Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/vOwpW5mrERs5oIga1HtudXpUd38.roa
File: vOwpW5mrERs5oIga1HtudXpUd38.roa (raw, json)
Hash identifier: GGZKdvkoqYgDSzF0maSsL7OVpXCA2dfJ/VChBWJjX9w=
Subject key identifier: BC:EC:29:5B:99:AB:11:1B:39:A0:88:1A:D4:7B:6E:75:7A:54:77:7F
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 01856D94210E9C89C03F8B482A7F3F25EA77
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/vOwpW5mrERs5oIga1HtudXpUd38.roa
Signing time: Sun 01 Jan 2023 13:45:02 +0000
ROA not before: Sun 01 Jan 2023 13:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208006
IP address blocks: 37.152.177.0/24 maxlen: 24
37.152.179.0/24 maxlen: 24
37.152.178.0/24 maxlen: 24
37.152.176.0/24 maxlen: 24
37.152.186.0/24 maxlen: 24
37.152.185.0/24 maxlen: 24
37.152.181.0/24 maxlen: 24
37.152.180.0/24 maxlen: 24
37.152.183.0/24 maxlen: 24
37.152.182.0/24 maxlen: 24
37.152.191.0/24 maxlen: 24
37.152.190.0/24 maxlen: 24
37.152.188.0/24 maxlen: 24
37.152.187.0/24 maxlen: 24
37.152.189.0/24 maxlen: 24
193.176.240.0/24 maxlen: 24
193.176.243.0/24 maxlen: 24
193.176.242.0/24 maxlen: 24
193.176.241.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.143.232.0/24 maxlen: 24
185.143.235.0/24 maxlen: 24
185.97.116.0/22 maxlen: 22
2a0c:a7c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:21:0e:9c:89:c0:3f:8b:48:2a:7f:3f:25:ea:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Jan 1 13:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcec295b99ab111b39a0881ad47b6e757a54777f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d4:cc:41:48:35:7c:48:b0:1f:e7:89:43:68:
7b:9f:74:47:3c:be:f1:a4:92:8a:cd:87:42:fc:49:
95:c4:b3:c2:4a:14:24:71:fe:1b:2e:f0:df:55:59:
cf:5b:5a:bd:f9:fc:db:c7:e1:27:7a:32:b6:88:d8:
22:95:99:ff:a3:bf:b0:ce:72:f9:f8:94:25:87:9f:
dc:7f:c2:57:5e:d9:c7:78:a3:7c:9c:7d:37:43:70:
58:08:d1:d9:7b:f4:d6:cf:98:88:15:63:1d:49:d6:
97:97:31:26:6e:43:38:6d:71:08:70:08:83:4d:8a:
86:19:db:05:9f:56:69:bf:c1:e4:36:d0:85:fa:20:
7a:30:2f:5a:bc:d2:08:7e:1d:1e:16:0c:b3:47:20:
a9:8b:23:45:c4:3c:7b:df:65:32:ee:35:97:93:37:
43:23:16:f2:88:48:01:2d:9e:7f:c8:ab:7d:f9:08:
08:92:25:d8:70:1d:d7:a2:e5:0c:58:83:c2:4e:e3:
37:26:12:e2:aa:77:26:6b:a2:01:ad:6e:35:fe:76:
33:69:95:b1:cb:cb:d4:22:dd:1b:7d:c3:e6:c7:22:
01:f2:8e:36:6a:5a:78:02:3b:00:9d:78:81:01:08:
2b:ed:63:71:5e:b4:d1:48:f0:a0:67:eb:1f:34:bf:
8e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EC:29:5B:99:AB:11:1B:39:A0:88:1A:D4:7B:6E:75:7A:54:77:7F
