Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/PmdDNhj96vjdSBbZ8ag3Sjw4940.roa
File: PmdDNhj96vjdSBbZ8ag3Sjw4940.roa (raw, json)
Hash identifier: aCae9KlYZsf2PY/PaLV9wunZHaOQUtoWi4cLxk8SjQg=
Subject key identifier: 3E:67:43:36:18:FD:EA:F8:DD:48:16:D9:F1:A8:37:4A:3C:38:F7:8D
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018F94ADBB106016BABAC1574A9DC6F0DC81
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/PmdDNhj96vjdSBbZ8ag3Sjw4940.roa
Signing time: Mon 20 May 2024 06:26:04 +0000
ROA not before: Mon 20 May 2024 06:26:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 11:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:94:ad:bb:10:60:16:ba:ba:c1:57:4a:9d:c6:f0:dc:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: May 20 06:26:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e67433618fdeaf8dd4816d9f1a8374a3c38f78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:50:4d:d1:60:2a:f4:d0:94:eb:0c:54:0d:f0:
e7:8d:7b:bd:07:65:2c:aa:99:de:78:88:46:3a:80:
56:a1:c0:83:34:4d:ee:81:8f:3d:98:26:49:4d:9e:
36:9f:80:3f:ce:a7:d8:e0:d1:68:37:47:a2:29:bd:
dc:fc:7e:da:4d:cc:0f:fd:24:c3:1c:fa:f8:17:bc:
d7:76:41:ab:e9:98:d2:40:b6:15:71:34:fa:0f:4b:
fb:6e:84:00:c1:bd:8e:e5:00:d5:25:69:1c:97:65:
17:a2:bd:97:b2:7a:03:be:67:0e:f1:1a:19:fd:db:
d5:4f:15:e9:12:55:8b:21:0d:d6:79:63:93:c1:d3:
ef:36:31:73:0c:d7:73:3e:c5:93:e8:83:ab:25:8d:
04:1d:52:ce:b5:d2:8d:bb:7f:0f:99:25:88:5c:f8:
04:1c:ad:2c:33:23:04:19:5e:f5:9e:1c:a8:1a:5e:
4c:66:f2:2f:40:f3:e4:77:86:0b:d0:09:f3:25:49:
65:74:00:c0:29:4f:a3:47:6d:b8:4f:6f:56:c4:14:
c6:56:e7:40:da:7b:7a:f8:fb:b2:43:61:15:d2:93:
59:d6:44:7a:bd:23:97:89:ef:81:97:d0:12:50:c5:
aa:70:18:66:43:1a:9b:8d:ac:fb:8c:64:11:7f:2c:
05:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:67:43:36:18:FD:EA:F8:DD:48:16:D9:F1:A8:37:4A:3C:38:F7:8D
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/PmdDNhj96vjdSBbZ8ag3Sjw4940.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
84.247.20.0/24
89.34.171.0/24
89.37.106.0/24
89.42.213.0/24
Signature Algorithm: sha256WithRSAEncryption
27:cd:7f:fb:67:94:92:c3:80:29:0d:55:ba:49:8e:71:7d:cb:
d1:37:b2:99:14:88:f0:25:eb:5c:a6:09:17:3e:6b:e2:f3:fd:
92:ac:e0:3f:0c:99:7a:3d:db:ff:e9:75:25:da:5a:aa:fa:02:
52:2f:7d:ef:57:17:0b:e0:c4:41:ea:3a:d0:dd:c6:65:fe:18:
65:59:a4:13:22:c3:82:f2:64:0f:83:74:d8:b4:1e:f5:ce:3c:
9e:2f:97:88:c0:e7:06:d6:6f:c2:7f:92:b4:2c:ff:dc:f2:62:
32:41:cc:a1:f8:4d:dc:48:17:08:a5:71:b6:f3:41:18:2b:07:
db:16:27:38:a5:b0:a8:df:be:cb:b9:76:8e:f2:c3:1f:c7:4a:
be:12:f4:91:34:32:c2:0f:0d:fd:51:ba:5d:1b:a1:dd:53:da:
3d:26:fa:35:c0:c8:3a:15:48:5e:fa:38:3a:b1:83:79:3a:44:
39:90:44:79:0f:62:d6:5d:cb:a0:66:4e:b7:a0:77:72:4a:f5:
c7:a2:82:b1:4a:1d:c7:bd:49:4d:7f:9c:87:76:06:2b:fb:28:
a5:39:f8:9b:93:0c:bc:92:3d:92:10:7a:2b:f6:eb:21:a7:ae:
41:b3:ce:35:d6:40:58:e1:27:05:4c:7b:5e:8d:90:90:8d:d8:
26:8e:03:02
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+UrbsQYBa6usFXSp3G8NyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNTIwMDYyNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTY3NDMzNjE4ZmRlYWY4ZGQ0ODE2ZDlmMWE4Mzc0YTNjMzhmNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlBN0WAq9NCU6wxUDfDnjXu9B2Us
qpneeIhGOoBWocCDNE3ugY89mCZJTZ42n4A/zqfY4NFoN0eiKb3c/H7aTcwP/STD
HPr4F7zXdkGr6ZjSQLYVcTT6D0v7boQAwb2O5QDVJWkcl2UXor2XsnoDvmcO8RoZ
/dvVTxXpElWLIQ3WeWOTwdPvNjFzDNdzPsWT6IOrJY0EHVLOtdKNu38PmSWIXPgE
HK0sMyMEGV71nhyoGl5MZvIvQPPkd4YL0AnzJUlldADAKU+jR224T29WxBTGVudA
2nt6+PuyQ2EV0pNZ1kR6vSOXie+Bl9ASUMWqcBhmQxqbjaz7jGQRfywFPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD5nQzYY/er43UgW2fGoN0o8OPeNMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUG1kRE5oajk2dmpkU0JiWjhhZzNTanc0OTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJZmEAwQA
VPcUAwQAWSKrAwQAWSVqAwQAWSrVMA0GCSqGSIb3DQEBCwUAA4IBAQAnzX/7Z5SS
w4ApDVW6SY5xfcvRN7KZFIjwJetcpgkXPmvi8/2SrOA/DJl6Pdv/6XUl2lqq+gJS
L33vVxcL4MRB6jrQ3cZl/hhlWaQTIsOC8mQPg3TYtB71zjyeL5eIwOcG1m/Cf5K0
LP/c8mIyQcyh+E3cSBcIpXG280EYKwfbFic4pbCo377LuXaO8sMfx0q+EvSRNDLC
Dw39UbpdG6HdU9o9Jvo1wMg6FUhe+jg6sYN5OkQ5kER5D2LWXcugZk63oHdySvXH
ooKxSh3HvUlNf5yHdgYr+yilOfibkwy8kj2SEHor9ushp65Bs8411kBY4ScFTHte
jZCQjdgmjgMC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org