Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/EZ_HhDzOfmf5NQ8SNN1-dzDEl7E.roa
File: EZ_HhDzOfmf5NQ8SNN1-dzDEl7E.roa (raw, json)
Hash identifier: nbi92cIqTeewTcYjPS3eJw/KBO+5DEuT2OitYe4gwN4=
Subject key identifier: 11:9F:C7:84:3C:CE:7E:67:F9:35:0F:12:34:DD:7E:77:30:C4:97:B1
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 019422FB7AB5D8AEEF6410E7D92CF90484A9
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/EZ_HhDzOfmf5NQ8SNN1-dzDEl7E.roa
Signing time: Wed 01 Jan 2025 17:48:13 +0000
ROA not before: Wed 01 Jan 2025 17:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
213.254.179.0/24 maxlen: 24
2a01:e943::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
2a01:e947::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 09:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:7a:b5:d8:ae:ef:64:10:e7:d9:2c:f9:04:84:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jan 1 17:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=119fc7843cce7e67f9350f1234dd7e7730c497b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:70:c4:43:49:16:11:1f:60:fa:57:20:70:be:
da:9b:1c:8d:d4:3b:ba:54:86:ae:23:c7:ce:1f:8a:
d5:ad:b4:75:d6:db:5b:d4:4d:67:68:c2:8c:0e:85:
7d:22:f4:f9:78:64:fa:99:b5:01:2d:d8:c7:64:3d:
36:61:79:85:5e:02:e9:66:f1:6f:ae:37:78:52:92:
93:26:24:00:62:c1:dc:3c:17:6e:4f:aa:11:44:a2:
3b:09:0d:13:3d:c0:fa:ad:1b:fc:d3:db:bc:07:68:
d2:b4:a1:17:be:09:4d:0f:6a:d2:09:02:51:fd:a0:
a4:9e:5f:46:2d:08:0c:7e:39:71:ab:34:c0:31:ec:
09:61:d3:e9:12:6a:d8:af:2d:22:17:68:d4:f7:72:
6d:b4:cc:95:e2:84:a4:e7:9e:98:63:83:83:c5:7f:
d9:b1:2e:8b:c5:ef:08:5d:4d:f9:a0:73:2a:3a:f3:
b2:0a:ae:15:3d:df:6c:50:73:dc:8c:a6:3d:05:c9:
d1:0b:ae:a7:5a:dd:a8:e3:7e:b8:87:e7:71:30:15:
37:c0:d9:69:09:1e:51:38:cc:46:3f:e2:5c:aa:72:
a2:fa:c0:fb:f7:9e:a9:fb:de:e9:25:3a:64:09:8a:
b6:fc:8c:3c:9d:86:1b:cc:9c:0d:7e:ba:2a:4a:91:
d5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:9F:C7:84:3C:CE:7E:67:F9:35:0F:12:34:DD:7E:77:30:C4:97:B1
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/EZ_HhDzOfmf5NQ8SNN1-dzDEl7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.141.0/24
213.254.179.0/24
IPv6:
2a01:e943::/48
2a01:e945::/48
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
1c:c8:bf:18:ec:02:cd:cf:12:5f:d0:df:38:d1:87:d9:90:32:
5f:08:9b:c0:96:b5:0c:26:6b:09:05:a1:12:9a:11:a5:bf:58:
49:0e:2f:79:37:57:5e:07:a6:32:8a:6b:b4:cb:d8:f8:09:bc:
9b:f4:41:c4:f7:f7:c1:ab:2a:a3:40:26:64:51:61:2e:52:31:
18:9b:3d:89:f9:da:13:3d:7a:92:18:c1:f5:06:cf:87:49:b1:
1a:78:06:9f:46:3a:18:91:d8:76:08:ef:c8:1e:af:d2:de:8e:
65:f7:29:82:d3:e6:5d:61:44:f5:3c:fe:c1:72:d6:d9:2c:b6:
46:5d:d3:c1:fa:b6:ca:88:39:e1:67:73:32:b6:83:6c:13:26:
a9:56:d8:f4:58:d9:6f:c8:37:69:fe:7e:25:09:32:f7:cd:76:
87:ec:cc:7d:79:a3:4a:87:b4:a7:ef:8f:7d:fb:29:cf:9a:41:
97:d5:d9:93:f9:d9:b3:63:c3:df:03:b1:88:46:03:b5:d3:71:
00:ba:22:0d:01:b0:bf:98:95:ca:41:75:89:1d:b7:d3:1d:0e:
11:cd:02:ee:d6:f1:a6:1b:c3:a5:fd:81:eb:d5:ac:5e:c9:40:
2f:32:dd:38:b5:1d:57:ef:61:15:33:f5:39:18:ec:f0:a8:5a:
25:40:e4:87
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQi+3q12K7vZBDn2Sz5BISpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMTAxMTc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTlmYzc4NDNjY2U3ZTY3ZjkzNTBmMTIzNGRkN2U3NzMwYzQ5N2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnDEQ0kWER9g+lcgcL7amxyN1Du6
VIauI8fOH4rVrbR11ttb1E1naMKMDoV9IvT5eGT6mbUBLdjHZD02YXmFXgLpZvFv
rjd4UpKTJiQAYsHcPBduT6oRRKI7CQ0TPcD6rRv809u8B2jStKEXvglND2rSCQJR
/aCknl9GLQgMfjlxqzTAMewJYdPpEmrYry0iF2jU93JttMyV4oSk556YY4ODxX/Z
sS6Lxe8IXU35oHMqOvOyCq4VPd9sUHPcjKY9BcnRC66nWt2o4364h+dxMBU3wNlp
CR5ROMxGP+JcqnKi+sD7956p+97pJTpkCYq2/Iw8nYYbzJwNfroqSpHVBwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBGfx4Q8zn5n+TUPEjTdfncwxJexMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvRVpfSGhEek9mbWY1TlE4U05OMS1kekRFbDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAAjsWAwQA
1GiNAwQA1f6zMCEEAgACMBsDBwAqAelDAAADBwAqAelFAAADBwAqAelHAAAwDQYJ
KoZIhvcNAQELBQADggEBABzIvxjsAs3PEl/Q3zjRh9mQMl8Im8CWtQwmawkFoRKa
EaW/WEkOL3k3V14HpjKKa7TL2PgJvJv0QcT398GrKqNAJmRRYS5SMRibPYn52hM9
epIYwfUGz4dJsRp4Bp9GOhiR2HYI78ger9LejmX3KYLT5l1hRPU8/sFy1tkstkZd
08H6tsqIOeFnczK2g2wTJqlW2PRY2W/IN2n+fiUJMvfNdofszH15o0qHtKfvj337
Kc+aQZfV2ZP52bNjw98DsYhGA7XTcQC6Ig0BsL+YlcpBdYkdt9MdDhHNAu7W8aYb
w6X9gevVrF7JQC8y3Ti1HVfvYRUz9TkY7PCoWiVA5Ic=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:39:50 2025 by rpki-client