Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/7Dj9w6-Hl15Z0KVsWhQArCHBW7I.roa
File: 7Dj9w6-Hl15Z0KVsWhQArCHBW7I.roa (raw, json)
Hash identifier: XXGQCJbEO3JgxZnGB+5Mul9lSyHa3Ob6S+6EptiCy7U=
Subject key identifier: EC:38:FD:C3:AF:87:97:5E:59:D0:A5:6C:5A:14:00:AC:21:C1:5B:B2
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018FCE2A44E92A5871D0FAB971D513490FB5
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/7Dj9w6-Hl15Z0KVsWhQArCHBW7I.roa
Signing time: Fri 31 May 2024 10:20:27 +0000
ROA not before: Fri 31 May 2024 10:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 15:09:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:2a:44:e9:2a:58:71:d0:fa:b9:71:d5:13:49:0f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: May 31 10:20:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec38fdc3af87975e59d0a56c5a1400ac21c15bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c9:b5:23:f8:30:c8:f8:6c:f8:93:60:63:ca:
cd:56:46:b6:0b:f6:c3:e3:98:6d:e1:a1:d1:d4:62:
ed:69:68:fe:e0:e4:2d:58:70:fe:e8:ef:ae:ef:81:
52:d5:6a:35:41:4b:c6:60:f9:76:a3:95:5a:a1:42:
44:42:84:c2:9a:e2:4b:d9:58:37:5b:83:ce:66:80:
08:cc:af:c6:65:24:28:c2:58:d3:50:1c:1f:8b:07:
8b:3f:26:dd:f7:30:3f:55:60:8b:ec:0f:26:2a:c1:
d4:7b:61:1d:71:19:e9:1d:70:8f:94:a2:00:92:7f:
b4:02:b1:f4:31:25:d0:60:8e:89:c6:83:54:53:2c:
5c:3b:80:49:47:69:ea:6b:d9:19:24:5f:9c:24:8f:
f9:35:ab:18:b6:25:13:22:f5:f4:a6:17:7b:2f:ab:
da:cb:3e:e1:f6:15:0c:b8:62:3a:f4:ad:54:ff:b2:
14:9d:77:d6:3f:3e:7e:30:3b:5d:f3:0b:98:98:f5:
1c:3b:8b:22:b5:bd:e6:b1:ed:3b:0d:7d:af:a5:80:
42:69:45:12:6d:1b:67:42:86:a8:1f:4f:c0:25:00:
20:ac:54:8d:7b:ca:51:a7:93:f7:f9:da:52:7a:ea:
17:4a:bc:3f:54:c8:fc:29:de:e9:73:af:8b:87:a2:
ef:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:38:FD:C3:AF:87:97:5E:59:D0:A5:6C:5A:14:00:AC:21:C1:5B:B2
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/7Dj9w6-Hl15Z0KVsWhQArCHBW7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
84.247.20.0/24
89.37.106.0/24
89.42.213.0/24
91.250.244.0/24
Signature Algorithm: sha256WithRSAEncryption
78:56:09:96:08:ab:fe:54:e9:64:6a:79:3f:8b:5b:e8:92:34:
98:8c:2c:78:d9:3b:1f:62:e4:db:b5:83:c6:ad:58:51:03:2c:
d7:9b:a6:ae:3d:8d:25:ba:ac:f4:c0:d5:c6:d4:4f:bb:d9:92:
09:4e:3c:4a:19:fc:a5:41:ce:2c:a2:2a:c4:93:3c:eb:e0:aa:
30:70:a1:09:c9:f6:22:d5:ea:b2:4a:af:0e:f6:63:20:47:62:
80:26:68:ea:2f:28:5c:46:34:16:ed:7e:e7:67:e8:2c:2c:1d:
38:99:ae:03:02:d0:65:0b:b2:75:1c:f9:b3:19:fe:ed:ca:8f:
4e:73:b3:51:73:ee:44:a9:c1:a4:f3:3b:96:d6:29:8b:ff:13:
33:e2:86:d6:e1:81:d0:6d:1a:79:23:02:00:bd:19:f1:eb:a2:
79:1e:19:c7:d6:f6:7d:e2:ff:0e:ff:31:27:69:fc:f3:91:83:
c3:c2:c7:c6:c4:ff:6e:28:4b:63:66:16:78:e1:68:d3:d2:30:
0b:ae:77:37:be:37:ef:89:89:21:b3:06:ab:76:f8:17:f9:54:
e8:36:c4:49:47:78:53:f0:75:98:00:b3:41:09:4e:97:91:4d:
08:70:cb:6e:70:29:bf:ca:46:f4:c6:9a:fb:39:df:1b:f3:8e:
20:bd:26:ab
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY/OKkTpKlhx0Pq5cdUTSQ+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNTMxMTAyMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzM4ZmRjM2FmODc5NzVlNTlkMGE1NmM1YTE0MDBhYzIxYzE1YmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8m1I/gwyPhs+JNgY8rNVka2C/bD
45ht4aHR1GLtaWj+4OQtWHD+6O+u74FS1Wo1QUvGYPl2o5VaoUJEQoTCmuJL2Vg3
W4POZoAIzK/GZSQowljTUBwfiweLPybd9zA/VWCL7A8mKsHUe2EdcRnpHXCPlKIA
kn+0ArH0MSXQYI6JxoNUUyxcO4BJR2nqa9kZJF+cJI/5NasYtiUTIvX0phd7L6va
yz7h9hUMuGI69K1U/7IUnXfWPz5+MDtd8wuYmPUcO4sitb3mse07DX2vpYBCaUUS
bRtnQoaoH0/AJQAgrFSNe8pRp5P3+dpSeuoXSrw/VMj8Kd7pc6+Lh6LvwQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOw4/cOvh5deWdClbFoUAKwhwVuyMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvN0RqOXc2LUhsMTVaMEtWc1doUUFyQ0hCVzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJZmEAwQA
VPcUAwQAWSVqAwQAWSrVAwQAW/r0MA0GCSqGSIb3DQEBCwUAA4IBAQB4VgmWCKv+
VOlkank/i1vokjSYjCx42TsfYuTbtYPGrVhRAyzXm6auPY0luqz0wNXG1E+72ZIJ
TjxKGfylQc4soirEkzzr4KowcKEJyfYi1eqySq8O9mMgR2KAJmjqLyhcRjQW7X7n
Z+gsLB04ma4DAtBlC7J1HPmzGf7tyo9Oc7NRc+5EqcGk8zuW1imL/xMz4obW4YHQ
bRp5IwIAvRnx66J5HhnH1vZ94v8O/zEnafzzkYPDwsfGxP9uKEtjZhZ44WjT0jAL
rnc3vjfviYkhswardvgX+VToNsRJR3hT8HWYALNBCU6XkU0IcMtucCm/ykb0xpr7
Od8b844gvSar
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org