Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/020d47-2cc0-436b-b9f9-b73bfccb4e08/1/3FFZ8CcNzFyh2eVqmpUYjUtalpU.roa
File: 3FFZ8CcNzFyh2eVqmpUYjUtalpU.roa (raw, json)
Hash identifier: 7m1YdxL0YTa++UXjzJrUzb3gA1pOIP63/a4npkUlkVY=
Subject key identifier: DC:51:59:F0:27:0D:CC:5C:A1:D9:E5:6A:9A:95:18:8D:4B:5A:96:95
Certificate issuer: /CN=37dee6acbc782b8c7696a40b28e80339619d0f1b
Certificate serial: 018FC3AC564ACF1B078466D0C14F95707468
Authority key identifier: 37:DE:E6:AC:BC:78:2B:8C:76:96:A4:0B:28:E8:03:39:61:9D:0F:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N97mrLx4K4x2lqQLKOgDOWGdDxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/020d47-2cc0-436b-b9f9-b73bfccb4e08/1/3FFZ8CcNzFyh2eVqmpUYjUtalpU.roa
Signing time: Wed 29 May 2024 09:26:42 +0000
ROA not before: Wed 29 May 2024 09:26:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57074
IP address blocks: 37.0.104.0/21 maxlen: 21
37.0.108.0/24 maxlen: 24
37.0.110.0/24 maxlen: 24
37.26.248.0/24 maxlen: 24
37.26.249.0/24 maxlen: 24
37.26.251.0/24 maxlen: 24
89.22.8.0/21 maxlen: 21
91.230.104.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 04 Jun 2024 14:28:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:ac:56:4a:cf:1b:07:84:66:d0:c1:4f:95:70:74:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37dee6acbc782b8c7696a40b28e80339619d0f1b
Validity
Not Before: May 29 09:26:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc5159f0270dcc5ca1d9e56a9a95188d4b5a9695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:94:5b:34:42:05:67:f1:46:60:ae:cb:26:dc:
26:a8:7d:e8:87:7c:2f:fb:64:86:9f:76:f6:63:1d:
c9:7c:26:69:85:95:fe:42:95:09:41:b8:43:c0:7f:
25:73:49:b8:c0:fe:9e:50:b1:f7:92:26:69:cb:c2:
60:65:4b:7b:47:97:0e:91:4a:92:8f:d5:97:66:bb:
f3:8e:42:3f:3a:d4:a1:b6:1f:5d:22:62:68:c0:37:
cf:85:c4:b1:45:3a:fe:47:57:0b:0f:5a:3a:92:99:
46:49:e4:12:af:a6:60:55:ff:b5:b4:99:41:49:ba:
e9:c9:5b:a6:19:6f:32:66:1e:8d:b4:23:41:63:82:
58:ca:c0:98:e0:f0:7b:6c:be:d3:f0:c3:e2:1c:2b:
a3:ac:18:17:45:3a:18:61:cb:29:6d:59:1a:6e:df:
42:ed:31:7e:a9:e5:a0:36:17:42:d7:af:10:fb:d0:
d7:ab:eb:d4:ec:7d:7e:2b:d8:ff:fe:7b:e8:f7:66:
65:7d:ff:69:ce:b0:9c:16:80:95:a1:bd:00:e3:49:
b0:05:69:6d:bd:1c:7d:4f:84:dd:ec:50:6b:f0:11:
49:32:4d:4d:cd:f5:27:27:9c:78:c6:4c:d8:9e:3d:
a3:32:5a:ed:eb:e7:40:32:a6:51:fd:d9:08:b7:bd:
a9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:51:59:F0:27:0D:CC:5C:A1:D9:E5:6A:9A:95:18:8D:4B:5A:96:95
X509v3 Authority Key Identifier:
keyid:37:DE:E6:AC:BC:78:2B:8C:76:96:A4:0B:28:E8:03:39:61:9D:0F:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N97mrLx4K4x2lqQLKOgDOWGdDxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/020d47-2cc0-436b-b9f9-b73bfccb4e08/1/3FFZ8CcNzFyh2eVqmpUYjUtalpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/020d47-2cc0-436b-b9f9-b73bfccb4e08/1/N97mrLx4K4x2lqQLKOgDOWGdDxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.104.0/21
