Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Pjk11qTxVaDuSWSfABDmr3tLISI.roa
File: Pjk11qTxVaDuSWSfABDmr3tLISI.roa (raw, json)
Hash identifier: XAG9GqfrtQZQoWd3hZpzwyD8RuwIUvXBARO4iKtzSSY=
Subject key identifier: 3E:39:35:D6:A4:F1:55:A0:EE:49:64:9F:00:10:E6:AF:7B:4B:21:22
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019425FE651F1A2CB35B1CE028781B314190
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Pjk11qTxVaDuSWSfABDmr3tLISI.roa
Signing time: Thu 02 Jan 2025 07:50:16 +0000
ROA not before: Thu 02 Jan 2025 07:50:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12716
IP address blocks: 37.63.0.0/20 maxlen: 20
37.63.16.0/22 maxlen: 22
37.63.20.0/22 maxlen: 24
37.63.24.0/22 maxlen: 22
37.63.28.0/22 maxlen: 24
37.63.32.0/22 maxlen: 24
37.63.96.0/22 maxlen: 22
62.204.154.0/23 maxlen: 23
83.97.30.0/24 maxlen: 24
84.252.40.0/23 maxlen: 23
85.118.64.0/22 maxlen: 22
85.118.68.0/23 maxlen: 24
85.118.70.0/24 maxlen: 24
85.118.71.0/24 maxlen: 24
85.118.72.0/23 maxlen: 23
85.118.74.0/24 maxlen: 24
85.118.76.0/22 maxlen: 22
85.118.80.0/22 maxlen: 22
85.118.84.0/24 maxlen: 24
85.118.92.0/24 maxlen: 24
85.118.93.0/24 maxlen: 24
89.215.62.0/23 maxlen: 23
151.251.44.0/22 maxlen: 22
151.251.68.0/22 maxlen: 22
151.251.121.0/24 maxlen: 24
151.251.126.0/23 maxlen: 23
151.251.192.0/22 maxlen: 22
151.251.196.0/24 maxlen: 24
151.251.200.0/22 maxlen: 22
151.251.204.0/22 maxlen: 22
151.251.238.0/24 maxlen: 24
151.251.239.0/24 maxlen: 24
151.251.240.0/20 maxlen: 20
176.222.0.0/20 maxlen: 24
185.151.156.0/22 maxlen: 22
185.224.160.0/23 maxlen: 23
212.104.116.0/22 maxlen: 24
213.226.17.0/24 maxlen: 24
213.226.19.0/24 maxlen: 24
213.226.36.0/24 maxlen: 24
213.226.40.0/24 maxlen: 24
213.226.51.0/24 maxlen: 24
213.226.56.0/24 maxlen: 24
213.226.57.0/24 maxlen: 24
213.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fe:65:1f:1a:2c:b3:5b:1c:e0:28:78:1b:31:41:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 07:50:16 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e3935d6a4f155a0ee49649f0010e6af7b4b2122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:97:e4:91:e9:08:75:c9:ad:1f:88:d7:86:94:
e7:4e:62:87:b6:8a:48:08:77:84:6a:9b:a3:ec:49:
51:27:ca:35:2e:59:b3:4b:ae:11:c1:b5:16:64:bc:
a7:4d:aa:11:4e:67:4c:0a:79:6a:dd:47:4e:ab:26:
a7:53:36:1e:aa:a1:60:33:70:8c:ac:48:1e:d8:b2:
82:79:1c:bc:db:d5:ba:87:89:da:33:27:aa:99:f3:
d4:2e:d9:5e:6b:63:c6:f0:6f:c5:aa:0b:12:0c:7b:
76:aa:83:66:ec:58:63:f8:e7:90:bf:01:9d:f6:31:
fe:16:d2:51:ff:84:c1:7e:e5:1c:c4:53:15:4f:80:
47:f5:dd:8f:7e:0a:78:9e:2d:26:3f:df:70:7f:7f:
f2:ed:63:a7:c5:05:31:2c:b7:a9:fa:bb:7c:fb:18:
30:e3:77:37:3d:00:d0:b9:d9:ca:b8:b6:81:e9:05:
e0:92:da:cb:a8:ab:76:19:e4:90:af:7a:23:ad:7d:
ab:7b:06:86:f1:93:08:15:d2:89:15:77:62:03:fe:
4d:51:52:60:13:27:82:30:5b:76:fd:b7:71:46:17:
9e:9b:a7:db:df:a6:a4:f5:6a:62:1a:a7:35:6a:c0:
31:c0:b0:00:d4:7d:b0:b6:8e:7d:53:f9:11:f2:c0:
8e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:39:35:D6:A4:F1:55:A0:EE:49:64:9F:00:10:E6:AF:7B:4B:21:22
