Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/z211Og9Mlrk0FN8ntAN-R53Oby8.roa
File: z211Og9Mlrk0FN8ntAN-R53Oby8.roa (raw, json)
Hash identifier: ORDW4ORj/AL3YcHqjDtZ4tkCbmRUl+7QZ20kE2IuqCA=
Subject key identifier: CF:6D:75:3A:0F:4C:96:B9:34:14:DF:27:B4:03:7E:47:9D:CE:6F:2F
Certificate issuer: /CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Certificate serial: 01856FF02F12A8305CF95EB02B1C2D6C4712
Authority key identifier: 03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/z211Og9Mlrk0FN8ntAN-R53Oby8.roa
Signing time: Mon 02 Jan 2023 00:44:49 +0000
ROA not before: Mon 02 Jan 2023 00:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60609
IP address blocks: 185.37.212.0/24 maxlen: 24
185.37.213.0/24 maxlen: 24
185.158.170.0/23 maxlen: 23
185.158.171.0/24 maxlen: 24
185.158.168.0/23 maxlen: 23
185.37.214.0/24 maxlen: 24
185.37.215.0/24 maxlen: 24
185.77.159.0/24 maxlen: 24
185.86.11.0/24 maxlen: 24
185.77.156.0/24 maxlen: 24
185.77.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:2f:12:a8:30:5c:f9:5e:b0:2b:1c:2d:6c:47:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Validity
Not Before: Jan 2 00:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf6d753a0f4c96b93414df27b4037e479dce6f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:80:b0:36:81:6d:36:9e:62:d4:f7:42:be:ce:
a8:22:f2:ba:ea:4a:cf:9d:5b:82:9a:72:e4:57:d6:
8a:58:33:ea:68:de:44:57:be:4f:b4:b5:e8:64:8a:
ff:bd:75:38:e1:2f:66:7e:58:a3:37:e3:35:4f:a1:
61:87:8c:d5:ab:15:e8:e0:f1:fa:eb:8e:2c:ce:e6:
24:ac:72:d0:28:08:ca:df:cd:6b:1f:6c:37:4c:0a:
53:f6:f7:b9:f3:df:2a:10:c5:99:0c:8f:f5:48:fa:
ec:95:0a:59:b5:f7:7c:bc:85:c4:09:f0:57:2b:f0:
6b:e7:bc:43:6b:87:7a:40:f9:de:f0:33:3c:a1:53:
cf:57:91:55:31:0f:a1:47:f9:6e:fc:d6:d0:49:ea:
64:5e:dd:89:25:34:69:1a:05:db:85:43:88:f0:e3:
b6:a3:2b:1b:66:7a:c7:c2:89:e5:a0:33:61:68:46:
e9:35:d1:2f:c2:61:c1:da:18:c7:aa:08:66:b5:37:
86:7f:a1:08:12:b0:e5:c6:c7:13:c2:c3:58:70:2f:
6e:d2:24:e1:94:84:9d:8b:1c:32:d0:ab:63:40:92:
10:79:1b:48:fc:f6:b4:bc:e3:3b:ae:6b:a1:79:83:
a1:7c:1f:21:73:b6:3b:ee:33:38:48:d0:7d:32:b2:
a1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:6D:75:3A:0F:4C:96:B9:34:14:DF:27:B4:03:7E:47:9D:CE:6F:2F
X509v3 Authority Key Identifier:
keyid:03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/z211Og9Mlrk0FN8ntAN-R53Oby8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.212.0/22
185.77.156.0/23
185.77.159.0/24
185.86.11.0/24
