Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/EZXaXjgq_wQUQ4mv8kPdf7UquT8.roa
File: EZXaXjgq_wQUQ4mv8kPdf7UquT8.roa (raw, json)
Hash identifier: dFv8n1KSHRiSK1XEVZqCvRN0qeu51NjxZZvgXx7jKb0=
Subject key identifier: 11:95:DA:5E:38:2A:FF:04:14:43:89:AF:F2:43:DD:7F:B5:2A:B9:3F
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 019422FB7A4349F46D30D30CCDAEAC8416C4
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/EZXaXjgq_wQUQ4mv8kPdf7UquT8.roa
Signing time: Wed 01 Jan 2025 17:48:13 +0000
ROA not before: Wed 01 Jan 2025 17:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
2a01:e943::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 09:23:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:7a:43:49:f4:6d:30:d3:0c:cd:ae:ac:84:16:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jan 1 17:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1195da5e382aff04144389aff243dd7fb52ab93f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:8a:64:b5:86:50:d5:a4:7f:ad:59:ae:0f:76:
9a:fa:46:70:91:45:9e:06:7a:2a:82:f2:54:b8:81:
56:9a:50:60:32:3e:74:79:f0:b1:e0:aa:b8:78:e3:
66:43:3e:c0:91:c4:5c:68:06:ba:30:56:fa:8f:bf:
73:e4:64:3a:eb:a3:24:27:e0:67:ba:0d:5a:97:06:
0b:c3:b3:ed:35:ba:45:d3:22:ea:8a:ff:19:fb:75:
7f:d2:92:7f:cd:3f:c5:9d:43:8b:b8:4b:dd:9a:3c:
da:fd:a6:70:b5:8b:55:d5:9e:af:9e:b9:12:b3:97:
20:63:d4:64:7f:41:e3:2e:e1:e3:5f:3c:88:95:52:
b1:c2:c2:76:71:0d:2a:7f:2d:44:4b:b0:ea:94:dd:
6d:ab:f8:d5:1c:e8:44:5c:b4:4a:3d:47:6e:00:19:
df:8c:e0:8f:18:f9:64:af:5e:8d:fb:37:03:62:69:
ec:2d:87:98:7c:fb:f3:34:f3:c8:82:ab:01:59:6f:
bf:b1:e5:72:52:09:58:34:bb:e0:dd:d0:d8:c3:2b:
3b:81:e9:3f:f5:9a:fa:c0:6b:da:c5:ed:06:ac:fb:
a4:b2:de:fb:b3:df:8c:d2:87:75:b8:95:97:dd:8f:
5d:c2:ae:67:8e:e3:69:39:0a:40:86:7f:94:7e:84:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:95:DA:5E:38:2A:FF:04:14:43:89:AF:F2:43:DD:7F:B5:2A:B9:3F
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/EZXaXjgq_wQUQ4mv8kPdf7UquT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.140.0/23
IPv6:
2a01:e943::/48
2a01:e945::/48
Signature Algorithm: sha256WithRSAEncryption
c5:f4:25:a5:10:6a:c9:19:5b:29:2a:42:9e:e4:34:56:df:27:
4e:4f:72:5a:f9:05:8d:00:cc:94:96:78:81:5e:fa:65:a6:e3:
98:37:9c:2b:bc:18:7a:11:65:7e:ca:c9:bb:2d:ed:84:e4:92:
1c:ff:3d:17:fd:a4:53:e5:70:81:9c:a7:b9:8c:be:a5:2e:e6:
35:4b:59:ac:76:77:b0:de:db:6a:72:2e:64:37:32:2f:be:b5:
62:bf:6d:50:fc:ad:18:e3:68:f2:f7:56:94:37:f0:f0:6c:17:
d5:19:94:0e:03:0e:38:87:2f:07:c1:32:5d:05:fb:85:f6:2d:
f9:e0:e8:56:d0:b8:97:4f:cc:de:d6:e3:eb:2c:35:d4:4f:ba:
03:e6:1f:e1:17:6b:51:19:33:28:d2:39:fa:98:71:4f:c5:2a:
e6:d4:ec:5f:09:73:8b:f3:ed:8c:86:a8:73:52:00:51:a4:b3:
18:ff:e2:1d:6d:a6:50:b6:d1:82:3e:c8:7f:d7:4c:7d:77:ce:
c5:ce:b2:34:49:90:f3:ad:c7:c0:d3:f3:30:d5:59:cf:54:c1:
61:52:e7:f3:a3:35:80:83:ad:58:b0:ff:a8:45:c1:c5:5b:53:
35:11:d8:45:4e:e6:a4:b5:bc:d3:95:d1:5b:87:cd:56:89:7b:
42:45:51:47
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQi+3pDSfRtMNMMza6shBbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMTAxMTc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTk1ZGE1ZTM4MmFmZjA0MTQ0Mzg5YWZmMjQzZGQ3ZmI1MmFiOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9opktYZQ1aR/rVmuD3aa+kZwkUWe
BnoqgvJUuIFWmlBgMj50efCx4Kq4eONmQz7AkcRcaAa6MFb6j79z5GQ666MkJ+Bn
ug1alwYLw7PtNbpF0yLqiv8Z+3V/0pJ/zT/FnUOLuEvdmjza/aZwtYtV1Z6vnrkS
s5cgY9Rkf0HjLuHjXzyIlVKxwsJ2cQ0qfy1ES7DqlN1tq/jVHOhEXLRKPUduABnf
jOCPGPlkr16N+zcDYmnsLYeYfPvzNPPIgqsBWW+/seVyUglYNLvg3dDYwys7gek/
9Zr6wGvaxe0GrPukst77s9+M0od1uJWX3Y9dwq5njuNpOQpAhn+UfoQSEwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBGV2l44Kv8EFEOJr/JD3X+1Krk/MB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvRVpYYVhqZ3Ffd1FVUTRtdjhrUGRmN1VxdVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAAjsWAwQB
1GiMMBgEAgACMBIDBwAqAelDAAADBwAqAelFAAAwDQYJKoZIhvcNAQELBQADggEB
AMX0JaUQaskZWykqQp7kNFbfJ05Pclr5BY0AzJSWeIFe+mWm45g3nCu8GHoRZX7K
ybst7YTkkhz/PRf9pFPlcIGcp7mMvqUu5jVLWax2d7De22pyLmQ3Mi++tWK/bVD8
rRjjaPL3VpQ38PBsF9UZlA4DDjiHLwfBMl0F+4X2Lfng6FbQuJdPzN7W4+ssNdRP
ugPmH+EXa1EZMyjSOfqYcU/FKubU7F8Jc4vz7YyGqHNSAFGksxj/4h1tplC20YI+
yH/XTH13zsXOsjRJkPOtx8DT8zDVWc9UwWFS5/OjNYCDrViw/6hFwcVbUzUR2EVO
5qS1vNOV0VuHzVaJe0JFUUc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:43:24 2025 by rpki-client