Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/HRNYAUgbU943MToVeRm8wjrZgRc.roa
File: HRNYAUgbU943MToVeRm8wjrZgRc.roa (raw, json)
Hash identifier: VS2huRP+8MtTtLkViulP+VaHO4l3p2QxN4dtA8/nXhg=
Subject key identifier: 1D:13:58:01:48:1B:53:DE:37:31:3A:15:79:19:BC:C2:3A:D9:81:17
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 01856C65CFDA8CF647A6F1D18C11F939276E
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/HRNYAUgbU943MToVeRm8wjrZgRc.roa
Signing time: Sun 01 Jan 2023 08:14:49 +0000
ROA not before: Sun 01 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199234
IP address blocks: 37.131.166.0/24 maxlen: 24
37.131.161.0/24 maxlen: 24
37.131.162.0/23 maxlen: 23
37.131.170.0/23 maxlen: 23
37.131.172.0/22 maxlen: 22
2a00:10a0:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 28 Jun 2023 19:37:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:cf:da:8c:f6:47:a6:f1:d1:8c:11:f9:39:27:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d135801481b53de37313a157919bcc23ad98117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a4:43:4f:e8:24:ea:26:ed:c9:70:19:3c:c4:
4a:14:d7:ee:6a:ac:86:9e:e3:b9:34:b1:f2:a5:1e:
09:c1:d3:de:60:9f:f1:83:07:ae:83:2b:74:91:84:
3d:96:fa:d8:ab:04:d0:3a:74:12:c7:61:66:8c:2b:
4f:b3:a0:56:25:31:2c:79:2a:ee:11:07:ee:00:4e:
48:7e:0e:60:16:ba:c5:aa:7c:bb:10:5a:d8:c7:fc:
57:12:36:51:d2:e4:ca:2b:cc:b4:de:69:98:61:d1:
5a:e1:03:16:73:bb:e0:e4:fe:a1:2d:e0:98:07:29:
9e:33:4b:36:4c:0c:cc:bb:48:4a:c5:92:6b:93:ba:
1a:e4:1f:a4:69:00:cc:de:42:c1:ea:11:b0:d4:36:
e5:a5:5b:10:1a:a9:f9:07:e2:43:af:b6:48:44:58:
bf:31:db:43:7d:d9:fc:83:93:f0:ae:a8:9d:69:d7:
79:b9:d3:7f:8a:3e:77:57:09:bd:3a:0b:48:ba:5f:
c6:0d:0e:d9:19:01:df:4a:5d:2d:53:73:41:e3:54:
31:6a:14:f0:2c:18:24:18:9a:98:e0:75:11:0f:20:
8a:68:d0:0f:a7:ed:1a:0c:19:f2:86:ae:10:cd:32:
54:39:9d:cb:39:e8:d7:b6:6b:c2:f4:12:60:5f:9b:
b3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:13:58:01:48:1B:53:DE:37:31:3A:15:79:19:BC:C2:3A:D9:81:17
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/HRNYAUgbU943MToVeRm8wjrZgRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.161.0-37.131.163.255
37.131.166.0/24
37.131.170.0-37.131.175.255
IPv6:
2a00:10a0:6::/48
Signature Algorithm: sha256WithRSAEncryption
a8:25:dd:cc:35:3f:3d:ff:f2:e9:23:19:73:af:c0:83:63:86:
d3:28:da:b0:89:30:04:6e:a4:02:e1:60:f1:09:04:de:9c:85:
14:d6:87:5f:c7:b3:84:b1:b8:6f:91:8c:d1:47:cd:ac:44:12:
29:f4:6e:36:59:23:6b:19:ac:cb:e8:49:28:6e:8f:46:fb:3e:
65:aa:22:b0:a7:46:c1:83:88:2e:58:20:f0:41:1b:a7:1a:ab:
0b:ad:4e:f8:f3:9c:1e:38:60:37:87:1d:9e:92:7c:16:74:47:
e0:ac:88:c4:7f:79:28:ab:87:14:f6:c0:3c:1f:0f:5c:0a:b1:
41:77:ed:92:d9:2b:bd:da:d8:57:de:28:3a:66:41:51:ec:88:
f8:bd:bd:96:24:6b:bc:7a:f1:76:a2:13:2b:d5:52:f1:93:74:
ea:47:a5:c5:1b:cb:a9:c2:b5:1e:1b:ca:53:87:75:a1:97:1a:
1d:f4:9e:2c:e8:ab:ed:6b:92:1d:4c:8a:0b:be:b6:54:86:98:
e9:26:72:52:5b:2c:fa:4a:32:f6:f8:44:7f:94:0d:1a:b7:7b:
22:70:02:af:71:61:18:cc:ea:3f:ab:96:35:aa:ee:eb:20:41:
26:64:55:94:80:60:5c:24:28:0e:35:16:f6:6d:82:6b:c8:92:
ce:f6:4c:4c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVsZc/ajPZHpvHRjBH5OSduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjMwMTAxMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDEzNTgwMTQ4MWI1M2RlMzczMTNhMTU3OTE5YmNjMjNhZDk4MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaRDT+gk6ibtyXAZPMRKFNfuaqyG
nuO5NLHypR4JwdPeYJ/xgweugyt0kYQ9lvrYqwTQOnQSx2FmjCtPs6BWJTEseSru
EQfuAE5Ifg5gFrrFqny7EFrYx/xXEjZR0uTKK8y03mmYYdFa4QMWc7vg5P6hLeCY
BymeM0s2TAzMu0hKxZJrk7oa5B+kaQDM3kLB6hGw1DblpVsQGqn5B+JDr7ZIRFi/
MdtDfdn8g5Pwrqidadd5udN/ij53Vwm9OgtIul/GDQ7ZGQHfSl0tU3NB41QxahTw
LBgkGJqY4HURDyCKaNAPp+0aDBnyhq4QzTJUOZ3LOejXtmvC9BJgX5uzIQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFB0TWAFIG1PeNzE6FXkZvMI62YEXMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvSFJOWUFVZ2JVOTQzTVRvVmVSbTh3anJaZ1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiMAwDBAAlg6ED
BAIlg6ADBAAlg6YwDAMEASWDqgMEBCWDoDAPBAIAAjAJAwcAKgAQoAAGMA0GCSqG
SIb3DQEBCwUAA4IBAQCoJd3MNT89//LpIxlzr8CDY4bTKNqwiTAEbqQC4WDxCQTe
nIUU1odfx7OEsbhvkYzRR82sRBIp9G42WSNrGazL6Ekobo9G+z5lqiKwp0bBg4gu
WCDwQRunGqsLrU7485weOGA3hx2eknwWdEfgrIjEf3koq4cU9sA8Hw9cCrFBd+2S
2Su92thX3ig6ZkFR7Ij4vb2WJGu8evF2ohMr1VLxk3TqR6XFG8upwrUeG8pTh3Wh
lxod9J4s6Kvta5IdTIoLvrZUhpjpJnJSWyz6SjL2+ER/lA0at3sicAKvcWEYzOo/
q5Y1qu7rIEEmZFWUgGBcJCgONRb2bYJryJLO9kxM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:14 2024 by rpki-client on console-fra.rpki-client.org