Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/q6aVKolX07sY4WNT1n-l1XmPrh0.roa
File: q6aVKolX07sY4WNT1n-l1XmPrh0.roa (raw, json)
Hash identifier: MliHfCw75m3DUrM/67jaxBkz1utti4ZNH0CIjao7UMU=
Subject key identifier: AB:A6:95:2A:89:57:D3:BB:18:E1:63:53:D6:7F:A5:D5:79:8F:AE:1D
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 0189038297134C46365247AF7E1AA98FD938
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/q6aVKolX07sY4WNT1n-l1XmPrh0.roa
Signing time: Wed 28 Jun 2023 19:37:17 +0000
ROA not before: Wed 28 Jun 2023 19:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199234
IP address blocks: 37.131.166.0/24 maxlen: 24
37.131.161.0/24 maxlen: 24
37.131.162.0/23 maxlen: 23
37.131.170.0/23 maxlen: 23
37.131.167.0/24 maxlen: 24
37.131.172.0/22 maxlen: 22
2a00:10a0:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:03:82:97:13:4c:46:36:52:47:af:7e:1a:a9:8f:d9:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jun 28 19:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aba6952a8957d3bb18e16353d67fa5d5798fae1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0b:c6:ec:16:bc:4b:4d:fc:fb:40:80:ee:a8:
d5:a8:4a:af:9a:e7:61:4a:23:0c:68:4b:27:31:9b:
35:8c:ba:49:a1:bc:81:17:7e:20:ea:96:19:33:6d:
6b:71:02:c9:a0:06:f1:44:2c:04:98:89:5c:40:be:
b8:aa:15:77:2c:1d:4c:e8:e3:83:b4:98:d8:98:17:
d7:17:94:00:ce:82:12:f4:ba:28:39:dd:11:a0:6b:
4c:aa:0c:c3:79:58:2d:c7:af:e3:c8:ac:45:3a:8b:
7b:4f:e2:47:e1:ed:d5:d7:c0:61:ed:58:fd:26:a4:
d7:3f:64:76:58:07:4b:51:d8:ce:3c:46:aa:cf:6d:
fb:a3:5a:3a:de:dc:49:03:ad:12:f9:db:83:9a:00:
4e:74:21:cf:78:d0:65:df:ad:49:14:6d:f5:03:76:
5c:64:00:8d:bb:92:90:e6:27:18:43:0b:ec:3e:cd:
d5:a9:de:1b:47:19:f8:ab:49:49:2c:86:05:0a:48:
30:9c:3f:96:4c:b2:8d:d2:7f:e0:b0:6e:91:9e:e2:
ad:47:72:e2:41:04:39:c7:5f:ef:ae:c7:4d:47:63:
b0:85:b5:de:59:21:25:bf:e5:44:dc:a8:41:f1:1a:
f8:0a:c0:ca:c5:4b:2b:0e:16:db:75:0c:e4:6f:d3:
f6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A6:95:2A:89:57:D3:BB:18:E1:63:53:D6:7F:A5:D5:79:8F:AE:1D
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/q6aVKolX07sY4WNT1n-l1XmPrh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.161.0-37.131.163.255
37.131.166.0/23
37.131.170.0-37.131.175.255
IPv6:
2a00:10a0:6::/48
Signature Algorithm: sha256WithRSAEncryption
4c:ec:e2:92:09:08:f8:37:56:f8:bb:30:8f:56:05:5f:80:a8:
68:e1:b6:b8:62:09:a7:f5:a1:e2:81:fa:54:f0:c8:02:59:89:
b7:a6:a4:10:88:12:38:03:9f:0f:de:df:57:33:b2:e7:79:bd:
77:10:49:ea:7c:74:e8:8a:3c:30:5c:99:20:3f:ea:24:03:51:
4c:57:8e:96:2f:cb:b6:9f:bc:e9:4d:14:d9:2e:84:aa:42:f1:
5d:07:4e:5b:2e:36:b1:d0:b7:ca:83:e1:40:67:b6:73:72:f9:
d3:61:57:4e:54:a6:b5:80:6f:83:0f:84:e1:19:96:d8:84:95:
b4:29:07:40:7d:e0:05:87:c2:78:94:9d:77:72:57:a6:a7:d2:
20:7a:51:fe:e1:8d:01:87:fa:d8:50:06:ae:15:32:b3:81:e8:
bf:58:63:53:2d:27:c1:9d:3d:9c:7a:6f:cd:16:2c:0b:ce:ae:
0b:93:3a:64:b7:2e:45:69:24:8e:36:68:3e:3f:01:39:e1:06:
6b:9b:60:11:56:5a:f8:19:a4:29:d7:c3:41:61:69:cc:8b:86:
9c:1b:af:f3:77:2a:dc:76:9b:db:ff:c7:ba:da:f0:a1:68:d4:
fd:f7:45:a9:f9:46:2b:9a:dd:22:a3:97:d7:bd:ce:79:94:c8:
3f:a1:e3:67
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYkDgpcTTEY2Ukevfhqpj9k4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjMwNjI4MTkzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmE2OTUyYTg5NTdkM2JiMThlMTYzNTNkNjdmYTVkNTc5OGZhZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQvG7Ba8S038+0CA7qjVqEqvmudh
SiMMaEsnMZs1jLpJobyBF34g6pYZM21rcQLJoAbxRCwEmIlcQL64qhV3LB1M6OOD
tJjYmBfXF5QAzoIS9LooOd0RoGtMqgzDeVgtx6/jyKxFOot7T+JH4e3V18Bh7Vj9
JqTXP2R2WAdLUdjOPEaqz237o1o63txJA60S+duDmgBOdCHPeNBl361JFG31A3Zc
ZACNu5KQ5icYQwvsPs3Vqd4bRxn4q0lJLIYFCkgwnD+WTLKN0n/gsG6RnuKtR3Li
QQQ5x1/vrsdNR2OwhbXeWSElv+VE3KhB8Rr4CsDKxUsrDhbbdQzkb9P2gQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKumlSqJV9O7GOFjU9Z/pdV5j64dMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvcTZhVktvbFgwN3NZNFdOVDFuLWwxWG1QcmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiMAwDBAAlg6ED
BAIlg6ADBAElg6YwDAMEASWDqgMEBCWDoDAPBAIAAjAJAwcAKgAQoAAGMA0GCSqG
SIb3DQEBCwUAA4IBAQBM7OKSCQj4N1b4uzCPVgVfgKho4ba4Ygmn9aHigfpU8MgC
WYm3pqQQiBI4A58P3t9XM7Lneb13EEnqfHToijwwXJkgP+okA1FMV46WL8u2n7zp
TRTZLoSqQvFdB05bLjax0LfKg+FAZ7ZzcvnTYVdOVKa1gG+DD4ThGZbYhJW0KQdA
feAFh8J4lJ13clemp9IgelH+4Y0Bh/rYUAauFTKzgei/WGNTLSfBnT2cem/NFiwL
zq4Lkzpkty5FaSSONmg+PwE54QZrm2ARVlr4GaQp18NBYWnMi4acG6/zdyrcdpvb
/8e62vChaNT990Wp+UYrmt0io5fXvc55lMg/oeNn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:14 2024 by rpki-client on console-fra.rpki-client.org