Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/GimKJvftGvO5thUKbcJCO4M3FJE.roa
File: GimKJvftGvO5thUKbcJCO4M3FJE.roa (raw, json)
Hash identifier: 35jVCV90XRuC1xWiSjXmPbJ5r+aMyHuKQW5ew/cPQ2c=
Subject key identifier: 1A:29:8A:26:F7:ED:1A:F3:B9:B6:15:0A:6D:C2:42:3B:83:37:14:91
Certificate issuer: /CN=3de4598e21736501a73944c107114c850c7d8b09
Certificate serial: 01856CC14564B2973D9CF431BB0CE5B2A149
Authority key identifier: 3D:E4:59:8E:21:73:65:01:A7:39:44:C1:07:11:4C:85:0C:7D:8B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeRZjiFzZQGnOUTBBxFMhQx9iwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/GimKJvftGvO5thUKbcJCO4M3FJE.roa
Signing time: Sun 01 Jan 2023 09:54:43 +0000
ROA not before: Sun 01 Jan 2023 09:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196750
IP address blocks: 37.153.64.0/21 maxlen: 21
37.153.0.0/18 maxlen: 18
2a0e:ba00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:45:64:b2:97:3d:9c:f4:31:bb:0c:e5:b2:a1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de4598e21736501a73944c107114c850c7d8b09
Validity
Not Before: Jan 1 09:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a298a26f7ed1af3b9b6150a6dc2423b83371491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:32:b1:d8:9e:4b:db:10:eb:8a:53:4b:42:88:
12:34:46:db:52:44:ec:3c:01:10:2a:76:9d:af:5c:
18:8c:bd:70:c3:63:3e:2f:03:f1:77:7c:27:a0:01:
8c:8b:81:36:85:28:d9:43:d3:03:ae:16:f9:c1:0e:
95:89:f9:cc:69:3e:1c:d2:5c:cf:fa:c3:97:45:00:
80:89:ad:7c:2b:d8:bb:ae:92:66:cc:d8:62:b4:c9:
52:59:56:ed:7b:4d:9e:0b:51:a3:b6:05:12:b5:f9:
2c:14:b7:fc:be:32:75:23:4f:dd:2d:d8:d5:cd:f0:
10:a3:7b:ff:78:5f:fd:e7:19:88:c3:9f:d8:24:d3:
0b:ec:ed:e2:32:e5:7b:8a:67:1c:4b:92:b4:af:8a:
16:4a:3c:61:46:e8:f0:eb:ad:0b:6f:40:f1:e6:88:
52:e3:cd:ec:43:d5:cd:65:d2:4f:42:01:4d:f7:e1:
ee:f4:22:6f:3d:ae:1c:57:45:6e:c8:1b:9b:f0:98:
8a:e2:1c:d5:53:b9:d4:e4:53:a3:fa:b0:06:78:a4:
cf:9f:1a:17:98:53:b1:17:d8:a8:91:cc:b3:53:d8:
fe:b6:6e:c9:cd:8d:bc:51:fd:c7:5d:fc:e1:2e:5d:
fe:54:54:c4:3d:fa:3a:48:50:ca:dc:e5:24:7d:30:
cb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:29:8A:26:F7:ED:1A:F3:B9:B6:15:0A:6D:C2:42:3B:83:37:14:91
X509v3 Authority Key Identifier:
keyid:3D:E4:59:8E:21:73:65:01:A7:39:44:C1:07:11:4C:85:0C:7D:8B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeRZjiFzZQGnOUTBBxFMhQx9iwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/GimKJvftGvO5thUKbcJCO4M3FJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/PeRZjiFzZQGnOUTBBxFMhQx9iwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.0.0-37.153.71.255
IPv6:
2a0e:ba00::/29
