Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/s3b8zE2YVvnJV0igKAIr99juyNI.roa
File: s3b8zE2YVvnJV0igKAIr99juyNI.roa (raw, json)
Hash identifier: UHTCssMwmU9Z3H5ir+9FwxUej4VTQwbrJH32RBSnuAk=
Subject key identifier: B3:76:FC:CC:4D:98:56:F9:C9:57:48:A0:28:02:2B:F7:D8:EE:C8:D2
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018FCF34B0DC4C6638C321421ED36D7AB27A
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/s3b8zE2YVvnJV0igKAIr99juyNI.roa
Signing time: Fri 31 May 2024 15:11:27 +0000
ROA not before: Fri 31 May 2024 15:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 07:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cf:34:b0:dc:4c:66:38:c3:21:42:1e:d3:6d:7a:b2:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: May 31 15:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b376fccc4d9856f9c95748a028022bf7d8eec8d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ae:35:b5:13:b2:81:d9:6f:fe:6c:41:0a:88:
e8:58:ac:bb:bb:47:aa:1b:0b:bb:ee:9e:49:83:b4:
2e:b0:ab:e3:07:2b:82:61:f9:19:68:e6:4f:0d:1f:
d0:b6:73:de:3f:27:7a:9b:12:e6:eb:cd:6c:01:b1:
a2:e3:15:4e:ae:76:80:8a:01:49:43:3d:54:a8:12:
1d:98:59:df:57:40:32:66:79:b2:02:24:fc:6c:ca:
b5:fb:22:8a:7e:cf:e6:81:9a:66:c0:58:b0:a6:d7:
12:89:17:12:fc:8e:e0:e5:e4:21:d0:98:ec:3d:0f:
0d:a3:87:7a:70:a5:6e:3f:93:d8:a5:b3:1b:04:04:
b5:41:ad:7e:43:47:13:7e:2b:92:b9:bd:a9:ca:31:
f7:0d:cb:fb:14:2c:de:ad:56:26:34:ee:6c:3f:8d:
7b:82:51:81:b8:19:6e:a3:4d:c5:86:d7:98:a7:78:
32:b2:a8:f2:2b:f1:76:63:62:51:6e:e3:fc:89:02:
a6:9b:0b:75:6d:98:81:25:0f:c6:36:1a:d6:bf:8c:
d8:4f:49:1a:ee:00:38:16:40:fd:7e:fe:ac:fb:c7:
72:1b:f3:6d:e6:ef:15:a7:a5:6f:c5:13:5f:d9:61:
29:aa:1f:d9:61:95:c6:87:fe:de:8e:d9:41:95:8c:
3a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:76:FC:CC:4D:98:56:F9:C9:57:48:A0:28:02:2B:F7:D8:EE:C8:D2
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/s3b8zE2YVvnJV0igKAIr99juyNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
89.37.106.0/24
89.42.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:76:91:bb:69:af:0b:84:91:9d:87:9d:ac:f7:7b:3f:a1:13:
fe:33:ff:76:1f:49:e0:c5:9b:73:c3:1a:89:0f:7d:4c:48:71:
5c:20:26:4b:a5:ac:0e:36:7b:b6:fe:12:08:7b:1e:fc:c4:b7:
98:04:13:4a:97:e4:99:3b:39:3d:c8:c3:44:d8:45:91:2c:59:
a3:4d:ce:23:63:df:48:c4:00:c6:e2:be:4f:e9:c5:3f:58:73:
e9:2a:fd:c0:0f:0f:7f:f2:5b:b1:9a:04:d0:11:4e:4b:91:4e:
f8:b4:75:bf:03:d3:f7:d2:24:3d:fd:f6:c8:b3:74:97:5b:36:
62:7f:f9:fa:fc:a5:c3:77:e3:32:7e:55:05:22:57:74:7a:4b:
ad:ee:6e:56:40:d1:a2:2b:40:be:c7:59:ba:a1:4c:20:fe:96:
b1:ce:a4:95:d6:f8:d7:89:c8:f9:a1:ef:6b:fd:91:b2:45:3e:
6c:98:87:03:36:48:67:56:2b:31:37:23:de:ad:99:ef:f1:56:
df:4d:ff:86:83:c6:24:3f:50:e7:b7:98:e3:3c:45:24:01:ba:
05:85:f6:17:ac:f3:4f:17:a0:33:e2:37:6f:82:68:e3:67:40:
6a:b0:59:eb:5f:d7:86:6c:61:43:90:99:d8:2f:00:c9:14:83:
0d:b1:13:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/PNLDcTGY4wyFCHtNterJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNTMxMTUxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzc2ZmNjYzRkOTg1NmY5Yzk1NzQ4YTAyODAyMmJmN2Q4ZWVjOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK41tROygdlv/mxBCojoWKy7u0eq
Gwu77p5Jg7QusKvjByuCYfkZaOZPDR/QtnPePyd6mxLm681sAbGi4xVOrnaAigFJ
Qz1UqBIdmFnfV0AyZnmyAiT8bMq1+yKKfs/mgZpmwFiwptcSiRcS/I7g5eQh0Jjs
PQ8No4d6cKVuP5PYpbMbBAS1Qa1+Q0cTfiuSub2pyjH3Dcv7FCzerVYmNO5sP417
glGBuBluo03FhteYp3gysqjyK/F2Y2JRbuP8iQKmmwt1bZiBJQ/GNhrWv4zYT0ka
7gA4FkD9fv6s+8dyG/Nt5u8Vp6VvxRNf2WEpqh/ZYZXGh/7ejtlBlYw6BwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLN2/MxNmFb5yVdIoCgCK/fY7sjSMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvczNiOHpFMllWdm5KVjBpZ0tBSXI5OWp1eU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJZmEAwQA
WSVqAwQAWSrVMA0GCSqGSIb3DQEBCwUAA4IBAQBMdpG7aa8LhJGdh52s93s/oRP+
M/92H0ngxZtzwxqJD31MSHFcICZLpawONnu2/hIIex78xLeYBBNKl+SZOzk9yMNE
2EWRLFmjTc4jY99IxADG4r5P6cU/WHPpKv3ADw9/8luxmgTQEU5LkU74tHW/A9P3
0iQ9/fbIs3SXWzZif/n6/KXDd+MyflUFIld0ekut7m5WQNGiK0C+x1m6oUwg/pax
zqSV1vjXicj5oe9r/ZGyRT5smIcDNkhnVisxNyPerZnv8VbfTf+Gg8YkP1Dnt5jj
PEUkAboFhfYXrPNPF6Az4jdvgmjjZ0BqsFnrX9eGbGFDkJnYLwDJFIMNsROK
-----END CERTIFICATE-----
Generated at Tue Jun 25 13:08:05 2024 by rpki-client on console-ams.rpki-client.org