Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/3gLNTkxl3pNETsrFpVa4e0BpYOk.roa
File: 3gLNTkxl3pNETsrFpVa4e0BpYOk.roa (raw, json)
Hash identifier: iomXu2tuHeFh4oB+oCyHvGv4yPLJm2XPltqLcpYhB6A=
Subject key identifier: DE:02:CD:4E:4C:65:DE:93:44:4E:CA:C5:A5:56:B8:7B:40:69:60:E9
Certificate issuer: /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial: 018CC86F7B90B29216DE07CFAFA842E62815
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/3gLNTkxl3pNETsrFpVa4e0BpYOk.roa
Signing time: Tue 02 Jan 2024 04:29:58 +0000
ROA not before: Tue 02 Jan 2024 04:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58075
IP address blocks: 37.235.80.0/21 maxlen: 24
45.154.44.0/22 maxlen: 24
185.43.20.0/22 maxlen: 24
185.21.52.0/22 maxlen: 24
195.96.158.0/24 maxlen: 24
2a04:9380::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 09 Sep 2024 10:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:7b:90:b2:92:16:de:07:cf:af:a8:42:e6:28:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
Validity
Not Before: Jan 2 04:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de02cd4e4c65de93444ecac5a556b87b406960e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8f:bf:88:35:ff:bb:3c:6a:40:81:35:da:31:
fd:94:d0:bb:33:0c:01:69:14:90:48:ce:52:88:e6:
f7:61:07:eb:a5:70:39:2c:52:b8:0f:22:5b:cf:1b:
67:6a:c2:6c:7e:e3:ee:8c:b7:33:df:22:05:ac:1f:
62:20:8e:4f:57:b8:03:e5:1d:b0:37:10:88:f8:95:
d0:d6:a2:8e:aa:c7:66:7c:dc:3f:9c:a6:c7:e5:fe:
f4:11:fa:70:1f:1d:54:33:40:86:6b:86:ff:aa:5a:
1a:ce:4f:93:37:26:d3:4c:26:da:36:5e:76:ba:39:
c2:1f:f8:e5:75:5e:99:4a:50:8b:4c:60:55:1d:22:
76:4f:42:18:2f:70:81:7b:fc:23:b6:31:d7:f6:95:
e2:18:5d:5a:a6:d7:21:4d:44:50:e5:4e:2a:22:b6:
dc:ad:4a:8f:27:67:52:dd:0b:10:90:97:a9:ff:fe:
98:05:d1:c6:00:b5:ae:78:d5:72:8f:d4:5c:cf:bc:
2b:5f:1d:26:6f:d4:22:61:a4:f7:12:26:e2:1d:c2:
2a:dc:52:65:be:a6:b9:74:67:47:2f:13:0d:72:f5:
93:a2:a2:22:54:bf:0d:13:97:cb:8d:34:c0:82:09:
9e:e9:97:d0:19:a1:9d:aa:87:94:2e:ab:b5:28:b4:
00:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:02:CD:4E:4C:65:DE:93:44:4E:CA:C5:A5:56:B8:7B:40:69:60:E9
X509v3 Authority Key Identifier:
keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/3gLNTkxl3pNETsrFpVa4e0BpYOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.80.0/21
45.154.44.0/22
185.21.52.0/22
185.43.20.0/22
195.96.158.0/24
IPv6:
2a04:9380::/29
Signature Algorithm: sha256WithRSAEncryption
14:f9:40:64:97:a5:7d:2a:f8:1b:07:25:f7:50:2c:6c:ea:10:
23:b8:1d:26:b6:a4:20:27:71:b3:1f:f9:c4:85:0d:ff:2a:78:
ad:be:74:18:83:6d:ab:3d:dd:a7:51:8c:3c:42:a2:fe:f3:06:
66:37:58:67:a9:fc:fe:a0:61:cc:e9:38:fd:ed:6f:e8:eb:ef:
fc:3d:5d:da:6e:81:7c:72:3a:1e:73:ee:5a:e3:5a:07:bc:75:
bb:e0:92:44:fe:76:1f:3d:75:0d:8a:2b:06:ef:d5:26:8f:c3:
84:2e:ea:a6:ff:21:77:7b:0e:21:d1:d3:2e:cb:73:17:ab:e6:
d0:4b:70:78:8f:1f:ae:fd:54:db:3f:28:82:58:db:a6:ff:a3:
cc:b0:3d:ab:44:f6:0b:31:a7:f1:a1:61:a1:b8:e3:ce:e6:23:
05:c7:3a:c9:df:67:67:75:e6:50:c7:5b:90:d7:a3:dd:65:af:
5d:a9:3a:1a:c4:6d:5c:6b:94:d6:85:8f:e7:0d:3f:78:fe:fe:
aa:7c:86:c3:94:30:86:03:10:7b:b2:a9:ee:77:8c:3c:ec:f4:
b7:80:c2:cf:31:ce:91:2f:b0:87:d8:58:c6:94:ca:34:4f:6f:
5d:8a:2b:06:8d:7d:b1:3f:d8:78:74:80:69:18:45:2b:a4:d3:
d9:9e:7a:0c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzIb3uQspIW3gfPr6hC5igVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjQwMTAyMDQyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTAyY2Q0ZTRjNjVkZTkzNDQ0ZWNhYzVhNTU2Yjg3YjQwNjk2MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3o+/iDX/uzxqQIE12jH9lNC7MwwB
aRSQSM5SiOb3YQfrpXA5LFK4DyJbzxtnasJsfuPujLcz3yIFrB9iII5PV7gD5R2w
NxCI+JXQ1qKOqsdmfNw/nKbH5f70EfpwHx1UM0CGa4b/qloazk+TNybTTCbaNl52
ujnCH/jldV6ZSlCLTGBVHSJ2T0IYL3CBe/wjtjHX9pXiGF1aptchTURQ5U4qIrbc
rUqPJ2dS3QsQkJep//6YBdHGALWueNVyj9Rcz7wrXx0mb9QiYaT3EibiHcIq3FJl
vqa5dGdHLxMNcvWToqIiVL8NE5fLjTTAggme6ZfQGaGdqoeULqu1KLQAvwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFN4CzU5MZd6TRE7KxaVWuHtAaWDpMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvM2dMTlRreGwzcE5FVHNyRnBWYTRlMEJwWU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJetQAwQC
LZosAwQCuRU0AwQCuSsUAwQAw2CeMA0EAgACMAcDBQMqBJOAMA0GCSqGSIb3DQEB
CwUAA4IBAQAU+UBkl6V9KvgbByX3UCxs6hAjuB0mtqQgJ3GzH/nEhQ3/KnitvnQY
g22rPd2nUYw8QqL+8wZmN1hnqfz+oGHM6Tj97W/o6+/8PV3aboF8cjoec+5a41oH
vHW74JJE/nYfPXUNiisG79Umj8OELuqm/yF3ew4h0dMuy3MXq+bQS3B4jx+u/VTb
PyiCWNum/6PMsD2rRPYLMafxoWGhuOPO5iMFxzrJ32dndeZQx1uQ16PdZa9dqToa
xG1ca5TWhY/nDT94/v6qfIbDlDCGAxB7sqnud4w87PS3gMLPMc6RL7CH2FjGlMo0
T29diisGjX2xP9h4dIBpGEUrpNPZnnoM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:57 2025 by rpki-client