Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/Bv2MX-rkKAFXVOxA_R58tM_xU40.roa
File: Bv2MX-rkKAFXVOxA_R58tM_xU40.roa (raw, json)
Hash identifier: 2YXm+RaA6kAWNB0rpzJWc0k47a0VPzRdTQcPiGxvEZY=
Subject key identifier: 06:FD:8C:5F:EA:E4:28:01:57:54:EC:40:FD:1E:7C:B4:CF:F1:53:8D
Certificate issuer: /CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
Certificate serial: 0185723A25E5D2A16806787E626A5D33D663
Authority key identifier: 7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/Bv2MX-rkKAFXVOxA_R58tM_xU40.roa
Signing time: Mon 02 Jan 2023 11:24:51 +0000
ROA not before: Mon 02 Jan 2023 11:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34545
IP address blocks: 37.130.192.0/24 maxlen: 24
37.130.193.0/24 maxlen: 24
37.130.194.0/24 maxlen: 24
37.130.195.0/24 maxlen: 24
185.45.81.0/24 maxlen: 24
185.45.82.0/24 maxlen: 24
185.45.83.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:25:e5:d2:a1:68:06:78:7e:62:6a:5d:33:d6:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
Validity
Not Before: Jan 2 11:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06fd8c5feae428015754ec40fd1e7cb4cff1538d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:79:70:73:5b:f4:2b:82:0e:73:fe:78:59:d4:
3d:dd:58:83:9c:95:4a:72:1e:df:19:16:03:e5:2b:
ab:31:ba:94:82:48:5a:ae:45:d8:80:a2:e2:b0:66:
21:7f:ca:45:c9:02:e1:08:bf:50:3c:35:2a:9c:9e:
c0:41:8d:82:12:08:bc:1a:14:ba:9c:fb:b0:85:85:
68:cf:be:36:b3:83:91:b7:f0:0f:e5:bd:23:b9:e1:
17:db:47:e8:63:da:3b:63:17:f5:f2:32:24:77:de:
de:b2:a9:66:99:8c:4b:4b:4c:33:e6:a8:cd:88:0a:
90:fc:92:40:2a:11:d2:76:82:58:d3:cd:68:e4:18:
07:56:77:10:63:13:38:6c:14:06:b2:70:f7:b6:1f:
5f:21:5e:db:89:fb:de:73:25:e9:68:d7:a4:88:35:
0d:33:cd:77:78:cb:81:6b:d9:45:ba:56:78:5f:2d:
d8:b3:bf:eb:44:d4:9d:18:7a:74:80:f4:28:4f:47:
a2:75:83:fd:02:03:ca:05:03:d1:67:65:0e:5f:d4:
37:ba:13:da:b0:43:1e:00:d0:a2:af:90:1f:24:95:
e6:c5:e8:b6:7c:e7:e8:8e:f4:c4:00:98:09:76:f8:
6c:18:ad:4c:f3:01:5b:a6:04:d8:52:cb:09:2a:ad:
ba:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FD:8C:5F:EA:E4:28:01:57:54:EC:40:FD:1E:7C:B4:CF:F1:53:8D
X509v3 Authority Key Identifier:
keyid:7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/Bv2MX-rkKAFXVOxA_R58tM_xU40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.192.0/22
185.45.81.0-185.45.83.255
Signature Algorithm: sha256WithRSAEncryption
66:b3:d2:44:c4:01:66:74:df:09:71:c4:97:47:d2:50:1b:09:
a0:de:7e:f2:f8:e0:ba:f6:6c:02:96:75:d7:3b:b7:08:62:a4:
ec:63:24:75:41:f8:fa:ea:e2:9a:45:c9:00:f8:82:73:9b:76:
e2:26:b5:a1:2e:09:cf:e6:bb:7d:d1:8f:0f:4d:11:02:47:78:
ea:49:10:35:15:72:08:2b:d5:33:9e:8b:a9:4c:64:c4:f6:58:
2e:25:ef:c1:0d:51:1d:e0:d3:e9:26:0a:52:7a:f2:ed:fc:03:
f0:90:81:e1:74:07:f9:3c:c8:24:3c:2b:8a:50:7e:9c:90:d4:
58:c3:61:dd:da:0c:15:8f:bd:2e:2d:9b:20:de:fe:ac:d4:27:
40:5a:b0:26:46:8d:fb:ac:e3:84:a3:97:49:b9:58:3e:22:9d:
2c:23:ad:e0:3d:d1:61:20:af:19:a2:5a:44:66:a3:d6:64:0b:
ed:bf:27:f9:f3:27:e5:a9:e9:69:3a:23:32:54:b7:71:f7:f6:
95:41:9c:1c:a8:dd:3f:b1:e8:d7:73:f9:d9:be:17:3f:fc:02:
38:38:84:9c:bd:b5:d2:ec:fd:2a:12:3a:98:ae:be:17:5f:c1:
c3:7e:25:b7:7d:d2:79:1a:a4:90:86:c5:c0:6e:ac:79:73:d2:
21:8d:2d:de
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyOiXl0qFoBnh+YmpdM9ZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNDNiMGVjNzk5NTFkNWQ1NTgwMTMzZTUzMjlhOTBmMmZl
ZTFjNWIwHhcNMjMwMTAyMTEyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmZkOGM1ZmVhZTQyODAxNTc1NGVjNDBmZDFlN2NiNGNmZjE1MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03lwc1v0K4IOc/54WdQ93ViDnJVK
ch7fGRYD5SurMbqUgkharkXYgKLisGYhf8pFyQLhCL9QPDUqnJ7AQY2CEgi8GhS6
nPuwhYVoz742s4ORt/AP5b0jueEX20foY9o7Yxf18jIkd97esqlmmYxLS0wz5qjN
iAqQ/JJAKhHSdoJY081o5BgHVncQYxM4bBQGsnD3th9fIV7bifvecyXpaNekiDUN
M813eMuBa9lFulZ4Xy3Ys7/rRNSdGHp0gPQoT0eidYP9AgPKBQPRZ2UOX9Q3uhPa
sEMeANCir5AfJJXmxei2fOfojvTEAJgJdvhsGK1M8wFbpgTYUssJKq26mQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAb9jF/q5CgBV1TsQP0efLTP8VONMB8GA1UdIwQY
MBaAFH1DsOx5lR1dVYATPlMpqQ8v7hxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgt
OTNhNjE5MmIxNzg1LzEvQnYyTVgtcmtLQUZYVk94QV9SNTh0TV94VTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgtOTNhNjE5MmIxNzg1
LzEvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCJYLAMAwD
BAC5LVEDBAK5LVAwDQYJKoZIhvcNAQELBQADggEBAGaz0kTEAWZ03wlxxJdH0lAb
CaDefvL44Lr2bAKWddc7twhipOxjJHVB+Prq4ppFyQD4gnObduImtaEuCc/mu33R
jw9NEQJHeOpJEDUVcggr1TOei6lMZMT2WC4l78ENUR3g0+kmClJ68u38A/CQgeF0
B/k8yCQ8K4pQfpyQ1FjDYd3aDBWPvS4tmyDe/qzUJ0BasCZGjfus44Sjl0m5WD4i
nSwjreA90WEgrxmiWkRmo9ZkC+2/J/nzJ+Wp6Wk6IzJUt3H39pVBnByo3T+x6Ndz
+dm+Fz/8Ajg4hJy9tdLs/SoSOpiuvhdfwcN+Jbd90nkapJCGxcBurHlz0iGNLd4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:56 2024 by rpki-client on console-ams.rpki-client.org