Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/qrmv0dOFuyyLXT-qvp3ci7aNNc4.roa
File: qrmv0dOFuyyLXT-qvp3ci7aNNc4.roa (raw, json)
Hash identifier: WGmQet72ZG74wI/gcS+6rL2D7dDIujcq11vLp2Uh4+g=
Subject key identifier: AA:B9:AF:D1:D3:85:BB:2C:8B:5D:3F:AA:BE:9D:DC:8B:B6:8D:35:CE
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 0193BB2E6E74DC21A6F4E2911CD1D4C4AA36
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/qrmv0dOFuyyLXT-qvp3ci7aNNc4.roa
Signing time: Thu 12 Dec 2024 14:03:22 +0000
ROA not before: Thu 12 Dec 2024 14:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48347
IP address blocks: 37.228.88.0/22 maxlen: 22
37.228.92.0/24 maxlen: 24
37.228.93.0/24 maxlen: 24
37.228.94.0/24 maxlen: 24
45.10.52.0/24 maxlen: 24
45.10.53.0/24 maxlen: 24
45.10.54.0/24 maxlen: 24
45.10.55.0/24 maxlen: 24
93.95.96.0/24 maxlen: 24
93.95.97.0/24 maxlen: 24
93.95.98.0/23 maxlen: 23
93.95.100.0/22 maxlen: 22
185.41.185.0/24 maxlen: 24
185.41.186.0/24 maxlen: 24
185.41.187.0/24 maxlen: 24
185.148.36.0/24 maxlen: 24
185.148.37.0/24 maxlen: 24
185.148.38.0/24 maxlen: 24
185.148.39.0/24 maxlen: 24
2a00:f440::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:2e:6e:74:dc:21:a6:f4:e2:91:1c:d1:d4:c4:aa:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Dec 12 14:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aab9afd1d385bb2c8b5d3faabe9ddc8bb68d35ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d5:3a:e3:51:6f:49:66:09:ba:21:52:2a:4a:
86:66:de:88:d1:3b:14:d2:bd:b9:a2:b6:05:3d:58:
bf:57:27:81:d0:11:84:d6:fa:03:fc:4b:e7:68:cd:
f5:9d:52:ee:1e:70:25:e6:3b:87:ba:03:aa:f4:a1:
37:51:ca:ef:7f:93:b0:7e:94:43:9e:09:a3:fa:07:
8c:95:cd:d8:08:f7:8e:01:a0:97:b3:42:42:1f:9b:
21:58:dd:53:1c:3a:1b:d2:c4:82:a0:80:d0:26:91:
e2:30:cd:21:55:d6:f5:77:2c:17:23:cc:f2:4c:d5:
cc:a5:8e:28:62:c3:ca:41:65:48:24:81:83:41:ff:
28:1e:89:f2:20:40:e0:48:f1:92:da:58:a0:05:12:
1a:e5:dd:f0:fd:7e:24:70:13:b0:c3:37:62:f7:e8:
b7:26:05:5a:c1:c4:a8:61:d7:94:7c:be:28:24:76:
c7:b5:8b:be:92:e3:26:a7:0b:87:80:b8:15:22:82:
1b:8a:73:9e:82:08:88:7f:38:22:5d:86:1c:c9:de:
76:cb:15:31:4d:74:ed:f3:b6:41:d7:29:a8:b2:e1:
fc:58:7d:66:72:aa:e7:ac:21:b4:a3:cd:c5:7f:fd:
c2:66:52:35:f5:43:dd:ba:da:55:e1:d1:7a:78:be:
52:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B9:AF:D1:D3:85:BB:2C:8B:5D:3F:AA:BE:9D:DC:8B:B6:8D:35:CE
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/qrmv0dOFuyyLXT-qvp3ci7aNNc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.88.0-37.228.94.255
