Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/QgLhrseHZ0Vk1GyGfgRd4C_Epgo.roa
File: QgLhrseHZ0Vk1GyGfgRd4C_Epgo.roa (raw, json)
Hash identifier: LwUgYtZfWCSUEwtZ8UHyc2aIJv7AEj6jGrfTy/HF0ZU=
Subject key identifier: 42:02:E1:AE:C7:87:67:45:64:D4:6C:86:7E:04:5D:E0:2F:C4:A6:0A
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019428280B201CA85ED1E43E4767D9E01871
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/QgLhrseHZ0Vk1GyGfgRd4C_Epgo.roa
Signing time: Thu 02 Jan 2025 17:55:00 +0000
ROA not before: Thu 02 Jan 2025 17:55:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12716
IP address blocks: 37.63.0.0/20 maxlen: 20
37.63.16.0/22 maxlen: 22
37.63.20.0/22 maxlen: 24
37.63.24.0/22 maxlen: 22
37.63.28.0/22 maxlen: 24
37.63.32.0/22 maxlen: 24
37.63.96.0/22 maxlen: 22
62.204.154.0/23 maxlen: 23
83.97.30.0/24 maxlen: 24
84.252.40.0/23 maxlen: 23
85.118.64.0/22 maxlen: 22
85.118.68.0/23 maxlen: 24
85.118.70.0/24 maxlen: 24
85.118.71.0/24 maxlen: 24
85.118.72.0/23 maxlen: 23
85.118.74.0/24 maxlen: 24
85.118.76.0/22 maxlen: 22
85.118.80.0/22 maxlen: 22
85.118.84.0/24 maxlen: 24
85.118.92.0/24 maxlen: 24
85.118.93.0/24 maxlen: 24
89.215.62.0/23 maxlen: 23
151.251.44.0/22 maxlen: 22
151.251.68.0/22 maxlen: 22
151.251.121.0/24 maxlen: 24
151.251.126.0/23 maxlen: 23
151.251.192.0/22 maxlen: 22
151.251.196.0/24 maxlen: 24
151.251.200.0/22 maxlen: 22
151.251.204.0/22 maxlen: 22
151.251.238.0/24 maxlen: 24
151.251.239.0/24 maxlen: 24
151.251.240.0/20 maxlen: 20
176.222.0.0/20 maxlen: 24
185.151.156.0/22 maxlen: 22
185.224.160.0/23 maxlen: 23
212.104.116.0/22 maxlen: 24
213.226.17.0/24 maxlen: 24
213.226.19.0/24 maxlen: 24
213.226.36.0/24 maxlen: 24
213.226.40.0/24 maxlen: 24
213.226.51.0/24 maxlen: 24
213.226.56.0/24 maxlen: 24
213.226.57.0/24 maxlen: 24
213.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 14:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:0b:20:1c:a8:5e:d1:e4:3e:47:67:d9:e0:18:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4202e1aec787674564d46c867e045de02fc4a60a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3b:18:22:8d:de:11:9e:37:d2:e9:6d:93:14:
79:1d:0d:84:43:8b:78:be:f4:4b:4e:27:c4:21:c3:
9e:a6:f6:9b:c6:4b:57:2c:f4:c8:d8:00:f7:2a:e3:
db:89:22:94:3d:3e:64:e3:8b:66:f1:1f:46:ef:75:
a3:b7:cf:bc:77:67:33:e8:af:01:f4:98:f3:01:ca:
61:d1:35:13:c4:c1:7b:1b:b3:c8:54:f2:51:d5:a5:
6d:19:89:11:fa:85:3e:f9:54:8d:88:83:81:b2:80:
10:f8:ad:0e:79:e2:d5:78:42:85:35:51:58:5c:f0:
96:b4:8b:3b:d2:5c:d7:90:43:c5:11:8e:4f:fc:ea:
28:ac:bd:39:92:ba:76:66:0d:4a:cd:81:ce:9a:a0:
98:8c:82:e1:8d:e0:ba:06:0a:87:2e:41:9f:45:80:
3f:59:10:47:fa:49:c0:3a:57:9b:3c:33:01:0b:a0:
35:89:77:85:e7:a1:8b:ac:7f:55:eb:74:58:4c:79:
1c:cf:94:36:72:26:c4:58:c5:68:01:80:ac:99:23:
61:ac:ee:95:c8:dd:5d:2a:88:65:1c:51:86:ba:f4:
76:a0:a3:48:aa:f7:43:34:d7:e2:33:9f:3f:a9:0f:
bf:a2:71:d2:58:b3:d3:9a:18:db:a4:05:f6:5f:f4:
85:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:02:E1:AE:C7:87:67:45:64:D4:6C:86:7E:04:5D:E0:2F:C4:A6:0A
