Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/rvz7Tk7qNMCh9K9Wei939a-6gnA.roa
File: rvz7Tk7qNMCh9K9Wei939a-6gnA.roa (raw, json)
Hash identifier: q4GNrlkLuEsGHJyXvftthLlP7ZoGPLVjlUxsPRkyygo=
Subject key identifier: AE:FC:FB:4E:4E:EA:34:C0:A1:F4:AF:56:7A:2F:77:F5:AF:BA:82:70
Certificate issuer: /CN=1517d4f58af84f50ce42f13293ede4aff12d173f
Certificate serial: 01856F798F18666776D7DA728509F2D9DED5
Authority key identifier: 15:17:D4:F5:8A:F8:4F:50:CE:42:F1:32:93:ED:E4:AF:F1:2D:17:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/rvz7Tk7qNMCh9K9Wei939a-6gnA.roa
Signing time: Sun 01 Jan 2023 22:35:15 +0000
ROA not before: Sun 01 Jan 2023 22:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51207
IP address blocks: 37.1.232.0/21 maxlen: 21
37.8.160.0/19 maxlen: 19
37.160.0.0/12 maxlen: 17
2a0d:e480::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:8f:18:66:67:76:d7:da:72:85:09:f2:d9:de:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1517d4f58af84f50ce42f13293ede4aff12d173f
Validity
Not Before: Jan 1 22:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aefcfb4e4eea34c0a1f4af567a2f77f5afba8270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e0:31:f9:f3:dc:a9:29:da:0e:85:40:c1:67:
a8:38:38:a1:f0:7e:09:d5:40:58:58:0e:08:46:30:
87:e0:1d:90:fa:69:89:56:7c:47:31:d9:9b:52:f4:
c3:de:ca:4d:49:3a:af:00:13:46:08:be:22:a8:dc:
63:3b:25:b3:41:9e:20:94:31:30:fb:1e:e5:4d:55:
f6:20:3a:ea:8a:71:43:0d:f1:25:58:5a:30:97:fb:
d4:fc:33:d0:dd:ba:74:d4:f6:f1:7d:ab:7c:cf:9f:
ea:fb:db:20:c0:78:e4:d6:01:f7:24:b7:96:0c:2f:
7c:58:44:fd:31:ac:20:f8:23:ad:c0:91:90:1d:4d:
59:aa:25:bb:63:2d:91:5b:b4:3b:bd:54:97:1c:a4:
43:b4:af:25:64:e9:fe:e5:39:32:a6:c7:3b:80:16:
85:b9:df:56:8e:57:5d:8a:81:47:71:bc:d6:3c:d1:
25:14:c8:42:8f:a9:09:9f:2a:ed:3e:09:91:f4:fa:
5e:91:39:48:c7:ae:02:ed:92:e8:d5:df:57:3e:4d:
88:5d:67:ae:50:30:50:6e:1d:18:61:6f:1f:d5:c2:
d5:42:db:a6:7d:37:99:d9:24:7a:09:88:81:db:88:
7f:13:ab:0a:e6:42:dd:21:43:07:47:13:e0:73:d2:
61:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FC:FB:4E:4E:EA:34:C0:A1:F4:AF:56:7A:2F:77:F5:AF:BA:82:70
X509v3 Authority Key Identifier:
keyid:15:17:D4:F5:8A:F8:4F:50:CE:42:F1:32:93:ED:E4:AF:F1:2D:17:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/rvz7Tk7qNMCh9K9Wei939a-6gnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.232.0/21
37.8.160.0/19
37.160.0.0/12
IPv6:
2a0d:e480::/29
Signature Algorithm: sha256WithRSAEncryption
32:02:ea:3d:83:d1:c1:75:84:1f:cc:64:2f:9e:5f:cb:fc:2b:
