Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/ucmfxrr50vGxE6Dupl702cZu9mc.roa
File: ucmfxrr50vGxE6Dupl702cZu9mc.roa (raw, json)
Hash identifier: 3fpqp7HGUqambsPBxbxy4suQD7KK4+T7bW8D8pN4sTg=
Subject key identifier: B9:C9:9F:C6:BA:F9:D2:F1:B1:13:A0:EE:A6:5E:F4:D9:C6:6E:F6:67
Certificate issuer: /CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Certificate serial: 01857015289EEC04FE3736265878427A88BE
Authority key identifier: 29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/ucmfxrr50vGxE6Dupl702cZu9mc.roa
Signing time: Mon 02 Jan 2023 01:25:12 +0000
ROA not before: Mon 02 Jan 2023 01:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6279
IP address blocks: 37.17.184.0/24 maxlen: 24
37.17.186.0/24 maxlen: 24
37.17.189.0/24 maxlen: 24
37.17.188.0/24 maxlen: 24
37.17.191.0/24 maxlen: 24
37.17.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Nov 2023 12:57:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:28:9e:ec:04:fe:37:36:26:58:78:42:7a:88:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Validity
Not Before: Jan 2 01:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9c99fc6baf9d2f1b113a0eea65ef4d9c66ef667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:37:21:57:a9:96:84:98:cc:4e:12:fe:27:a2:
9d:60:8d:5d:eb:7f:8e:0d:e1:c7:b7:0f:e9:34:ca:
9e:6f:24:70:7b:8f:23:ae:b9:b6:c7:aa:8b:f1:66:
d1:61:c3:61:37:ba:2c:a2:94:83:a9:43:b5:5e:27:
aa:bf:ff:9a:75:95:c8:e4:83:98:1f:c6:55:07:fa:
5d:55:7c:5e:16:1f:95:ae:ca:18:d2:ac:39:93:47:
fc:14:bf:e0:11:fe:1f:f9:34:f5:80:aa:3e:ef:ff:
1a:7b:66:36:33:aa:09:01:96:47:0b:8b:1d:13:5e:
f8:ef:b1:9d:e4:0f:0d:c2:0b:42:37:5a:ad:cd:12:
80:97:a7:9f:7d:4e:92:fa:26:8d:93:30:cf:fe:5f:
db:93:b0:ae:a6:9f:6b:6c:66:a1:00:21:2d:a1:76:
01:d9:82:6e:7f:8e:38:d5:5e:00:85:c2:07:e9:78:
ad:4c:01:39:bc:21:63:37:88:a6:78:41:32:8a:9a:
7d:06:4d:02:94:dc:8a:d0:f7:5b:41:b3:b9:76:08:
fb:12:a5:b0:31:74:63:f4:bc:b3:28:1d:20:e4:af:
7e:75:5e:e0:1d:ce:01:50:d1:3a:4a:e3:91:b8:7c:
66:8d:8d:9e:45:06:19:7d:2b:ab:c0:dc:12:10:3b:
60:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C9:9F:C6:BA:F9:D2:F1:B1:13:A0:EE:A6:5E:F4:D9:C6:6E:F6:67
X509v3 Authority Key Identifier:
keyid:29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/ucmfxrr50vGxE6Dupl702cZu9mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/KQbwJrH-Y2yaXaAR3H_WnFgdArg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.184.0/24
37.17.186.0/24
