Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/XgQgy7E2dworCmDjWNVXebcnn7A.roa
File: XgQgy7E2dworCmDjWNVXebcnn7A.roa (raw, json)
Hash identifier: 4HR4wM3JGVUzXL7Gt9H6aCqNIaW6enlRMnQiS7Sg3eM=
Subject key identifier: 5E:04:20:CB:B1:36:77:0A:2B:0A:60:E3:58:D5:57:79:B7:27:9F:B0
Certificate issuer: /CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Certificate serial: 0194ADBEBE51DE21EC7F31E4261A530E62E9
Authority key identifier: 90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/XgQgy7E2dworCmDjWNVXebcnn7A.roa
Signing time: Tue 28 Jan 2025 16:29:06 +0000
ROA not before: Tue 28 Jan 2025 16:29:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197979
IP address blocks: 37.130.49.0/24 maxlen: 24
37.130.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 12:59:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:be:be:51:de:21:ec:7f:31:e4:26:1a:53:0e:62:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Validity
Not Before: Jan 28 16:29:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e0420cbb136770a2b0a60e358d55779b7279fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:31:7a:87:fc:81:8b:94:02:d0:05:56:32:81:
dd:ee:09:38:02:42:dd:ec:b0:ba:25:24:0d:58:89:
03:83:b3:e6:ed:48:90:06:f4:6b:b8:10:11:2e:2f:
f8:e3:55:76:6c:bf:6e:92:39:6d:79:8d:69:2c:74:
58:06:ee:03:36:14:03:e0:a1:1e:c2:d5:d5:d3:ac:
23:13:51:20:e6:54:3d:e2:68:8d:db:3f:83:76:66:
09:d3:fe:9b:f8:68:dd:75:40:67:43:f0:4a:11:a7:
b2:5b:8a:66:6f:52:b8:9a:31:88:0f:b9:db:c1:82:
1f:df:5c:42:25:13:ea:55:b8:b4:cb:df:ec:d8:ba:
d3:f9:67:3f:6e:6c:c7:f4:7d:c6:a6:d5:af:4a:fa:
12:c2:7a:7a:4e:95:3c:fe:50:d5:77:cd:f3:85:3e:
a6:81:b0:08:4c:0c:09:4a:f7:07:42:34:29:00:0e:
b2:3a:06:25:d2:4e:1d:98:39:38:8f:73:d9:98:34:
eb:01:38:7d:65:b4:7a:a6:8f:be:7c:9c:53:c3:ca:
f1:be:88:6c:8f:cf:a5:aa:f1:c5:8f:a7:10:46:a8:
f3:3a:e2:d0:46:99:39:5f:50:d4:5b:35:8e:75:ee:
12:d5:df:44:f4:09:86:f4:76:ec:9c:7a:1a:60:b3:
9d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:04:20:CB:B1:36:77:0A:2B:0A:60:E3:58:D5:57:79:B7:27:9F:B0
X509v3 Authority Key Identifier:
keyid:90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/XgQgy7E2dworCmDjWNVXebcnn7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.49.0/24
37.130.55.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:7c:25:58:e2:78:ad:9b:b5:81:0d:8e:b3:ae:15:77:c3:13:
0c:25:26:eb:8e:18:5e:ab:4c:15:32:c9:9c:63:e4:4a:c2:ad:
2f:9f:53:7c:dd:f6:72:e4:9d:23:ac:a9:db:87:8e:d2:d3:b3:
f5:2a:cb:4e:3a:ef:38:07:2a:fc:4d:2d:d2:c1:77:b0:06:4d:
d0:91:8c:c6:3b:33:e2:71:b3:47:ad:d8:15:b3:99:59:ed:35:
16:80:7e:ff:3a:05:83:b7:eb:2d:2e:70:b2:60:34:3f:ad:bb:
09:8a:06:7d:e5:a1:ea:bb:4e:eb:f2:69:83:1a:74:3d:b5:f5:
18:4a:0c:9b:52:8b:59:98:d2:68:e6:fc:2d:d1:92:90:9c:1e:
53:8b:af:f5:15:35:e6:f7:d2:af:df:d2:fe:a2:79:c3:a9:ce:
e4:00:c6:92:7a:8d:bc:f6:36:44:c9:61:e6:ac:01:68:51:fa:
8d:57:96:ff:b5:c5:40:40:13:94:5a:3c:5c:7a:51:9b:44:dd:
c5:b2:a9:df:fd:f6:05:39:21:ac:c0:c9:ea:25:01:47:32:82:
90:61:d6:24:6a:a3:3f:65:36:c8:3b:04:0d:34:44:07:95:0d:
38:f3:b0:29:f9:36:cf:fd:ee:79:3a:51:1e:38:77:03:44:62:
94:3f:16:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZStvr5R3iHsfzHkJhpTDmLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjhhMTU0NjZjM2ZmMWU5MTVkNzgwYTEwYjBiYWE5YWQ2
OTQ4NjAwHhcNMjUwMTI4MTYyOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA0MjBjYmIxMzY3NzBhMmIwYTYwZTM1OGQ1NTc3OWI3Mjc5ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TF6h/yBi5QC0AVWMoHd7gk4AkLd
7LC6JSQNWIkDg7Pm7UiQBvRruBARLi/441V2bL9ukjlteY1pLHRYBu4DNhQD4KEe
wtXV06wjE1Eg5lQ94miN2z+DdmYJ0/6b+GjddUBnQ/BKEaeyW4pmb1K4mjGID7nb
wYIf31xCJRPqVbi0y9/s2LrT+Wc/bmzH9H3GptWvSvoSwnp6TpU8/lDVd83zhT6m
gbAITAwJSvcHQjQpAA6yOgYl0k4dmDk4j3PZmDTrATh9ZbR6po++fJxTw8rxvohs
j8+lqvHFj6cQRqjzOuLQRpk5X1DUWzWOde4S1d9E9AmG9HbsnHoaYLOdOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF4EIMuxNncKKwpg41jVV3m3J5+wMB8GA1UdIwQY
MBaAFJC4oVRmw/8ekV14ChCwuqmtaUhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDct
NzhlOTk3ODY5OTUyLzEvWGdRZ3k3RTJkd29yQ21EaldOVlhlYmNubjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDctNzhlOTk3ODY5OTUy
LzEva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJYIxAwQA
JYI3MA0GCSqGSIb3DQEBCwUAA4IBAQCsfCVY4nitm7WBDY6zrhV3wxMMJSbrjhhe
q0wVMsmcY+RKwq0vn1N83fZy5J0jrKnbh47S07P1KstOOu84Byr8TS3SwXewBk3Q
kYzGOzPicbNHrdgVs5lZ7TUWgH7/OgWDt+stLnCyYDQ/rbsJigZ95aHqu07r8mmD
GnQ9tfUYSgybUotZmNJo5vwt0ZKQnB5Ti6/1FTXm99Kv39L+onnDqc7kAMaSeo28
9jZEyWHmrAFoUfqNV5b/tcVAQBOUWjxcelGbRN3Fsqnf/fYFOSGswMnqJQFHMoKQ
YdYkaqM/ZTbIOwQNNEQHlQ0487Ap+TbP/e55OlEeOHcDRGKUPxYz
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:10:22 2025 by rpki-client