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Pjk11qTxVaDuSWSfABDmr3tLISI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.63.0.0-37.63.35.255
37.63.96.0/22
62.204.154.0/23
83.97.30.0/24
84.252.40.0/23
85.118.64.0-85.118.74.255
85.118.76.0-85.118.84.255
85.118.92.0/23
89.215.62.0/23
151.251.44.0/22
151.251.68.0/22
151.251.121.0/24
151.251.126.0/23
151.251.192.0-151.251.196.255
151.251.200.0/21
151.251.238.0-151.251.255.255
176.222.0.0/20
185.151.156.0/22
185.224.160.0/23
212.104.116.0/22
213.226.17.0/24
213.226.19.0/24
213.226.36.0/24
213.226.40.0/24
213.226.51.0/24
213.226.56.0/23
213.226.59.0/24
Signature Algorithm: sha256WithRSAEncryption
53:6f:4a:da:0a:74:93:d9:b6:be:b2:5d:e9:ed:eb:a8:6d:b4:
8a:ef:2c:68:3b:3c:85:bd:e4:38:1f:c5:47:7b:6d:ac:9b:b5:
fa:8c:d5:ab:03:59:e5:6f:37:f7:09:90:18:2c:6d:87:78:4c:
31:58:a2:85:a2:b8:8a:5a:ff:4c:9f:4e:0c:4e:77:99:36:a1:
45:f4:33:9b:26:9e:07:c8:54:48:88:9a:7e:e1:66:25:9e:1b:
ef:bf:6a:6b:b6:49:92:85:ef:50:64:13:f4:99:49:9a:38:28:
14:9c:75:35:fb:05:b7:cc:fc:5c:cf:3f:87:9e:20:fa:e5:9d:
bc:36:c7:c9:13:14:0f:50:70:e3:f4:fc:53:6b:bb:22:c2:e4:
3c:51:92:79:11:7f:23:7b:4b:2f:97:b5:ba:26:e6:b8:21:a8:
de:86:2c:f0:78:a7:b8:86:4d:98:ed:c1:d8:24:9e:34:1b:1c:
8b:eb:8a:8a:32:40:bd:39:2d:8d:65:3a:3b:bc:2c:96:87:b6:
41:5a:e2:ce:f5:73:36:89:49:d9:ff:17:ee:17:5a:ca:63:21:
0c:0b:23:b8:fe:6e:96:a0:53:e3:b5:2f:a1:45:aa:84:d1:90:
bd:73:c0:a9:22:10:a4:11:24:4a:f5:b4:05:9d:09:6e:ff:d2:
a6:4a:f3:40
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZQl/mUfGiyzWxzgKHgbMUGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMDc1MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM5MzVkNmE0ZjE1NWEwZWU0OTY0OWYwMDEwZTZhZjdiNGIyMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZfkkekIdcmtH4jXhpTnTmKHtopI
CHeEapuj7ElRJ8o1LlmzS64RwbUWZLynTaoRTmdMCnlq3UdOqyanUzYeqqFgM3CM
rEge2LKCeRy829W6h4naMyeqmfPULtlea2PG8G/FqgsSDHt2qoNm7Fhj+OeQvwGd
9jH+FtJR/4TBfuUcxFMVT4BH9d2Pfgp4ni0mP99wf3/y7WOnxQUxLLep+rt8+xgw
43c3PQDQudnKuLaB6QXgktrLqKt2GeSQr3ojrX2rewaG8ZMIFdKJFXdiA/5NUVJg
EyeCMFt2/bdxRheem6fb36ak9WpiGqc1asAxwLAA1H2wto59U/kR8sCO1QIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFD45Ndak8VWg7klknwAQ5q97SyEiMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvUGprMTFxVHhWYUR1U1dTZkFCRG1yM3RMSVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgwCwMD
ACU/AwQCJT8gAwQCJT9gAwQBPsyaAwQAU2EeAwQBVPwoMAwDBAZVdkADBABVdkow
DAMEAlV2TAMEAFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7eQMEAZf7
fjAMAwQGl/vAAwQAl/vEAwQDl/vIMAsDBAGX++4DAwKX+AMEBLDeAAMEArmXnAME
AbngoAMEAtRodAMEANXiEQMEANXiEwMEANXiJAMEANXiKAMEANXiMwMEAdXiOAME
ANXiOzANBgkqhkiG9w0BAQsFAAOCAQEAU29K2gp0k9m2vrJd6e3rqG20iu8saDs8
hb3kOB/FR3ttrJu1+ozVqwNZ5W839wmQGCxth3hMMViihaK4ilr/TJ9ODE53mTah
RfQzmyaeB8hUSIiafuFmJZ4b779qa7ZJkoXvUGQT9JlJmjgoFJx1NfsFt8z8XM8/
h54g+uWdvDbHyRMUD1Bw4/T8U2u7IsLkPFGSeRF/I3tLL5e1uibmuCGo3oYs8Hin
uIZNmO3B2CSeNBsci+uKijJAvTktjWU6O7wsloe2QVrizvVzNolJ2f8X7hdaymMh
DAsjuP5ulqBT47UvoUWqhNGQvXPAqSIQpBEkSvW0BZ0Jbv/SpkrzQA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:21:28 2025 by rpki-client