Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/_dkTYNCxQrCeBAajiXfReCvQ5hE.roa
File: _dkTYNCxQrCeBAajiXfReCvQ5hE.roa (raw, json)
Hash identifier: qlErhsKhFRCo3EmXjZRyGZaHiK2i+tOD3varKilZPu8=
Subject key identifier: FD:D9:13:60:D0:B1:42:B0:9E:04:06:A3:89:77:D1:78:2B:D0:E6:11
Certificate issuer: /CN=36574be6ae76cd523b33787cfbdb69264263d074
Certificate serial: 018CC7276333BFB5A02E5AE970B954D79EAD
Authority key identifier: 36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/_dkTYNCxQrCeBAajiXfReCvQ5hE.roa
Signing time: Mon 01 Jan 2024 22:31:36 +0000
ROA not before: Mon 01 Jan 2024 22:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62007
IP address blocks: 185.36.53.0/24 maxlen: 24
185.36.52.0/22 maxlen: 22
185.36.52.0/24 maxlen: 24
185.36.55.0/24 maxlen: 24
185.36.54.0/24 maxlen: 24
84.246.144.0/24 maxlen: 24
84.246.144.0/22 maxlen: 22
84.246.145.0/24 maxlen: 24
84.246.150.0/24 maxlen: 24
84.246.149.0/24 maxlen: 24
84.246.151.0/24 maxlen: 24
84.246.146.0/24 maxlen: 24
84.246.148.0/22 maxlen: 22
84.246.148.0/24 maxlen: 24
84.246.147.0/24 maxlen: 24
37.221.96.0/22 maxlen: 22
37.221.96.0/24 maxlen: 24
37.221.98.0/24 maxlen: 24
37.221.97.0/24 maxlen: 24
185.67.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:63:33:bf:b5:a0:2e:5a:e9:70:b9:54:d7:9e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36574be6ae76cd523b33787cfbdb69264263d074
Validity
Not Before: Jan 1 22:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdd91360d0b142b09e0406a38977d1782bd0e611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:41:5a:86:f8:ab:f5:d4:75:02:d7:d6:24:06:
e5:21:22:d0:10:59:11:fa:cc:34:13:0e:b3:17:52:
77:f1:7b:27:fc:48:17:7b:d6:25:e0:dc:4c:1c:ad:
31:2e:56:79:b0:7d:5c:d6:ce:f4:07:f3:8a:15:73:
92:c9:ee:51:8e:2e:5f:00:3e:87:db:22:c3:13:8b:
0c:b1:83:bd:0c:6b:b8:24:2d:e7:88:bc:00:07:0b:
e0:45:47:75:ee:88:d9:18:32:d6:85:28:6a:59:25:
12:94:d4:92:4e:be:41:61:ca:f1:e9:45:47:d4:00:
42:ed:73:d5:f5:92:42:8c:ba:06:6c:e3:35:2f:d3:
e4:ab:d7:f2:cf:09:01:cb:10:d0:84:fc:91:eb:e2:
a1:7a:99:1d:04:79:18:9b:dd:4f:67:a6:df:7c:5b:
e7:bb:b5:ac:f9:bd:19:4a:da:9d:cf:4b:53:40:7c:
44:cc:06:65:ed:8f:5f:59:5a:a5:87:77:70:03:6b:
43:a8:5d:ec:0c:73:1d:c3:36:6f:b1:2d:a9:df:08:
ba:b9:46:f0:f8:b8:53:28:27:d9:0f:3f:f7:89:db:
0b:a4:0a:5c:8c:a8:2b:8e:0c:1a:7a:70:fa:7b:f9:
58:5d:a3:b3:0b:b0:21:9a:bf:44:36:e7:aa:fd:7e:
4f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D9:13:60:D0:B1:42:B0:9E:04:06:A3:89:77:D1:78:2B:D0:E6:11
X509v3 Authority Key Identifier:
keyid:36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/_dkTYNCxQrCeBAajiXfReCvQ5hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/NldL5q52zVI7M3h8-9tpJkJj0HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.96.0/22
