Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/MbASgdUSG-DIspcZLelfLX7eUIQ.roa
File: MbASgdUSG-DIspcZLelfLX7eUIQ.roa (raw, json)
Hash identifier: 84ENpmejK0fbBQmwVG6ErII7RU6f6ZfeCUsngCeflEc=
Subject key identifier: 31:B0:12:81:D5:12:1B:E0:C8:B2:97:19:2D:E9:5F:2D:7E:DE:50:84
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 0194D53A2AA7AF1ED77C8967C8A66CC92C0D
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/MbASgdUSG-DIspcZLelfLX7eUIQ.roa
Signing time: Wed 05 Feb 2025 08:29:06 +0000
ROA not before: Wed 05 Feb 2025 08:29:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50371
IP address blocks: 37.32.74.0/24 maxlen: 24
185.129.92.0/22 maxlen: 22
185.129.92.0/24 maxlen: 24
185.129.93.0/24 maxlen: 24
185.129.94.0/24 maxlen: 24
185.129.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 07:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:3a:2a:a7:af:1e:d7:7c:89:67:c8:a6:6c:c9:2c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Feb 5 08:29:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31b01281d5121be0c8b297192de95f2d7ede5084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:25:10:82:04:51:d2:56:9d:3c:34:77:e0:6d:
43:ff:ae:60:f7:f8:80:cd:1d:e6:db:1e:dc:e0:08:
61:42:d6:60:14:7d:4e:af:99:39:c0:2a:86:1c:00:
de:03:4e:c1:7e:ab:84:eb:44:ce:12:d2:a4:87:98:
3b:f0:dc:ac:c9:e2:ab:8f:4e:9a:74:31:8c:c5:5f:
1f:84:e9:12:fd:c3:52:65:f4:51:5a:39:8d:e2:f1:
56:6c:b7:10:2d:89:ca:8b:3d:a1:5b:4e:59:14:92:
5a:e6:a3:a4:d2:9c:65:e1:7b:cc:8f:ca:83:84:b9:
af:31:88:08:92:c0:5f:65:ff:b7:e1:93:dc:dc:e0:
80:0e:ba:b8:66:7c:3f:fd:11:c4:4b:b7:06:d1:eb:
20:40:78:ab:81:67:63:f9:d4:50:ac:fd:14:b3:7e:
86:5e:1e:10:69:10:88:d2:15:da:ed:d2:44:80:9e:
47:50:ed:84:b3:f1:d7:76:e7:77:d4:97:2e:c7:5f:
ba:a1:42:63:87:ae:ea:1f:b0:01:a1:c4:92:9c:62:
28:a5:cc:d4:63:54:0a:d5:9b:49:8f:74:00:0b:f2:
ac:4a:d9:82:53:0c:d8:b8:bd:80:f9:27:08:a2:87:
2e:94:ce:99:02:78:e0:be:1e:92:47:84:ce:79:63:
f0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B0:12:81:D5:12:1B:E0:C8:B2:97:19:2D:E9:5F:2D:7E:DE:50:84
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/MbASgdUSG-DIspcZLelfLX7eUIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.74.0/24
185.129.92.0/22
Signature Algorithm: sha256WithRSAEncryption
82:92:dd:4f:a2:d7:a0:ae:34:24:91:b2:3a:cd:de:ec:45:13:
ac:7d:24:2e:ed:7b:08:32:73:fb:73:2f:fb:54:db:de:56:40:
16:1c:92:e6:e2:ff:37:f8:ae:22:bc:bc:1c:ab:fa:2a:0b:7c:
58:41:f8:08:53:c7:83:b8:4c:9c:8d:c5:7a:78:48:f8:4b:ef:
5c:f1:2c:5c:52:aa:f9:24:cb:8f:3f:a3:7b:4e:19:8f:f3:6f:
6b:2d:eb:7c:0a:d1:58:48:4e:6c:f7:c5:b7:94:20:af:18:97:
e1:ae:44:1f:d1:fd:1e:8c:f1:94:f4:7e:e9:67:00:2d:54:f6:
6f:0e:e8:60:f2:8f:32:6a:32:33:3c:ac:4e:e7:02:8e:68:89:
da:fe:b7:d7:a6:75:04:7e:59:91:1f:77:d4:88:73:89:67:b5:
cb:0b:00:76:05:3f:de:53:f5:3b:49:07:ff:77:03:31:1a:c4:
bc:f8:46:c9:af:70:b7:23:12:07:dc:41:51:4c:2a:36:2b:74:
61:11:71:67:20:75:f2:6d:ac:b8:0f:6f:26:25:88:f1:f4:06:
1c:ff:5d:47:17:5e:0b:96:01:a2:8a:7d:d9:b1:e2:60:f7:1d:
76:96:36:cf:ff:2d:c1:2b:fe:b5:4b:88:fd:bd:70:58:70:72:
1d:de:2a:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTVOiqnrx7XfIlnyKZsySwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjUwMjA1MDgyOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWIwMTI4MWQ1MTIxYmUwYzhiMjk3MTkyZGU5NWYyZDdlZGU1MDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSUQggRR0ladPDR34G1D/65g9/iA
zR3m2x7c4AhhQtZgFH1Or5k5wCqGHADeA07BfquE60TOEtKkh5g78NysyeKrj06a
dDGMxV8fhOkS/cNSZfRRWjmN4vFWbLcQLYnKiz2hW05ZFJJa5qOk0pxl4XvMj8qD
hLmvMYgIksBfZf+34ZPc3OCADrq4Znw//RHES7cG0esgQHirgWdj+dRQrP0Us36G
Xh4QaRCI0hXa7dJEgJ5HUO2Es/HXdud31Jcux1+6oUJjh67qH7ABocSSnGIopczU
Y1QK1ZtJj3QAC/KsStmCUwzYuL2A+ScIooculM6ZAnjgvh6SR4TOeWPw3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDGwEoHVEhvgyLKXGS3pXy1+3lCEMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvTWJBU2dkVVNHLURJc3BjWkxlbGZMWDdlVUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJSBKAwQC
uYFcMA0GCSqGSIb3DQEBCwUAA4IBAQCCkt1PotegrjQkkbI6zd7sRROsfSQu7XsI
MnP7cy/7VNveVkAWHJLm4v83+K4ivLwcq/oqC3xYQfgIU8eDuEycjcV6eEj4S+9c
8SxcUqr5JMuPP6N7ThmP829rLet8CtFYSE5s98W3lCCvGJfhrkQf0f0ejPGU9H7p
ZwAtVPZvDuhg8o8yajIzPKxO5wKOaIna/rfXpnUEflmRH3fUiHOJZ7XLCwB2BT/e
U/U7SQf/dwMxGsS8+EbJr3C3IxIH3EFRTCo2K3RhEXFnIHXybay4D28mJYjx9AYc
/11HF14LlgGiin3ZseJg9x12ljbP/y3BK/61S4j9vXBYcHId3ioL
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:34:32 2025 by rpki-client