Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/gQiCPOPGcnDdas_IXJIGWoTZ5B0.roa
File: gQiCPOPGcnDdas_IXJIGWoTZ5B0.roa (raw, json)
Hash identifier: iQSAb2gLIjOG+mnplMQL34qZgtGlKLbTdiizCczcw2s=
Subject key identifier: 81:08:82:3C:E3:C6:72:70:DD:6A:CF:C8:5C:92:06:5A:84:D9:E4:1D
Certificate issuer: /CN=27962a33fd2348781ac123a12722a086ee8fba7d
Certificate serial: 018CC94DE9EFB00DF84F632BF9825B6565AC
Authority key identifier: 27:96:2A:33:FD:23:48:78:1A:C1:23:A1:27:22:A0:86:EE:8F:BA:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5YqM_0jSHgawSOhJyKghu6Pun0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/gQiCPOPGcnDdas_IXJIGWoTZ5B0.roa
Signing time: Tue 02 Jan 2024 08:32:55 +0000
ROA not before: Tue 02 Jan 2024 08:32:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58081
IP address blocks: 37.75.240.0/24 maxlen: 24
37.75.241.0/24 maxlen: 24
37.75.242.0/24 maxlen: 24
2a03:49c0::/32 maxlen: 32
2a03:49c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:e9:ef:b0:0d:f8:4f:63:2b:f9:82:5b:65:65:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27962a33fd2348781ac123a12722a086ee8fba7d
Validity
Not Before: Jan 2 08:32:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8108823ce3c67270dd6acfc85c92065a84d9e41d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3d:32:6b:ee:c1:ba:e7:19:b1:4f:34:cb:54:
2b:98:91:f3:fc:0b:5a:41:11:46:bf:14:33:c0:ed:
f6:14:be:eb:1c:48:22:98:cd:f6:bc:36:b1:17:0a:
ea:bc:46:86:55:20:68:9d:d6:e4:44:09:ca:09:38:
63:b4:f9:2f:f3:cf:28:6d:b2:26:ee:66:06:91:66:
bc:70:73:a0:fd:a6:67:df:5b:c6:af:e0:c1:ea:84:
7f:d5:d3:c4:5a:ff:38:0d:88:8b:70:0a:ba:7d:20:
90:ed:a8:c9:e6:18:6f:df:9e:4e:76:bf:a5:fb:39:
d2:26:59:a1:b9:5d:e9:3c:df:17:e9:14:06:83:6a:
f7:d7:80:e4:bd:14:f1:c2:83:53:d4:ef:d4:d1:6a:
f0:59:55:43:31:24:73:84:32:9e:10:0a:c3:48:6a:
9b:13:19:e6:db:76:d9:cc:d2:3d:2d:c6:f1:9b:27:
25:71:f1:e6:8c:84:f0:b1:39:df:1f:cf:fe:b1:01:
54:5c:e0:ef:db:93:aa:f2:23:22:98:aa:4f:b2:03:
7b:13:a6:8a:72:a6:b7:f9:62:ac:ae:97:99:15:24:
31:88:9a:c9:26:db:32:1f:6e:1c:08:da:c9:a6:5b:
e7:f0:2d:7e:cd:01:89:7c:6d:c1:18:53:d5:2f:c0:
97:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:08:82:3C:E3:C6:72:70:DD:6A:CF:C8:5C:92:06:5A:84:D9:E4:1D
X509v3 Authority Key Identifier:
keyid:27:96:2A:33:FD:23:48:78:1A:C1:23:A1:27:22:A0:86:EE:8F:BA:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5YqM_0jSHgawSOhJyKghu6Pun0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/gQiCPOPGcnDdas_IXJIGWoTZ5B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/J5YqM_0jSHgawSOhJyKghu6Pun0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.240.0-37.75.242.255
