Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/vBnw3TP8TkSOkvnoL88FXABR1FY.roa
File: vBnw3TP8TkSOkvnoL88FXABR1FY.roa (raw, json)
Hash identifier: IPyP2LW6UND9mihX65RqE2RtUolNAziBzwfbnrhZH5g=
Subject key identifier: BC:19:F0:DD:33:FC:4E:44:8E:92:F9:E8:2F:CF:05:5C:00:51:D4:56
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0185F2AFD615720B655AEBA44B75FE1394F4
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/vBnw3TP8TkSOkvnoL88FXABR1FY.roa
Signing time: Fri 27 Jan 2023 10:04:47 +0000
ROA not before: Fri 27 Jan 2023 10:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
185.81.219.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:af:d6:15:72:0b:65:5a:eb:a4:4b:75:fe:13:94:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 27 10:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc19f0dd33fc4e448e92f9e82fcf055c0051d456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7f:87:4b:54:a1:ce:d4:a5:2d:ad:b7:cb:2b:
b3:12:4c:e8:34:ae:92:2f:0b:70:1b:c8:91:15:8e:
9b:bb:95:fc:1f:c2:6a:1f:3e:a5:90:ec:6f:8c:99:
a3:e2:13:ac:d0:bf:b0:21:a0:e7:b3:f8:64:61:6f:
b1:3b:34:c5:80:65:1e:37:67:1f:74:4a:a2:a1:ed:
b0:14:5f:5c:88:42:df:30:c9:7b:2e:20:42:60:3a:
63:d0:02:1d:18:de:db:6b:f5:f4:d6:dd:35:70:51:
93:f2:06:47:95:83:78:dd:c5:f0:7d:a1:21:80:9c:
ab:16:9b:fd:b2:32:16:cd:62:a6:ec:79:d7:f6:b7:
1d:17:b5:e2:e8:a9:4e:4e:2b:c6:8a:e8:d1:06:23:
d7:0a:81:3e:f0:59:31:75:f8:08:4b:07:18:6c:73:
4e:d4:6d:c3:ab:bb:9d:23:17:c1:fb:d1:82:b0:1e:
49:25:28:68:28:ae:fd:77:66:48:c4:84:89:55:ce:
40:11:15:f7:34:ef:79:fb:3a:10:d2:0d:cf:c3:38:
72:15:35:37:a1:1e:0c:f1:12:60:43:fb:16:12:71:
f2:e8:c4:08:9d:4c:58:f7:dd:be:99:26:f3:e4:89:
68:e6:79:eb:8e:ef:a8:4e:ae:d3:db:7f:86:f4:45:
77:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:19:F0:DD:33:FC:4E:44:8E:92:F9:E8:2F:CF:05:5C:00:51:D4:56
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/vBnw3TP8TkSOkvnoL88FXABR1FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.201.0-37.128.203.255
46.23.96.0/24
46.23.98.0/23
109.205.212.0/24
185.81.216.0/24
185.81.219.0/24
Signature Algorithm: sha256WithRSAEncryption
99:26:31:c6:81:a6:cb:b3:f6:05:14:d6:8b:30:0d:e7:fd:18:
75:98:da:13:4c:29:30:18:b7:9d:be:92:db:ee:49:7c:ba:86:
5d:57:5e:fe:f5:0d:f9:a7:94:37:f7:4c:97:b6:6f:20:6d:7b:
c3:2a:de:54:86:3b:9f:8b:fc:ab:f0:b5:8f:c9:80:2d:99:48:
37:97:01:ed:c1:ef:8d:38:40:f2:ef:30:c1:a4:4e:f4:98:a0:
4f:45:84:ad:a9:1c:b0:ad:24:9f:84:d8:ee:de:6f:72:37:d6:
ac:66:49:fe:e5:19:9c:bf:64:72:99:73:5b:10:74:e5:49:3e:
c5:66:06:8e:9b:0e:37:95:cd:6d:34:bf:cf:17:dd:5e:5c:42:
92:15:84:1a:04:46:65:0b:ff:f4:f1:f9:6d:24:8d:4b:6e:ff:
5d:2d:8f:05:25:82:4a:0b:dc:d7:d5:ff:6d:97:e6:59:29:6e:
92:29:3b:fe:7b:78:40:9a:aa:92:5a:f4:af:55:8a:69:e5:2c:
83:7c:4b:e1:8d:fa:64:97:c1:2f:78:a7:1a:3d:4d:a2:57:ec:
9c:f8:31:92:8a:8d:60:0e:ea:2a:e7:16:9e:54:c7:48:b2:aa:
ab:bb:52:f5:96:13:25:ad:77:d8:66:eb:51:c3:a4:89:ff:39:
b2:c7:d4:85
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYXyr9YVcgtlWuukS3X+E5T0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMTI3MTAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE5ZjBkZDMzZmM0ZTQ0OGU5MmY5ZTgyZmNmMDU1YzAwNTFkNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhX+HS1ShztSlLa23yyuzEkzoNK6S
LwtwG8iRFY6bu5X8H8JqHz6lkOxvjJmj4hOs0L+wIaDns/hkYW+xOzTFgGUeN2cf
dEqioe2wFF9ciELfMMl7LiBCYDpj0AIdGN7ba/X01t01cFGT8gZHlYN43cXwfaEh
gJyrFpv9sjIWzWKm7HnX9rcdF7Xi6KlOTivGiujRBiPXCoE+8FkxdfgISwcYbHNO
1G3Dq7udIxfB+9GCsB5JJShoKK79d2ZIxISJVc5AERX3NO95+zoQ0g3PwzhyFTU3
oR4M8RJgQ/sWEnHy6MQInUxY992+mSbz5Ilo5nnrju+oTq7T23+G9EV3FwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLwZ8N0z/E5EjpL56C/PBVwAUdRWMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvdkJudzNUUDhUa1NPa3Zub0w4OEZYQUJSMUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAAlgMkD
BAIlgMgDBAAuF2ADBAEuF2IDBABtzdQDBAC5UdgDBAC5UdswDQYJKoZIhvcNAQEL
BQADggEBAJkmMcaBpsuz9gUU1oswDef9GHWY2hNMKTAYt52+ktvuSXy6hl1XXv71
DfmnlDf3TJe2byBte8Mq3lSGO5+L/KvwtY/JgC2ZSDeXAe3B7404QPLvMMGkTvSY
oE9FhK2pHLCtJJ+E2O7eb3I31qxmSf7lGZy/ZHKZc1sQdOVJPsVmBo6bDjeVzW00
v88X3V5cQpIVhBoERmUL//Tx+W0kjUtu/10tjwUlgkoL3NfV/22X5lkpbpIpO/57
eECaqpJa9K9VimnlLIN8S+GN+mSXwS94pxo9TaJX7Jz4MZKKjWAO6irnFp5Ux0iy
qqu7UvWWEyWtd9hm61HDpIn/ObLH1IU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:51 2023 by rpki-client on console-ams.rpki-client.org