Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/N3VNtIX8VIc7_omUcmYFMBGgi9g.roa
File: N3VNtIX8VIc7_omUcmYFMBGgi9g.roa (raw, json)
Hash identifier: J3XnWsJUSBatti14VD49iqSb8A3N3OyP1BCjrsSTzAE=
Subject key identifier: 37:75:4D:B4:85:FC:54:87:3B:FE:89:94:72:66:05:30:11:A0:8B:D8
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018CC64A87081465F2EF821229B52CB678DD
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/N3VNtIX8VIc7_omUcmYFMBGgi9g.roa
Signing time: Mon 01 Jan 2024 18:30:22 +0000
ROA not before: Mon 01 Jan 2024 18:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206385
IP address blocks: 37.230.136.0/24 maxlen: 24
185.2.33.0/24 maxlen: 24
178.170.253.0/24 maxlen: 24
37.18.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 09:26:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:87:08:14:65:f2:ef:82:12:29:b5:2c:b6:78:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 18:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37754db485fc54873bfe89947266053011a08bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:de:b3:c9:84:c2:7c:fe:7f:c2:86:ba:af:61:
8e:6a:f3:4b:13:00:eb:ad:78:68:e0:0e:37:c9:4a:
3b:5c:48:fd:86:8a:8c:68:c0:19:33:7f:cd:39:9f:
52:39:a6:21:de:89:f0:cb:a7:07:a1:a9:a5:e4:ac:
bc:fc:f9:50:36:e8:1d:47:f4:91:24:ad:c3:f7:8e:
de:0c:6e:3f:cc:b2:27:f0:72:0e:9e:e9:91:d1:c6:
28:51:f4:45:4e:15:e8:2a:02:86:0a:ae:8d:13:63:
95:81:51:03:a0:fc:43:35:73:e0:95:c7:db:8e:96:
18:5b:10:2c:8e:40:ff:cb:48:c7:c8:e4:64:0d:39:
9c:17:73:83:c5:31:34:5a:6b:fa:c1:8b:9d:cc:72:
39:62:31:ab:7b:64:ee:d3:ac:c7:ca:8d:b3:6a:d4:
01:ff:2b:f5:8c:af:cb:03:18:30:c2:3d:2b:35:81:
2e:d2:56:86:0f:70:ae:8c:4e:ea:0c:7b:a1:b9:8c:
26:20:19:97:16:a6:1d:ee:fc:fd:1e:cc:d7:6f:9d:
ea:3b:fa:ec:7c:8e:bd:8e:84:e5:4e:97:dc:f9:09:
51:ed:ce:35:68:8d:8a:11:8a:c1:68:45:e7:23:ff:
14:52:0d:bc:54:02:f4:13:3f:55:50:b3:bd:44:f5:
1e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:75:4D:B4:85:FC:54:87:3B:FE:89:94:72:66:05:30:11:A0:8B:D8
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/N3VNtIX8VIc7_omUcmYFMBGgi9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.41.0/24
37.230.136.0/24
178.170.253.0/24
185.2.33.0/24
Signature Algorithm: sha256WithRSAEncryption
97:27:75:a0:a6:9e:47:48:5c:cf:45:8b:e9:13:a4:f6:75:68:
c2:91:91:75:a3:23:8d:c6:95:b2:7c:e1:c3:86:f2:68:ff:75:
7a:9b:5a:76:0f:43:0b:60:2e:b6:8e:fa:29:68:f7:52:00:a6:
13:a9:e1:c4:dd:db:1c:fc:a5:75:db:b1:b1:f9:08:1a:65:e5:
c9:a2:d9:d4:0b:7b:78:f4:d8:7f:f3:f1:35:ca:7b:76:eb:9c:
53:a5:5f:43:cd:0c:a1:22:c8:2c:32:3b:4c:56:4a:8d:b6:b0:
57:ed:6a:ff:a9:cf:ca:a0:89:d0:ef:13:c0:c1:93:4b:8a:86:
95:f2:94:6b:b6:7e:ab:4e:c4:38:d3:04:99:20:0c:6f:76:50:
f0:90:e2:3d:05:6a:28:35:90:bf:81:7a:a7:25:db:2b:fc:22:
b1:1f:a0:f7:ad:ce:a8:55:59:fa:ff:76:4e:5f:3e:bf:73:f1:
72:0b:63:9c:de:e0:3b:92:80:75:6c:53:5c:0c:6a:31:ed:c4:
90:44:3c:e5:46:38:12:ba:ae:35:ae:00:ad:d1:2e:22:39:fe:
0a:9a:2a:26:9b:ad:c4:2c:5d:98:2a:10:16:ac:db:58:9a:da:
85:8a:1e:1b:a2:f2:10:29:48:09:8a:83:0f:c5:6a:3e:79:96:
30:c6:35:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSocIFGXy74ISKbUstnjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQwMTAxMTgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzc1NGRiNDg1ZmM1NDg3M2JmZTg5OTQ3MjY2MDUzMDExYTA4YmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt6zyYTCfP5/woa6r2GOavNLEwDr
rXho4A43yUo7XEj9hoqMaMAZM3/NOZ9SOaYh3onwy6cHoaml5Ky8/PlQNugdR/SR
JK3D947eDG4/zLIn8HIOnumR0cYoUfRFThXoKgKGCq6NE2OVgVEDoPxDNXPglcfb
jpYYWxAsjkD/y0jHyORkDTmcF3ODxTE0Wmv6wYudzHI5YjGre2Tu06zHyo2zatQB
/yv1jK/LAxgwwj0rNYEu0laGD3CujE7qDHuhuYwmIBmXFqYd7vz9HszXb53qO/rs
fI69joTlTpfc+QlR7c41aI2KEYrBaEXnI/8UUg28VAL0Ez9VULO9RPUejwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDd1TbSF/FSHO/6JlHJmBTARoIvYMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvTjNWTnRJWDhWSWM3X29tVWNtWUZNQkdnaTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJRIpAwQA
JeaIAwQAsqr9AwQAuQIhMA0GCSqGSIb3DQEBCwUAA4IBAQCXJ3Wgpp5HSFzPRYvp
E6T2dWjCkZF1oyONxpWyfOHDhvJo/3V6m1p2D0MLYC62jvopaPdSAKYTqeHE3dsc
/KV127Gx+QgaZeXJotnUC3t49Nh/8/E1ynt265xTpV9DzQyhIsgsMjtMVkqNtrBX
7Wr/qc/KoInQ7xPAwZNLioaV8pRrtn6rTsQ40wSZIAxvdlDwkOI9BWooNZC/gXqn
Jdsr/CKxH6D3rc6oVVn6/3ZOXz6/c/FyC2Oc3uA7koB1bFNcDGox7cSQRDzlRjgS
uq41rgCt0S4iOf4Kmiomm63ELF2YKhAWrNtYmtqFih4bovIQKUgJioMPxWo+eZYw
xjXx
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:52:49 2024 by rpki-client on console-ams.rpki-client.org