Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/xSHkpcDU-sBv1Zvh7JIs7Xpmpno.roa
File: xSHkpcDU-sBv1Zvh7JIs7Xpmpno.roa (raw, json)
Hash identifier: JWp6fP1lBZwdJnPmhHZfDwbAMQFBsanHiaPJz5InB3w=
Subject key identifier: C5:21:E4:A5:C0:D4:FA:C0:6F:D5:9B:E1:EC:92:2C:ED:7A:66:A6:7A
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 0195A88084885700189E04737F7F733781C8
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/xSHkpcDU-sBv1Zvh7JIs7Xpmpno.roa
Signing time: Tue 18 Mar 2025 09:05:49 +0000
ROA not before: Tue 18 Mar 2025 09:05:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60232
IP address blocks: 37.75.8.0/21 maxlen: 24
185.28.0.0/22 maxlen: 24
195.142.0.0/22 maxlen: 24
195.142.104.0/21 maxlen: 24
195.142.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 09:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:80:84:88:57:00:18:9e:04:73:7f:7f:73:37:81:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Mar 18 09:05:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c521e4a5c0d4fac06fd59be1ec922ced7a66a67a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7c:d2:9b:a3:cf:60:0e:80:f2:6c:1b:22:43:
8f:f9:99:37:57:0e:22:8d:31:c3:95:08:72:f8:f0:
8f:04:8c:5b:8d:aa:12:e5:64:4a:a9:c4:40:ef:72:
d2:b6:c4:ff:a3:15:59:a6:d8:c0:8b:27:78:1d:a3:
e6:3f:eb:63:6f:f5:a5:09:cf:8f:5b:61:08:a1:23:
a8:12:67:f3:e4:30:6d:c7:6e:6e:1a:b4:6a:7b:48:
ce:7a:44:aa:2c:88:07:4d:ca:e4:a2:50:5c:83:64:
58:3a:7d:e4:da:61:33:fc:7a:ec:de:61:29:c8:e1:
c1:98:b1:84:5f:1c:4a:c9:ff:a1:50:d3:97:44:0f:
74:be:e8:5c:2a:9e:4b:4c:c6:fc:9a:16:ea:0f:f1:
97:a2:b5:32:31:10:f2:52:b6:23:86:41:6b:dc:5b:
6e:02:73:7c:ca:bc:c8:79:36:0c:f9:de:83:a7:22:
43:de:db:56:d9:07:5e:9a:8a:ef:ee:00:c2:99:69:
e1:f5:64:84:a7:b8:a3:3a:e1:e7:83:06:fc:7a:05:
f7:bf:be:9f:fd:7f:19:c9:56:46:7f:9e:08:60:8a:
77:3a:d3:9c:d5:7b:af:c6:63:59:06:50:bf:93:10:
3a:96:c1:3f:b2:1f:67:57:dd:48:a6:5a:b4:54:1a:
a3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:21:E4:A5:C0:D4:FA:C0:6F:D5:9B:E1:EC:92:2C:ED:7A:66:A6:7A
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/xSHkpcDU-sBv1Zvh7JIs7Xpmpno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.8.0/21
185.28.0.0/22
195.142.0.0/22
195.142.104.0/21
195.142.132.0/22
Signature Algorithm: sha256WithRSAEncryption
77:7f:13:de:c7:95:8a:ff:d3:77:c6:d0:b8:3d:a8:da:ae:ac:
47:c2:ae:f4:7e:84:05:d4:97:f0:91:16:c8:8d:b8:9f:20:11:
6a:1a:75:38:3d:29:a9:d2:95:77:13:d4:b4:e4:3c:b7:34:7b:
1f:02:e8:f1:39:8a:58:95:9e:af:6a:d4:37:97:ac:11:db:56:
8a:3b:35:01:e9:f5:c1:84:33:90:d1:24:4b:31:f5:4e:c7:b6:
fd:32:ed:17:9d:5d:13:93:11:07:6a:25:52:9e:68:c0:73:fa:
27:bc:9b:e5:c9:9c:88:91:e1:6b:5e:9e:62:a3:90:4b:95:42:
40:2b:b6:29:6b:ed:dd:0e:84:55:d6:7e:83:ad:0e:b8:6c:f1:
40:bf:0c:52:b7:d6:fd:62:05:d4:28:a2:b7:b2:9c:45:af:42:
f7:74:41:f7:a8:3e:90:a6:09:d0:64:3d:56:cd:04:64:ac:f6:
d5:98:cc:80:0f:b7:f0:e7:9b:8c:b3:1e:5c:67:50:d6:8d:46:
8c:1b:30:bf:48:15:80:36:bf:a7:93:bb:06:7e:08:38:6f:75:
91:65:b7:21:c9:d6:f8:00:c5:a7:c2:03:1a:7b:5d:a7:2e:d6:
e3:11:04:cc:e6:14:89:df:ad:d3:a5:9b:ba:6b:be:dc:b0:74:
9b:9e:5f:59
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZWogISIVwAYngRzf39zN4HIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjUwMzE4MDkwNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTIxZTRhNWMwZDRmYWMwNmZkNTliZTFlYzkyMmNlZDdhNjZhNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHzSm6PPYA6A8mwbIkOP+Zk3Vw4i
jTHDlQhy+PCPBIxbjaoS5WRKqcRA73LStsT/oxVZptjAiyd4HaPmP+tjb/WlCc+P
W2EIoSOoEmfz5DBtx25uGrRqe0jOekSqLIgHTcrkolBcg2RYOn3k2mEz/Hrs3mEp
yOHBmLGEXxxKyf+hUNOXRA90vuhcKp5LTMb8mhbqD/GXorUyMRDyUrYjhkFr3Ftu
AnN8yrzIeTYM+d6DpyJD3ttW2Qdemorv7gDCmWnh9WSEp7ijOuHngwb8egX3v76f
/X8ZyVZGf54IYIp3OtOc1XuvxmNZBlC/kxA6lsE/sh9nV91Iplq0VBqjoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMUh5KXA1PrAb9Wb4eySLO16ZqZ6MB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEveFNIa3BjRFUtc0J2MVp2aDdKSXM3WHBtcG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJUsIAwQC
uRwAAwQCw44AAwQDw45oAwQCw46EMA0GCSqGSIb3DQEBCwUAA4IBAQB3fxPex5WK
/9N3xtC4PajarqxHwq70foQF1JfwkRbIjbifIBFqGnU4PSmp0pV3E9S05Dy3NHsf
AujxOYpYlZ6vatQ3l6wR21aKOzUB6fXBhDOQ0SRLMfVOx7b9Mu0XnV0TkxEHaiVS
nmjAc/onvJvlyZyIkeFrXp5io5BLlUJAK7Ypa+3dDoRV1n6DrQ64bPFAvwxSt9b9
YgXUKKK3spxFr0L3dEH3qD6QpgnQZD1WzQRkrPbVmMyAD7fw55uMsx5cZ1DWjUaM
GzC/SBWANr+nk7sGfgg4b3WRZbchydb4AMWnwgMae12nLtbjEQTM5hSJ363TpZu6
a77csHSbnl9Z
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:54:39 2025 by rpki-client