkPM25onSLmJKxI.roa
Signing time: Mon 02 Jan 2023 00:15:15 +0000
ROA not before: Mon 02 Jan 2023 00:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
185.97.4.0/22 maxlen: 22
185.97.6.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:1b:83:92:d1:e9:70:6d:1c:19:37:0f:bb:f1:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jan 2 00:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afb6e7038d5cf20a81a643ccdb9a2748b9892b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4d:d3:60:93:ba:13:d1:ca:82:da:61:e7:f3:
73:c4:10:95:2a:1c:05:3a:a0:de:bb:ad:a3:84:a4:
81:23:e3:72:98:23:0b:7d:e9:8e:78:bf:20:ce:12:
72:6c:ff:b2:e3:ae:2c:9c:94:fc:13:b8:8e:63:e9:
d4:75:7c:7b:57:7e:91:5f:ef:79:90:ad:5f:59:9f:
bc:18:80:4f:25:41:41:68:bd:57:5b:fc:d0:24:f2:
cf:36:2a:9e:eb:37:31:a4:bb:47:0e:90:74:13:a3:
09:2d:20:10:cb:48:d9:ed:c6:e0:7a:5c:68:66:1c:
6b:b8:a6:26:cb:25:6a:2d:f4:f8:7c:48:48:56:ca:
48:ce:a6:51:fb:b6:51:3b:55:44:89:bf:e7:23:d5:
8f:bd:76:ff:7d:2e:97:37:a4:b7:a7:ee:71:fa:05:
74:85:be:6e:d0:ba:9e:c2:67:50:c3:a6:f7:45:6f:
23:8b:4e:29:64:f9:84:fd:39:4c:f0:f6:0b:76:ef:
7f:d9:a7:97:73:16:a9:1c:10:a9:53:80:f1:8b:86:
95:da:b1:f4:6c:ee:67:d2:34:ef:e8:ec:b9:d5:02:
fb:22:ec:84:a0:c6:25:de:de:94:37:00:15:5a:d8:
45:fa:81:fc:85:10:32:78:ca:19:1e:1f:49:b6:ea:
82:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B6:E7:03:8D:5C:F2:0A:81:A6:43:CC:DB:9A:27:48:B9:89:2B:12
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/r7bnA41c8gqBpkPM25onSLmJKxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
185.97.4.0/22
194.104.114.0/23
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
6e:be:6f:dc:ec:54:57:dd:da:b8:37:32:f1:69:0b:0f:3e:30:
f7:7d:8d:58:cd:9f:c1:fc:6f:f5:63:18:be:01:3a:44:17:e9:
18:4d:25:16:f4:44:e7:0b:34:9b:2a:b3:35:34:4b:c5:4b:7b:
52:a8:0f:1c:94:52:1a:39:fb:e7:31:e4:5c:4c:f7:e5:42:77:
ec:40:fb:e7:2d:9e:d5:82:da:5f:e4:61:33:49:4e:fd:9c:82:
79:18:d8:0d:f6:d6:8d:fa:e4:cd:81:4d:ca:c1:68:38:dc:ac:
fb:a7:5d:2a:71:1c:60:4d:ee:76:69:8a:80:59:56:33:04:8b:
f8:b2:5e:91:e5:d4:65:d9:31:78:c4:cc:d0:15:4c:fd:25:f6:
d8:f2:48:8d:2e:66:96:52:78:95:a6:a2:e0:c1:02:37:e4:df:
6e:bf:a1:df:63:c8:2b:48:4e:92:37:f6:af:03:00:bc:13:69:
5d:17:61:f5:d3:83:e1:72:14:8d:85:ef:75:82:47:97:21:dc:
70:84:e1:e6:75:5c:50:03:62:a1:5d:ed:a5:60:76:b7:0b:6a:
21:42:21:e0:92:66:95:4d:6e:65:b5:73:50:34:af:9d:43:80:
b8:e5:e8:09:58:67:ae:48:09:45:78:19:23:0a:ad:33:ec:5f:
44:ca:48:43
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVv1RuDktHpcG0cGTcPu/EnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjMwMTAyMDAxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmI2ZTcwMzhkNWNmMjBhODFhNjQzY2NkYjlhMjc0OGI5ODkyYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE3TYJO6E9HKgtph5/NzxBCVKhwF
OqDeu62jhKSBI+NymCMLfemOeL8gzhJybP+y464snJT8E7iOY+nUdXx7V36RX+95
kK1fWZ+8GIBPJUFBaL1XW/zQJPLPNiqe6zcxpLtHDpB0E6MJLSAQy0jZ7cbgelxo
ZhxruKYmyyVqLfT4fEhIVspIzqZR+7ZRO1VEib/nI9WPvXb/fS6XN6S3p+5x+gV0
hb5u0LqewmdQw6b3RW8ji04pZPmE/TlM8PYLdu9/2aeXcxapHBCpU4Dxi4aV2rH0
bO5n0jTv6Oy51QL7IuyEoMYl3t6UNwAVWthF+oH8hRAyeMoZHh9JtuqCDQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK+25wONXPIKgaZDzNuaJ0i5iSsSMB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvcjdibkE0MWM4Z3FCcGtQTTI1b25TTG1KS3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAJeSCAwQA
XvePAwQCuWEEAwQBwmhyMA0EAgACMAcDBQIqBgHAMA0GCSqGSIb3DQEBCwUAA4IB
AQBuvm/c7FRX3dq4NzLxaQsPPjD3fY1YzZ/B/G/1Yxi+ATpEF+kYTSUW9ETnCzSb
KrM1NEvFS3tSqA8clFIaOfvnMeRcTPflQnfsQPvnLZ7Vgtpf5GEzSU79nIJ5GNgN
9taN+uTNgU3KwWg43Kz7p10qcRxgTe52aYqAWVYzBIv4sl6R5dRl2TF4xMzQFUz9
JfbY8kiNLmaWUniVpqLgwQI35N9uv6HfY8grSE6SN/avAwC8E2ldF2H104PhchSN
he91gkeXIdxwhOHmdVxQA2KhXe2lYHa3C2ohQiHgkmaVTW5ltXNQNK+dQ4C45egJ
WGeuSAlFeBkjCq0z7F9EykhD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:56 2023 by rpki-client on console-fra.rpki-client.org