c4:74:90:0a:33:de:e1:83:72:d1:24:09:d0:88:94:c2:a0:cf:
26:e0:04:97:07:92:66:ff:d2:34:11:fb:e9:34:d9:c6:9d:27:
98:ed:8e:65:76:4f:6a:1c:56:da:37:d8:ed:6f:c4:7d:dc:69:
48:9b:60:4d:a0:73:29:5c:d7:28:c2:98:21:cf:66:0a:7d:45:
f2:a6:0b:99:9c:03:b9:d2:2f:38:d7:3f:7c:d6:15:4a:73:5b:
32:f1:aa:b6:e9:64:60:97:0a:81:d7:57:da:fe:af:50:b0:c2:
dd:b3:da:aa:97:3c:d4:41:8d:12:31:31:28:10:5f:60:aa:ae:
79:c5:45:6d:94:27:65:f4:d9:f3:c0:e7:2d:92:1d:bd:80:19:
e6:71:fb:9c:4c:83:14:77:c8:60:e3:9a:fe:da:dd:5d:e4:a7:
c0:02:24:8b:a0:8f:5c:0c:83:cc:79:3d:f7:0b:52:0a:25:84:
90:95:db:50:67:ac:55:e7:c9:d8:cc:82:2f:78:8a:3c:b1:c8:
6d:31:d3:54:93:f3:c5:ad:0c:54:8e:cf:57:9e:a1:5c:30:dd:
94:86:fc:89:15:3b:e0:bd:ca:81:f0:d9:2d:c7:ae:66:c2:aa:
0d:b1:5e:9e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVveY8YZmd219pyhQny2d7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTdkNGY1OGFmODRmNTBjZTQyZjEzMjkzZWRlNGFmZjEy
ZDE3M2YwHhcNMjMwMTAxMjIzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWZjZmI0ZTRlZWEzNGMwYTFmNGFmNTY3YTJmNzdmNWFmYmE4MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOAx+fPcqSnaDoVAwWeoODih8H4J
1UBYWA4IRjCH4B2Q+mmJVnxHMdmbUvTD3spNSTqvABNGCL4iqNxjOyWzQZ4glDEw
+x7lTVX2IDrqinFDDfElWFowl/vU/DPQ3bp01Pbxfat8z5/q+9sgwHjk1gH3JLeW
DC98WET9Mawg+COtwJGQHU1ZqiW7Yy2RW7Q7vVSXHKRDtK8lZOn+5Tkypsc7gBaF
ud9WjlddioFHcbzWPNElFMhCj6kJnyrtPgmR9PpekTlIx64C7ZLo1d9XPk2IXWeu
UDBQbh0YYW8f1cLVQtumfTeZ2SR6CYiB24h/E6sK5kLdIUMHRxPgc9Jh9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK78+05O6jTAofSvVnovd/WvuoJwMB8GA1UdIwQY
MBaAFBUX1PWK+E9QzkLxMpPt5K/xLRc/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJmVTlZcjRUMURPUXZFeWstM2tyX0V0Rno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9jNGY4MGMtN2I2OS00ZmVjLWFhNTQt
ZTVmOThkZGFmYzk4LzEvcnZ6N1RrN3FOTUNoOUs5V2VpOTM5YS02Z25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9jNGY4MGMtN2I2OS00ZmVjLWFhNTQtZTVmOThkZGFmYzk4
LzEvRlJmVTlZcjRUMURPUXZFeWstM2tyX0V0Rno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQDJQHoAwQF
JQigAwMEJaAwDQQCAAIwBwMFAyoN5IAwDQYJKoZIhvcNAQELBQADggEBADIC6j2D
0cF1hB/MZC+eX8v8K8R0kAoz3uGDctEkCdCIlMKgzybgBJcHkmb/0jQR++k02cad
J5jtjmV2T2ocVto32O1vxH3caUibYE2gcylc1yjCmCHPZgp9RfKmC5mcA7nSLzjX
P3zWFUpzWzLxqrbpZGCXCoHXV9r+r1Cwwt2z2qqXPNRBjRIxMSgQX2CqrnnFRW2U
J2X02fPA5y2SHb2AGeZx+5xMgxR3yGDjmv7a3V3kp8ACJIugj1wMg8x5PfcLUgol
hJCV21BnrFXnydjMgi94ijyxyG0x01ST88WtDFSOz1eeoVww3ZSG/IkVO+C9yoHw
2S3HrmbCqg2xXp4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:10 2024 by rpki-client on console-fra.rpki-client.org