45.10.52.0/22
93.95.96.0/21
185.41.185.0-185.41.187.255
185.148.36.0/22
IPv6:
2a00:f440::/32
Signature Algorithm: sha256WithRSAEncryption
99:c1:6a:0f:d5:4f:45:38:54:48:90:bf:65:05:4d:48:a7:72:
16:f6:60:62:e7:1a:de:e7:58:4f:59:90:51:3c:2f:86:a1:73:
2c:cb:1b:f2:8a:23:68:ed:d7:c8:e3:4a:c4:4b:45:85:b3:6a:
51:7b:23:0e:be:ac:c5:ac:8a:e1:c5:64:e6:e7:fc:43:3c:47:
2e:a1:13:cb:47:e3:f1:19:97:d5:1f:ab:a3:a1:52:89:9e:34:
d1:63:fa:5d:2d:8a:02:f6:ee:e9:10:c0:78:6a:8c:9c:6e:cb:
61:21:58:a3:44:38:24:de:e7:5e:2d:12:d0:e3:b6:bc:4e:d7:
36:ed:24:01:6a:38:d9:92:ed:82:7e:8d:18:a1:83:bc:3e:fd:
e1:4f:54:9e:8e:94:d0:93:a0:30:58:d4:12:5f:f2:e4:98:c2:
32:24:0d:7b:70:7c:68:15:89:99:4c:ad:a6:1b:5b:80:4a:d6:
b0:06:db:4d:43:d1:fc:1f:d0:c5:9e:70:1e:a0:d3:4b:af:c9:
ee:e0:da:42:a9:81:71:1e:ac:6f:c0:a9:7c:15:e3:66:43:51:
e0:00:42:7f:2b:59:10:46:b1:a1:9c:70:14:b9:bb:54:fe:59:
88:fc:9f:25:ed:6c:f3:34:75:0e:38:90:e3:46:a7:b2:93:18:
77:f0:ad:d3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZO7Lm503CGm9OKRHNHUxKo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjQxMjEyMTQwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWI5YWZkMWQzODViYjJjOGI1ZDNmYWFiZTlkZGM4YmI2OGQzNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NU641FvSWYJuiFSKkqGZt6I0TsU
0r25orYFPVi/VyeB0BGE1voD/EvnaM31nVLuHnAl5juHugOq9KE3Ucrvf5OwfpRD
ngmj+geMlc3YCPeOAaCXs0JCH5shWN1THDob0sSCoIDQJpHiMM0hVdb1dywXI8zy
TNXMpY4oYsPKQWVIJIGDQf8oHonyIEDgSPGS2ligBRIa5d3w/X4kcBOwwzdi9+i3
JgVawcSoYdeUfL4oJHbHtYu+kuMmpwuHgLgVIoIbinOeggiIfzgiXYYcyd52yxUx
TXTt87ZB1ymosuH8WH1mcqrnrCG0o83Ff/3CZlI19UPdutpV4dF6eL5S7QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFKq5r9HThbssi10/qr6d3Iu2jTXOMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvcXJtdjBkT0Z1eXlMWFQtcXZwM2NpN2FOTmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTA0BAIAATAuMAwDBAMl5FgD
BAAl5F4DBAItCjQDBANdX2AwDAMEALkpuQMEArkpuAMEArmUJDANBAIAAjAHAwUA
KgD0QDANBgkqhkiG9w0BAQsFAAOCAQEAmcFqD9VPRThUSJC/ZQVNSKdyFvZgYuca
3udYT1mQUTwvhqFzLMsb8oojaO3XyONKxEtFhbNqUXsjDr6sxayK4cVk5uf8QzxH
LqETy0fj8RmX1R+ro6FSiZ400WP6XS2KAvbu6RDAeGqMnG7LYSFYo0Q4JN7nXi0S
0OO2vE7XNu0kAWo42ZLtgn6NGKGDvD794U9Uno6U0JOgMFjUEl/y5JjCMiQNe3B8
aBWJmUytphtbgErWsAbbTUPR/B/QxZ5wHqDTS6/J7uDaQqmBcR6sb8CpfBXjZkNR
4ABCfytZEEaxoZxwFLm7VP5ZiPyfJe1s8zR1DjiQ40anspMYd/Ct0w==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:24:21 2025 by rpki-client