Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/wq0xf3WiyG3qCxgBBbK_CfVUhO4.roa
File: wq0xf3WiyG3qCxgBBbK_CfVUhO4.roa (raw, json)
Hash identifier: 8CT5D+YRTBOAbWzveJHkNSRKm233yP8csF8Joh5nnCA=
Subject key identifier: C2:AD:31:7F:75:A2:C8:6D:EA:0B:18:01:05:B2:BF:09:F5:54:84:EE
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 0194D53596BDFBC8F8F0BB98ACB493F82366
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/wq0xf3WiyG3qCxgBBbK_CfVUhO4.roa
Signing time: Wed 05 Feb 2025 08:24:06 +0000
ROA not before: Wed 05 Feb 2025 08:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57675
IP address blocks: 37.32.64.0/24 maxlen: 24
37.32.65.0/24 maxlen: 24
37.32.66.0/24 maxlen: 24
37.32.67.0/24 maxlen: 24
37.32.68.0/24 maxlen: 24
37.32.69.0/24 maxlen: 24
37.32.70.0/24 maxlen: 24
37.32.71.0/24 maxlen: 24
37.32.73.0/24 maxlen: 24
37.32.76.0/24 maxlen: 24
185.129.92.0/22 maxlen: 22
185.129.92.0/24 maxlen: 24
185.129.93.0/24 maxlen: 24
185.129.94.0/24 maxlen: 24
185.129.95.0/24 maxlen: 24
2a0f:1300::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Feb 2025 07:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:35:96:bd:fb:c8:f8:f0:bb:98:ac:b4:93:f8:23:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Feb 5 08:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2ad317f75a2c86dea0b180105b2bf09f55484ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3a:e5:b3:f7:05:98:6b:d1:be:04:35:67:62:
d8:d7:10:48:97:d4:7e:22:b3:e6:da:99:e2:9a:dd:
de:10:3f:ca:31:77:4c:d4:55:fe:0c:96:f6:06:73:
9b:df:5a:61:36:68:08:2d:bc:1e:45:38:1b:49:51:
d2:c9:53:48:0c:48:7c:a4:48:02:83:16:ca:70:29:
70:24:ff:2f:ff:b9:05:b4:56:59:ff:60:52:5d:5b:
4f:b0:28:7a:31:06:0d:1d:95:53:ba:f7:58:60:ba:
cc:54:1e:4a:1f:57:a7:df:65:8f:4c:49:b0:eb:90:
b2:b1:0c:12:70:39:30:8a:d4:9f:bf:93:65:b4:70:
ba:76:a0:f5:56:ec:f1:43:63:61:f9:61:e1:0d:f1:
7b:8e:2b:3c:ee:26:c9:27:8b:df:29:ca:67:6e:c8:
fa:f9:33:7b:f6:f3:69:7b:d9:40:28:3d:dd:11:1a:
4f:47:3d:9c:c6:f6:a4:27:82:16:c8:58:55:a8:3a:
ab:c2:7f:6b:a2:2a:23:90:62:82:50:23:6e:af:b1:
30:92:fa:53:a0:7c:b3:07:42:a4:73:0d:1a:04:a8:
5e:fd:49:2a:08:8a:0e:1c:6f:77:d1:f3:97:cc:0e:
b8:29:03:68:c8:55:b8:64:0c:f4:b4:28:f0:a0:a1:
8e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:AD:31:7F:75:A2:C8:6D:EA:0B:18:01:05:B2:BF:09:F5:54:84:EE
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/wq0xf3WiyG3qCxgBBbK_CfVUhO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0/21
37.32.73.0/24
37.32.76.0/24
185.129.92.0/22
IPv6:
2a0f:1300::/29
Signature Algorithm: sha256WithRSAEncryption
09:ae:2c:e1:d2:96:18:e5:fc:d8:12:bb:02:a8:ba:df:ef:cc:
40:5b:85:17:91:61:0a:78:dd:c4:2a:a7:7a:93:f7:0a:21:13:
4e:bb:7c:71:5c:be:22:d7:9d:8b:07:81:0d:b3:e9:9f:4d:48:
32:2a:f0:20:87:45:73:6c:b7:2b:5f:e3:66:67:26:94:6e:ca:
f1:5b:59:c8:3e:a0:a9:44:14:f8:0e:f2:0b:08:b9:5d:22:0b:
f9:98:76:79:f8:49:6b:58:07:85:4d:cd:f2:6e:f9:89:2d:d4:
4c:5c:82:ba:c3:99:f4:ea:46:20:7b:47:d7:0c:25:cf:e5:4c:
a9:7f:0c:ff:7d:44:a5:b2:21:50:20:0a:be:20:35:d2:1e:1e:
89:c5:4b:9b:f8:5a:c8:9a:14:c5:40:6c:67:d0:c4:fa:77:24:
4a:cd:f5:cf:64:8a:5a:f1:bf:f4:58:47:8e:f4:ca:7b:c5:06:
c3:a0:cf:a7:ef:90:16:7f:e2:46:ac:9e:ac:6a:98:2b:df:5c:
59:dd:57:13:01:ea:a3:52:83:8e:de:bc:26:63:68:02:ac:8b:
60:44:36:a9:4d:77:7a:f0:c9:f4:71:3b:f9:fa:90:87:de:9e:
74:6c:a1:87:fd:18:a0:b2:f4:0a:55:d1:c7:0e:f9:2d:c7:a4:
90:fa:83:11
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZTVNZa9+8j48LuYrLST+CNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjUwMjA1MDgyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmFkMzE3Zjc1YTJjODZkZWEwYjE4MDEwNWIyYmYwOWY1NTQ4NGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjrls/cFmGvRvgQ1Z2LY1xBIl9R+
IrPm2pnimt3eED/KMXdM1FX+DJb2BnOb31phNmgILbweRTgbSVHSyVNIDEh8pEgC
gxbKcClwJP8v/7kFtFZZ/2BSXVtPsCh6MQYNHZVTuvdYYLrMVB5KH1en32WPTEmw
65CysQwScDkwitSfv5NltHC6dqD1VuzxQ2Nh+WHhDfF7jis87ibJJ4vfKcpnbsj6
+TN79vNpe9lAKD3dERpPRz2cxvakJ4IWyFhVqDqrwn9roiojkGKCUCNur7EwkvpT
oHyzB0Kkcw0aBKhe/UkqCIoOHG930fOXzA64KQNoyFW4ZAz0tCjwoKGOlQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMKtMX91osht6gsYAQWyvwn1VITuMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvd3EweGYzV2l5RzNxQ3hnQkJiS19DZlZVaE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJSBAAwQA
JSBJAwQAJSBMAwQCuYFcMA0EAgACMAcDBQMqDxMAMA0GCSqGSIb3DQEBCwUAA4IB
AQAJrizh0pYY5fzYErsCqLrf78xAW4UXkWEKeN3EKqd6k/cKIRNOu3xxXL4i152L
B4ENs+mfTUgyKvAgh0VzbLcrX+NmZyaUbsrxW1nIPqCpRBT4DvILCLldIgv5mHZ5
+ElrWAeFTc3ybvmJLdRMXIK6w5n06kYge0fXDCXP5Uypfwz/fUSlsiFQIAq+IDXS
Hh6JxUub+FrImhTFQGxn0MT6dyRKzfXPZIpa8b/0WEeO9Mp7xQbDoM+n75AWf+JG
rJ6sapgr31xZ3VcTAeqjUoOO3rwmY2gCrItgRDapTXd68Mn0cTv5+pCH3p50bKGH
/RigsvQKVdHHDvktx6SQ+oMR
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:32:24 2025 by rpki-client