Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/pKWi6J0V5pbmXL9aQRaclxpcb70.roa
File: pKWi6J0V5pbmXL9aQRaclxpcb70.roa (raw, json)
Hash identifier: KyYgpXj2oLE1UWdkm5IO9bOkz+vgAjXMSvuWmLycf1Q=
Subject key identifier: A4:A5:A2:E8:9D:15:E6:96:E6:5C:BF:5A:41:16:9C:97:1A:5C:6F:BD
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 0190E68A59F2A99BD61AB45DECAF73FEB452
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/pKWi6J0V5pbmXL9aQRaclxpcb70.roa
Signing time: Wed 24 Jul 2024 20:59:04 +0000
ROA not before: Wed 24 Jul 2024 20:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47962
IP address blocks: 37.122.152.0/22 maxlen: 22
37.122.152.0/23 maxlen: 23
37.122.153.0/24 maxlen: 24
37.122.154.0/23 maxlen: 23
37.122.154.0/24 maxlen: 24
37.122.155.0/24 maxlen: 24
37.122.156.0/23 maxlen: 23
37.122.156.0/24 maxlen: 24
37.122.157.0/24 maxlen: 24
176.106.224.0/22 maxlen: 22
176.106.224.0/23 maxlen: 23
176.106.224.0/24 maxlen: 24
176.106.230.0/23 maxlen: 23
176.106.230.0/24 maxlen: 24
176.106.231.0/24 maxlen: 24
2a0f:6a80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 30 Aug 2024 09:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e6:8a:59:f2:a9:9b:d6:1a:b4:5d:ec:af:73:fe:b4:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Jul 24 20:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4a5a2e89d15e696e65cbf5a41169c971a5c6fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e2:78:d6:2e:27:31:2a:21:f5:2f:7e:a4:e0:
fa:0c:03:ff:b0:9a:9e:73:de:2f:91:5e:84:0e:b8:
f1:e5:8d:b8:6f:b0:8a:6e:03:8a:bc:12:3e:0e:df:
3b:14:c7:a6:e5:86:8d:a5:32:b5:c0:98:93:2a:b7:
44:eb:c4:97:d8:49:30:62:51:2f:7c:92:e3:0b:8c:
5c:ae:93:36:8a:32:2b:fe:b9:12:d7:d9:f5:03:af:
9d:99:2c:3c:c1:bf:a1:98:ce:41:34:92:e4:1e:22:
76:d1:0b:f8:1e:ee:f3:cf:db:7b:eb:f8:54:27:14:
7e:22:9a:4f:0b:d3:60:b1:58:f7:4a:0a:f6:6c:97:
65:a1:61:d3:1e:8b:37:88:36:25:83:72:64:fd:1b:
9b:9b:b5:f8:7c:28:7c:ca:6e:0f:bb:c5:a2:a0:64:
bf:15:aa:48:a0:18:35:c8:40:9f:6b:c8:6c:bf:96:
99:3b:d5:a8:1e:f3:99:0d:be:21:d4:cd:9c:ea:43:
f4:c1:98:41:d4:50:01:a0:c0:a6:bd:3d:77:79:2e:
8e:b7:92:b5:f6:89:6f:15:9d:9a:3f:6a:7e:1e:b0:
d9:e1:bf:cb:80:04:51:6d:ee:e9:4f:1d:71:83:c7:
bf:39:8f:2b:73:c5:f3:5d:df:2f:d7:ca:11:94:44:
5d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A5:A2:E8:9D:15:E6:96:E6:5C:BF:5A:41:16:9C:97:1A:5C:6F:BD
