Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/FFNMR0W6GkxMPvIZRjAm0gwnVlU.roa
File: FFNMR0W6GkxMPvIZRjAm0gwnVlU.roa (raw, json)
Hash identifier: TawGzYD+27D/NvePDO25WOGE+pcUbEFcV9ccjXwvWwo=
Subject key identifier: 14:53:4C:47:45:BA:1A:4C:4C:3E:F2:19:46:30:26:D2:0C:27:56:55
Certificate issuer: /CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Certificate serial: 018CC2DB3E9F1E1D7D070A96B09CC573DB2F
Authority key identifier: 59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/FFNMR0W6GkxMPvIZRjAm0gwnVlU.roa
Signing time: Mon 01 Jan 2024 02:29:57 +0000
ROA not before: Mon 01 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210538
IP address blocks: 37.247.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3e:9f:1e:1d:7d:07:0a:96:b0:9c:c5:73:db:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Validity
Not Before: Jan 1 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14534c4745ba1a4c4c3ef219463026d20c275655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:be:fb:b7:b8:e7:b6:eb:8c:2f:32:0b:78:20:
e5:53:23:db:6b:a2:37:33:3f:d4:f3:e3:4f:23:93:
a7:5a:a7:8e:1c:46:25:b9:81:f9:9c:9d:a1:31:6b:
37:17:ba:bb:62:a0:aa:80:bf:cf:42:56:c7:56:6e:
48:b3:73:af:c9:f8:c4:8a:f4:86:41:ed:b7:7d:a0:
c7:8b:24:b6:fc:96:91:47:78:35:86:d4:19:28:f9:
d8:8e:cf:d3:d7:14:40:e7:30:b6:29:27:07:3c:8e:
b6:f3:91:ab:c5:d7:55:ce:dc:d2:ee:ab:7b:31:11:
fa:ec:34:67:3d:a7:a9:ab:5e:99:99:b9:57:ae:93:
6f:66:c4:18:43:e3:ed:92:eb:c9:0f:3e:01:24:fd:
10:ae:e8:b4:1c:0b:82:7f:6f:89:d9:c1:c1:62:5b:
28:b6:e5:80:72:f5:b7:c2:de:eb:7e:93:7f:31:e3:
3a:b1:41:f6:b4:78:76:cd:f0:be:c3:60:95:99:8d:
af:24:38:62:e9:e4:52:a7:6b:6a:2c:9b:c4:a3:0d:
b6:eb:30:15:a0:8e:72:8e:ea:a3:6a:86:f9:05:cb:
80:de:79:a6:ce:fc:26:c0:ab:52:3a:ef:4a:9e:ea:
bf:b1:6b:c2:1e:8c:63:43:85:50:50:71:ce:b2:bb:
0a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:53:4C:47:45:BA:1A:4C:4C:3E:F2:19:46:30:26:D2:0C:27:56:55
X509v3 Authority Key Identifier:
keyid:59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/FFNMR0W6GkxMPvIZRjAm0gwnVlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.247.108.0/24
Signature Algorithm: sha256WithRSAEncryption
21:d1:d2:06:6b:fc:d8:78:40:96:91:94:e9:a8:2e:a3:a5:26:
80:f6:69:7e:f1:9a:9a:e5:3b:2a:f2:6b:7c:27:bf:57:ac:06:
15:b9:7e:0d:81:0f:09:a2:25:b9:5f:66:2b:3a:4c:33:69:25:
bc:2a:d3:15:0e:77:3d:27:4b:42:a6:94:89:62:8f:ee:33:a8:
1b:c7:f5:f2:44:96:aa:57:33:23:d3:ea:ed:c5:ac:54:90:3c:
ed:21:96:c0:3a:88:23:b7:d7:55:64:f3:6a:82:13:f4:d2:bc:
cf:3b:ff:8b:ba:16:c2:8f:67:df:95:57:30:15:2b:87:bc:3a:
04:44:1f:33:e8:9e:1c:53:7c:57:22:f3:09:46:6c:99:b5:6f:
35:36:f1:2d:4a:fd:00:7c:fa:46:ff:28:78:03:fb:bf:6e:48:
ab:69:b9:38:06:3a:b4:49:a4:7e:2d:cf:a6:7d:c0:8e:eb:c2:
74:e1:4b:f8:fe:e1:38:10:2a:2c:6f:7b:30:21:9b:4a:9f:29:
e4:fc:b3:a5:41:8d:98:4b:ad:4f:12:d8:31:f6:6a:18:cd:44:
fa:76:0e:c9:59:d0:7c:d3:7a:c6:0e:15:26:9c:34:f1:14:2c:
24:fb:fe:08:5c:5e:1d:ae:97:a1:06:36:f9:f5:c1:03:95:fa:
7c:12:cc:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2z6fHh19BwqWsJzFc9svMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MmU3YzFmMjM5NGMzZTNhYWE4Y2NiNjQ3ZmQ4MzY3MWQ2
MDk4YjcwHhcNMjQwMTAxMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDUzNGM0NzQ1YmExYTRjNGMzZWYyMTk0NjMwMjZkMjBjMjc1NjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr77t7jntuuMLzILeCDlUyPba6I3
Mz/U8+NPI5OnWqeOHEYluYH5nJ2hMWs3F7q7YqCqgL/PQlbHVm5Is3OvyfjEivSG
Qe23faDHiyS2/JaRR3g1htQZKPnYjs/T1xRA5zC2KScHPI6285GrxddVztzS7qt7
MRH67DRnPaepq16ZmblXrpNvZsQYQ+PtkuvJDz4BJP0Qrui0HAuCf2+J2cHBYlso
tuWAcvW3wt7rfpN/MeM6sUH2tHh2zfC+w2CVmY2vJDhi6eRSp2tqLJvEow226zAV
oI5yjuqjaob5BcuA3nmmzvwmwKtSOu9Knuq/sWvCHoxjQ4VQUHHOsrsKLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBRTTEdFuhpMTD7yGUYwJtIMJ1ZVMB8GA1UdIwQY
MBaAFFkufB8jlMPjqqjMtkf9g2cdYJi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAt
NDQzYmU2M2ZjMTIzLzEvRkZOTVIwVzZHa3hNUHZJWlJqQW0wZ3duVmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAtNDQzYmU2M2ZjMTIz
LzEvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJfdsMA0G
CSqGSIb3DQEBCwUAA4IBAQAh0dIGa/zYeECWkZTpqC6jpSaA9ml+8Zqa5Tsq8mt8
J79XrAYVuX4NgQ8JoiW5X2YrOkwzaSW8KtMVDnc9J0tCppSJYo/uM6gbx/XyRJaq
VzMj0+rtxaxUkDztIZbAOogjt9dVZPNqghP00rzPO/+LuhbCj2fflVcwFSuHvDoE
RB8z6J4cU3xXIvMJRmyZtW81NvEtSv0AfPpG/yh4A/u/bkirabk4Bjq0SaR+Lc+m
fcCO68J04Uv4/uE4ECosb3swIZtKnynk/LOlQY2YS61PEtgx9moYzUT6dg7JWdB8
03rGDhUmnDTxFCwk+/4IXF4drpehBjb59cEDlfp8Eswm
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:26:00 2025 by rpki-client