37.17.188.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:52:78:ee:02:55:e6:a5:51:d5:84:ce:6b:91:bc:7a:55:1c:
e9:b9:88:fe:1d:6c:67:09:28:5d:a3:5f:f8:96:ef:e8:e2:80:
7f:e1:da:b0:0d:c9:f2:8c:82:e5:3d:5a:33:46:c1:45:43:06:
cc:82:51:00:8d:74:b5:29:94:d5:76:9f:d5:11:d0:99:dd:ab:
6c:00:3c:3e:be:5a:c0:0a:9e:b6:3f:5c:b9:fb:4c:ab:9b:b0:
d1:1e:6d:4a:02:43:b7:b2:82:a5:20:0a:e0:fa:db:af:4a:24:
f2:ec:96:4c:36:1f:a8:f9:e2:25:be:21:46:d4:4a:7f:ba:a8:
45:50:d0:c8:bf:e8:f6:1e:0c:cc:59:73:11:48:63:6e:0c:20:
a6:ee:3e:c5:1f:16:88:65:4e:8f:02:4a:5e:ce:e8:ed:8a:cf:
d0:74:51:97:7c:15:48:03:90:5a:dc:dc:6b:59:69:a3:b4:6d:
a4:da:c4:0a:60:70:e4:51:d5:a4:f1:65:a8:56:ef:a2:48:db:
b1:b7:af:3e:99:38:40:7a:b2:49:11:75:43:76:58:4d:18:f9:
dc:e5:01:7e:1a:68:75:a8:8a:2c:3c:48:a3:9c:ed:bf:35:fc:
f0:d7:87:bb:cd:74:66:c6:90:12:08:c9:be:2b:35:18:23:04:
f0:be:bd:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwFSie7AT+NzYmWHhCeoi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDZmMDI2YjFmZTYzNmM5YTVkYTAxMWRjN2ZkNjljNTgx
ZDAyYjgwHhcNMjMwMTAyMDEyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWM5OWZjNmJhZjlkMmYxYjExM2EwZWVhNjVlZjRkOWM2NmVmNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDchV6mWhJjMThL+J6KdYI1d63+O
DeHHtw/pNMqebyRwe48jrrm2x6qL8WbRYcNhN7osopSDqUO1Xieqv/+adZXI5IOY
H8ZVB/pdVXxeFh+VrsoY0qw5k0f8FL/gEf4f+TT1gKo+7/8ae2Y2M6oJAZZHC4sd
E17477Gd5A8NwgtCN1qtzRKAl6effU6S+iaNkzDP/l/bk7Cupp9rbGahACEtoXYB
2YJuf4441V4AhcIH6XitTAE5vCFjN4imeEEyipp9Bk0ClNyK0PdbQbO5dgj7EqWw
MXRj9LyzKB0g5K9+dV7gHc4BUNE6SuORuHxmjY2eRQYZfSurwNwSEDtgRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLnJn8a6+dLxsROg7qZe9NnGbvZnMB8GA1UdIwQY
MBaAFCkG8Cax/mNsml2gEdx/1pxYHQK4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUt
ODBhOTFiZTgzZTRiLzEvdWNtZnhycjUwdkd4RTZEdXBsNzAyY1p1OW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82N2EzMmQtN2JmOC00YjA0LWFhMDUtODBhOTFiZTgzZTRi
LzEvS1Fid0pySC1ZMnlhWGFBUjNIX1duRmdkQXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJRG4AwQA
JRG6AwQCJRG8MA0GCSqGSIb3DQEBCwUAA4IBAQBrUnjuAlXmpVHVhM5rkbx6VRzp
uYj+HWxnCShdo1/4lu/o4oB/4dqwDcnyjILlPVozRsFFQwbMglEAjXS1KZTVdp/V
EdCZ3atsADw+vlrACp62P1y5+0yrm7DRHm1KAkO3soKlIArg+tuvSiTy7JZMNh+o
+eIlviFG1Ep/uqhFUNDIv+j2HgzMWXMRSGNuDCCm7j7FHxaIZU6PAkpezujtis/Q
dFGXfBVIA5Ba3NxrWWmjtG2k2sQKYHDkUdWk8WWoVu+iSNuxt68+mThAerJJEXVD
dlhNGPnc5QF+Gmh1qIosPEijnO2/Nfzw14e7zXRmxpASCMm+KzUYIwTwvr3Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:14 2024 by rpki-client on console-fra.rpki-client.org