Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/a9666e-fcf0-4fb6-a452-38b392c6e1bf/1/nBLc5V6uUocnYVAJzpl5ZsTAKpM.roa
File: nBLc5V6uUocnYVAJzpl5ZsTAKpM.roa (raw, json)
Hash identifier: dKkMM4Qt7g8NeTJpLTHJn4a6Bht7gWPq2igMiiHo1VQ=
Subject key identifier: 9C:12:DC:E5:5E:AE:52:87:27:61:50:09:CE:99:79:66:C4:C0:2A:93
Certificate issuer: /CN=184fff3cf900e76aae0d2cd2e77dfeae24c5d24c
Certificate serial: 018CC348FC3DB5B06DCD4D0BFA1986AC586C
Authority key identifier: 18:4F:FF:3C:F9:00:E7:6A:AE:0D:2C:D2:E7:7D:FE:AE:24:C5:D2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GE__PPkA52quDSzS533-riTF0kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/a9666e-fcf0-4fb6-a452-38b392c6e1bf/1/nBLc5V6uUocnYVAJzpl5ZsTAKpM.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198312
IP address blocks: 37.0.97.0/24 maxlen: 24
37.0.96.0/24 maxlen: 24
37.0.100.0/24 maxlen: 24
37.0.103.0/24 maxlen: 24
37.0.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 10:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fc:3d:b5:b0:6d:cd:4d:0b:fa:19:86:ac:58:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=184fff3cf900e76aae0d2cd2e77dfeae24c5d24c
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c12dce55eae528727615009ce997966c4c02a93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:20:b6:7b:2c:7e:d9:0f:28:6b:f2:be:a3:be:
da:bf:ff:b7:26:35:46:17:ff:4b:42:b7:bb:9f:cf:
25:dc:59:cf:40:1e:91:ca:df:8d:82:43:71:6a:d9:
07:64:f1:b5:a2:18:4f:d8:7d:b3:bf:cf:0a:2f:b7:
0b:14:38:41:ff:7c:ab:4d:af:b2:58:90:9f:91:dc:
aa:3e:d9:8b:88:d5:64:d6:b1:ad:0d:24:ec:83:6d:
63:e2:77:43:31:8d:62:3b:cc:b0:2e:ed:55:31:d5:
c5:72:b9:ff:55:a7:41:0a:7b:b7:46:80:23:8f:de:
08:79:e0:c0:de:de:52:09:b4:56:b8:55:b0:99:2e:
4f:2d:30:f8:5b:16:64:1d:23:16:27:e9:1b:a1:f0:
c1:93:6d:93:27:32:ed:19:29:dd:31:36:e1:5e:cf:
4c:27:fa:ac:4e:05:ff:f8:e1:8f:b4:3f:03:5f:12:
86:33:70:98:07:9f:44:71:65:c6:38:52:d9:67:c3:
bb:3c:fc:9f:3f:1b:cb:85:6e:3f:ba:b4:86:5b:e5:
37:e8:d3:85:7e:28:87:d6:f0:f3:b4:b8:fc:8a:ad:
ae:c7:b7:60:8e:fe:dc:74:6a:71:bd:8c:a2:6b:d6:
30:da:06:2b:1f:cc:c5:f6:cc:eb:8e:ea:33:60:47:
23:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:12:DC:E5:5E:AE:52:87:27:61:50:09:CE:99:79:66:C4:C0:2A:93
X509v3 Authority Key Identifier:
keyid:18:4F:FF:3C:F9:00:E7:6A:AE:0D:2C:D2:E7:7D:FE:AE:24:C5:D2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GE__PPkA52quDSzS533-riTF0kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/a9666e-fcf0-4fb6-a452-38b392c6e1bf/1/nBLc5V6uUocnYVAJzpl5ZsTAKpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/a9666e-fcf0-4fb6-a452-38b392c6e1bf/1/GE__PPkA52quDSzS533-riTF0kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.96.0/23
