Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/N1GaQfcr8EvgR8KYcgG84OLX6WQ.roa
File: N1GaQfcr8EvgR8KYcgG84OLX6WQ.roa (raw, json)
Hash identifier: r20MnvEXOed1KnqCyg+h2sO7OL+Q09pN3Q6qTGZ/PeE=
Subject key identifier: 37:51:9A:41:F7:2B:F0:4B:E0:47:C2:98:72:01:BC:E0:E2:D7:E9:64
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C95D2F01BB824ECDB71CE944639E7DA06
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/N1GaQfcr8EvgR8KYcgG84OLX6WQ.roa
Signing time: Sat 23 Dec 2023 08:37:58 +0000
ROA not before: Sat 23 Dec 2023 08:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 37.34.80.0/21 maxlen: 24
37.218.208.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:d2:f0:1b:b8:24:ec:db:71:ce:94:46:39:e7:da:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 23 08:37:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37519a41f72bf04be047c2987201bce0e2d7e964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f4:69:de:1e:b0:29:3d:1b:1c:4c:88:57:cb:
2c:d9:0c:9d:51:8e:7e:3d:7c:61:34:f9:a9:32:1f:
42:c5:d2:ae:f2:f4:ce:d4:f1:08:0e:d5:56:98:d2:
80:85:1e:6b:04:f3:87:b5:9e:c2:0b:e2:7b:f0:14:
80:87:52:34:f4:06:46:dd:69:bc:00:c5:92:27:db:
66:f4:35:2c:4e:06:9b:da:5b:33:b0:04:29:0f:ba:
1d:40:b9:16:f0:37:84:10:86:f6:68:6b:36:50:65:
6c:54:17:f4:cd:b3:da:4f:d3:9f:24:89:39:a2:44:
c1:f9:80:df:7f:23:04:f7:69:d5:ff:de:d7:68:f2:
f1:48:67:41:6b:20:cb:ea:28:2a:f6:bd:44:0c:8a:
bc:79:43:5d:6c:86:e8:77:cd:63:6f:b8:d1:76:18:
99:7b:22:b6:b0:94:55:a3:78:7f:a7:7e:e7:d5:19:
e2:c1:0f:e8:ce:05:a8:bf:ca:00:0e:9f:fd:e6:91:
bd:a6:9a:37:62:76:f1:81:8a:c8:d8:b6:95:7e:06:
99:8f:34:04:1d:5a:f7:3a:ce:86:be:d3:4a:28:cf:
33:c9:b5:29:db:fc:23:cb:4c:d8:f9:e9:a5:61:16:
7e:e7:1e:2e:74:b3:d8:3f:d8:dc:49:52:bb:b0:5e:
27:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:51:9A:41:F7:2B:F0:4B:E0:47:C2:98:72:01:BC:E0:E2:D7:E9:64
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/N1GaQfcr8EvgR8KYcgG84OLX6WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.80.0/21
37.218.208.0/21
Signature Algorithm: sha256WithRSAEncryption
09:40:40:e9:98:f3:b1:cf:58:a5:90:96:04:a2:e4:19:87:a2:
e8:9c:c9:7a:64:35:a9:bd:e6:7b:f1:58:a1:4c:cd:62:44:1b:
94:8d:c4:4a:a8:eb:74:f6:d0:d5:3f:93:c2:4a:1f:18:a2:6a:
cf:95:ed:15:90:cb:a5:c2:9d:6e:81:d4:3f:17:e4:c4:54:19:
ea:14:f2:95:c3:f1:0c:29:21:9b:e3:ad:52:be:f8:f6:61:f3:
8a:db:48:89:30:d8:67:85:4c:4a:2a:df:70:2b:1b:41:12:e5:
88:2b:14:ec:07:7f:74:07:37:af:de:17:31:4f:2e:8c:f0:4c:
ab:90:3a:39:be:e0:20:26:1b:93:40:71:cc:da:07:7c:5d:87:
c8:e7:d9:7d:b7:f6:be:d2:4c:69:73:2b:38:f5:04:0a:5a:02:
de:e5:30:0a:5a:5d:9c:31:90:cc:03:ec:37:1e:21:ac:20:5d:
2c:89:f5:eb:9d:68:39:30:59:72:89:64:a4:f1:1e:53:c6:93:
9e:de:b4:54:93:85:7d:f0:5a:f4:51:fd:1f:4f:2c:57:a8:a4:
ba:d3:21:22:10:b2:d0:2d:12:0b:0d:95:42:90:2e:23:1d:2e:
8d:36:6f:a7:70:a4:00:1f:ba:89:d0:f3:39:a0:e9:7f:5d:df:
cb:34:43:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyV0vAbuCTs23HOlEY559oGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjIzMDgzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzUxOWE0MWY3MmJmMDRiZTA0N2MyOTg3MjAxYmNlMGUyZDdlOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvRp3h6wKT0bHEyIV8ss2QydUY5+
PXxhNPmpMh9CxdKu8vTO1PEIDtVWmNKAhR5rBPOHtZ7CC+J78BSAh1I09AZG3Wm8
AMWSJ9tm9DUsTgab2lszsAQpD7odQLkW8DeEEIb2aGs2UGVsVBf0zbPaT9OfJIk5
okTB+YDffyME92nV/97XaPLxSGdBayDL6igq9r1EDIq8eUNdbIbod81jb7jRdhiZ
eyK2sJRVo3h/p37n1RniwQ/ozgWov8oADp/95pG9ppo3YnbxgYrI2LaVfgaZjzQE
HVr3Os6GvtNKKM8zybUp2/wjy0zY+emlYRZ+5x4udLPYP9jcSVK7sF4nsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDdRmkH3K/BL4EfCmHIBvODi1+lkMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTjFHYVFmY3I4RXZnUjhLWWNnRzg0T0xYNldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJSJQAwQD
JdrQMA0GCSqGSIb3DQEBCwUAA4IBAQAJQEDpmPOxz1ilkJYEouQZh6LonMl6ZDWp
veZ78VihTM1iRBuUjcRKqOt09tDVP5PCSh8YomrPle0VkMulwp1ugdQ/F+TEVBnq
FPKVw/EMKSGb461Svvj2YfOK20iJMNhnhUxKKt9wKxtBEuWIKxTsB390Bzev3hcx
Ty6M8EyrkDo5vuAgJhuTQHHM2gd8XYfI59l9t/a+0kxpcys49QQKWgLe5TAKWl2c
MZDMA+w3HiGsIF0sifXrnWg5MFlyiWSk8R5TxpOe3rRUk4V98Fr0Uf0fTyxXqKS6
0yEiELLQLRILDZVCkC4jHS6NNm+ncKQAH7qJ0PM5oOl/Xd/LNEM+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org