84.246.144.0/21
185.36.52.0/22
185.67.239.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:25:43:2a:6f:ae:5b:1d:81:fa:59:d1:b7:f2:09:f6:a6:40:
b1:e5:37:62:80:3e:f9:e4:81:b2:0a:0a:56:ac:f8:9e:9f:9c:
8a:ed:79:a5:47:ef:44:d4:47:2d:6b:df:6b:01:3b:dc:55:88:
ac:8d:88:36:16:cf:f1:63:4d:85:bb:7b:a8:e5:e0:da:84:13:
9a:60:0c:6b:60:87:b9:44:5a:07:24:f5:e1:b0:65:2c:b1:c0:
3d:71:d3:62:a6:d9:fb:33:b7:15:30:45:4f:fb:ea:17:95:18:
d0:db:fe:53:3d:05:61:f6:7f:b1:80:b7:2f:57:6d:29:e8:6f:
c0:84:2e:54:03:ea:4e:7c:85:09:20:32:b7:4e:52:55:30:d3:
14:de:87:74:c6:1a:90:f9:d9:4a:f2:41:53:7e:7b:c3:6d:b2:
33:d5:f2:53:64:23:fa:87:3a:56:25:1e:3a:46:a5:f5:d2:07:
f8:57:8a:0d:12:5e:50:88:23:83:38:c3:f6:d2:b6:a2:9a:ae:
b2:f5:8a:68:df:a4:b4:b4:89:be:9c:f1:05:4a:44:de:3f:4a:
68:8d:b1:57:33:a8:32:74:32:7a:3c:bf:54:fa:78:7c:51:99:
77:67:e7:d5:88:b0:56:dd:29:34:c7:fd:8f:c2:c2:3d:75:ec:
09:70:ac:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJ2Mzv7WgLlrpcLlU156tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NTc0YmU2YWU3NmNkNTIzYjMzNzg3Y2ZiZGI2OTI2NDI2
M2QwNzQwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGQ5MTM2MGQwYjE0MmIwOWUwNDA2YTM4OTc3ZDE3ODJiZDBlNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkFahvir9dR1AtfWJAblISLQEFkR
+sw0Ew6zF1J38Xsn/EgXe9Yl4NxMHK0xLlZ5sH1c1s70B/OKFXOSye5Rji5fAD6H
2yLDE4sMsYO9DGu4JC3niLwABwvgRUd17ojZGDLWhShqWSUSlNSSTr5BYcrx6UVH
1ABC7XPV9ZJCjLoGbOM1L9Pkq9fyzwkByxDQhPyR6+KhepkdBHkYm91PZ6bffFvn
u7Ws+b0ZStqdz0tTQHxEzAZl7Y9fWVqlh3dwA2tDqF3sDHMdwzZvsS2p3wi6uUbw
+LhTKCfZDz/3idsLpApcjKgrjgwaenD6e/lYXaOzC7Ahmr9ENueq/X5PUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP3ZE2DQsUKwngQGo4l30Xgr0OYRMB8GA1UdIwQY
MBaAFDZXS+auds1SOzN4fPvbaSZCY9B0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmxkTDVxNTJ6Vkk3TTNoOC05dHBKa0pqMEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS83ZTFkOTQtMTg1NC00NzNkLTg3NTMt
MThkZWQ4MGI0YjVkLzEvX2RrVFlOQ3hRckNlQkFhamlYZlJlQ3ZRNWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS83ZTFkOTQtMTg1NC00NzNkLTg3NTMtMThkZWQ4MGI0YjVk
LzEvTmxkTDVxNTJ6Vkk3TTNoOC05dHBKa0pqMEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJd1gAwQD
VPaQAwQCuSQ0AwQAuUPvMA0GCSqGSIb3DQEBCwUAA4IBAQCcJUMqb65bHYH6WdG3
8gn2pkCx5TdigD755IGyCgpWrPien5yK7XmlR+9E1Ecta99rATvcVYisjYg2Fs/x
Y02Fu3uo5eDahBOaYAxrYIe5RFoHJPXhsGUsscA9cdNiptn7M7cVMEVP++oXlRjQ
2/5TPQVh9n+xgLcvV20p6G/AhC5UA+pOfIUJIDK3TlJVMNMU3od0xhqQ+dlK8kFT
fnvDbbIz1fJTZCP6hzpWJR46RqX10gf4V4oNEl5QiCODOMP20raimq6y9Ypo36S0
tIm+nPEFSkTeP0pojbFXM6gydDJ6PL9U+nh8UZl3Z+fViLBW3Sk0x/2PwsI9dewJ
cKze
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:13:35 2025 by rpki-client