Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/WOfqG82k8OdYPECh9SuQvQNP--8.roa
File: WOfqG82k8OdYPECh9SuQvQNP--8.roa (raw, json)
Hash identifier: fzGnIigBrx9RVjC0LW8mMWtQcBZgsr4AbRW2xsy/M7U=
Subject key identifier: 58:E7:EA:1B:CD:A4:F0:E7:58:3C:40:A1:F5:2B:90:BD:03:4F:FB:EF
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018F70F46A4815C7B8AA5231D837D9C2121F
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/WOfqG82k8OdYPECh9SuQvQNP--8.roa
Signing time: Mon 13 May 2024 07:56:57 +0000
ROA not before: Mon 13 May 2024 07:56:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12716
IP address blocks: 37.63.0.0/20 maxlen: 20
37.63.16.0/22 maxlen: 22
37.63.20.0/22 maxlen: 24
37.63.24.0/22 maxlen: 22
37.63.28.0/22 maxlen: 24
37.63.32.0/22 maxlen: 24
37.63.96.0/22 maxlen: 22
62.204.154.0/23 maxlen: 23
83.97.30.0/24 maxlen: 24
84.252.40.0/23 maxlen: 23
85.118.64.0/22 maxlen: 22
85.118.68.0/23 maxlen: 24
85.118.70.0/24 maxlen: 24
85.118.71.0/24 maxlen: 24
85.118.72.0/23 maxlen: 23
85.118.74.0/24 maxlen: 24
85.118.76.0/22 maxlen: 22
85.118.80.0/22 maxlen: 22
85.118.84.0/24 maxlen: 24
85.118.92.0/24 maxlen: 24
85.118.93.0/24 maxlen: 24
89.215.62.0/23 maxlen: 23
151.251.44.0/22 maxlen: 22
151.251.68.0/22 maxlen: 22
151.251.121.0/24 maxlen: 24
151.251.126.0/23 maxlen: 23
151.251.192.0/22 maxlen: 22
151.251.196.0/24 maxlen: 24
151.251.238.0/24 maxlen: 24
151.251.239.0/24 maxlen: 24
151.251.240.0/20 maxlen: 20
176.222.0.0/20 maxlen: 24
185.151.156.0/22 maxlen: 22
185.224.160.0/23 maxlen: 23
212.104.116.0/22 maxlen: 24
213.226.17.0/24 maxlen: 24
213.226.19.0/24 maxlen: 24
213.226.36.0/24 maxlen: 24
213.226.40.0/24 maxlen: 24
213.226.51.0/24 maxlen: 24
213.226.56.0/24 maxlen: 24
213.226.57.0/24 maxlen: 24
213.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jun 2024 13:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:70:f4:6a:48:15:c7:b8:aa:52:31:d8:37:d9:c2:12:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: May 13 07:56:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58e7ea1bcda4f0e7583c40a1f52b90bd034ffbef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c4:f9:73:0c:6d:47:05:6e:22:a0:25:2a:09:
84:26:27:54:b7:fe:ac:fa:ac:2f:85:49:e1:78:06:
0a:08:bb:5d:4e:b4:50:1a:47:fb:0e:3f:20:34:f4:
16:a7:90:e0:0c:e1:5c:ef:d1:ba:f4:9a:c1:4b:4b:
8d:ca:6b:46:cc:07:fa:25:eb:ef:3e:95:32:34:89:
b8:de:cc:5a:e5:20:65:87:8f:44:e0:08:b9:1b:e3:
3b:8e:ce:22:26:c2:aa:be:23:bc:d1:f7:88:04:85:
54:24:02:8e:ca:33:60:32:3b:27:08:46:5a:66:00:
ce:f6:26:47:62:99:55:0d:c2:7f:9c:d3:2e:9d:53:
6a:24:ea:28:47:2b:37:6a:71:14:58:01:e6:52:fc:
5a:20:7e:1a:50:7d:d5:ee:3b:21:9b:a3:20:32:ed:
e6:90:bc:ef:4e:67:03:dc:a7:68:51:c8:1f:90:45:
66:40:86:15:3a:2d:3d:50:37:20:b7:29:89:2d:ad:
01:00:75:b2:78:df:1f:de:b9:7d:d8:70:1f:41:2b:
d6:34:f9:68:40:1a:41:b2:b9:1a:76:f2:01:d6:cb:
37:c9:fc:f2:bd:3b:e7:19:c6:6b:41:5f:71:da:55:
ab:ab:c6:04:61:ad:ab:f0:ce:19:e7:7f:b2:e1:72:
09:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E7:EA:1B:CD:A4:F0:E7:58:3C:40:A1:F5:2B:90:BD:03:4F:FB:EF
