Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/G36j3A-iNKIPyWy0ihyZvZ-LSwM.roa
File: G36j3A-iNKIPyWy0ihyZvZ-LSwM.roa (raw, json)
Hash identifier: Jtgc83L54leT3qo4QMd97WU2qTS/5dhuBJo/cyqzUlQ=
Subject key identifier: 1B:7E:A3:DC:0F:A2:34:A2:0F:C9:6C:B4:8A:1C:99:BD:9F:8B:4B:03
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0195CCF0D52EE9F6246BA2C7BD9C2DAC93BB
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/G36j3A-iNKIPyWy0ihyZvZ-LSwM.roa
Signing time: Tue 25 Mar 2025 10:54:50 +0000
ROA not before: Tue 25 Mar 2025 10:54:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42130
IP address blocks: 93.88.20.0/22 maxlen: 22
93.88.20.0/23 maxlen: 23
185.198.49.0/24 maxlen: 24
185.207.174.0/24 maxlen: 24
195.245.72.0/24 maxlen: 24
195.245.88.0/24 maxlen: 24
2a13:b2c0::/32 maxlen: 32
2a13:b2c1:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Mar 2025 11:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:f0:d5:2e:e9:f6:24:6b:a2:c7:bd:9c:2d:ac:93:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Mar 25 10:54:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b7ea3dc0fa234a20fc96cb48a1c99bd9f8b4b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:44:fd:20:72:d7:71:7d:c2:33:a4:7a:eb:4a:
57:3b:5a:92:ed:70:c1:e3:77:d4:29:74:c3:74:82:
26:b3:3b:5d:fc:1e:a4:68:fc:35:d6:2c:84:c7:f3:
2f:c3:53:ab:62:f7:cf:e7:9b:d7:8e:ff:15:65:3d:
92:7e:15:c5:82:6b:21:f0:c2:38:79:9c:4e:6e:b0:
39:bb:6f:0a:06:06:d4:30:d0:ab:29:c6:81:fa:68:
0c:12:5b:fc:14:d8:5a:45:83:c0:19:da:37:46:14:
11:71:30:41:01:77:83:52:e4:e6:23:c3:08:1a:1b:
82:bf:5b:27:1c:9b:09:58:d7:cd:9b:0d:e8:ed:05:
6c:fe:71:59:66:6d:0f:a9:cc:ca:11:ef:a0:83:ff:
7d:d7:e8:7e:8f:82:8d:33:ee:ab:ec:5c:56:0c:0a:
f3:cd:96:e6:4d:8b:29:9e:0c:77:4f:cf:88:fd:60:
7d:29:7e:b7:12:a0:d0:54:2a:e8:6e:b3:de:58:27:
56:67:3b:d1:b9:53:65:56:d4:0b:a6:9e:a5:57:40:
fd:8e:0b:d0:ed:d6:0d:50:dd:78:fa:77:c4:a3:f1:
d9:53:52:a2:e2:23:40:33:3f:b5:d4:2c:4b:a9:c0:
28:94:46:6f:de:40:c3:9c:06:e8:15:37:8c:5f:18:
dc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7E:A3:DC:0F:A2:34:A2:0F:C9:6C:B4:8A:1C:99:BD:9F:8B:4B:03
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/G36j3A-iNKIPyWy0ihyZvZ-LSwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.20.0/22
185.198.49.0/24
185.207.174.0/24
195.245.72.0/24
195.245.88.0/24
IPv6:
2a13:b2c0::/32
2a13:b2c1:1::/48
Signature Algorithm: sha256WithRSAEncryption
b8:be:7d:79:ec:3e:b0:a9:ee:28:be:5d:ed:40:7e:74:2b:b0:
c6:c9:5b:be:3a:97:ae:9f:21:67:7a:7b:22:fa:65:b3:af:99:
aa:83:ef:be:39:0f:a1:df:93:03:35:15:b2:1e:25:af:56:e8:
21:e3:b9:fc:79:57:5f:c2:e3:64:98:b3:04:1d:7d:62:08:7f:
2d:14:dd:5f:b6:7e:a6:a3:f3:2e:15:72:12:fa:54:03:61:a6:
b6:8e:9e:e8:2b:48:96:52:41:31:ba:a3:f4:cc:e4:54:62:54:
2e:ce:8b:21:ef:84:e3:57:4b:19:2d:37:83:52:c8:bd:25:ef:
39:88:57:56:9b:92:dd:fb:16:7c:a8:18:8d:bf:4e:7c:e7:a0:
40:9d:a6:4c:b5:e1:95:88:6b:21:4c:96:34:a5:b4:13:75:29:
a3:9b:17:ea:d4:09:93:d1:26:96:39:1e:ec:cc:d9:e8:6f:c3:
72:00:97:34:a6:11:f7:6f:da:7b:6b:68:9a:a9:c1:5d:ff:75:
8c:6a:da:03:e3:48:8f:f1:3d:ac:33:53:94:d1:82:23:16:21:
2a:c0:d7:f5:f3:18:79:4f:06:c2:dc:6d:92:f2:2f:5f:0e:90:
99:05:3e:15:04:c6:33:20:ba:45:a3:b3:d0:da:7f:d8:a4:2a:
16:d1:81:35
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZXM8NUu6fYka6LHvZwtrJO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjUwMzI1MTA1NDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjdlYTNkYzBmYTIzNGEyMGZjOTZjYjQ4YTFjOTliZDlmOGI0YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUT9IHLXcX3CM6R660pXO1qS7XDB
43fUKXTDdIImsztd/B6kaPw11iyEx/Mvw1OrYvfP55vXjv8VZT2SfhXFgmsh8MI4
eZxObrA5u28KBgbUMNCrKcaB+mgMElv8FNhaRYPAGdo3RhQRcTBBAXeDUuTmI8MI
GhuCv1snHJsJWNfNmw3o7QVs/nFZZm0PqczKEe+gg/991+h+j4KNM+6r7FxWDArz
zZbmTYspngx3T8+I/WB9KX63EqDQVCrobrPeWCdWZzvRuVNlVtQLpp6lV0D9jgvQ
7dYNUN14+nfEo/HZU1Ki4iNAMz+11CxLqcAolEZv3kDDnAboFTeMXxjcvwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBt+o9wPojSiD8lstIocmb2fi0sDMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvRzM2ajNBLWlOS0lQeVd5MGloeVp2Wi1MU3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQCXVgUAwQA
ucYxAwQAuc+uAwQAw/VIAwQAw/VYMBYEAgACMBADBQAqE7LAAwcAKhOywQABMA0G
CSqGSIb3DQEBCwUAA4IBAQC4vn157D6wqe4ovl3tQH50K7DGyVu+OpeunyFnensi
+mWzr5mqg+++OQ+h35MDNRWyHiWvVugh47n8eVdfwuNkmLMEHX1iCH8tFN1ftn6m
o/MuFXIS+lQDYaa2jp7oK0iWUkExuqP0zORUYlQuzosh74TjV0sZLTeDUsi9Je85
iFdWm5Ld+xZ8qBiNv05856BAnaZMteGViGshTJY0pbQTdSmjmxfq1AmT0SaWOR7s
zNnob8NyAJc0phH3b9p7a2iaqcFd/3WMatoD40iP8T2sM1OU0YIjFiEqwNf18xh5
TwbC3G2S8i9fDpCZBT4VBMYzILpFo7PQ2n/YpCoW0YE1
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:00:13 2025 by rpki-client