Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/g6ChiIILGo1trAXeMd3XXo02dTw.roa
File: g6ChiIILGo1trAXeMd3XXo02dTw.roa (raw, json)
Hash identifier: DLcWmS1D3TRj9zIuU/gtDBLJZTa4li0mLnsvHZq1qFk=
Subject key identifier: 83:A0:A1:88:82:0B:1A:8D:6D:AC:05:DE:31:DD:D7:5E:8D:36:75:3C
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 018CC26D057E9DE80332EC6CD1D854AF2A5F
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/g6ChiIILGo1trAXeMd3XXo02dTw.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47962
IP address blocks: 176.106.224.0/22 maxlen: 22
176.106.224.0/24 maxlen: 24
176.106.224.0/23 maxlen: 23
176.106.230.0/24 maxlen: 24
176.106.230.0/23 maxlen: 23
37.122.152.0/22 maxlen: 22
37.122.153.0/24 maxlen: 24
37.122.157.0/24 maxlen: 24
37.122.155.0/24 maxlen: 24
37.122.156.0/23 maxlen: 23
37.122.156.0/24 maxlen: 24
37.122.154.0/24 maxlen: 24
2a0f:6a80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 04 Feb 2024 14:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:05:7e:9d:e8:03:32:ec:6c:d1:d8:54:af:2a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83a0a188820b1a8d6dac05de31ddd75e8d36753c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c8:f3:84:fb:cc:44:ec:31:55:58:29:12:55:
25:e9:aa:e8:ee:ff:b5:7b:1c:1a:0b:2d:5c:a2:20:
97:40:a1:21:f6:a6:3a:67:7a:45:f7:da:ef:84:5d:
64:26:66:56:57:a4:e6:0a:90:4f:18:c6:3d:69:82:
2e:31:9c:8a:4c:64:af:a5:34:2f:16:8d:79:1f:3d:
d5:25:b1:2b:34:b4:1a:fd:03:5a:84:67:d3:52:cd:
8e:e4:45:11:5a:92:16:ba:b4:e1:f7:0c:4b:15:d1:
0b:a1:2e:20:93:41:ee:19:a9:d7:da:2c:e5:94:5c:
d1:51:bc:60:29:7a:92:c6:7a:d6:4e:38:c6:c7:6a:
a9:8e:17:1c:1e:42:c4:ff:e1:27:02:55:ba:53:a7:
d0:49:61:86:6f:3e:df:d5:15:cb:c6:c9:52:6a:00:
6f:ab:f8:eb:23:18:63:8d:0a:9d:5b:85:d8:db:e5:
c8:df:19:7b:81:29:d5:93:23:cc:b7:32:3c:9b:ab:
08:c2:fb:d7:22:4a:56:4a:89:fe:ec:6e:10:4f:93:
e7:c7:fb:ad:2b:44:fb:3b:01:0c:bb:22:53:50:6c:
bf:0f:0b:4d:86:bc:12:2f:1f:74:b8:69:96:c5:c9:
18:64:25:a4:cd:56:86:a0:37:24:8b:c8:35:29:1b:
c6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A0:A1:88:82:0B:1A:8D:6D:AC:05:DE:31:DD:D7:5E:8D:36:75:3C
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/g6ChiIILGo1trAXeMd3XXo02dTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.157.255
176.106.224.0/22
176.106.230.0/23
IPv6:
2a0f:6a80:1::/48
Signature Algorithm: sha256WithRSAEncryption
00:77:83:ac:9a:c5:32:90:50:1f:88:b1:66:61:d6:e9:81:77:
ef:07:39:ef:bf:30:51:d2:70:05:cd:e7:94:2a:6d:80:bc:7f:
aa:a4:a2:9b:67:24:8e:da:1b:e3:ce:79:16:47:67:cb:95:68:
ac:66:86:31:3f:b3:51:e0:e7:f3:39:6d:24:96:cc:22:82:a2:
18:a1:1c:55:c2:7d:9f:6c:83:49:6a:c1:a5:87:1a:df:8c:ad:
db:54:dd:1b:4f:2d:50:a5:82:89:68:72:46:82:8f:75:00:5a:
73:2e:52:b6:6b:48:12:c8:d6:4a:24:2d:aa:88:8e:f3:78:20:
ff:a8:6c:b8:91:f6:06:d6:72:b5:6f:12:3a:4b:f9:de:1a:44:
1b:62:dc:ff:cf:e6:34:ef:24:42:e6:76:9b:17:c1:24:95:5d:
db:0b:be:39:b5:2f:7b:91:ea:4e:34:8e:27:a1:a8:0f:b6:be:
be:b8:91:88:b9:3d:7e:a2:ad:ff:1d:ba:c0:e7:7a:eb:0d:88:
af:38:aa:ae:cf:1f:b4:df:8d:42:79:57:81:9d:a1:99:85:9a:
d4:bb:10:e6:44:b8:25:67:07:5e:27:b9:f9:53:15:9a:38:39:
f9:53:2f:41:ee:aa:8a:de:80:4e:be:9b:51:e5:1f:4f:35:0c:
cd:56:e4:14
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzCbQV+negDMuxs0dhUrypfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2EwYTE4ODgyMGIxYThkNmRhYzA1ZGUzMWRkZDc1ZThkMzY3NTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sjzhPvMROwxVVgpElUl6aro7v+1
exwaCy1coiCXQKEh9qY6Z3pF99rvhF1kJmZWV6TmCpBPGMY9aYIuMZyKTGSvpTQv
Fo15Hz3VJbErNLQa/QNahGfTUs2O5EURWpIWurTh9wxLFdELoS4gk0HuGanX2izl
lFzRUbxgKXqSxnrWTjjGx2qpjhccHkLE/+EnAlW6U6fQSWGGbz7f1RXLxslSagBv
q/jrIxhjjQqdW4XY2+XI3xl7gSnVkyPMtzI8m6sIwvvXIkpWSon+7G4QT5Pnx/ut
K0T7OwEMuyJTUGy/DwtNhrwSLx90uGmWxckYZCWkzVaGoDcki8g1KRvGEwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFIOgoYiCCxqNbawF3jHd116NNnU8MB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvZzZDaGlJSUxHbzF0ckFYZU1kM1hYbzAyZFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAMlepgD
BAElepwDBAKwauADBAGwauYwDwQCAAIwCQMHACoPaoAAATANBgkqhkiG9w0BAQsF
AAOCAQEAAHeDrJrFMpBQH4ixZmHW6YF37wc5778wUdJwBc3nlCptgLx/qqSim2ck
jtob4855Fkdny5VorGaGMT+zUeDn8zltJJbMIoKiGKEcVcJ9n2yDSWrBpYca34yt
21TdG08tUKWCiWhyRoKPdQBacy5StmtIEsjWSiQtqoiO83gg/6hsuJH2BtZytW8S
Okv53hpEG2Lc/8/mNO8kQuZ2mxfBJJVd2wu+ObUve5HqTjSOJ6GoD7a+vriRiLk9
fqKt/x26wOd66w2Irziqrs8ftN+NQnlXgZ2hmYWa1LsQ5kS4JWcHXie5+VMVmjg5
+VMvQe6qit6ATr6bUeUfTzUMzVbkFA==
-----END CERTIFICATE-----
Generated at Sun Feb 4 17:21:08 2024 by rpki-client on console-fra.rpki-client.org