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/QgLhrseHZ0Vk1GyGfgRd4C_Epgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.63.0.0-37.63.35.255
37.63.96.0/22
62.204.154.0/23
83.97.30.0/24
84.252.40.0/23
85.118.64.0-85.118.74.255
85.118.76.0-85.118.84.255
85.118.92.0/23
89.215.62.0/23
151.251.44.0/22
151.251.68.0/22
151.251.121.0/24
151.251.126.0/23
151.251.192.0-151.251.196.255
151.251.200.0/21
151.251.238.0-151.251.255.255
176.222.0.0/20
185.151.156.0/22
185.224.160.0/23
212.104.116.0/22
213.226.17.0/24
213.226.19.0/24
213.226.36.0/24
213.226.40.0/24
213.226.51.0/24
213.226.56.0/23
213.226.59.0/24
Signature Algorithm: sha256WithRSAEncryption
63:c9:91:79:8f:5d:81:06:2c:cd:c5:20:6e:19:71:c8:e1:c0:
70:89:82:51:f0:d5:cf:d9:41:dd:6f:0a:a1:98:ce:da:45:51:
7e:97:68:64:6b:3d:b1:45:df:84:1e:10:c3:d8:0c:f3:a5:a9:
b3:cc:dc:6b:f4:cd:01:8d:94:46:f1:c9:94:0b:2b:bd:78:59:
86:15:01:a4:72:7f:e3:f1:2a:d6:91:81:7c:16:67:85:03:58:
d6:6f:33:a5:27:9e:52:c5:6d:94:bf:92:3f:9c:0b:56:24:76:
80:de:83:d8:4d:85:2d:63:49:62:5f:6f:1c:7b:eb:9b:3b:8e:
1a:51:d0:ef:c9:4a:8e:60:d5:1b:e6:dc:81:24:0d:39:ab:f9:
e2:2f:be:49:9d:59:fd:da:d0:7e:10:fc:8b:64:e6:8a:35:d6:
75:91:89:ab:c1:d0:aa:f5:7e:50:b9:bb:65:84:3e:f5:c9:7b:
ef:81:b0:4b:14:9d:5c:fd:7a:f1:63:4d:44:3a:04:d7:60:e5:
3f:7d:c7:5a:3a:a6:fa:38:37:c5:3b:68:eb:d3:4b:a0:84:7b:
81:44:ef:46:45:7b:f4:cd:a7:0a:bf:54:7d:88:d6:d7:e7:ff:
56:a9:64:a4:64:a3:f1:ac:39:b3:98:5b:e5:77:31:e0:94:f9:
0c:7f:2d:9f
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZQoKAsgHKhe0eQ+R2fZ4BhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjAyZTFhZWM3ODc2NzQ1NjRkNDZjODY3ZTA0NWRlMDJmYzRhNjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzsYIo3eEZ430ultkxR5HQ2EQ4t4
vvRLTifEIcOepvabxktXLPTI2AD3KuPbiSKUPT5k44tm8R9G73Wjt8+8d2cz6K8B
9JjzAcph0TUTxMF7G7PIVPJR1aVtGYkR+oU++VSNiIOBsoAQ+K0OeeLVeEKFNVFY
XPCWtIs70lzXkEPFEY5P/OoorL05krp2Zg1KzYHOmqCYjILhjeC6BgqHLkGfRYA/
WRBH+knAOlebPDMBC6A1iXeF56GLrH9V63RYTHkcz5Q2cibEWMVoAYCsmSNhrO6V
yN1dKohlHFGGuvR2oKNIqvdDNNfiM58/qQ+/onHSWLPTmhjbpAX2X/SFhwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFEIC4a7Hh2dFZNRshn4EXeAvxKYKMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvUWdMaHJzZUhaMFZrMUd5R2ZnUmQ0Q19FcGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgwCwMD
ACU/AwQCJT8gAwQCJT9gAwQBPsyaAwQAU2EeAwQBVPwoMAwDBAZVdkADBABVdkow
DAMEAlV2TAMEAFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7eQMEAZf7
fjAMAwQGl/vAAwQAl/vEAwQDl/vIMAsDBAGX++4DAwKX+AMEBLDeAAMEArmXnAME
AbngoAMEAtRodAMEANXiEQMEANXiEwMEANXiJAMEANXiKAMEANXiMwMEAdXiOAME
ANXiOzANBgkqhkiG9w0BAQsFAAOCAQEAY8mReY9dgQYszcUgbhlxyOHAcImCUfDV
z9lB3W8KoZjO2kVRfpdoZGs9sUXfhB4Qw9gM86Wps8zca/TNAY2URvHJlAsrvXhZ
hhUBpHJ/4/Eq1pGBfBZnhQNY1m8zpSeeUsVtlL+SP5wLViR2gN6D2E2FLWNJYl9v
HHvrmzuOGlHQ78lKjmDVG+bcgSQNOav54i++SZ1Z/drQfhD8i2TmijXWdZGJq8HQ
qvV+ULm7ZYQ+9cl774GwSxSdXP168WNNRDoE12DlP33HWjqm+jg3xTto69NLoIR7
gUTvRkV79M2nCr9UfYjW1+f/VqlkpGSj8aw5s5hb5Xcx4JT5DH8tnw==
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:29:21 2025 by rpki-client