185.158.168.0/22
Signature Algorithm: sha256WithRSAEncryption
99:ee:75:42:00:a9:9a:e2:60:c2:53:99:8d:e4:9f:96:87:45:
47:13:65:f4:58:36:15:54:a8:de:ae:bc:75:8f:83:a3:7f:8e:
a9:37:61:c7:7d:85:fc:d3:0a:4d:b1:7a:07:53:3c:3b:ec:19:
db:f8:4e:3d:e4:8a:e0:94:ea:19:75:04:22:63:84:1a:5b:4e:
b2:95:ee:b5:d7:dd:87:96:30:e7:01:3e:c7:5f:34:91:e3:81:
ce:ee:4e:ce:fa:3e:8d:3a:f4:80:a9:1f:1d:bc:ad:c2:4e:b7:
1e:b8:ad:9d:17:ff:e1:94:ce:2c:8d:7e:11:a0:23:65:ff:0a:
10:02:b8:01:48:03:34:3a:06:bb:df:fa:41:45:ae:cc:76:c3:
ba:23:76:42:52:4c:a6:2c:c4:ae:c1:fd:ea:ac:6d:6e:4b:bb:
78:a0:bc:7d:b7:37:54:33:3a:b5:bf:02:cc:a3:96:0e:6e:a9:
48:2d:d0:7c:e0:63:86:74:12:a4:74:14:1e:54:4c:e5:4f:55:
fb:49:6b:eb:95:14:1c:0e:cf:d9:b0:71:36:78:06:3f:70:7a:
c7:e9:0e:b4:ca:71:a7:96:40:4e:3a:62:54:f3:2b:f0:b7:a3:
98:76:bb:da:02:52:f5:b1:76:ce:9f:47:62:4d:02:5f:cd:51:
17:36:76:2a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVv8C8SqDBc+V6wKxwtbEcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNzg2MmI0NjA4Yzc5ZjQ1MDI5NWVjNWM4MGM3YzdhZDZk
ZmUyYTIwHhcNMjMwMTAyMDA0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjZkNzUzYTBmNGM5NmI5MzQxNGRmMjdiNDAzN2U0NzlkY2U2ZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoCwNoFtNp5i1PdCvs6oIvK66krP
nVuCmnLkV9aKWDPqaN5EV75PtLXoZIr/vXU44S9mflijN+M1T6Fhh4zVqxXo4PH6
644szuYkrHLQKAjK381rH2w3TApT9ve5898qEMWZDI/1SPrslQpZtfd8vIXECfBX
K/Br57xDa4d6QPne8DM8oVPPV5FVMQ+hR/lu/NbQSepkXt2JJTRpGgXbhUOI8OO2
oysbZnrHwonloDNhaEbpNdEvwmHB2hjHqghmtTeGf6EIErDlxscTwsNYcC9u0iTh
lISdixwy0KtjQJIQeRtI/Pa0vOM7rmuheYOhfB8hc7Y77jM4SNB9MrKhcwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM9tdToPTJa5NBTfJ7QDfkedzm8vMB8GA1UdIwQY
MBaAFAN4YrRgjHn0UClexcgMfHrW3+KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMt
ZjQ3NGY3YmQzNTMxLzEvejIxMU9nOU1scmswRk44bnRBTi1SNTNPYnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMtZjQ3NGY3YmQzNTMx
LzEvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuSXUAwQB
uU2cAwQAuU2fAwQAuVYLAwQCuZ6oMA0GCSqGSIb3DQEBCwUAA4IBAQCZ7nVCAKma
4mDCU5mN5J+Wh0VHE2X0WDYVVKjerrx1j4Ojf46pN2HHfYX80wpNsXoHUzw77Bnb
+E495IrglOoZdQQiY4QaW06yle61192HljDnAT7HXzSR44HO7k7O+j6NOvSAqR8d
vK3CTrceuK2dF//hlM4sjX4RoCNl/woQArgBSAM0Oga73/pBRa7MdsO6I3ZCUkym
LMSuwf3qrG1uS7t4oLx9tzdUMzq1vwLMo5YObqlILdB84GOGdBKkdBQeVEzlT1X7
SWvrlRQcDs/ZsHE2eAY/cHrH6Q60ynGnlkBOOmJU8yvwt6OYdrvaAlL1sXbOn0di
TQJfzVEXNnYq
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:21 2024 by rpki-client on console-fra.rpki-client.org