Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1sgEsOpd5sE8bRU1gPB0VpssSYo.roa
File: 1sgEsOpd5sE8bRU1gPB0VpssSYo.roa (raw, json)
Hash identifier: wXLQttQO5dJMq9DLlW+G9pzsK1XGBg/vJgFT4ymb43E=
Subject key identifier: D6:C8:04:B0:EA:5D:E6:C1:3C:6D:15:35:80:F0:74:56:9B:2C:49:8A
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01904E3A7E16EFAA63EA6D6D39DAF87D995D
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1sgEsOpd5sE8bRU1gPB0VpssSYo.roa
Signing time: Tue 25 Jun 2024 07:09:34 +0000
ROA not before: Tue 25 Jun 2024 07:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
89.44.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 17:44:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:3a:7e:16:ef:aa:63:ea:6d:6d:39:da:f8:7d:99:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jun 25 07:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6c804b0ea5de6c13c6d153580f074569b2c498a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fc:d9:09:fd:a7:11:c2:c8:74:68:5d:ce:2f:
6d:c0:f6:fe:2b:db:44:2a:87:dd:dd:66:8c:06:ba:
d7:f0:a5:96:f6:18:92:5b:15:f8:05:54:d5:5c:ad:
e5:1d:ac:fb:4e:4a:9b:86:22:3b:10:d4:e9:08:9d:
7c:ce:e4:8b:9e:4e:32:db:59:b8:e6:77:62:be:ff:
68:4a:b7:a5:98:71:d8:8d:9f:a4:4f:fc:78:d0:da:
a0:29:3b:9c:72:29:0f:c8:53:71:36:ce:3d:8d:5c:
82:34:aa:3d:e9:e3:fb:45:7c:31:59:4d:63:8c:b3:
f8:d1:49:54:4c:98:c1:d9:b2:32:e1:bd:a6:f2:ef:
05:b9:8e:1b:3b:4d:d0:81:ee:2f:3a:9d:a9:9c:5b:
88:bb:b2:7d:49:c4:dd:0d:4f:19:ae:42:73:25:1e:
46:f8:e2:b7:28:77:42:3e:de:0a:8f:84:f3:c0:1d:
4e:3d:ca:37:39:f8:f0:3c:dd:89:f7:a5:e9:de:02:
36:48:83:5f:bc:dc:24:dc:29:3f:b0:d4:56:45:5f:
62:e7:53:3f:0e:69:92:1a:82:f1:44:c1:41:ca:fe:
06:2e:95:30:24:ca:56:f1:78:e0:66:95:e8:49:fb:
de:5c:ac:97:a0:b7:89:9e:35:ea:3b:83:41:63:48:
5c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C8:04:B0:EA:5D:E6:C1:3C:6D:15:35:80:F0:74:56:9B:2C:49:8A
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1sgEsOpd5sE8bRU1gPB0VpssSYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
89.37.106.0/24
89.42.213.0/24
89.44.210.0/24
Signature Algorithm: sha256WithRSAEncryption
40:36:47:84:0a:4b:0b:4d:e1:75:c3:f5:3e:60:6c:c2:42:86:
3d:0b:95:e1:2e:83:7d:c7:1f:0f:6a:e7:15:e7:78:2d:01:ce:
21:bc:7c:01:4a:9b:1f:04:81:d1:7b:e1:b2:f0:ee:08:a3:48:
d8:72:fa:9e:7c:1d:4c:c3:e3:0d:52:c6:65:80:5c:c9:5f:56:
c5:4c:fc:ef:35:51:29:f2:3e:b9:db:9d:a1:88:f9:2e:07:39:
14:b9:60:93:44:81:05:cb:ad:10:7f:e7:2b:53:ab:82:71:3e:
db:ea:ee:03:df:bc:56:38:93:38:64:d7:a6:ad:e7:21:84:84:
68:0f:52:4e:0d:0f:3d:f2:69:67:84:67:9f:18:35:64:d7:bd:
f5:67:75:41:53:83:61:45:fd:cf:63:b8:09:4f:43:9c:72:ef:
d3:0d:40:df:28:f4:92:d0:34:0f:d6:de:03:13:dd:9c:37:34:
b2:d3:37:ff:26:40:0a:43:d8:ea:bd:79:db:b9:f6:b0:40:80:
a7:f7:03:9c:6c:3a:72:af:f9:a4:8c:6b:2f:5a:f3:5d:0b:30:
99:91:67:b1:9a:b5:c4:b1:c0:4b:88:bd:f2:c1:ac:30:54:79:
49:f5:7f:ea:61:5b:7e:1d:92:e3:95:6d:79:04:ff:ce:51:f4:
a6:08:22:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZBOOn4W76pj6m1tOdr4fZldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNjI1MDcwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmM4MDRiMGVhNWRlNmMxM2M2ZDE1MzU4MGYwNzQ1NjliMmM0OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvzZCf2nEcLIdGhdzi9twPb+K9tE
Kofd3WaMBrrX8KWW9hiSWxX4BVTVXK3lHaz7TkqbhiI7ENTpCJ18zuSLnk4y21m4
5ndivv9oSrelmHHYjZ+kT/x40NqgKTuccikPyFNxNs49jVyCNKo96eP7RXwxWU1j
jLP40UlUTJjB2bIy4b2m8u8FuY4bO03Qge4vOp2pnFuIu7J9ScTdDU8ZrkJzJR5G
+OK3KHdCPt4Kj4TzwB1OPco3OfjwPN2J96Xp3gI2SINfvNwk3Ck/sNRWRV9i51M/
DmmSGoLxRMFByv4GLpUwJMpW8XjgZpXoSfveXKyXoLeJnjXqO4NBY0hcPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNbIBLDqXebBPG0VNYDwdFabLEmKMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvMXNnRXNPcGQ1c0U4YlJVMWdQQjBWcHNzU1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJZmEAwQA
WSVqAwQAWSrVAwQAWSzSMA0GCSqGSIb3DQEBCwUAA4IBAQBANkeECksLTeF1w/U+
YGzCQoY9C5XhLoN9xx8PaucV53gtAc4hvHwBSpsfBIHRe+Gy8O4Io0jYcvqefB1M
w+MNUsZlgFzJX1bFTPzvNVEp8j65252hiPkuBzkUuWCTRIEFy60Qf+crU6uCcT7b
6u4D37xWOJM4ZNemrechhIRoD1JODQ898mlnhGefGDVk1731Z3VBU4NhRf3PY7gJ
T0Occu/TDUDfKPSS0DQP1t4DE92cNzSy0zf/JkAKQ9jqvXnbufawQICn9wOcbDpy
r/mkjGsvWvNdCzCZkWexmrXEscBLiL3ywawwVHlJ9X/qYVt+HZLjlW15BP/OUfSm
CCIp
Generated at Tue Jul 2 20:14:17 2024 by rpki-client on console-ams.rpki-client.org