Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/RUCcY7hqqusxybavPlaAjg9Qrbk.roa
File: RUCcY7hqqusxybavPlaAjg9Qrbk.roa (raw, json)
Hash identifier: vb48GLj1uxZnGV7RZ1IqUJzdHe5dBOghsZVtUjZNLWk=
Subject key identifier: 45:40:9C:63:B8:6A:AA:EB:31:C9:B6:AF:3E:56:80:8E:0F:50:AD:B9
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018EFCAA74152062C57641A25A526598BFAE
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/RUCcY7hqqusxybavPlaAjg9Qrbk.roa
Signing time: Sat 20 Apr 2024 18:00:13 +0000
ROA not before: Sat 20 Apr 2024 18:00:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 06:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fc:aa:74:15:20:62:c5:76:41:a2:5a:52:65:98:bf:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 20 18:00:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45409c63b86aaaeb31c9b6af3e56808e0f50adb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a5:ea:c3:6f:91:f6:e5:d7:b4:7d:f5:f7:81:
1a:6f:bc:a8:e9:2d:bf:cc:16:61:0a:b8:13:cd:e8:
d4:8a:50:52:7c:00:44:0f:70:f1:1d:32:3b:82:2c:
14:f5:d0:b7:d3:e9:11:ef:d7:3d:4c:ad:3c:c4:f3:
d4:9f:49:99:60:41:b2:87:6a:13:f6:b8:84:f3:df:
82:b0:9f:aa:c5:75:36:a0:6d:72:52:07:50:e3:0d:
39:fa:91:99:56:f6:35:c8:2b:20:87:69:94:7f:03:
33:80:a5:bf:44:f3:6e:6e:a8:30:53:7f:3e:72:87:
3a:2e:65:a1:74:2f:c5:c4:a7:73:50:68:8e:fd:b7:
fb:ca:f1:3e:4c:8a:26:69:4f:a9:0a:b7:ce:66:bd:
eb:9f:c0:e0:bf:6d:0e:a6:c3:47:38:b7:1a:af:21:
b3:4e:26:7c:e3:aa:42:4a:d9:b2:65:dc:b0:ec:dc:
b0:07:e4:e6:fd:b2:f4:38:da:0a:63:49:2a:1f:fa:
3c:14:8f:c8:a7:bc:9b:3c:2c:fa:a5:96:69:28:bf:
15:4b:3d:13:e2:65:e2:60:7e:96:2e:06:a3:6e:f0:
76:03:50:29:0b:f9:64:37:56:38:04:fd:96:db:c8:
e3:4a:a3:e0:d8:e2:0e:3d:9d:2a:1e:ba:e1:1b:d3:
be:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:40:9C:63:B8:6A:AA:EB:31:C9:B6:AF:3E:56:80:8E:0F:50:AD:B9
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/RUCcY7hqqusxybavPlaAjg9Qrbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
84.247.20.0/24
89.37.106.0/24
89.42.213.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:89:98:e0:50:b4:71:03:80:05:42:47:db:5d:33:c1:0f:27:
81:59:d9:24:1c:87:ba:cc:24:94:08:8a:16:f1:7f:3b:8e:04:
9f:0d:6d:19:93:5c:0c:04:59:52:e8:ce:f9:dd:e8:96:cd:56:
6d:83:2d:f5:e8:71:6d:6d:74:94:e1:e7:26:b2:98:2d:89:a4:
07:b3:f9:2d:60:bf:0e:6d:c9:d6:29:1d:5e:e5:9f:2d:37:80:
9a:11:df:5c:2b:bc:f9:3e:4a:30:41:be:99:34:bc:d0:44:a4:
14:4b:b4:fc:a9:00:17:14:0e:63:ca:01:c8:5a:48:90:dc:f1:
9d:26:8a:af:dd:7f:a1:76:6e:77:cf:df:1a:f3:4f:36:41:d8:
13:5a:4e:14:ce:77:f8:65:04:91:bd:1a:98:96:e8:15:63:d0:
e9:94:b6:57:43:cb:2d:1d:65:71:e2:d2:12:88:71:c3:a6:8d:
b6:82:5d:de:0b:4a:c6:9a:d9:82:8e:5c:08:c0:56:bd:4c:de:
b7:70:b5:1c:5b:4e:11:80:54:00:62:0a:8b:f8:17:0a:9c:8a:
93:27:ad:97:c1:4c:b8:fd:b1:6b:cc:11:24:90:29:b9:00:b1:
da:c0:17:01:27:95:e4:0c:40:bc:8b:dd:1d:de:b3:c8:73:a1:
29:81:98:0a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY78qnQVIGLFdkGiWlJlmL+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNDIwMTgwMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQwOWM2M2I4NmFhYWViMzFjOWI2YWYzZTU2ODA4ZTBmNTBhZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qXqw2+R9uXXtH3194Eab7yo6S2/
zBZhCrgTzejUilBSfABED3DxHTI7giwU9dC30+kR79c9TK08xPPUn0mZYEGyh2oT
9riE89+CsJ+qxXU2oG1yUgdQ4w05+pGZVvY1yCsgh2mUfwMzgKW/RPNubqgwU38+
coc6LmWhdC/FxKdzUGiO/bf7yvE+TIomaU+pCrfOZr3rn8Dgv20OpsNHOLcaryGz
TiZ846pCStmyZdyw7NywB+Tm/bL0ONoKY0kqH/o8FI/Ip7ybPCz6pZZpKL8VSz0T
4mXiYH6WLgajbvB2A1ApC/lkN1Y4BP2W28jjSqPg2OIOPZ0qHrrhG9O+RQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEVAnGO4aqrrMcm2rz5WgI4PUK25MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUlVDY1k3aHFxdXN4eWJhdlBsYUFqZzlRcmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJZmEAwQA
VPcUAwQAWSVqAwQAWSrVMA0GCSqGSIb3DQEBCwUAA4IBAQA+iZjgULRxA4AFQkfb
XTPBDyeBWdkkHIe6zCSUCIoW8X87jgSfDW0Zk1wMBFlS6M753eiWzVZtgy316HFt
bXSU4ecmspgtiaQHs/ktYL8ObcnWKR1e5Z8tN4CaEd9cK7z5PkowQb6ZNLzQRKQU
S7T8qQAXFA5jygHIWkiQ3PGdJoqv3X+hdm53z98a8082QdgTWk4Uznf4ZQSRvRqY
lugVY9DplLZXQ8stHWVx4tISiHHDpo22gl3eC0rGmtmCjlwIwFa9TN63cLUcW04R
gFQAYgqL+BcKnIqTJ62XwUy4/bFrzBEkkCm5ALHawBcBJ5XkDEC8i90d3rPIc6Ep
gZgK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org