Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/C3GliFmE2e9zcjqpUWICCynjde4.roa
File: C3GliFmE2e9zcjqpUWICCynjde4.roa (raw, json)
Hash identifier: Xm8UlBvvc3TFA79Qmfd/azHP5NQnap4/3z1LqQd7SYM=
Subject key identifier: 0B:71:A5:88:59:84:D9:EF:73:72:3A:A9:51:62:02:0B:29:E3:75:EE
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 019423D73471976818C5DA04D09E9A7C7270
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/C3GliFmE2e9zcjqpUWICCynjde4.roa
Signing time: Wed 01 Jan 2025 21:48:13 +0000
ROA not before: Wed 01 Jan 2025 21:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49434
IP address blocks: 37.44.236.0/24 maxlen: 24
37.44.237.0/24 maxlen: 24
79.110.237.0/24 maxlen: 24
185.142.54.0/24 maxlen: 24
185.142.55.0/24 maxlen: 24
193.177.0.0/24 maxlen: 24
193.177.162.0/24 maxlen: 24
193.178.0.0/24 maxlen: 24
2a09:ca00::/29 maxlen: 29
2a0f:9240::/32 maxlen: 32
2a0f:9240:1300::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 17 Jan 2025 13:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:34:71:97:68:18:c5:da:04:d0:9e:9a:7c:72:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: Jan 1 21:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b71a5885984d9ef73723aa95162020b29e375ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:14:40:30:36:9b:cc:1f:ef:0e:22:e9:89:d6:
28:02:be:41:cf:38:6d:14:0d:dd:31:2e:05:70:ad:
8c:da:ea:94:e6:60:a1:6e:55:18:8a:11:94:06:68:
2c:b5:ee:df:7b:91:05:d6:92:0c:7a:f4:73:27:27:
f9:63:cf:40:e9:21:e1:bc:fd:5d:71:23:46:e8:ae:
cd:16:9f:58:1d:9f:28:0b:d3:de:ca:31:aa:cb:12:
ca:13:29:70:21:8e:ec:d8:93:e8:20:48:ec:ce:3d:
58:ac:b6:cb:f1:31:1a:50:a5:40:c8:85:dc:b5:02:
83:b7:68:f0:71:3f:41:0f:c4:87:d9:88:4b:7d:ea:
a4:ec:f5:36:84:aa:b9:29:12:33:16:14:80:63:2e:
23:34:81:3a:0e:ae:03:8e:23:ec:14:39:50:e7:e8:
8c:81:07:69:02:ba:f0:0d:36:e5:72:93:ff:ba:d9:
83:43:8e:69:6c:79:13:b6:4d:4c:86:87:04:0d:a1:
0e:bf:d5:fb:83:b4:65:fd:23:5f:1b:06:ad:6a:a2:
d4:12:71:69:bd:4c:a4:e1:75:c1:41:09:28:20:0b:
fa:48:f3:93:3e:90:2d:e7:e0:5f:fb:3d:bb:1a:13:
28:18:03:18:44:72:35:ca:53:8a:49:c6:a2:7a:fc:
2e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:71:A5:88:59:84:D9:EF:73:72:3A:A9:51:62:02:0B:29:E3:75:EE
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/C3GliFmE2e9zcjqpUWICCynjde4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.236.0/23
79.110.237.0/24
185.142.54.0/23
193.177.0.0/24
193.177.162.0/24
193.178.0.0/24
IPv6:
2a09:ca00::/29
2a0f:9240::/32
Signature Algorithm: sha256WithRSAEncryption
4e:99:be:af:37:a6:2b:52:fe:67:d8:44:45:95:a9:5f:cc:a8:
09:54:cc:0c:08:d7:c7:53:dd:a2:55:0c:d2:79:1b:13:1e:fc:
3c:7e:6c:39:26:09:f8:61:c0:c3:e3:8b:0d:04:ef:fa:e6:91:
b4:15:1d:13:e0:fe:d7:73:55:08:7c:13:70:f1:2b:43:e4:b2:
7c:b1:de:b5:dc:97:01:5c:92:e0:a8:87:ac:84:bb:f5:26:1a:
33:9b:ca:19:13:9d:6b:93:06:db:ca:05:4a:6d:5d:16:f1:5d:
f2:1e:04:b9:61:0a:6e:53:4c:1f:3c:5a:fe:1c:07:84:f2:e3:
cd:39:2f:b5:58:6e:03:f9:29:d8:a8:33:d4:6c:72:e5:ff:e5:
e2:f8:bc:c7:07:9c:6f:05:d6:33:0d:c1:99:fa:a2:2c:5b:33:
0c:83:8f:ab:58:05:bd:ec:8b:bb:a2:90:02:7b:50:76:90:ce:
9b:c4:7b:a1:74:36:9f:ee:84:8c:2e:60:a7:d2:ea:fc:0e:ba:
2f:56:6d:8b:ab:c2:f3:d2:f9:1d:c0:2c:de:45:0c:4b:e0:93:
46:a8:82:bd:75:81:2a:c2:d3:1c:2d:57:f5:ea:d2:3d:0e:71:
32:c0:f2:6f:53:32:2d:ec:cc:23:16:8b:22:5c:84:03:99:ec:
03:d0:5f:13
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQj1zRxl2gYxdoE0J6afHJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjUwMTAxMjE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjcxYTU4ODU5ODRkOWVmNzM3MjNhYTk1MTYyMDIwYjI5ZTM3NWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBRAMDabzB/vDiLpidYoAr5Bzzht
FA3dMS4FcK2M2uqU5mChblUYihGUBmgste7fe5EF1pIMevRzJyf5Y89A6SHhvP1d
cSNG6K7NFp9YHZ8oC9PeyjGqyxLKEylwIY7s2JPoIEjszj1YrLbL8TEaUKVAyIXc
tQKDt2jwcT9BD8SH2YhLfeqk7PU2hKq5KRIzFhSAYy4jNIE6Dq4DjiPsFDlQ5+iM
gQdpArrwDTblcpP/utmDQ45pbHkTtk1MhocEDaEOv9X7g7Rl/SNfGwataqLUEnFp
vUyk4XXBQQkoIAv6SPOTPpAt5+Bf+z27GhMoGAMYRHI1ylOKScaievwubQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAtxpYhZhNnvc3I6qVFiAgsp43XuMB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEvQzNHbGlGbUUyZTl6Y2pxcFVXSUNDeW5qZGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQBJSzsAwQA
T27tAwQBuY42AwQAwbEAAwQAwbGiAwQAwbIAMBQEAgACMA4DBQMqCcoAAwUAKg+S
QDANBgkqhkiG9w0BAQsFAAOCAQEATpm+rzemK1L+Z9hERZWpX8yoCVTMDAjXx1Pd
olUM0nkbEx78PH5sOSYJ+GHAw+OLDQTv+uaRtBUdE+D+13NVCHwTcPErQ+SyfLHe
tdyXAVyS4KiHrIS79SYaM5vKGROda5MG28oFSm1dFvFd8h4EuWEKblNMHzxa/hwH
hPLjzTkvtVhuA/kp2Kgz1Gxy5f/l4vi8xwecbwXWMw3BmfqiLFszDIOPq1gFveyL
u6KQAntQdpDOm8R7oXQ2n+6EjC5gp9Lq/A66L1Zti6vC89L5HcAs3kUMS+CTRqiC
vXWBKsLTHC1X9erSPQ5xMsDyb1MyLezMIxaLIlyEA5nsA9BfEw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:39:52 2025 by rpki-client