37.0.100.0/24
37.0.102.0/23
Signature Algorithm: sha256WithRSAEncryption
78:d3:17:8a:82:58:e7:24:1d:db:88:77:5b:9c:42:8c:64:47:
80:83:76:97:ac:05:0b:f4:03:17:c1:ed:a2:bc:02:ad:cc:25:
65:a7:f7:00:3a:aa:75:be:f7:a3:7e:3e:5c:99:cd:2e:ee:b4:
7f:a3:c9:40:65:7b:80:8e:cf:d7:a9:49:80:85:eb:30:24:13:
9d:7d:db:c5:80:3f:02:8e:52:5e:7b:e3:87:38:af:63:04:e3:
19:79:0a:95:41:91:5a:8d:5e:54:9a:89:91:89:d0:31:c3:8d:
d2:2f:bf:1d:8e:34:b5:87:48:71:27:30:09:56:34:83:ea:39:
cd:0c:bb:1b:7a:09:97:a6:97:fd:51:d2:63:74:d1:61:76:1b:
c7:e7:92:21:73:75:36:ea:c8:0d:e7:e8:20:79:2f:1f:d0:90:
bd:23:b7:2f:15:27:24:f6:df:54:c5:0a:27:da:a9:ef:49:2d:
aa:24:52:5e:a9:02:ae:ee:a5:ce:d5:1b:84:ba:37:b0:38:35:
fd:a8:03:c0:95:cd:3d:90:ae:6c:80:f4:56:83:b9:da:73:a8:
ee:0a:9d:2a:e5:5d:8c:72:d7:43:64:20:7e:b9:7a:2d:a6:31:
15:95:28:63:4b:dd:8d:b0:0c:4d:ed:4f:cf:e1:41:66:bb:1e:
42:86:b3:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSPw9tbBtzU0L+hmGrFhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NGZmZjNjZjkwMGU3NmFhZTBkMmNkMmU3N2RmZWFlMjRj
NWQyNGMwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzEyZGNlNTVlYWU1Mjg3Mjc2MTUwMDljZTk5Nzk2NmM0YzAyYTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSC2eyx+2Q8oa/K+o77av/+3JjVG
F/9LQre7n88l3FnPQB6Ryt+NgkNxatkHZPG1ohhP2H2zv88KL7cLFDhB/3yrTa+y
WJCfkdyqPtmLiNVk1rGtDSTsg21j4ndDMY1iO8ywLu1VMdXFcrn/VadBCnu3RoAj
j94IeeDA3t5SCbRWuFWwmS5PLTD4WxZkHSMWJ+kbofDBk22TJzLtGSndMTbhXs9M
J/qsTgX/+OGPtD8DXxKGM3CYB59EcWXGOFLZZ8O7PPyfPxvLhW4/urSGW+U36NOF
fiiH1vDztLj8iq2ux7dgjv7cdGpxvYyia9Yw2gYrH8zF9szrjuozYEcjpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJwS3OVerlKHJ2FQCc6ZeWbEwCqTMB8GA1UdIwQY
MBaAFBhP/zz5AOdqrg0s0ud9/q4kxdJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VfX1BQa0E1MnF1RFN6UzUzMy1yaVRGMGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hOTY2NmUtZmNmMC00ZmI2LWE0NTIt
MzhiMzkyYzZlMWJmLzEvbkJMYzVWNnVVb2NuWVZBSnpwbDVac1RBS3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hOTY2NmUtZmNmMC00ZmI2LWE0NTItMzhiMzkyYzZlMWJm
LzEvR0VfX1BQa0E1MnF1RFN6UzUzMy1yaVRGMGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBJQBgAwQA
JQBkAwQBJQBmMA0GCSqGSIb3DQEBCwUAA4IBAQB40xeKgljnJB3biHdbnEKMZEeA
g3aXrAUL9AMXwe2ivAKtzCVlp/cAOqp1vvejfj5cmc0u7rR/o8lAZXuAjs/XqUmA
heswJBOdfdvFgD8CjlJee+OHOK9jBOMZeQqVQZFajV5UmomRidAxw43SL78djjS1
h0hxJzAJVjSD6jnNDLsbegmXppf9UdJjdNFhdhvH55Ihc3U26sgN5+ggeS8f0JC9
I7cvFSck9t9UxQon2qnvSS2qJFJeqQKu7qXO1RuEujewODX9qAPAlc09kK5sgPRW
g7nac6juCp0q5V2MctdDZCB+uXotpjEVlShjS92NsAxN7U/P4UFmux5ChrMV
-----END CERTIFICATE-----
Generated at Thu Oct 10 16:08:17 2024 by rpki-client on console-fra.rpki-client.org