Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/u-FZF-zcJKmggpJu2GjF_jWmXcE.roa
File: u-FZF-zcJKmggpJu2GjF_jWmXcE.roa (raw, json)
Hash identifier: 8fU7w6ekg+3Fks6TsnDhmTBqs8Sp08r1YVBZKwp8x5o=
Subject key identifier: BB:E1:59:17:EC:DC:24:A9:A0:82:92:6E:D8:68:C5:FE:35:A6:5D:C1
Certificate issuer: /CN=74aa9312af4c3d9cee082c9541a6b65ada569b3c
Certificate serial: 0193434585B19F61F45DF96AE4374F64783E
Authority key identifier: 74:AA:93:12:AF:4C:3D:9C:EE:08:2C:95:41:A6:B6:5A:DA:56:9B:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKqTEq9MPZzuCCyVQaa2WtpWmzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/u-FZF-zcJKmggpJu2GjF_jWmXcE.roa
Signing time: Tue 19 Nov 2024 07:14:09 +0000
ROA not before: Tue 19 Nov 2024 07:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42772
IP address blocks: 37.17.117.0/24 maxlen: 24
37.17.118.0/24 maxlen: 24
128.65.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 19 Nov 2024 07:26:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:45:85:b1:9f:61:f4:5d:f9:6a:e4:37:4f:64:78:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74aa9312af4c3d9cee082c9541a6b65ada569b3c
Validity
Not Before: Nov 19 07:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbe15917ecdc24a9a082926ed868c5fe35a65dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5b:d7:38:22:7c:af:98:27:45:4f:ff:08:5c:
1b:f7:73:99:96:d1:cc:43:65:e7:5d:7b:a2:d2:f9:
21:9d:ea:50:e3:c6:d5:17:5c:20:66:4a:ab:87:18:
48:0a:e4:87:94:54:ab:de:e5:c6:a1:4e:e3:cf:d5:
21:87:f2:55:60:01:ef:3f:6b:38:12:c2:c9:16:d1:
2a:a1:3d:be:c8:ef:a3:2b:5d:f0:9c:c3:1a:23:c1:
26:2e:50:d2:08:7f:be:3b:5d:c5:eb:b8:57:52:82:
c3:75:c4:5f:23:21:78:e9:a1:a6:3b:89:9b:d4:52:
be:e8:b5:cc:68:da:66:ab:e3:2d:61:91:92:01:97:
61:ff:3e:ed:41:8d:31:9e:a0:77:92:07:33:3a:cb:
c4:45:5b:c9:05:5f:4b:c7:ff:ad:4c:1c:a2:67:33:
aa:84:05:98:05:1f:3e:4d:a1:89:16:fe:d8:af:17:
fb:2c:2d:7e:b6:8a:d2:8a:52:0b:e8:5e:29:38:86:
d6:8e:36:47:ed:26:a2:39:ea:72:4c:5a:ac:54:4b:
6d:91:86:5e:15:c2:56:03:ab:e1:b0:af:63:88:c2:
b4:d9:cf:0e:98:e6:10:c4:1f:fa:b7:c9:f3:37:16:
22:6e:a5:15:ec:81:4e:82:25:a4:f7:68:09:ad:0a:
25:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E1:59:17:EC:DC:24:A9:A0:82:92:6E:D8:68:C5:FE:35:A6:5D:C1
X509v3 Authority Key Identifier:
keyid:74:AA:93:12:AF:4C:3D:9C:EE:08:2C:95:41:A6:B6:5A:DA:56:9B:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKqTEq9MPZzuCCyVQaa2WtpWmzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/u-FZF-zcJKmggpJu2GjF_jWmXcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/dKqTEq9MPZzuCCyVQaa2WtpWmzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.117.0-37.17.118.255
