Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/7RBpF6AK1KAI34UahiWuc48ypJM.roa
File: 7RBpF6AK1KAI34UahiWuc48ypJM.roa (raw, json)
Hash identifier: ljENWmXaFjWBMYulOGf6OzG/89YZ8shU6oPgFmRqBd4=
Subject key identifier: ED:10:69:17:A0:0A:D4:A0:08:DF:85:1A:86:25:AE:73:8F:32:A4:93
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 018CB57C19B3449D49DC2E9E8FF466361F62
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/7RBpF6AK1KAI34UahiWuc48ypJM.roa
Signing time: Fri 29 Dec 2023 12:10:58 +0000
ROA not before: Fri 29 Dec 2023 12:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49434
IP address blocks: 37.44.237.0/24 maxlen: 24
185.142.55.0/24 maxlen: 24
185.142.54.0/24 maxlen: 24
193.178.0.0/24 maxlen: 24
193.177.162.0/24 maxlen: 24
193.177.0.0/24 maxlen: 24
2a0f:9240:1300::/40 maxlen: 40
2a0f:9240::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:7c:19:b3:44:9d:49:dc:2e:9e:8f:f4:66:36:1f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: Dec 29 12:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed106917a00ad4a008df851a8625ae738f32a493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d9:60:48:86:ae:48:ef:c0:be:6a:5a:9a:99:
75:ee:4d:01:70:37:ac:10:40:e2:a7:8f:ea:e2:01:
70:9a:3c:07:36:e9:84:b1:da:c6:8a:a2:73:c2:53:
34:e3:aa:24:5b:55:8b:de:3f:d0:cf:71:ae:9e:a9:
2f:8f:bf:db:18:c9:20:95:5c:ce:c4:2b:94:64:1d:
76:0b:b5:0d:1d:33:17:1e:a5:3b:7d:e4:60:2f:eb:
96:4b:72:c5:8a:ed:62:d8:5f:26:52:18:d3:dd:0f:
b4:84:90:c9:02:2f:f7:43:3d:f4:29:72:22:6a:df:
4d:79:79:ab:1b:34:60:e5:45:66:e1:3d:f3:2e:95:
06:dc:bf:0c:08:07:16:71:55:f0:27:89:99:5c:43:
12:8e:d9:dc:f2:77:1e:41:5e:8e:f6:1c:81:8d:fa:
09:e9:61:79:28:13:4e:44:60:9d:63:fe:b4:49:8d:
a1:5c:76:57:63:a8:56:75:e4:9f:72:6c:d5:5e:90:
bb:41:37:25:86:3e:06:1b:4b:0f:14:e2:4f:8f:56:
1d:02:4b:c2:06:50:8b:49:cc:ea:0d:dc:a8:d3:7b:
08:86:65:80:75:ed:3d:3a:8e:cc:8a:d2:6e:29:20:
73:25:90:a3:ae:8c:a7:10:dc:1c:6e:3c:5f:10:b5:
19:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:10:69:17:A0:0A:D4:A0:08:DF:85:1A:86:25:AE:73:8F:32:A4:93
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/7RBpF6AK1KAI34UahiWuc48ypJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.237.0/24
185.142.54.0/23
193.177.0.0/24
193.177.162.0/24
193.178.0.0/24
IPv6:
2a0f:9240::/32
Signature Algorithm: sha256WithRSAEncryption
1f:bc:4f:da:1c:16:59:54:03:51:6f:25:f9:7a:34:59:cb:65:
14:c4:6b:15:74:43:76:f1:94:a1:fd:64:5d:33:94:f2:e0:51:
bc:01:e9:28:4e:92:ac:76:4d:64:2d:d0:52:18:91:c3:05:d8:
f2:98:9c:fa:c3:c3:4f:82:b4:54:f5:d6:5f:5e:44:8a:3c:ae:
c2:01:2e:3f:8a:d9:e7:87:0d:7f:16:45:60:14:e4:73:30:2c:
d9:0e:77:0b:69:ac:c7:34:0e:0a:a3:73:c2:6b:84:60:78:b5:
56:4f:a1:fc:29:b0:62:c9:8b:71:59:95:29:14:34:fe:cf:e9:
c3:7f:fa:f5:7d:71:c6:64:c1:bc:84:ec:2e:a2:be:f8:80:82:
b8:d1:d8:0a:f4:e3:10:26:07:ae:37:ac:6a:c6:d9:55:1d:91:
1e:8e:3f:0b:dc:57:bb:1a:4f:eb:e4:7a:6a:01:af:9f:9b:5a:
bb:ba:dd:36:f2:89:7a:7b:aa:ac:a1:31:47:c7:92:c7:0e:cb:
db:62:88:6e:39:9e:af:76:14:76:a3:11:ab:b1:3d:e4:d4:f7:
2a:11:58:01:70:02:8b:e9:8a:5d:4f:98:be:77:57:7d:36:69:
07:0d:a7:a3:e7:7b:fe:29:eb:2a:01:a9:59:c2:c6:25:48:ad:
cc:a8:11:52
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYy1fBmzRJ1J3C6ej/RmNh9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjMxMjI5MTIxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDEwNjkxN2EwMGFkNGEwMDhkZjg1MWE4NjI1YWU3MzhmMzJhNDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNlgSIauSO/Avmpampl17k0BcDes
EEDip4/q4gFwmjwHNumEsdrGiqJzwlM046okW1WL3j/Qz3Gunqkvj7/bGMkglVzO
xCuUZB12C7UNHTMXHqU7feRgL+uWS3LFiu1i2F8mUhjT3Q+0hJDJAi/3Qz30KXIi
at9NeXmrGzRg5UVm4T3zLpUG3L8MCAcWcVXwJ4mZXEMSjtnc8nceQV6O9hyBjfoJ
6WF5KBNORGCdY/60SY2hXHZXY6hWdeSfcmzVXpC7QTclhj4GG0sPFOJPj1YdAkvC
BlCLSczqDdyo03sIhmWAde09Oo7MitJuKSBzJZCjroynENwcbjxfELUZ3wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFO0QaRegCtSgCN+FGoYlrnOPMqSTMB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEvN1JCcEY2QUsxS0FJMzRVYWhpV3VjNDh5cEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJSztAwQB
uY42AwQAwbEAAwQAwbGiAwQAwbIAMA0EAgACMAcDBQAqD5JAMA0GCSqGSIb3DQEB
CwUAA4IBAQAfvE/aHBZZVANRbyX5ejRZy2UUxGsVdEN28ZSh/WRdM5Ty4FG8Aeko
TpKsdk1kLdBSGJHDBdjymJz6w8NPgrRU9dZfXkSKPK7CAS4/itnnhw1/FkVgFORz
MCzZDncLaazHNA4Ko3PCa4RgeLVWT6H8KbBiyYtxWZUpFDT+z+nDf/r1fXHGZMG8
hOwuor74gIK40dgK9OMQJgeuN6xqxtlVHZEejj8L3Fe7Gk/r5HpqAa+fm1q7ut02
8ol6e6qsoTFHx5LHDsvbYohuOZ6vdhR2oxGrsT3k1PcqEVgBcAKL6YpdT5i+d1d9
NmkHDaej53v+KesqAalZwsYlSK3MqBFS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:49 2024 by rpki-client on console-fra.rpki-client.org