Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/kGRfYazG4Ar3LQQBAgc5rVaNUY8.roa
File: kGRfYazG4Ar3LQQBAgc5rVaNUY8.roa (raw, json)
Hash identifier: OijJIwwjx5aDbwEhKzVyFgKEPH1LrdLL+aVo58KLqAw=
Subject key identifier: 90:64:5F:61:AC:C6:E0:0A:F7:2D:04:01:02:07:39:AD:56:8D:51:8F
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 018CC727361F3C739E084B8573EA1D569B7C
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/kGRfYazG4Ar3LQQBAgc5rVaNUY8.roa
Signing time: Mon 01 Jan 2024 22:31:24 +0000
ROA not before: Mon 01 Jan 2024 22:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49434
IP address blocks: 37.44.237.0/24 maxlen: 24
185.142.55.0/24 maxlen: 24
185.142.54.0/24 maxlen: 24
193.178.0.0/24 maxlen: 24
193.177.162.0/24 maxlen: 24
193.177.0.0/24 maxlen: 24
2a0f:9240:1300::/40 maxlen: 40
2a0f:9240::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 11:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:36:1f:3c:73:9e:08:4b:85:73:ea:1d:56:9b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: Jan 1 22:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90645f61acc6e00af72d0401020739ad568d518f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d0:c4:99:48:60:38:7c:a4:9c:9f:6f:71:6e:
a9:df:74:37:f1:04:7f:f7:f3:29:93:63:b9:e5:e1:
25:e4:59:34:2c:ff:3e:90:0a:6b:8d:93:bb:59:fb:
03:95:53:a2:77:b4:4d:b0:a6:92:bf:ad:54:b1:bb:
41:d9:af:9b:b9:41:54:24:52:c8:49:3d:e1:86:54:
31:c0:6b:8f:90:d9:e5:af:f0:ea:7b:0f:b4:03:3f:
6c:f1:75:ae:0b:cb:2d:25:79:c5:d2:13:f1:d4:0a:
48:83:61:63:38:de:5f:2f:23:cd:cd:7a:96:e0:e8:
5b:26:db:a2:a6:da:2a:f7:77:16:26:c0:66:95:c9:
2d:07:ba:24:99:a1:cf:08:e5:f9:70:0f:a6:36:c6:
f0:ce:88:7e:6b:6c:95:5b:bd:3d:b8:ff:fc:33:0e:
5e:9d:b6:27:6f:af:64:dd:32:22:42:33:5c:b2:51:
eb:2c:3c:45:22:55:1e:c2:13:bf:1c:dc:5f:a5:99:
81:fb:1c:06:87:26:ec:32:d6:b7:dc:7b:6b:6f:cc:
54:18:e5:59:3a:cb:80:e2:5c:57:4e:1c:1d:0a:09:
d8:3d:d1:38:95:54:19:d9:8c:ef:ea:05:12:5a:80:
bb:64:f7:78:9b:a8:42:bc:c9:35:2d:ea:d9:8e:74:
03:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:64:5F:61:AC:C6:E0:0A:F7:2D:04:01:02:07:39:AD:56:8D:51:8F
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/kGRfYazG4Ar3LQQBAgc5rVaNUY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.237.0/24
185.142.54.0/23
193.177.0.0/24
193.177.162.0/24
193.178.0.0/24
IPv6:
2a0f:9240::/32
Signature Algorithm: sha256WithRSAEncryption
45:ff:fd:a4:52:94:d5:bd:fa:03:63:17:fe:0e:8a:57:0b:e0:
4d:a3:86:44:63:50:d0:28:6c:6c:1b:f3:ed:6e:66:3c:ee:1e:
d3:ef:4a:74:84:d0:3b:65:97:21:b9:d2:a3:bc:05:7f:72:58:
2d:76:f8:6c:ac:55:5b:59:88:fd:f6:d3:4c:ca:76:80:a6:ae:
39:ac:36:bf:bc:7a:dc:9d:72:b7:54:9c:8d:97:2d:8a:e3:91:
12:ad:6a:de:0c:11:02:bd:41:46:8d:f9:5e:44:f6:7c:12:a5:
62:a4:3d:df:94:b7:ec:22:08:2a:b2:61:cf:f6:63:1e:7f:0f:
17:32:f3:20:37:7e:90:5f:a7:f8:03:67:b6:75:c1:ed:e5:14:
a7:94:74:4d:ac:2a:fb:6f:20:c9:6e:5a:3e:23:96:02:62:9f:
0d:c9:b0:05:b1:01:d9:1d:1d:ca:cf:a9:72:d3:59:e6:a0:cc:
4e:77:aa:f4:9a:f7:c0:15:7d:b6:8a:d5:e6:24:82:38:d8:44:
7a:d6:5b:e0:27:61:fe:7c:83:07:36:cc:73:7c:3e:4b:da:a5:
88:e9:11:27:2b:c5:86:2b:da:e0:ef:f2:96:d8:3c:93:89:31:
b8:a9:0f:bb:50:99:6f:8d:cd:53:b0:bf:c2:cc:e0:69:22:15:
5f:c1:82:23
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHJzYfPHOeCEuFc+odVpt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjQwMTAxMjIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDY0NWY2MWFjYzZlMDBhZjcyZDA0MDEwMjA3MzlhZDU2OGQ1MThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39DEmUhgOHyknJ9vcW6p33Q38QR/
9/Mpk2O55eEl5Fk0LP8+kAprjZO7WfsDlVOid7RNsKaSv61UsbtB2a+buUFUJFLI
ST3hhlQxwGuPkNnlr/Dqew+0Az9s8XWuC8stJXnF0hPx1ApIg2FjON5fLyPNzXqW
4OhbJtuiptoq93cWJsBmlcktB7okmaHPCOX5cA+mNsbwzoh+a2yVW709uP/8Mw5e
nbYnb69k3TIiQjNcslHrLDxFIlUewhO/HNxfpZmB+xwGhybsMta33Htrb8xUGOVZ
OsuA4lxXThwdCgnYPdE4lVQZ2Yzv6gUSWoC7ZPd4m6hCvMk1LerZjnQDEwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJBkX2GsxuAK9y0EAQIHOa1WjVGPMB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEva0dSZllhekc0QXIzTFFRQkFnYzVyVmFOVVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJSztAwQB
uY42AwQAwbEAAwQAwbGiAwQAwbIAMA0EAgACMAcDBQAqD5JAMA0GCSqGSIb3DQEB
CwUAA4IBAQBF//2kUpTVvfoDYxf+DopXC+BNo4ZEY1DQKGxsG/PtbmY87h7T70p0
hNA7ZZchudKjvAV/clgtdvhsrFVbWYj99tNMynaApq45rDa/vHrcnXK3VJyNly2K
45ESrWreDBECvUFGjfleRPZ8EqVipD3flLfsIggqsmHP9mMefw8XMvMgN36QX6f4
A2e2dcHt5RSnlHRNrCr7byDJblo+I5YCYp8NybAFsQHZHR3Kz6ly01nmoMxOd6r0
mvfAFX22itXmJII42ER61lvgJ2H+fIMHNsxzfD5L2qWI6REnK8WGK9rg7/KW2DyT
iTG4qQ+7UJlvjc1TsL/CzOBpIhVfwYIj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:49 2024 by rpki-client on console-fra.rpki-client.org