128.65.2.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:19:13:0f:aa:e4:6e:37:63:66:00:43:13:28:ac:b2:e0:fe:
fb:4f:f5:59:cc:a7:06:ba:2b:cc:0c:e9:5c:c6:fd:54:ca:8b:
fe:74:b6:3a:e8:ce:23:ad:39:64:7e:db:4b:6d:e4:b1:97:fe:
23:9d:96:c1:16:c5:24:d4:5a:b8:1a:fc:20:d2:13:52:ba:8a:
2c:df:d2:21:47:f8:c9:db:a2:72:22:98:bf:a3:35:f5:5c:b1:
1d:b9:30:16:ca:79:1b:d2:e4:a8:f6:3c:6a:2a:a7:d4:45:89:
dd:8c:cf:84:35:94:f4:b2:2e:9c:e2:90:8a:3a:b0:ab:fe:3a:
25:1e:cf:02:7e:ef:28:06:2f:83:a7:86:c2:ab:dc:b4:09:35:
f3:b4:db:0a:ba:d7:29:81:b9:cc:f1:80:c3:f8:16:de:1b:f7:
d7:34:bf:7e:8d:e9:97:1d:9f:21:2e:fc:a0:1a:42:70:50:d1:
f6:bf:46:45:89:da:96:d8:a2:f7:96:4b:d8:5c:28:23:fb:2f:
a0:8f:07:0e:10:6f:71:7e:80:a2:5c:dd:b6:49:6f:c8:18:bd:
7d:22:bb:7e:b7:e9:61:2f:ca:ad:47:2c:f9:3a:fd:1c:5f:f3:
ee:6e:30:c3:44:90:b9:b8:12:a5:1f:b9:3f:cc:11:5b:96:4d:
57:1e:fd:af
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZNDRYWxn2H0Xflq5DdPZHg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWE5MzEyYWY0YzNkOWNlZTA4MmM5NTQxYTZiNjVhZGE1
NjliM2MwHhcNMjQxMTE5MDcxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmUxNTkxN2VjZGMyNGE5YTA4MjkyNmVkODY4YzVmZTM1YTY1ZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1vXOCJ8r5gnRU//CFwb93OZltHM
Q2XnXXui0vkhnepQ48bVF1wgZkqrhxhICuSHlFSr3uXGoU7jz9Uhh/JVYAHvP2s4
EsLJFtEqoT2+yO+jK13wnMMaI8EmLlDSCH++O13F67hXUoLDdcRfIyF46aGmO4mb
1FK+6LXMaNpmq+MtYZGSAZdh/z7tQY0xnqB3kgczOsvERVvJBV9Lx/+tTByiZzOq
hAWYBR8+TaGJFv7Yrxf7LC1+torSilIL6F4pOIbWjjZH7SaiOepyTFqsVEttkYZe
FcJWA6vhsK9jiMK02c8OmOYQxB/6t8nzNxYibqUV7IFOgiWk92gJrQolYQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLvhWRfs3CSpoIKSbthoxf41pl3BMB8GA1UdIwQY
MBaAFHSqkxKvTD2c7ggslUGmtlraVps8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtxVEVxOU1QWnp1Q0N5VlFhYTJXdHBXbXp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYTQxNWEtYzcyOC00MmU5LWJlNDUt
OThhMWQ2NWNmZTZmLzEvdS1GWkYtemNKS21nZ3BKdTJHakZfaldtWGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYTQxNWEtYzcyOC00MmU5LWJlNDUtOThhMWQ2NWNmZTZm
LzEvZEtxVEVxOU1QWnp1Q0N5VlFhYTJXdHBXbXp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAlEXUD
BAAlEXYDBAGAQQIwDQYJKoZIhvcNAQELBQADggEBAH4ZEw+q5G43Y2YAQxMorLLg
/vtP9VnMpwa6K8wM6VzG/VTKi/50tjroziOtOWR+20tt5LGX/iOdlsEWxSTUWrga
/CDSE1K6iizf0iFH+MnbonIimL+jNfVcsR25MBbKeRvS5Kj2PGoqp9RFid2Mz4Q1
lPSyLpzikIo6sKv+OiUezwJ+7ygGL4OnhsKr3LQJNfO02wq61ymBuczxgMP4Ft4b
99c0v36N6ZcdnyEu/KAaQnBQ0fa/RkWJ2pbYoveWS9hcKCP7L6CPBw4Qb3F+gKJc
3bZJb8gYvX0iu3636WEvyq1HLPk6/Rxf8+5uMMNEkLm4EqUfuT/MEVuWTVce/a8=
-----END CERTIFICATE-----
Generated at Tue Nov 19 09:35:27 2024 by rpki-client on console-ams.rpki-client.org