Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/iFxh3Mn-Mpx5WhG0zfe32xHmsSg.roa
File: iFxh3Mn-Mpx5WhG0zfe32xHmsSg.roa (raw, json)
Hash identifier: m+jstLIOsPlkuJ8lYZ+gXjNAfMEnYvB0ZcKZDBUKex0=
Subject key identifier: 88:5C:61:DC:C9:FE:32:9C:79:5A:11:B4:CD:F7:B7:DB:11:E6:B1:28
Certificate issuer: /CN=828bbad6f4916842bbe320284fafe10caf59edf0
Certificate serial: 01856D0A9DEE80FCDCFD6C84C0ECA79C7F70
Authority key identifier: 82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/iFxh3Mn-Mpx5WhG0zfe32xHmsSg.roa
Signing time: Sun 01 Jan 2023 11:14:50 +0000
ROA not before: Sun 01 Jan 2023 11:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51720
IP address blocks: 37.228.124.0/24 maxlen: 24
37.228.120.0/24 maxlen: 24
37.228.122.0/23 maxlen: 24
80.70.162.0/23 maxlen: 24
80.70.166.0/23 maxlen: 24
31.3.144.0/22 maxlen: 24
2a00:d340:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:9d:ee:80:fc:dc:fd:6c:84:c0:ec:a7:9c:7f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=828bbad6f4916842bbe320284fafe10caf59edf0
Validity
Not Before: Jan 1 11:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=885c61dcc9fe329c795a11b4cdf7b7db11e6b128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:57:39:8c:b8:65:65:6d:99:68:f7:f0:f1:fe:
26:e7:4a:6e:0c:67:e9:62:78:83:51:0f:44:a6:f2:
a6:02:89:b7:68:59:da:6a:fa:06:43:87:47:4c:30:
3f:b0:d5:45:75:3d:a8:25:3a:fc:a5:96:4f:d9:34:
fe:d3:96:4c:d9:1f:7e:e5:57:86:ae:8d:0d:d4:17:
8b:c7:ee:de:a4:3f:b0:2a:86:55:1a:26:e7:d3:7a:
42:f8:7e:15:e0:84:64:92:39:85:7a:c8:c5:b4:77:
bd:cc:82:b8:31:9e:eb:5d:61:3f:90:f1:8d:e6:02:
01:06:0f:bc:9f:df:f7:f6:45:bd:5d:59:aa:7d:58:
a8:6c:cc:db:da:06:96:46:15:2f:b8:1d:8b:79:86:
c7:c0:59:86:4a:30:d5:22:d4:4c:30:7d:22:0b:30:
97:95:10:b9:16:e0:6c:87:07:dc:9d:7f:39:3c:cb:
da:35:c9:75:c0:ca:4a:70:cc:16:57:cb:71:6b:e6:
8f:a8:86:5e:53:64:14:ae:29:af:a1:88:48:76:dc:
3e:65:61:f1:80:9b:c3:e1:db:ec:30:df:36:ea:1b:
ee:cc:42:08:77:3f:a8:4a:06:9b:68:24:f6:49:30:
82:ff:b2:15:27:0b:6f:e4:41:36:cb:3f:97:af:2e:
3a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:5C:61:DC:C9:FE:32:9C:79:5A:11:B4:CD:F7:B7:DB:11:E6:B1:28
X509v3 Authority Key Identifier:
keyid:82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/iFxh3Mn-Mpx5WhG0zfe32xHmsSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.144.0/22
37.228.120.0/24
37.228.122.0-37.228.124.255
80.70.162.0/23
80.70.166.0/23
IPv6:
2a00:d340:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
