Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/AgQLl-XUTLyF0R7W0d542JuQYP0.roa
File: AgQLl-XUTLyF0R7W0d542JuQYP0.roa (raw, json)
Hash identifier: rVmQWJbfTyZ2TIjCHNAkTQOCEjdFaXIoVAsxD2ZxJU4=
Subject key identifier: 02:04:0B:97:E5:D4:4C:BC:85:D1:1E:D6:D1:DE:78:D8:9B:90:60:FD
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018DEC250F6A79EDCDA59D6B28099976A667
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/AgQLl-XUTLyF0R7W0d542JuQYP0.roa
Signing time: Tue 27 Feb 2024 19:57:48 +0000
ROA not before: Tue 27 Feb 2024 19:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
89.47.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 06:50:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ec:25:0f:6a:79:ed:cd:a5:9d:6b:28:09:99:76:a6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 27 19:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02040b97e5d44cbc85d11ed6d1de78d89b9060fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e5:8c:4d:3d:0d:b9:66:c6:af:0f:69:79:de:
fb:40:09:be:c2:f9:d0:66:08:5b:5f:c1:86:23:6e:
63:b1:e9:2a:c4:01:55:a0:29:e7:df:2c:6e:02:05:
88:a6:c4:46:1d:d0:10:98:7e:9b:05:8c:0c:79:42:
59:71:87:ad:65:76:ce:99:2c:e6:e5:9a:77:9c:e3:
b7:58:18:74:b2:ed:be:97:b7:fd:3b:81:77:5f:12:
7e:b1:5d:94:91:7c:d0:76:a1:da:57:1a:d9:69:93:
6a:0d:b2:78:d4:3a:5b:eb:6b:f4:80:70:51:55:e7:
63:59:11:ab:59:fe:bc:c9:79:9a:bb:81:11:91:52:
5a:0b:62:14:c3:c7:4b:b4:78:c9:c5:1c:77:dd:6a:
c4:de:b7:95:4e:81:88:c6:bf:76:c8:53:d8:e6:11:
d7:a2:41:b6:d4:35:60:4b:1f:9c:f6:ed:17:64:4d:
8c:91:65:44:ed:76:fc:45:f6:b3:ef:3b:9d:87:ec:
e2:31:f6:22:76:ff:f6:84:f5:e0:fe:00:3f:db:9c:
6a:41:b4:fe:1b:c9:91:0c:39:33:a3:09:2d:d9:bf:
e8:03:93:45:01:68:c3:a5:89:c8:23:57:10:02:68:
59:b9:da:f6:17:a4:05:53:4c:5b:24:98:1a:7e:e7:
5d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:04:0B:97:E5:D4:4C:BC:85:D1:1E:D6:D1:DE:78:D8:9B:90:60:FD
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/AgQLl-XUTLyF0R7W0d542JuQYP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
84.247.20.0/24
89.34.171.0/24
89.37.106.0/24
89.42.213.0/24
89.47.249.0/24
94.177.113.0/24
94.177.118.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:7e:78:15:7b:90:db:d9:2f:3c:5a:83:74:d1:44:f2:31:86:
76:de:bc:c6:4c:b8:e5:f3:0f:dd:73:2d:a0:a8:62:87:1d:5c:
34:3b:46:61:cf:f4:08:28:13:e1:f6:ed:0e:59:f6:76:46:b2:
c4:97:17:92:b4:cd:fb:3d:b7:26:72:74:77:fc:2f:ef:43:93:
b4:1e:de:79:e8:62:90:d2:ea:06:b7:ea:22:72:bf:30:2a:cf:
b0:a7:4b:09:7b:b3:ba:50:47:cd:29:66:55:10:4b:f4:17:31:
a6:51:f9:71:9e:43:1d:70:6e:6c:32:6c:ce:63:3d:38:1e:3a:
fe:cb:b4:98:1a:2b:28:8b:fe:6d:af:d6:25:e5:9a:96:a0:77:
a2:8c:ed:65:0a:65:1f:99:27:aa:54:2a:66:d8:4f:85:ef:0b:
27:7d:fa:ff:2b:7d:81:02:74:26:01:ba:bf:9e:6b:e2:a4:d2:
66:8d:2c:d7:d6:0f:83:48:28:76:ab:37:57:83:4e:2a:ea:07:
96:eb:8f:df:10:df:cc:da:5c:84:97:d5:97:5d:49:1d:2e:87:
bc:b6:81:51:9e:0d:ca:c0:e9:36:b0:43:b0:7c:19:b0:c5:fc:
bf:f7:b6:dd:3a:81:54:2d:a8:0f:97:0d:fc:ad:59:95:2c:68:
07:b6:f6:84
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY3sJQ9qee3NpZ1rKAmZdqZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMjI3MTk1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjA0MGI5N2U1ZDQ0Y2JjODVkMTFlZDZkMWRlNzhkODliOTA2MGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuWMTT0NuWbGrw9ped77QAm+wvnQ
ZghbX8GGI25jsekqxAFVoCnn3yxuAgWIpsRGHdAQmH6bBYwMeUJZcYetZXbOmSzm
5Zp3nOO3WBh0su2+l7f9O4F3XxJ+sV2UkXzQdqHaVxrZaZNqDbJ41Dpb62v0gHBR
VedjWRGrWf68yXmau4ERkVJaC2IUw8dLtHjJxRx33WrE3reVToGIxr92yFPY5hHX
okG21DVgSx+c9u0XZE2MkWVE7Xb8Rfaz7zudh+ziMfYidv/2hPXg/gA/25xqQbT+
G8mRDDkzowkt2b/oA5NFAWjDpYnII1cQAmhZudr2F6QFU0xbJJgafuddsQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAIEC5fl1Ey8hdEe1tHeeNibkGD9MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvQWdRTGwtWFVUTHlGMFI3VzBkNTQySnVRWVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAJZmEAwQA
VPcUAwQAWSKrAwQAWSVqAwQAWSrVAwQAWS/5AwQAXrFxAwQAXrF2MA0GCSqGSIb3
DQEBCwUAA4IBAQB9fngVe5Db2S88WoN00UTyMYZ23rzGTLjl8w/dcy2gqGKHHVw0
O0Zhz/QIKBPh9u0OWfZ2RrLElxeStM37PbcmcnR3/C/vQ5O0Ht556GKQ0uoGt+oi
cr8wKs+wp0sJe7O6UEfNKWZVEEv0FzGmUflxnkMdcG5sMmzOYz04Hjr+y7SYGiso
i/5tr9Yl5ZqWoHeijO1lCmUfmSeqVCpm2E+F7wsnffr/K32BAnQmAbq/nmvipNJm
jSzX1g+DSCh2qzdXg04q6geW64/fEN/M2lyEl9WXXUkdLoe8toFRng3KwOk2sEOw
fBmwxfy/97bdOoFULagPlw38rVmVLGgHtvaE
-----END CERTIFICATE-----
Generated at Tue Mar 12 11:27:55 2024 by rpki-client on console-ams.rpki-client.org