Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/tYGVsFrB7VOXWfcum5t4AVM5al0.roa
File: tYGVsFrB7VOXWfcum5t4AVM5al0.roa (raw, json)
Hash identifier: 3W/oUbGPkWajXZ2V8tJUAwltje9dI+SUOSNU0c1Vh9s=
Subject key identifier: B5:81:95:B0:5A:C1:ED:53:97:59:F7:2E:9B:9B:78:01:53:39:6A:5D
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018AF6DCDB34A0CEE92C00BE66DDB16F96C9
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/tYGVsFrB7VOXWfcum5t4AVM5al0.roa
Signing time: Tue 03 Oct 2023 18:46:23 +0000
ROA not before: Tue 03 Oct 2023 18:46:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
188.240.83.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
62.112.30.0/24 maxlen: 24
77.81.1.0/24 maxlen: 24
89.44.210.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:dc:db:34:a0:ce:e9:2c:00:be:66:dd:b1:6f:96:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Oct 3 18:46:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b58195b05ac1ed539759f72e9b9b780153396a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:17:8b:6d:58:ec:a1:8a:3b:a2:f1:b6:28:82:
b1:ed:ae:66:ba:38:a0:bb:42:c6:84:e0:6f:a9:c2:
6f:fe:29:fe:c2:0f:bc:37:90:04:05:77:3a:71:db:
92:26:43:84:72:6b:ec:3a:ba:e5:ae:36:e3:23:22:
29:11:1b:8c:16:4f:c2:b6:06:f7:ab:e2:9d:44:87:
5c:b8:2a:cf:c3:6c:49:f1:44:ca:9a:02:2f:94:36:
c9:3c:8f:5f:75:68:26:85:b8:18:c4:83:70:bb:06:
2a:f0:7d:76:d1:a7:c3:e8:7c:3d:36:20:44:1d:12:
3e:46:ce:83:c1:c9:38:84:4d:9e:9d:e9:f0:ae:ad:
a7:58:77:a6:0c:fd:7b:be:12:4a:13:ea:4b:17:33:
d9:90:34:78:ea:87:96:a7:5d:70:61:4c:bd:fd:6a:
9a:ac:64:49:83:b8:42:b5:1f:08:5c:68:8f:65:d9:
cb:26:49:5b:82:27:71:b4:69:3b:94:47:51:b4:47:
f0:b3:2f:b0:de:44:1a:a7:52:f2:28:7b:e7:57:0e:
4b:5a:b0:5b:26:2d:8c:f3:24:ae:1d:aa:c3:6f:be:
6d:ab:56:4a:47:81:c6:31:cd:7a:37:48:cf:36:a7:
71:7b:6d:30:ba:75:ae:54:11:3f:9c:9d:9c:19:a0:
9d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:81:95:B0:5A:C1:ED:53:97:59:F7:2E:9B:9B:78:01:53:39:6A:5D
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/tYGVsFrB7VOXWfcum5t4AVM5al0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
46.102.174.0/24
62.112.30.0/24
77.81.1.0/24
84.247.20.0/24
89.37.106.0/24
89.37.128.0/24
89.40.43.0/24
89.42.215.0/24
89.44.210.0/24
91.250.244.0/24
94.177.113.0/24
94.177.118.0/24
176.223.190.0/24
188.240.83.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:bd:1f:d7:41:11:7e:0f:62:d5:4b:9e:2a:3a:6e:1f:ae:61:
ec:3b:6d:6e:4f:1c:45:5e:af:95:e6:b5:6a:8f:54:fc:8a:37:
9b:a4:b5:b1:f8:c9:24:02:de:63:c6:55:bd:02:46:07:8d:c5:
59:e3:bf:cd:4a:31:c2:a5:4a:fe:4a:2c:90:db:b1:16:9d:5c:
43:1b:04:3a:41:ff:9e:cb:f7:aa:da:d7:11:07:fd:8a:34:8f:
0e:90:f4:bb:c3:c5:d7:ae:cd:5e:56:15:48:05:c5:ee:fb:03:
29:26:45:79:14:84:1e:6b:52:1a:82:ea:c4:9f:fc:c4:65:78:
35:99:41:98:19:ee:12:b1:08:eb:92:da:6c:02:df:40:70:ad:
f7:35:ca:d7:e2:82:61:08:e4:25:be:d0:6f:30:40:51:d8:25:
7d:86:4a:1a:f9:7e:ef:56:62:ab:c2:a6:eb:c3:c4:29:31:c1:
96:8e:18:3b:cc:b1:b2:e7:36:30:48:54:d8:10:40:84:f2:2c:
8c:6a:68:87:59:bc:13:39:74:48:56:0b:70:63:a8:ce:64:78:
e1:c4:f1:8e:71:dd:87:eb:15:08:eb:e6:4f:63:88:ab:60:49:
c6:e4:73:84:9e:71:6d:c1:7a:eb:83:5c:a4:fd:8e:06:7c:32:
90:62:e2:97
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYr23Ns0oM7pLAC+Zt2xb5bJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMDAzMTg0NjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTgxOTViMDVhYzFlZDUzOTc1OWY3MmU5YjliNzgwMTUzMzk2YTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuReLbVjsoYo7ovG2KIKx7a5mujig
u0LGhOBvqcJv/in+wg+8N5AEBXc6cduSJkOEcmvsOrrlrjbjIyIpERuMFk/Ctgb3
q+KdRIdcuCrPw2xJ8UTKmgIvlDbJPI9fdWgmhbgYxINwuwYq8H120afD6Hw9NiBE
HRI+Rs6Dwck4hE2enenwrq2nWHemDP17vhJKE+pLFzPZkDR46oeWp11wYUy9/Wqa
rGRJg7hCtR8IXGiPZdnLJklbgidxtGk7lEdRtEfwsy+w3kQap1LyKHvnVw5LWrBb
Ji2M8ySuHarDb75tq1ZKR4HGMc16N0jPNqdxe20wunWuVBE/nJ2cGaCdiQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFLWBlbBawe1Tl1n3LpubeAFTOWpdMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvdFlHVnNGckI3Vk9YV2ZjdW01dDRBVk01YWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAJZmEAwQA
LmauAwQAPnAeAwQATVEBAwQAVPcUAwQAWSVqAwQAWSWAAwQAWSgrAwQAWSrXAwQA
WSzSAwQAW/r0AwQAXrFxAwQAXrF2AwQAsN++AwQAvPBTMA0GCSqGSIb3DQEBCwUA
A4IBAQB/vR/XQRF+D2LVS54qOm4frmHsO21uTxxFXq+V5rVqj1T8ijebpLWx+Mkk
At5jxlW9AkYHjcVZ47/NSjHCpUr+SiyQ27EWnVxDGwQ6Qf+ey/eq2tcRB/2KNI8O
kPS7w8XXrs1eVhVIBcXu+wMpJkV5FIQea1IagurEn/zEZXg1mUGYGe4SsQjrktps
At9AcK33NcrX4oJhCOQlvtBvMEBR2CV9hkoa+X7vVmKrwqbrw8QpMcGWjhg7zLGy
5zYwSFTYEECE8iyMamiHWbwTOXRIVgtwY6jOZHjhxPGOcd2H6xUI6+ZPY4irYEnG
5HOEnnFtwXrrg1yk/Y4GfDKQYuKX
Generated at Thu Oct 5 04:18:49 2023 by rpki-client on console-fra.rpki-client.org