Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/Q7XsVYT4QFMla_zk6URMJpR3854.roa
File: Q7XsVYT4QFMla_zk6URMJpR3854.roa (raw, json)
Hash identifier: klN4LB2tpDAXkHWiZLMeblLlx3EHN9/lN4tsrfZVjSU=
Subject key identifier: 43:B5:EC:55:84:F8:40:53:25:6B:FC:E4:E9:44:4C:26:94:77:F3:9E
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01939BA6872E8CE63A870D8DD40E76814B62
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/Q7XsVYT4QFMla_zk6URMJpR3854.roa
Signing time: Fri 06 Dec 2024 11:06:42 +0000
ROA not before: Fri 06 Dec 2024 11:06:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44486
IP address blocks: 37.114.32.0/24 maxlen: 24
37.114.33.0/24 maxlen: 24
37.114.34.0/24 maxlen: 24
37.114.35.0/24 maxlen: 24
37.114.36.0/24 maxlen: 24
37.114.38.0/23 maxlen: 24
37.114.42.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.47.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
37.114.53.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.56.0/24 maxlen: 24
37.114.57.0/24 maxlen: 24
37.114.59.0/24 maxlen: 24
37.114.60.0/24 maxlen: 24
37.114.61.0/24 maxlen: 24
37.114.62.0/24 maxlen: 24
43.251.162.0/23 maxlen: 23
103.252.88.0/22 maxlen: 22
176.100.32.0/24 maxlen: 24
176.100.33.0/24 maxlen: 24
176.100.34.0/24 maxlen: 24
176.100.35.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
185.14.94.0/24 maxlen: 24
185.14.95.0/24 maxlen: 24
2a00:ccc1:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 26 Dec 2024 13:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:a6:87:2e:8c:e6:3a:87:0d:8d:d4:0e:76:81:4b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Dec 6 11:06:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43b5ec5584f84053256bfce4e9444c269477f39e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3b:00:e8:59:14:56:2d:db:cb:a3:fc:a5:42:
02:74:77:a4:7d:1f:be:ec:f6:e3:c9:4d:34:59:31:
a6:2d:e4:5e:05:9b:88:55:ee:8d:46:6a:2e:d1:0a:
85:ac:70:03:aa:fd:28:98:7d:93:27:57:f7:90:10:
33:17:2f:f4:35:60:18:19:4d:0e:03:63:6d:5e:ec:
82:c2:f0:30:16:39:8e:eb:68:26:74:92:98:25:07:
16:46:35:89:df:e0:b6:4d:4a:c9:ce:e4:27:13:2a:
e0:c5:26:d3:e7:58:45:81:ef:09:af:26:05:29:e7:
31:1c:06:fe:4d:d2:41:15:73:41:f5:4f:58:ff:a5:
82:8b:c8:51:cc:e1:ac:52:65:38:00:cf:b4:1f:98:
c5:5f:b5:bd:c7:0a:96:97:6b:1e:1d:f7:35:0e:24:
21:d9:cb:d5:3e:c0:83:b7:5a:64:c8:3e:26:f3:b1:
90:42:d5:43:1d:b8:53:28:32:e0:37:bf:80:45:1b:
f9:f9:f0:98:be:c6:bb:e0:b2:16:7d:ae:0e:40:60:
1f:3d:19:5a:55:5f:31:bc:79:52:5b:bc:d5:ac:ee:
6c:15:a8:f1:8b:a6:30:54:ba:d6:62:12:67:a4:8f:
c5:9e:30:23:05:e6:4c:b3:ea:88:b9:06:c0:80:0c:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B5:EC:55:84:F8:40:53:25:6B:FC:E4:E9:44:4C:26:94:77:F3:9E