43:48:ae:4d:6b:58:a3:a4:04:02:29:29:2b:9c:dd:ab:86:87:
3a:98:5c:30:c6:90:fc:55:65:b6:1f:3d:bb:75:4c:58:41:06:
39:32:f7:0b:2c:01:39:85:7f:a6:42:1a:bd:db:7a:64:41:1b:
fa:5b:24:1e:6d:e0:6e:ea:1a:7b:02:f5:de:47:cc:09:16:82:
ac:7e:fa:c8:78:a6:cc:eb:74:47:ea:5b:75:5b:de:a2:6e:6f:
a7:52:f4:93:5e:94:ce:5a:3e:ec:19:5a:bd:9a:87:6a:d6:ab:
d7:b3:a9:b2:96:c5:31:3e:19:44:02:50:fd:41:c2:d0:3c:90:
e3:25:f0:01:cc:1d:21:07:95:2f:08:f5:60:8c:1d:e6:31:c0:
16:b1:7a:94:b3:fb:47:69:a2:4f:fb:82:5e:c7:42:ed:18:e8:
aa:97:f6:28:7e:28:a8:24:21:4a:49:1b:76:f6:05:28:97:5d:
3d:2d:60:db:be:3e:4f:4d:d0:09:4b:47:39:ec:3d:d0:53:fb:
30:12:46:37:45:58:31:49:a1:80:49:fc:2a:ad:52:ea:20:8f:
43:c1:db:4c:fe:1c:e3:02:68:79:e2:aa:e8:28:11:6f:a2:af:
50:c4:bb:66:d3:43:66:81:7b:b2:54:dc:73:e3:0e:8b:40:98:
fc:89:2b:09
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVtCp3ugPzc/WyEwOynnH9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOGJiYWQ2ZjQ5MTY4NDJiYmUzMjAyODRmYWZlMTBjYWY1
OWVkZjAwHhcNMjMwMTAxMTExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODVjNjFkY2M5ZmUzMjljNzk1YTExYjRjZGY3YjdkYjExZTZiMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFc5jLhlZW2ZaPfw8f4m50puDGfp
YniDUQ9EpvKmAom3aFnaavoGQ4dHTDA/sNVFdT2oJTr8pZZP2TT+05ZM2R9+5VeG
ro0N1BeLx+7epD+wKoZVGibn03pC+H4V4IRkkjmFesjFtHe9zIK4MZ7rXWE/kPGN
5gIBBg+8n9/39kW9XVmqfViobMzb2gaWRhUvuB2LeYbHwFmGSjDVItRMMH0iCzCX
lRC5FuBshwfcnX85PMvaNcl1wMpKcMwWV8txa+aPqIZeU2QUrimvoYhIdtw+ZWHx
gJvD4dvsMN826hvuzEIIdz+oSgabaCT2STCC/7IVJwtv5EE2yz+Xry46QQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFIhcYdzJ/jKceVoRtM33t9sR5rEoMB8GA1UdIwQY
MBaAFIKLutb0kWhCu+MgKE+v4QyvWe3wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgt
MTg5NjU1NWEyZjBlLzEvaUZ4aDNNbi1NcHg1V2hHMHpmZTMyeEhtc1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgtMTg5NjU1NWEyZjBl
LzEvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQCHwOQAwQA
JeR4MAwDBAEl5HoDBAAl5HwDBAFQRqIDBAFQRqYwDwQCAAIwCQMHACoA00D//zAN
BgkqhkiG9w0BAQsFAAOCAQEAQ0iuTWtYo6QEAikpK5zdq4aHOphcMMaQ/FVlth89
u3VMWEEGOTL3CywBOYV/pkIavdt6ZEEb+lskHm3gbuoaewL13kfMCRaCrH76yHim
zOt0R+pbdVveom5vp1L0k16Uzlo+7BlavZqHatar17OpspbFMT4ZRAJQ/UHC0DyQ
4yXwAcwdIQeVLwj1YIwd5jHAFrF6lLP7R2miT/uCXsdC7Rjoqpf2KH4oqCQhSkkb
dvYFKJddPS1g274+T03QCUtHOew90FP7MBJGN0VYMUmhgEn8Kq1S6iCPQ8HbTP4c
4wJoeeKq6CgRb6KvUMS7ZtNDZoF7slTcc+MOi0CY/IkrCQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:59 2024 by rpki-client on console-ams.rpki-client.org