IPv6:
2a03:49c0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:22:e7:72:65:10:79:0c:e6:86:51:9b:be:75:9b:0d:ff:e5:
00:fd:e5:8d:f1:36:8c:45:46:e8:2c:b4:a8:50:f3:5a:9d:d9:
11:d8:8e:52:23:7f:05:93:95:06:35:31:83:6b:c6:9a:de:45:
6c:0f:a2:ba:04:35:85:2a:ca:7f:e8:83:5d:09:26:fe:64:c3:
5c:3a:4c:8f:41:06:40:7e:02:81:a4:71:a3:a7:13:04:39:70:
87:04:4a:c1:02:db:58:27:39:e8:ea:a0:3e:4d:75:ad:67:e9:
48:72:45:cd:44:fb:b1:4b:42:f3:68:46:75:05:e7:cf:e5:6c:
51:77:4a:89:8f:cf:b2:75:c9:08:7c:2f:66:98:71:54:d9:6e:
09:86:f5:70:12:0b:50:d1:e8:be:36:57:75:df:44:24:57:61:
83:f3:70:8e:4c:62:c9:8c:ee:3c:c1:13:0b:48:2f:79:95:49:
7d:89:2b:4d:72:77:ba:17:5a:1c:08:c8:48:9e:0c:b9:5f:ac:
50:b4:5c:9d:f1:d8:79:c9:7b:44:ec:a9:47:9e:34:86:58:a7:
7c:71:c3:cd:f1:3c:ba:3d:d6:3a:4c:24:dd:7b:e9:79:f5:37:
6b:ae:3d:8e:55:e2:51:b4:3c:c2:9b:32:de:17:a3:f3:85:34:
27:df:96:fa
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJTenvsA34T2Mr+YJbZWWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTYyYTMzZmQyMzQ4NzgxYWMxMjNhMTI3MjJhMDg2ZWU4
ZmJhN2QwHhcNMjQwMTAyMDgzMjU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTA4ODIzY2UzYzY3MjcwZGQ2YWNmYzg1YzkyMDY1YTg0ZDllNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT0ya+7BuucZsU80y1QrmJHz/Ata
QRFGvxQzwO32FL7rHEgimM32vDaxFwrqvEaGVSBondbkRAnKCThjtPkv888obbIm
7mYGkWa8cHOg/aZn31vGr+DB6oR/1dPEWv84DYiLcAq6fSCQ7ajJ5hhv355Odr+l
+znSJlmhuV3pPN8X6RQGg2r314DkvRTxwoNT1O/U0WrwWVVDMSRzhDKeEArDSGqb
Exnm23bZzNI9LcbxmyclcfHmjITwsTnfH8/+sQFUXODv25Oq8iMimKpPsgN7E6aK
cqa3+WKsrpeZFSQxiJrJJtsyH24cCNrJplvn8C1+zQGJfG3BGFPVL8CXMQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIEIgjzjxnJw3WrPyFySBlqE2eQdMB8GA1UdIwQY
MBaAFCeWKjP9I0h4GsEjoScioIbuj7p9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVZcU1fMGpTSGdhd1NPaEp5S2dodTZQdW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8xMTQ1ZDItYjFiZC00YTU3LWE0NGQt
YmI2YmZmZTY2ZmYzLzEvZ1FpQ1BPUEdjbkRkYXNfSVhKSUdXb1RaNUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8xMTQ1ZDItYjFiZC00YTU3LWE0NGQtYmI2YmZmZTY2ZmYz
LzEvSjVZcU1fMGpTSGdhd1NPaEp5S2dodTZQdW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAQlS/AD
BAAlS/IwDQQCAAIwBwMFACoDScAwDQYJKoZIhvcNAQELBQADggEBACwi53JlEHkM
5oZRm751mw3/5QD95Y3xNoxFRugstKhQ81qd2RHYjlIjfwWTlQY1MYNrxpreRWwP
oroENYUqyn/og10JJv5kw1w6TI9BBkB+AoGkcaOnEwQ5cIcESsEC21gnOejqoD5N
da1n6UhyRc1E+7FLQvNoRnUF58/lbFF3SomPz7J1yQh8L2aYcVTZbgmG9XASC1DR
6L42V3XfRCRXYYPzcI5MYsmM7jzBEwtIL3mVSX2JK01yd7oXWhwIyEieDLlfrFC0
XJ3x2HnJe0TsqUeeNIZYp3xxw83xPLo91jpMJN176Xn1N2uuPY5V4lG0PMKbMt4X
o/OFNCfflvo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:16:40 2025 by rpki-client