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/pKWi6J0V5pbmXL9aQRaclxpcb70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.157.255
176.106.224.0/22
176.106.230.0/23
IPv6:
2a0f:6a80:1::/48
Signature Algorithm: sha256WithRSAEncryption
82:d1:52:20:48:14:06:45:eb:39:4c:b4:a5:76:e7:31:05:07:
87:4f:bc:14:67:35:ae:6f:ce:61:67:85:d6:0b:4b:b4:d1:7d:
4e:6a:b6:49:43:e0:45:e9:17:4c:e4:cc:33:a9:8f:4e:e0:48:
d8:5d:8a:fd:9b:e4:a4:77:b8:08:bc:6a:11:68:5a:74:c6:26:
95:23:7f:00:59:f7:54:93:c8:42:11:5e:13:c5:d9:73:a3:06:
de:e2:71:de:71:5a:da:5a:74:69:c0:7b:d2:84:b5:c6:78:3e:
8a:14:24:ed:a8:67:7b:29:bf:38:73:b3:f8:2c:35:c3:51:55:
ea:9f:e6:ff:c8:60:4f:77:24:15:d5:91:96:15:8a:76:12:8c:
f3:ce:ac:a7:cc:89:8d:e6:fa:69:bd:dc:e1:f7:4c:a5:9f:8a:
35:ae:19:b0:6b:f7:7f:76:29:94:11:aa:3c:9c:a3:0f:d5:46:
6a:c2:dc:d6:03:bd:32:e3:25:21:1e:65:ec:dd:d7:32:e1:aa:
64:8f:01:08:52:d8:0a:fb:fc:75:bc:69:b5:43:c4:28:9b:0b:
1e:d8:ef:f8:01:e0:09:b9:cd:ce:a7:75:53:a2:67:15:8c:0a:
98:70:61:7f:de:b6:47:18:ec:c6:6a:03:a8:91:6b:a2:f5:f4:
e7:ac:ba:4b
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZDmilnyqZvWGrRd7K9z/rRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjQwNzI0MjA1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGE1YTJlODlkMTVlNjk2ZTY1Y2JmNWE0MTE2OWM5NzFhNWM2ZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuJ41i4nMSoh9S9+pOD6DAP/sJqe
c94vkV6EDrjx5Y24b7CKbgOKvBI+Dt87FMem5YaNpTK1wJiTKrdE68SX2EkwYlEv
fJLjC4xcrpM2ijIr/rkS19n1A6+dmSw8wb+hmM5BNJLkHiJ20Qv4Hu7zz9t76/hU
JxR+IppPC9NgsVj3Sgr2bJdloWHTHos3iDYlg3Jk/Rubm7X4fCh8ym4Pu8WioGS/
FapIoBg1yECfa8hsv5aZO9WoHvOZDb4h1M2c6kP0wZhB1FABoMCmvT13eS6Ot5K1
9olvFZ2aP2p+HrDZ4b/LgARRbe7pTx1xg8e/OY8rc8XzXd8v18oRlERdpwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFKSlouidFeaW5ly/WkEWnJcaXG+9MB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvcEtXaTZKMFY1cGJtWEw5YVFSYWNseHBjYjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAMlepgD
BAElepwDBAKwauADBAGwauYwDwQCAAIwCQMHACoPaoAAATANBgkqhkiG9w0BAQsF
AAOCAQEAgtFSIEgUBkXrOUy0pXbnMQUHh0+8FGc1rm/OYWeF1gtLtNF9Tmq2SUPg
RekXTOTMM6mPTuBI2F2K/ZvkpHe4CLxqEWhadMYmlSN/AFn3VJPIQhFeE8XZc6MG
3uJx3nFa2lp0acB70oS1xng+ihQk7ahneym/OHOz+Cw1w1FV6p/m/8hgT3ckFdWR
lhWKdhKM886sp8yJjeb6ab3c4fdMpZ+KNa4ZsGv3f3YplBGqPJyjD9VGasLc1gO9
MuMlIR5l7N3XMuGqZI8BCFLYCvv8dbxptUPEKJsLHtjv+AHgCbnNzqd1U6JnFYwK
mHBhf962RxjsxmoDqJFrovX056y6Sw==
-----END CERTIFICATE-----
Generated at Fri Aug 30 11:05:22 2024 by rpki-client on console-ams.rpki-client.org