37.26.248.0/23
37.26.251.0/24
89.22.8.0/21
91.230.104.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:2f:79:0e:81:66:4c:52:f4:b2:48:e1:27:31:7a:b7:4b:75:
c5:e3:91:ac:56:67:55:54:48:63:04:6b:df:a2:f9:37:89:4e:
86:0b:26:84:e6:f5:c7:56:39:38:e1:8a:e2:fd:b7:42:6c:ec:
0e:95:87:be:86:90:0e:e4:9c:d0:80:01:22:73:a9:f3:f4:9b:
d7:20:f2:a6:26:a9:fa:55:0a:a0:2c:db:34:c2:ce:7c:1f:5c:
08:eb:22:ff:f6:53:18:5e:22:38:97:e6:b4:0d:f6:30:3e:8c:
7f:e1:df:de:ee:ad:60:d8:ae:c2:52:71:11:71:21:f6:db:08:
9c:6d:3a:b3:1c:51:2b:3e:8a:a3:f9:4b:6c:c1:ae:f2:4a:b8:
46:b2:2d:88:95:fd:86:8a:a2:8f:84:5e:e7:59:de:8a:c1:4e:
44:ad:97:b5:8d:05:a6:ec:09:cd:c8:ae:87:ae:a5:e7:c1:32:
3f:b8:a0:3b:33:b1:07:e9:7b:10:04:68:d4:af:63:bb:e0:20:
8b:84:43:b4:11:ac:1d:64:b4:fd:ac:68:9e:e2:46:bb:e2:d9:
b0:cc:33:31:1d:a1:d9:18:18:aa:2f:fc:c8:1a:56:5b:bb:39:
1e:14:f7:7d:30:c2:b8:6e:cb:71:38:9f:fd:53:f6:3e:9d:9c:
08:23:25:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY/DrFZKzxsHhGbQwU+VcHRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZGVlNmFjYmM3ODJiOGM3Njk2YTQwYjI4ZTgwMzM5NjE5
ZDBmMWIwHhcNMjQwNTI5MDkyNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzUxNTlmMDI3MGRjYzVjYTFkOWU1NmE5YTk1MTg4ZDRiNWE5Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopRbNEIFZ/FGYK7LJtwmqH3oh3wv
+2SGn3b2Yx3JfCZphZX+QpUJQbhDwH8lc0m4wP6eULH3kiZpy8JgZUt7R5cOkUqS
j9WXZrvzjkI/OtShth9dImJowDfPhcSxRTr+R1cLD1o6kplGSeQSr6ZgVf+1tJlB
SbrpyVumGW8yZh6NtCNBY4JYysCY4PB7bL7T8MPiHCujrBgXRToYYcspbVkabt9C
7TF+qeWgNhdC168Q+9DXq+vU7H1+K9j//nvo92Zlff9pzrCcFoCVob0A40mwBWlt
vRx9T4Td7FBr8BFJMk1NzfUnJ5x4xkzYnj2jMlrt6+dAMqZR/dkIt72p/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNxRWfAnDcxcodnlapqVGI1LWpaVMB8GA1UdIwQY
MBaAFDfe5qy8eCuMdpakCyjoAzlhnQ8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjk3bXJMeDRLNHgybHFRTEtPZ0RPV0dkRHhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wMjBkNDctMmNjMC00MzZiLWI5Zjkt
YjczYmZjY2I0ZTA4LzEvM0ZGWjhDY056RnloMmVWcW1wVVlqVXRhbHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wMjBkNDctMmNjMC00MzZiLWI5ZjktYjczYmZjY2I0ZTA4
LzEvTjk3bXJMeDRLNHgybHFRTEtPZ0RPV0dkRHhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJQBoAwQB
JRr4AwQAJRr7AwQDWRYIAwQBW+ZoMA0GCSqGSIb3DQEBCwUAA4IBAQCeL3kOgWZM
UvSySOEnMXq3S3XF45GsVmdVVEhjBGvfovk3iU6GCyaE5vXHVjk44Yri/bdCbOwO
lYe+hpAO5JzQgAEic6nz9JvXIPKmJqn6VQqgLNs0ws58H1wI6yL/9lMYXiI4l+a0
DfYwPox/4d/e7q1g2K7CUnERcSH22wicbTqzHFErPoqj+Utswa7ySrhGsi2Ilf2G
iqKPhF7nWd6KwU5ErZe1jQWm7AnNyK6HrqXnwTI/uKA7M7EH6XsQBGjUr2O74CCL
hEO0EawdZLT9rGie4ka74tmwzDMxHaHZGBiqL/zIGlZbuzkeFPd9MMK4bstxOJ/9
U/Y+nZwIIyU5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:43 2024 by rpki-client on console-fra.rpki-client.org