Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/ZIQ9RCBhnnaCIC-tBNPGU8vCMa8.roa
File: ZIQ9RCBhnnaCIC-tBNPGU8vCMa8.roa (raw, json)
Hash identifier: pW4dq8AUWfGKCdaKSxep2Eo8/PQbqcHn0jbvMMBKWP4=
Subject key identifier: 64:84:3D:44:20:61:9E:76:82:20:2F:AD:04:D3:C6:53:CB:C2:31:AF
Certificate issuer: /CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Certificate serial: 01910E1554EF32D872BA24FE1599B7122465
Authority key identifier: 29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/ZIQ9RCBhnnaCIC-tBNPGU8vCMa8.roa
Signing time: Thu 01 Aug 2024 13:16:04 +0000
ROA not before: Thu 01 Aug 2024 13:16:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6279
IP address blocks: 37.17.184.0/21 maxlen: 24
37.17.184.0/24 maxlen: 24
37.17.185.0/24 maxlen: 24
37.17.186.0/24 maxlen: 24
37.17.188.0/24 maxlen: 24
37.17.189.0/24 maxlen: 24
37.17.190.0/24 maxlen: 24
37.17.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0e:15:54:ef:32:d8:72:ba:24:fe:15:99:b7:12:24:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Validity
Not Before: Aug 1 13:16:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64843d4420619e7682202fad04d3c653cbc231af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0b:3c:c3:2a:06:cb:3e:94:13:de:79:01:e7:
db:c9:4d:e3:2f:c1:29:b1:0e:24:14:db:1f:04:9b:
3c:27:c6:e0:1c:24:42:b9:91:54:43:0b:34:80:33:
bc:25:99:66:74:37:af:2f:0a:74:45:62:f9:31:56:
80:cd:fd:cf:77:b7:65:a6:27:31:ae:9f:ea:c5:38:
41:11:7d:ae:54:bd:b0:1d:0c:a1:66:52:5b:ad:f2:
fe:d0:7a:5a:92:55:99:01:c4:7c:97:77:ff:ff:54:
af:26:39:33:66:5b:46:4d:02:1c:e4:17:b6:cd:20:
66:59:93:7d:74:4f:5d:12:df:7a:0f:81:b5:9d:df:
e8:1a:7c:fb:14:6b:34:f3:d5:e9:a4:28:61:b4:91:
cf:bc:a0:09:50:e9:2a:7e:be:cd:1a:32:2e:ac:57:
38:28:83:67:b5:cd:5f:d5:70:45:d3:e7:ca:10:6b:
7a:51:0b:46:73:e4:df:27:fd:e3:e1:95:55:a2:54:
46:74:a2:73:7f:6b:ae:52:00:92:3c:fe:7a:58:d9:
e2:ab:d8:97:ea:90:ad:6e:33:a2:74:4d:89:ab:2f:
1e:de:bb:95:60:1d:a5:13:9e:03:78:fc:6e:44:81:
c5:63:86:1f:ac:ac:2c:9d:a4:87:42:aa:17:cc:f5:
23:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:84:3D:44:20:61:9E:76:82:20:2F:AD:04:D3:C6:53:CB:C2:31:AF
X509v3 Authority Key Identifier:
keyid:29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/ZIQ9RCBhnnaCIC-tBNPGU8vCMa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/KQbwJrH-Y2yaXaAR3H_WnFgdArg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.184.0/21
Signature Algorithm: sha256WithRSAEncryption
24:43:aa:f1:0b:f0:53:69:89:fb:7e:c9:55:8a:4b:d2:d7:45:
7b:11:2f:41:53:2b:ae:2d:82:60:f8:bf:d7:64:3b:b1:0e:d3:
6d:6a:da:7e:e5:10:57:de:8e:b1:85:0a:b1:90:0c:bc:72:34:
82:9a:6e:f3:f9:02:68:ea:cf:c8:42:94:79:34:b6:5b:ba:22:
8d:7c:4f:e9:05:d6:cb:db:91:fc:6e:bd:c7:5a:d1:37:dc:ad:
da:16:f2:ab:b9:89:84:22:38:5a:40:02:fc:e6:55:04:92:aa:
74:d1:fc:20:f2:4a:f8:0b:32:3f:02:0d:ce:8d:92:ad:5d:c4:
c1:ec:22:84:de:fd:d2:03:b9:41:61:96:d0:f9:15:f8:53:93:
38:76:63:f7:ba:3d:3c:19:14:21:90:d2:e4:b3:fd:fc:3f:7e:
ec:10:65:9d:9a:55:f1:0b:c9:5e:5c:53:0c:2d:ef:a4:b1:cf:
80:bd:5c:b2:19:18:8e:c5:1c:aa:f4:47:d4:37:12:f7:b2:7a:
24:63:1e:5a:8c:5d:64:ec:58:7f:de:e3:1a:55:57:8c:e8:6d:
0c:53:e5:08:1e:15:0f:36:73:5e:f9:ca:49:76:68:d3:02:b4:
ce:9a:1d:3a:bb:b0:78:86:da:f8:4b:51:aa:af:74:8e:d1:59:
13:96:f2:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEOFVTvMthyuiT+FZm3EiRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDZmMDI2YjFmZTYzNmM5YTVkYTAxMWRjN2ZkNjljNTgx
ZDAyYjgwHhcNMjQwODAxMTMxNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg0M2Q0NDIwNjE5ZTc2ODIyMDJmYWQwNGQzYzY1M2NiYzIzMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQs8wyoGyz6UE955AefbyU3jL8Ep
sQ4kFNsfBJs8J8bgHCRCuZFUQws0gDO8JZlmdDevLwp0RWL5MVaAzf3Pd7dlpicx
rp/qxThBEX2uVL2wHQyhZlJbrfL+0HpaklWZAcR8l3f//1SvJjkzZltGTQIc5Be2
zSBmWZN9dE9dEt96D4G1nd/oGnz7FGs089XppChhtJHPvKAJUOkqfr7NGjIurFc4
KINntc1f1XBF0+fKEGt6UQtGc+TfJ/3j4ZVVolRGdKJzf2uuUgCSPP56WNniq9iX
6pCtbjOidE2Jqy8e3ruVYB2lE54DePxuRIHFY4YfrKwsnaSHQqoXzPUjyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSEPUQgYZ52giAvrQTTxlPLwjGvMB8GA1UdIwQY
MBaAFCkG8Cax/mNsml2gEdx/1pxYHQK4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUt
ODBhOTFiZTgzZTRiLzEvWklROVJDQmhubmFDSUMtdEJOUEdVOHZDTWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUtODBhOTFiZTgzZTRi
LzEvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJRG4MA0G
CSqGSIb3DQEBCwUAA4IBAQAkQ6rxC/BTaYn7fslVikvS10V7ES9BUyuuLYJg+L/X
ZDuxDtNtatp+5RBX3o6xhQqxkAy8cjSCmm7z+QJo6s/IQpR5NLZbuiKNfE/pBdbL
25H8br3HWtE33K3aFvKruYmEIjhaQAL85lUEkqp00fwg8kr4CzI/Ag3OjZKtXcTB
7CKE3v3SA7lBYZbQ+RX4U5M4dmP3uj08GRQhkNLks/38P37sEGWdmlXxC8leXFMM
Le+ksc+AvVyyGRiOxRyq9EfUNxL3snokYx5ajF1k7Fh/3uMaVVeM6G0MU+UIHhUP
NnNe+cpJdmjTArTOmh06u7B4htr4S1Gqr3SO0VkTlvLw
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:49 2025 by rpki-client