Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/sHsLE5l7kDTf7V13kKuV9jgsd9o.roa
File: sHsLE5l7kDTf7V13kKuV9jgsd9o.roa (raw, json)
Hash identifier: KDZFyEciPX2uasdRS9/11sWhxfOIwtrJPoKw6SHF+3o=
Subject key identifier: B0:7B:0B:13:99:7B:90:34:DF:ED:5D:77:90:AB:95:F6:38:2C:77:DA
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 0186CB98C9EF82CB1D5ABC6A6E7BFB01CB09
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/sHsLE5l7kDTf7V13kKuV9jgsd9o.roa
Signing time: Fri 10 Mar 2023 12:57:13 +0000
ROA not before: Fri 10 Mar 2023 12:57:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57862
IP address blocks: 37.122.152.0/22 maxlen: 22
37.122.152.0/24 maxlen: 24
37.122.152.0/23 maxlen: 23
37.122.154.0/23 maxlen: 23
37.122.154.0/24 maxlen: 24
37.122.153.0/24 maxlen: 24
37.122.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:98:c9:ef:82:cb:1d:5a:bc:6a:6e:7b:fb:01:cb:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Mar 10 12:57:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b07b0b13997b9034dfed5d7790ab95f6382c77da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:aa:c6:56:4c:f2:6d:ff:b8:ed:f5:63:b4:34:
02:bd:31:1f:c4:dc:0e:c5:61:02:98:b6:a1:bb:09:
8b:5e:de:38:ae:9a:0f:68:ec:8d:47:2f:b8:ac:08:
ed:8d:8f:94:1d:b2:e2:81:65:d4:9b:e8:1d:52:c7:
50:10:b9:7c:36:4e:fc:0f:e5:b6:ac:51:2b:c4:9e:
5a:1b:58:aa:83:4c:b6:88:ed:25:9e:62:5c:6e:3e:
b7:2d:67:23:1f:81:2b:4a:ef:a6:6e:75:85:b9:2f:
ae:46:ae:e6:64:87:e7:2f:46:c0:e1:fc:88:74:96:
6b:0a:6c:c4:d5:a3:e4:a4:e5:dc:0e:cf:97:4d:73:
2f:a2:17:32:ca:83:77:31:dc:ad:9a:cc:41:18:dc:
ee:ac:8a:29:b3:6e:1a:bd:b9:f9:00:e9:72:79:0c:
2f:b2:4b:6b:ed:bf:af:6f:95:84:0f:04:aa:3d:9a:
1f:86:e2:ca:a4:58:01:bf:3c:26:93:da:0f:99:ea:
52:f6:8f:67:5f:5a:6a:e1:71:7f:8c:f5:8d:ab:87:
ec:10:4f:2d:a8:5d:5e:55:ae:33:f9:4f:be:4d:c1:
13:44:98:2c:00:1b:41:4c:45:85:e2:26:34:c3:d8:
0c:17:1e:01:c7:19:b8:df:4f:15:83:c7:19:cf:65:
bd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7B:0B:13:99:7B:90:34:DF:ED:5D:77:90:AB:95:F6:38:2C:77:DA
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/sHsLE5l7kDTf7V13kKuV9jgsd9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.156.255
Signature Algorithm: sha256WithRSAEncryption
77:64:d5:15:cb:b2:45:d9:ed:a3:73:b2:14:ac:11:e4:c0:3b:
23:c8:c2:69:c6:9f:ed:3f:b6:2f:6e:27:bb:0b:f6:da:ea:e5:
23:03:e2:ca:8b:bf:0f:21:87:0b:b9:21:20:d2:a7:7b:34:df:
47:22:29:bf:08:e2:97:61:86:85:7a:ea:d7:57:d6:d5:a2:1f:
45:53:2e:cc:a0:92:03:e4:53:39:00:4d:d7:a4:49:e7:b1:b3:
b8:0b:8e:c0:21:0f:c7:73:1c:d2:a7:04:19:00:89:da:39:be:
7c:6c:d8:31:54:88:ae:d4:c5:5b:dc:cb:cb:9d:b3:3a:fd:b3:
60:9a:99:ea:87:f5:02:1c:9f:59:8c:10:4b:a8:52:9c:9f:60:
f0:60:6b:cc:31:1b:c0:b2:bc:bd:f5:0a:08:28:1a:d9:a5:5a:
c8:c9:44:23:74:81:38:13:2a:52:c4:b6:05:75:9a:b8:02:66:
c5:59:b5:f5:a0:24:65:30:cb:b0:f8:39:7d:8a:5a:06:33:57:
89:f8:89:6c:e5:83:78:0f:bb:0f:07:77:3e:d0:04:72:fd:47:
3e:95:12:97:f2:9c:ff:a9:10:23:0f:c7:63:69:a6:92:70:d1:
3e:cf:7e:55:20:4c:16:73:08:e9:92:eb:58:4f:02:97:ab:6c:
54:c9:42:8d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYbLmMnvgssdWrxqbnv7AcsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjMwMzEwMTI1NzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDdiMGIxMzk5N2I5MDM0ZGZlZDVkNzc5MGFiOTVmNjM4MmM3N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6rGVkzybf+47fVjtDQCvTEfxNwO
xWECmLahuwmLXt44rpoPaOyNRy+4rAjtjY+UHbLigWXUm+gdUsdQELl8Nk78D+W2
rFErxJ5aG1iqg0y2iO0lnmJcbj63LWcjH4ErSu+mbnWFuS+uRq7mZIfnL0bA4fyI
dJZrCmzE1aPkpOXcDs+XTXMvohcyyoN3MdytmsxBGNzurIops24avbn5AOlyeQwv
sktr7b+vb5WEDwSqPZofhuLKpFgBvzwmk9oPmepS9o9nX1pq4XF/jPWNq4fsEE8t
qF1eVa4z+U++TcETRJgsABtBTEWF4iY0w9gMFx4Bxxm4308Vg8cZz2W9nwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLB7CxOZe5A03+1dd5CrlfY4LHfaMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvc0hzTEU1bDdrRFRmN1YxM2tLdVY5amdzZDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMlepgD
BAAlepwwDQYJKoZIhvcNAQELBQADggEBAHdk1RXLskXZ7aNzshSsEeTAOyPIwmnG
n+0/ti9uJ7sL9trq5SMD4sqLvw8hhwu5ISDSp3s030ciKb8I4pdhhoV66tdX1tWi
H0VTLsygkgPkUzkATdekSeexs7gLjsAhD8dzHNKnBBkAido5vnxs2DFUiK7UxVvc
y8udszr9s2CameqH9QIcn1mMEEuoUpyfYPBga8wxG8CyvL31CggoGtmlWsjJRCN0
gTgTKlLEtgV1mrgCZsVZtfWgJGUwy7D4OX2KWgYzV4n4iWzlg3gPuw8Hdz7QBHL9
Rz6VEpfynP+pECMPx2NpppJw0T7PflUgTBZzCOmS61hPAperbFTJQo0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:53 2024 by rpki-client on console-fra.rpki-client.org