Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/rvEJrZv-gBOcwX9geWo-luv-8bc.roa
File: rvEJrZv-gBOcwX9geWo-luv-8bc.roa (raw, json)
Hash identifier: sOsuGXd2zSsfbXDcK1kIX8+NjA7dJPX0Jlubqgnp+fE=
Subject key identifier: AE:F1:09:AD:9B:FE:80:13:9C:C1:7F:60:79:6A:3E:96:EB:FE:F1:B7
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 01856F0256F50D56A6818682DAA9C42B02F1
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/rvEJrZv-gBOcwX9geWo-luv-8bc.roa
Signing time: Sun 01 Jan 2023 20:25:02 +0000
ROA not before: Sun 01 Jan 2023 20:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196818
IP address blocks: 217.73.240.0/23 maxlen: 23
217.73.244.0/22 maxlen: 22
217.73.240.0/20 maxlen: 20
217.73.242.0/23 maxlen: 23
217.73.248.0/21 maxlen: 21
37.202.32.0/21 maxlen: 21
37.202.40.0/23 maxlen: 23
37.202.42.0/23 maxlen: 23
37.202.46.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:56:f5:0d:56:a6:81:86:82:da:a9:c4:2b:02:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Jan 1 20:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aef109ad9bfe80139cc17f60796a3e96ebfef1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:09:87:d5:2f:61:86:4e:db:16:8f:05:9c:c7:
86:5b:9c:66:65:d6:ca:9b:06:83:c5:7f:06:08:7c:
8f:d0:a0:98:b1:d5:26:b7:f6:f7:31:56:4d:f4:ff:
1b:a2:79:41:a5:56:76:40:65:65:48:b7:dd:2d:3f:
b1:70:10:a4:55:d2:eb:ce:f2:40:de:db:99:75:6b:
be:08:b6:b8:d0:60:22:9b:27:7e:92:db:72:cc:9a:
99:8e:6d:1d:8b:b0:94:d7:74:8f:18:7c:7b:00:74:
e0:58:cf:46:56:2c:04:78:79:ff:be:91:a8:6a:b3:
2a:d5:af:ec:0f:d0:be:6b:f7:e2:ba:b5:b4:a8:07:
4c:65:20:cb:16:a7:fa:39:22:f2:dc:35:2a:c9:43:
70:71:8f:f6:44:68:9b:d0:10:e3:da:49:00:7f:f7:
50:df:5e:a1:3a:68:fc:c6:3c:e6:17:71:8d:68:fd:
78:f7:c0:49:b0:e7:47:c1:42:c0:20:f2:75:0c:2d:
47:c2:c5:cb:34:94:95:b7:a6:1f:23:5a:33:56:65:
53:be:f8:54:33:e2:ed:68:4a:7f:72:f3:64:5b:b7:
5a:55:c3:b6:3a:a9:19:e9:05:67:87:84:79:1a:7b:
b2:bf:e8:50:80:85:28:af:90:f2:87:87:82:58:a1:
bf:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F1:09:AD:9B:FE:80:13:9C:C1:7F:60:79:6A:3E:96:EB:FE:F1:B7
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/rvEJrZv-gBOcwX9geWo-luv-8bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.32.0-37.202.43.255
37.202.46.0/23
217.73.240.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:5e:05:9f:d1:c8:f3:f9:83:8e:c5:b0:39:ef:6e:d8:1f:e5:
a1:bc:44:bf:55:af:2b:32:4f:36:bc:b9:a2:de:13:4a:de:17:
08:c7:62:1e:00:e1:bc:b8:4a:6f:c9:73:17:5b:bd:13:94:56:
d6:d2:5d:60:bd:af:b3:26:45:53:5e:aa:7a:c4:f4:bf:44:61:
00:04:46:63:c0:c4:b9:fc:d5:51:09:24:c3:12:cc:bc:e4:c7:
92:f0:0a:70:94:a2:b8:17:ee:b2:8f:32:e1:a0:b4:dd:5c:cb:
97:42:ec:57:9b:79:8b:86:7b:c0:56:06:ea:66:b7:d7:c0:88:
68:ec:8f:61:a8:4c:60:6d:58:bb:81:5b:b8:eb:80:25:32:08:
18:9b:1d:fb:b4:79:b4:1e:5c:b7:b4:31:24:21:30:89:b1:0a:
00:82:16:53:98:dd:89:5a:5d:59:5a:9e:26:2d:f1:2f:38:ab:
1e:58:4c:cf:df:32:2f:0c:c6:bb:73:af:bc:fb:3f:11:70:21:
16:b6:33:4d:b3:a0:06:c1:eb:46:6d:a0:de:d8:8b:9d:a7:11:
12:f2:9b:a5:0b:26:5d:1e:1f:c5:22:94:11:43:5f:4b:c9:7d:
9a:95:c2:91:ae:a6:21:8d:1f:10:7e:dc:76:07:8d:92:92:69:
6e:d3:ed:d7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvAlb1DVamgYaC2qnEKwLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjMwMTAxMjAyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWYxMDlhZDliZmU4MDEzOWNjMTdmNjA3OTZhM2U5NmViZmVmMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgmH1S9hhk7bFo8FnMeGW5xmZdbK
mwaDxX8GCHyP0KCYsdUmt/b3MVZN9P8bonlBpVZ2QGVlSLfdLT+xcBCkVdLrzvJA
3tuZdWu+CLa40GAimyd+kttyzJqZjm0di7CU13SPGHx7AHTgWM9GViwEeHn/vpGo
arMq1a/sD9C+a/fiurW0qAdMZSDLFqf6OSLy3DUqyUNwcY/2RGib0BDj2kkAf/dQ
316hOmj8xjzmF3GNaP1498BJsOdHwULAIPJ1DC1HwsXLNJSVt6YfI1ozVmVTvvhU
M+LtaEp/cvNkW7daVcO2OqkZ6QVnh4R5Gnuyv+hQgIUor5Dyh4eCWKG/dQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK7xCa2b/oATnMF/YHlqPpbr/vG3MB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvcnZFSnJadi1nQk9jd1g5Z2VXby1sdXYtOGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUlyiAD
BAIlyigDBAElyi4DBATZSfAwDQYJKoZIhvcNAQELBQADggEBAIpeBZ/RyPP5g47F
sDnvbtgf5aG8RL9VrysyTza8uaLeE0reFwjHYh4A4by4Sm/JcxdbvROUVtbSXWC9
r7MmRVNeqnrE9L9EYQAERmPAxLn81VEJJMMSzLzkx5LwCnCUorgX7rKPMuGgtN1c
y5dC7FebeYuGe8BWBupmt9fAiGjsj2GoTGBtWLuBW7jrgCUyCBibHfu0ebQeXLe0
MSQhMImxCgCCFlOY3YlaXVlaniYt8S84qx5YTM/fMi8Mxrtzr7z7PxFwIRa2M02z
oAbB60ZtoN7Yi52nERLym6ULJl0eH8UilBFDX0vJfZqVwpGupiGNHxB+3HYHjZKS
aW7T7dc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:09 2024 by rpki-client on console-fra.rpki-client.org