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/vOwpW5mrERs5oIga1HtudXpUd38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.176.0/21
37.152.185.0-37.152.191.255
185.97.116.0/22
185.143.232.0/22
193.176.240.0/22
IPv6:
2a0c:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:17:63:55:64:8a:19:03:18:43:19:ab:e1:82:58:ec:40:34:
42:e6:c7:aa:56:f1:a7:31:47:85:e3:23:21:98:d2:d5:01:ef:
fc:15:f2:61:b2:94:bb:73:50:a8:03:46:c6:f2:b9:f0:fa:44:
56:d1:1f:93:c0:e1:7b:6a:64:ed:e7:c3:f7:9c:a4:13:7c:ed:
90:37:ea:11:11:81:c1:42:c0:68:d8:a6:d7:bf:96:2f:3c:10:
1a:bb:c8:a5:94:2c:16:a5:d0:0d:46:1a:bb:54:9e:28:c9:b8:
31:53:64:c3:6e:d1:e3:f7:66:92:be:f2:53:b1:c1:06:ea:e7:
fd:61:0c:8b:4f:fa:e2:36:6b:28:af:b8:4a:68:cb:e6:85:cc:
b0:c9:d2:92:c3:b6:c8:6b:ba:b0:66:c6:67:5c:44:e0:86:ec:
03:0d:e8:e1:11:31:32:0d:68:14:53:97:6d:10:ae:cc:4c:ab:
89:9a:80:08:fc:7d:a4:16:5f:b9:af:31:59:3d:f6:11:fb:82:
62:9a:06:ca:5a:a2:13:e0:26:a0:5f:ad:f3:30:d4:d5:6a:be:
42:50:54:b6:42:cd:18:a6:92:ad:b5:72:f4:87:e0:33:a7:90:
ba:04:6d:df:25:ce:43:8c:0f:dd:b0:5e:e7:26:1a:17:53:ef:
ef:26:3f:52
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVtlCEOnInAP4tIKn8/Jep3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjMwMTAxMTM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2VjMjk1Yjk5YWIxMTFiMzlhMDg4MWFkNDdiNmU3NTdhNTQ3NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtTMQUg1fEiwH+eJQ2h7n3RHPL7x
pJKKzYdC/EmVxLPCShQkcf4bLvDfVVnPW1q9+fzbx+EnejK2iNgilZn/o7+wznL5
+JQlh5/cf8JXXtnHeKN8nH03Q3BYCNHZe/TWz5iIFWMdSdaXlzEmbkM4bXEIcAiD
TYqGGdsFn1Zpv8HkNtCF+iB6MC9avNIIfh0eFgyzRyCpiyNFxDx732Uy7jWXkzdD
IxbyiEgBLZ5/yKt9+QgIkiXYcB3XouUMWIPCTuM3JhLiqncma6IBrW41/nYzaZWx
y8vUIt0bfcPmxyIB8o42alp4AjsAnXiBAQgr7WNxXrTRSPCgZ+sfNL+OPQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLzsKVuZqxEbOaCIGtR7bnV6VHd/MB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvdk93cFc1bXJFUnM1b0lnYTFIdHVkWHBVZDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDJZiwMAwD
BAAlmLkDBAYlmIADBAK5YXQDBAK5j+gDBALBsPAwDQQCAAIwBwMFAyoMp8AwDQYJ
KoZIhvcNAQELBQADggEBAC8XY1VkihkDGEMZq+GCWOxANELmx6pW8acxR4XjIyGY
0tUB7/wV8mGylLtzUKgDRsbyufD6RFbRH5PA4XtqZO3nw/ecpBN87ZA36hERgcFC
wGjYpte/li88EBq7yKWULBal0A1GGrtUnijJuDFTZMNu0eP3ZpK+8lOxwQbq5/1h
DItP+uI2ayivuEpoy+aFzLDJ0pLDtshrurBmxmdcROCG7AMN6OERMTINaBRTl20Q
rsxMq4magAj8faQWX7mvMVk99hH7gmKaBspaohPgJqBfrfMw1NVqvkJQVLZCzRim
kq21cvSH4DOnkLoEbd8lzkOMD92wXucmGhdT7+8mP1I=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:48 2024 by rpki-client on console-ams.rpki-client.org