Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/dUggs7HYTtMUDdpdyv5CuAs6UWw.roa
File: dUggs7HYTtMUDdpdyv5CuAs6UWw.roa (raw, json)
Hash identifier: aFPdKor9BKJBHZyVg72aAAgqMZbUCfz2RRtvwEdbs+Y=
Subject key identifier: 75:48:20:B3:B1:D8:4E:D3:14:0D:DA:5D:CA:FE:42:B8:0B:3A:51:6C
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 018D747933B0123D4EA032FD3828761B7964
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/dUggs7HYTtMUDdpdyv5CuAs6UWw.roa
Signing time: Sun 04 Feb 2024 14:15:16 +0000
ROA not before: Sun 04 Feb 2024 14:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57862
IP address blocks: 37.122.152.0/22 maxlen: 22
37.122.152.0/23 maxlen: 23
37.122.152.0/24 maxlen: 24
37.122.153.0/24 maxlen: 24
37.122.154.0/23 maxlen: 23
37.122.154.0/24 maxlen: 24
37.122.155.0/24 maxlen: 24
37.122.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Feb 2024 10:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:74:79:33:b0:12:3d:4e:a0:32:fd:38:28:76:1b:79:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Feb 4 14:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=754820b3b1d84ed3140dda5dcafe42b80b3a516c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:10:05:64:5f:ed:30:64:dd:97:37:ba:06:77:
49:79:a9:b1:e8:6c:33:ef:ef:ab:41:77:46:48:66:
40:02:38:da:90:17:9d:51:97:ad:c3:5e:81:e9:41:
4a:81:e9:c9:5d:6f:e7:4f:90:44:fd:44:36:9d:63:
7f:bd:43:25:53:24:6c:61:e5:ad:03:20:df:25:c5:
29:61:12:c5:53:d3:44:6b:6b:ad:1e:bf:f2:af:d9:
c9:35:cf:42:91:c3:aa:19:fb:9b:38:36:fb:78:50:
61:2e:d0:84:33:29:5b:a7:fa:41:dc:02:37:a3:5a:
33:89:e1:06:33:52:8f:e8:61:1c:54:c5:f1:fd:53:
3c:79:b9:b6:84:b1:b2:d1:83:75:ea:ae:8f:ca:0e:
9c:05:33:35:49:96:d5:c8:bd:79:6f:66:7e:9c:d9:
80:6a:3a:84:34:dd:2d:11:f3:8d:98:f1:6a:35:21:
63:7b:f8:36:cc:bf:f4:bb:29:10:b2:e0:3c:a1:61:
4a:69:f8:d6:19:14:62:0f:5b:b1:7f:b9:ba:ce:5f:
70:07:03:2c:2c:e3:80:ac:f8:53:8d:d4:d7:31:1f:
81:a6:04:70:fb:9a:d0:95:f9:46:66:2c:cb:cc:02:
6f:4b:fa:09:5f:40:ba:52:a4:71:dd:d7:bb:56:9e:
cc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:48:20:B3:B1:D8:4E:D3:14:0D:DA:5D:CA:FE:42:B8:0B:3A:51:6C
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/dUggs7HYTtMUDdpdyv5CuAs6UWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.156.255
Signature Algorithm: sha256WithRSAEncryption
a9:39:13:c1:89:5a:e8:a8:0a:cc:0a:d7:e6:37:df:28:e0:64:
8d:78:20:c0:ec:a9:51:09:72:b9:4b:c5:74:c7:82:b3:ef:82:
08:99:63:0e:d7:db:47:75:d3:81:79:64:10:b0:03:d9:6c:3e:
0d:86:89:5e:d3:25:bc:59:5a:a3:6d:01:03:31:6e:0b:00:3e:
79:ad:21:0e:44:cf:1b:6d:ca:2b:82:84:6b:e6:e8:0b:35:60:
04:c8:71:5a:05:7a:54:dc:d9:0f:eb:ef:67:c3:62:c7:2c:0d:
b0:c2:67:fd:e6:2d:e7:dd:af:e4:3c:a0:15:7f:02:44:d0:b3:
29:a6:cb:a1:29:95:46:1b:02:99:3d:a7:41:5d:9d:e5:04:26:
9e:f7:e5:12:e3:61:97:1d:c2:10:2a:c0:f7:65:30:40:a7:46:
69:38:bb:b6:ca:41:43:fc:82:7d:c4:0d:68:89:3e:cf:2e:5b:
1e:48:c7:84:40:a1:d1:2e:f3:a7:7b:58:d3:c7:35:27:11:ce:
22:f8:12:5a:b9:ff:28:58:2d:42:1d:ad:a9:a1:b9:f5:f3:2d:
5e:2a:d7:90:6d:dd:30:b1:1a:3c:93:2e:1b:71:5a:4f:b8:00:
b1:6b:de:43:44:25:e5:da:de:f2:71:58:c7:55:6a:ba:ed:df:
1b:da:98:d9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY10eTOwEj1OoDL9OCh2G3lkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjQwMjA0MTQxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQ4MjBiM2IxZDg0ZWQzMTQwZGRhNWRjYWZlNDJiODBiM2E1MTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRAFZF/tMGTdlze6BndJeamx6Gwz
7++rQXdGSGZAAjjakBedUZetw16B6UFKgenJXW/nT5BE/UQ2nWN/vUMlUyRsYeWt
AyDfJcUpYRLFU9NEa2utHr/yr9nJNc9CkcOqGfubODb7eFBhLtCEMylbp/pB3AI3
o1ozieEGM1KP6GEcVMXx/VM8ebm2hLGy0YN16q6Pyg6cBTM1SZbVyL15b2Z+nNmA
ajqENN0tEfONmPFqNSFje/g2zL/0uykQsuA8oWFKafjWGRRiD1uxf7m6zl9wBwMs
LOOArPhTjdTXMR+BpgRw+5rQlflGZizLzAJvS/oJX0C6UqRx3de7Vp7MQQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHVIILOx2E7TFA3aXcr+QrgLOlFsMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvZFVnZ3M3SFlUdE1VRGRwZHl2NUN1QXM2VVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMlepgD
BAAlepwwDQYJKoZIhvcNAQELBQADggEBAKk5E8GJWuioCswK1+Y33yjgZI14IMDs
qVEJcrlLxXTHgrPvggiZYw7X20d104F5ZBCwA9lsPg2GiV7TJbxZWqNtAQMxbgsA
PnmtIQ5EzxttyiuChGvm6As1YATIcVoFelTc2Q/r72fDYscsDbDCZ/3mLefdr+Q8
oBV/AkTQsymmy6EplUYbApk9p0FdneUEJp735RLjYZcdwhAqwPdlMECnRmk4u7bK
QUP8gn3EDWiJPs8uWx5Ix4RAodEu86d7WNPHNScRziL4Elq5/yhYLUIdramhufXz
LV4q15Bt3TCxGjyTLhtxWk+4ALFr3kNEJeXa3vJxWMdVarrt3xvamNk=
-----END CERTIFICATE-----
Generated at Sat Feb 24 13:18:09 2024 by rpki-client on console-fra.rpki-client.org