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/WOfqG82k8OdYPECh9SuQvQNP--8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.63.0.0-37.63.35.255
37.63.96.0/22
62.204.154.0/23
83.97.30.0/24
84.252.40.0/23
85.118.64.0-85.118.74.255
85.118.76.0-85.118.84.255
85.118.92.0/23
89.215.62.0/23
151.251.44.0/22
151.251.68.0/22
151.251.121.0/24
151.251.126.0/23
151.251.192.0-151.251.196.255
151.251.238.0-151.251.255.255
176.222.0.0/20
185.151.156.0/22
185.224.160.0/23
212.104.116.0/22
213.226.17.0/24
213.226.19.0/24
213.226.36.0/24
213.226.40.0/24
213.226.51.0/24
213.226.56.0/23
213.226.59.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:c6:a6:db:1b:ae:bf:de:3d:98:e0:d0:8f:65:01:97:eb:a7:
dd:8c:fb:ba:87:42:e4:90:00:f5:29:52:f3:91:ad:cc:0d:21:
b4:ca:bc:31:ad:1b:77:52:f0:a9:cc:8d:71:9e:23:2b:75:6f:
51:2c:63:4e:2f:55:14:7f:50:99:62:9a:d0:73:75:9d:fc:50:
01:df:54:37:4f:ea:d3:e9:40:fe:98:d9:be:cc:a0:3f:b2:a5:
ac:a2:0f:87:9f:64:d0:29:71:a8:52:b2:d2:98:2a:eb:5a:e7:
c1:ab:b7:41:b9:d1:3a:69:4a:70:06:94:9a:b7:43:c1:d9:27:
d8:2b:f4:89:e2:6f:e7:46:af:45:4d:65:50:c1:b1:0d:74:4f:
2d:06:df:26:65:32:ce:68:f4:da:23:1c:1c:af:5c:0f:19:3a:
b9:ef:0c:1a:21:78:b2:ee:b5:88:07:a9:e9:5e:1f:f7:eb:a4:
40:f9:af:ed:0c:fb:23:f2:d3:cc:cc:e1:5c:03:8a:d9:c0:81:
af:23:ca:c9:f9:ae:a9:00:e1:d8:b1:f8:c3:a5:0c:af:ab:91:
02:9f:27:5f:db:31:92:79:15:20:27:63:bb:82:85:de:b9:d2:
c1:71:95:2a:f3:0d:17:e0:06:9f:e4:a7:99:4a:4c:a9:70:f8:
88:48:30:81
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAY9w9GpIFce4qlIx2DfZwhIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwNTEzMDc1NjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGU3ZWExYmNkYTRmMGU3NTgzYzQwYTFmNTJiOTBiZDAzNGZmYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsT5cwxtRwVuIqAlKgmEJidUt/6s
+qwvhUnheAYKCLtdTrRQGkf7Dj8gNPQWp5DgDOFc79G69JrBS0uNymtGzAf6Jevv
PpUyNIm43sxa5SBlh49E4Ai5G+M7js4iJsKqviO80feIBIVUJAKOyjNgMjsnCEZa
ZgDO9iZHYplVDcJ/nNMunVNqJOooRys3anEUWAHmUvxaIH4aUH3V7jshm6MgMu3m
kLzvTmcD3KdoUcgfkEVmQIYVOi09UDcgtymJLa0BAHWyeN8f3rl92HAfQSvWNPlo
QBpBsrkadvIB1ss3yfzyvTvnGcZrQV9x2lWrq8YEYa2r8M4Z53+y4XIJ9wIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFFjn6hvNpPDnWDxAofUrkL0DT/vvMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvV09mcUc4Mms4T2RZUEVDaDlTdVF2UU5QLS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIwCwMD
ACU/AwQCJT8gAwQCJT9gAwQBPsyaAwQAU2EeAwQBVPwoMAwDBAZVdkADBABVdkow
DAMEAlV2TAMEAFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7eQMEAZf7
fjAMAwQGl/vAAwQAl/vEMAsDBAGX++4DAwKX+AMEBLDeAAMEArmXnAMEAbngoAME
AtRodAMEANXiEQMEANXiEwMEANXiJAMEANXiKAMEANXiMwMEAdXiOAMEANXiOzAN
BgkqhkiG9w0BAQsFAAOCAQEADcam2xuuv949mODQj2UBl+un3Yz7uodC5JAA9SlS
85GtzA0htMq8Ma0bd1LwqcyNcZ4jK3VvUSxjTi9VFH9QmWKa0HN1nfxQAd9UN0/q
0+lA/pjZvsygP7KlrKIPh59k0ClxqFKy0pgq61rnwau3QbnROmlKcAaUmrdDwdkn
2Cv0ieJv50avRU1lUMGxDXRPLQbfJmUyzmj02iMcHK9cDxk6ue8MGiF4su61iAep
6V4f9+ukQPmv7Qz7I/LTzMzhXAOK2cCBryPKyfmuqQDh2LH4w6UMr6uRAp8nX9sx
knkVICdju4KF3rnSwXGVKvMNF+AGn+SnmUpMqXD4iEgwgQ==
-----END CERTIFICATE-----
Generated at Mon Jun 17 15:16:12 2024 by rpki-client on console-fra.rpki-client.org