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/Q7XsVYT4QFMla_zk6URMJpR3854.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0-37.114.36.255
37.114.38.0/23
37.114.42.0/23
37.114.45.0/24
37.114.47.0-37.114.49.255
37.114.51.0-37.114.53.255
37.114.55.0-37.114.57.255
37.114.59.0-37.114.62.255
43.251.162.0/23
103.252.88.0/22
176.100.32.0/22
176.100.38.0/24
185.14.94.0/23
IPv6:
2a00:ccc1:100::/40
Signature Algorithm: sha256WithRSAEncryption
5b:e5:97:2c:15:48:08:16:eb:b1:74:2d:56:63:43:fb:5b:cf:
b3:4c:cf:f3:e0:ff:5a:4d:3c:3d:28:ce:d1:78:ef:9e:48:f0:
6f:d0:a0:7d:c3:23:47:22:52:7a:aa:db:17:17:8e:1f:78:52:
5c:b0:e7:8d:1a:6f:2f:bc:4c:8e:e0:3c:1e:dc:36:98:e8:1b:
bf:a0:30:05:bd:0a:49:83:f6:df:68:7a:ad:f8:37:f0:43:79:
8e:47:2b:b6:fe:37:28:40:de:75:3e:2b:41:3b:9e:1b:b8:df:
2f:b4:93:81:c5:6f:c1:d7:17:a3:da:6a:a0:33:68:a4:d7:30:
17:00:a0:d5:f9:ca:8a:fc:a2:eb:cb:62:c7:be:56:4f:bd:4e:
b0:85:b2:9c:07:dc:89:fd:65:24:ce:0a:dc:93:28:7a:e2:6c:
06:5b:82:82:bf:69:36:e1:ef:88:85:95:e2:d3:6f:65:23:d5:
75:a5:b5:1e:55:0e:fa:0a:2b:26:03:80:96:50:dd:e9:7a:2d:
67:b1:fb:a0:62:b1:c1:f2:4e:ab:50:dc:37:87:22:d4:54:76:
60:9f:f9:9b:d2:90:dd:a3:74:85:c7:a4:ff:a9:76:04:0e:36:
16:ec:c8:6d:7a:cc:76:01:fc:48:c5:19:5b:d3:6b:ca:47:8c:
0a:67:15:85
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZObpocujOY6hw2N1A52gUtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQxMjA2MTEwNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2I1ZWM1NTg0Zjg0MDUzMjU2YmZjZTRlOTQ0NGMyNjk0NzdmMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jsA6FkUVi3by6P8pUICdHekfR++
7PbjyU00WTGmLeReBZuIVe6NRmou0QqFrHADqv0omH2TJ1f3kBAzFy/0NWAYGU0O
A2NtXuyCwvAwFjmO62gmdJKYJQcWRjWJ3+C2TUrJzuQnEyrgxSbT51hFge8JryYF
KecxHAb+TdJBFXNB9U9Y/6WCi8hRzOGsUmU4AM+0H5jFX7W9xwqWl2seHfc1DiQh
2cvVPsCDt1pkyD4m87GQQtVDHbhTKDLgN7+ARRv5+fCYvsa74LIWfa4OQGAfPRla
VV8xvHlSW7zVrO5sFajxi6YwVLrWYhJnpI/FnjAjBeZMs+qIuQbAgAyqlwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFEO17FWE+EBTJWv85OlETCaUd/OeMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvUTdYc1ZZVDRRRk1sYV96azZVUk1KcFIzODU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB8BAIAATB2MAwDBAUl
ciADBAAlciQDBAElciYDBAElcioDBAAlci0wDAMEACVyLwMEASVyMDAMAwQAJXIz
AwQBJXI0MAwDBAAlcjcDBAElcjgwDAMEACVyOwMEACVyPgMEASv7ogMEAmf8WAME
ArBkIAMEALBkJgMEAbkOXjAOBAIAAjAIAwYAKgDMwQEwDQYJKoZIhvcNAQELBQAD
ggEBAFvllywVSAgW67F0LVZjQ/tbz7NMz/Pg/1pNPD0oztF4755I8G/QoH3DI0ci
Unqq2xcXjh94Ulyw540aby+8TI7gPB7cNpjoG7+gMAW9CkmD9t9oeq34N/BDeY5H
K7b+NyhA3nU+K0E7nhu43y+0k4HFb8HXF6PaaqAzaKTXMBcAoNX5yor8ouvLYse+
Vk+9TrCFspwH3In9ZSTOCtyTKHribAZbgoK/aTbh74iFleLTb2Uj1XWltR5VDvoK
KyYDgJZQ3el6LWex+6BiscHyTqtQ3DeHItRUdmCf+ZvSkN2jdIXHpP+pdgQONhbs
yG16zHYB/EjFGVvTa8pHjApnFYU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:34:35 2025 by rpki-client