Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/GxcrZwP1A2iovDIKLAIQzh_HtJc.roa
File: GxcrZwP1A2iovDIKLAIQzh_HtJc.roa (raw, json)
Hash identifier: KWbrwlHEaKEb0tRaldjDJ1P7xG6i9l9K9/+HTA6jTEw=
Subject key identifier: 1B:17:2B:67:03:F5:03:68:A8:BC:32:0A:2C:02:10:CE:1F:C7:B4:97
Certificate issuer: /CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Certificate serial: 018CC2DAB7728E6AEC9176A98FBB8F43F522
Authority key identifier: 29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/GxcrZwP1A2iovDIKLAIQzh_HtJc.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6279
IP address blocks: 37.17.185.0/24 maxlen: 24
37.17.184.0/24 maxlen: 24
37.17.186.0/24 maxlen: 24
37.17.189.0/24 maxlen: 24
37.17.188.0/24 maxlen: 24
37.17.191.0/24 maxlen: 24
37.17.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 13:16:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b7:72:8e:6a:ec:91:76:a9:8f:bb:8f:43:f5:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b172b6703f50368a8bc320a2c0210ce1fc7b497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7b:20:60:0b:90:4d:78:cd:37:2e:62:f0:50:
92:00:c9:01:d5:da:67:74:35:d5:28:90:0b:c2:64:
53:89:cf:2c:a0:c2:27:46:c4:2e:8a:03:76:05:34:
cd:b5:84:01:4c:c6:b1:58:d4:9d:06:46:da:6d:21:
d7:82:b0:06:b9:5a:84:0b:a0:b9:64:01:e6:ba:28:
80:ab:3a:51:db:4a:7f:4c:07:15:7a:5e:1e:42:f8:
b2:78:eb:b5:ef:7c:f7:76:1a:46:cb:90:d6:ba:ff:
c7:db:47:0a:4b:b1:fe:19:da:f5:ae:42:b9:5d:3b:
4e:5e:d7:3e:bc:ca:f2:1c:e6:1b:8c:d5:f1:ce:b7:
98:e0:18:6e:be:d5:1b:77:3c:39:e2:41:a9:02:98:
67:77:51:99:dc:d7:32:04:1e:6a:38:b5:61:b0:4f:
dd:9c:40:a4:72:24:7e:4f:80:bf:1e:49:0b:11:30:
4e:25:7a:ad:dc:31:9f:8b:2a:8b:d0:c8:b7:72:40:
8b:24:ad:1e:11:c2:e7:1b:06:8d:ae:78:33:d0:aa:
5b:3d:88:42:f6:43:7c:84:0f:e3:e8:a0:0f:f1:1c:
2d:af:95:d6:e4:81:a4:f1:4b:4e:6d:94:01:3e:69:
70:c8:7a:4c:b1:6a:d4:72:92:d6:47:01:e2:d9:89:
07:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:17:2B:67:03:F5:03:68:A8:BC:32:0A:2C:02:10:CE:1F:C7:B4:97
X509v3 Authority Key Identifier:
keyid:29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/GxcrZwP1A2iovDIKLAIQzh_HtJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/KQbwJrH-Y2yaXaAR3H_WnFgdArg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.184.0-37.17.186.255
37.17.188.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:93:3e:0a:48:0e:70:2d:de:d8:a1:de:f3:4f:91:48:fb:8f:
5f:35:e1:07:38:57:24:59:e3:a4:86:b8:79:ea:ff:75:4d:bb:
72:f6:ff:49:99:04:21:bc:8e:89:5b:4e:a3:ea:94:79:c5:4b:
e9:61:71:19:53:3d:af:1e:29:97:df:d1:1c:e9:5b:0f:0b:03:
f5:61:ae:74:91:c3:39:41:78:6e:80:ff:bb:9e:ce:8f:f5:71:
fd:f1:89:06:a9:4c:d6:e7:85:c0:89:2c:d4:4e:74:8d:95:5a:
69:d9:ed:60:7b:dc:ea:13:a2:31:96:18:77:81:9c:af:75:96:
74:9c:5a:5a:1a:80:aa:1e:5f:0c:68:41:b2:ce:14:1b:41:b9:
ca:3c:a2:f2:1e:1c:3f:39:92:69:c3:61:93:ec:1c:de:bd:66:
ab:f0:45:42:f3:3c:fe:8c:c1:bf:d8:9e:2e:91:25:c2:be:10:
ed:82:1d:e4:37:ac:c5:13:27:8d:4e:af:21:d7:83:89:13:ba:
85:a0:8f:dd:1d:fa:71:2d:03:1c:4a:14:4d:ac:38:5e:a3:68:
4d:e6:20:03:6c:f5:26:ac:b4:6a:91:40:26:ed:97:7c:c5:64:
46:45:8b:d3:8e:59:16:38:01:9c:db:98:c2:ea:eb:bc:e8:15:
c0:04:d5:aa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzC2rdyjmrskXapj7uPQ/UiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDZmMDI2YjFmZTYzNmM5YTVkYTAxMWRjN2ZkNjljNTgx
ZDAyYjgwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjE3MmI2NzAzZjUwMzY4YThiYzMyMGEyYzAyMTBjZTFmYzdiNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3sgYAuQTXjNNy5i8FCSAMkB1dpn
dDXVKJALwmRTic8soMInRsQuigN2BTTNtYQBTMaxWNSdBkbabSHXgrAGuVqEC6C5
ZAHmuiiAqzpR20p/TAcVel4eQviyeOu173z3dhpGy5DWuv/H20cKS7H+Gdr1rkK5
XTtOXtc+vMryHOYbjNXxzreY4BhuvtUbdzw54kGpAphnd1GZ3NcyBB5qOLVhsE/d
nECkciR+T4C/HkkLETBOJXqt3DGfiyqL0Mi3ckCLJK0eEcLnGwaNrngz0KpbPYhC
9kN8hA/j6KAP8Rwtr5XW5IGk8UtObZQBPmlwyHpMsWrUcpLWRwHi2YkHowIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBsXK2cD9QNoqLwyCiwCEM4fx7SXMB8GA1UdIwQY
MBaAFCkG8Cax/mNsml2gEdx/1pxYHQK4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUt
ODBhOTFiZTgzZTRiLzEvR3hjclp3UDFBMmlvdkRJS0xBSVF6aF9IdEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUtODBhOTFiZTgzZTRi
LzEvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAMlEbgD
BAAlEboDBAIlEbwwDQYJKoZIhvcNAQELBQADggEBALeTPgpIDnAt3tih3vNPkUj7
j1814Qc4VyRZ46SGuHnq/3VNu3L2/0mZBCG8jolbTqPqlHnFS+lhcRlTPa8eKZff
0RzpWw8LA/VhrnSRwzlBeG6A/7uezo/1cf3xiQapTNbnhcCJLNROdI2VWmnZ7WB7
3OoTojGWGHeBnK91lnScWloagKoeXwxoQbLOFBtBuco8ovIeHD85kmnDYZPsHN69
ZqvwRULzPP6Mwb/Yni6RJcK+EO2CHeQ3rMUTJ41OryHXg4kTuoWgj90d+nEtAxxK
FE2sOF6jaE3mIANs9SastGqRQCbtl3zFZEZFi9OOWRY4AZzbmMLq67zoFcAE1ao=
-----END CERTIFICATE-----
Generated at Thu Aug 1 16:21:27 2024 by rpki-client on console-ams.rpki-client.org