Signature Algorithm: sha256WithRSAEncryption
2c:01:a3:77:15:07:90:00:13:37:f1:41:8a:93:e0:85:54:80:
a1:63:ce:b6:bc:d9:5b:cc:62:0f:72:08:71:e3:50:6d:47:54:
16:a4:7e:69:3a:22:cd:6c:d9:30:58:e7:a6:39:d5:e7:b3:5c:
eb:0f:82:c9:e2:ef:50:e3:3e:6c:a7:74:ce:cd:4d:34:08:2c:
29:c4:13:69:8a:d2:3e:ab:d5:e9:c3:cb:4f:5f:ff:e8:44:6c:
02:6d:48:96:86:0d:fe:0a:5f:04:36:6f:a9:d3:f5:e0:28:64:
0b:1f:02:be:2e:62:96:06:b5:11:59:d3:25:db:f4:f4:a5:14:
22:27:05:e6:0e:70:00:91:46:1c:91:e2:f4:60:cd:f9:b5:2c:
2b:ed:74:3f:96:bb:19:3d:46:1f:6a:d3:bc:6c:c5:de:46:ad:
af:75:44:d6:80:b4:57:50:3b:73:c9:be:b6:c2:bc:8d:11:3c:
b5:5f:e8:9d:b5:cb:f5:9b:81:db:ad:f6:c6:6b:33:c0:e7:e5:
38:ba:43:af:29:c3:28:b4:45:b9:cd:6e:21:28:c4:c4:9e:f0:
81:fb:f1:fd:1c:cc:71:95:a9:18:b3:d7:4a:7a:79:8b:7e:44:
2a:8d:52:71:0f:1a:e4:39:a5:a0:95:67:56:24:5d:29:cc:02:
7f:64:dd:bc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVswUVkspc9nPQxuwzlsqFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTQ1OThlMjE3MzY1MDFhNzM5NDRjMTA3MTE0Yzg1MGM3
ZDhiMDkwHhcNMjMwMTAxMDk1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTI5OGEyNmY3ZWQxYWYzYjliNjE1MGE2ZGMyNDIzYjgzMzcxNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTKx2J5L2xDrilNLQogSNEbbUkTs
PAEQKnadr1wYjL1ww2M+LwPxd3wnoAGMi4E2hSjZQ9MDrhb5wQ6VifnMaT4c0lzP
+sOXRQCAia18K9i7rpJmzNhitMlSWVbte02eC1GjtgUStfksFLf8vjJ1I0/dLdjV
zfAQo3v/eF/95xmIw5/YJNML7O3iMuV7imccS5K0r4oWSjxhRujw660Lb0Dx5ohS
483sQ9XNZdJPQgFN9+Hu9CJvPa4cV0VuyBub8JiK4hzVU7nU5FOj+rAGeKTPnxoX
mFOxF9iokcyzU9j+tm7JzY28Uf3HXfzhLl3+VFTEPfo6SFDK3OUkfTDLcQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBopiib37RrzubYVCm3CQjuDNxSRMB8GA1UdIwQY
MBaAFD3kWY4hc2UBpzlEwQcRTIUMfYsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVSWmppRnpaUUduT1VUQkJ4Rk1oUXg5aXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi80ZDNiOGMtNzIzOS00ODNjLWE0OGMt
N2Q2MDhiZWUzMTY3LzEvR2ltS0p2ZnRHdk81dGhVS2JjSkNPNE0zRkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi80ZDNiOGMtNzIzOS00ODNjLWE0OGMtN2Q2MDhiZWUzMTY3
LzEvUGVSWmppRnpaUUduT1VUQkJ4Rk1oUXg5aXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwAlmQME
AyWZQDANBAIAAjAHAwUDKg66ADANBgkqhkiG9w0BAQsFAAOCAQEALAGjdxUHkAAT
N/FBipPghVSAoWPOtrzZW8xiD3IIceNQbUdUFqR+aToizWzZMFjnpjnV57Nc6w+C
yeLvUOM+bKd0zs1NNAgsKcQTaYrSPqvV6cPLT1//6ERsAm1IloYN/gpfBDZvqdP1
4ChkCx8Cvi5ilga1EVnTJdv09KUUIicF5g5wAJFGHJHi9GDN+bUsK+10P5a7GT1G
H2rTvGzF3katr3VE1oC0V1A7c8m+tsK8jRE8tV/onbXL9ZuB2632xmszwOflOLpD
rynDKLRFuc1uISjExJ7wgfvx/RzMcZWpGLPXSnp5i35EKo1ScQ8a5DmloJVnViRd
KcwCf2TdvA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:20 2024 by rpki-client on console-fra.rpki-client.org