Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/cEWQC3oIlESwcAjCcvRRa66pUfo.roa
File: cEWQC3oIlESwcAjCcvRRa66pUfo.roa (raw, json)
Hash identifier: Uwtmvx2jtDneS5G+kZbRv+Nr7Y6wAG+qxMpOVZ7IwnA=
Subject key identifier: 70:45:90:0B:7A:08:94:44:B0:70:08:C2:72:F4:51:6B:AE:A9:51:FA
Certificate issuer: /CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Certificate serial: 0193BEFD4FA00773AC9D73C7630DEE67265E
Authority key identifier: 99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/cEWQC3oIlESwcAjCcvRRa66pUfo.roa
Signing time: Fri 13 Dec 2024 07:48:12 +0000
ROA not before: Fri 13 Dec 2024 07:48:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34718
IP address blocks: 62.209.128.0/19 maxlen: 19
89.236.192.0/18 maxlen: 18
185.6.40.0/22 maxlen: 22
185.248.44.0/22 maxlen: 22
194.55.92.0/22 maxlen: 22
2a02:f10::/32 maxlen: 32
2a03:540::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 13 Dec 2024 12:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:be:fd:4f:a0:07:73:ac:9d:73:c7:63:0d:ee:67:26:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Validity
Not Before: Dec 13 07:48:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7045900b7a089444b07008c272f4516baea951fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2e:e2:7f:a9:39:a6:b3:53:7c:a5:63:2a:48:
c7:79:ce:db:c8:fe:d2:7e:eb:02:c1:54:8a:d9:a6:
fd:94:b7:a2:ef:2d:4f:5d:f2:3e:53:e6:6d:51:b7:
7c:29:dd:90:ad:6f:f9:79:0a:13:16:ee:3c:48:80:
d7:d5:8c:64:ae:09:9d:e2:4d:e1:f3:09:08:05:06:
04:dc:87:d7:9b:48:d1:46:fa:2a:78:97:50:dc:5c:
39:f7:48:92:31:0e:0c:0b:47:e0:4a:bc:30:6f:1b:
7b:22:fc:32:1f:b4:54:df:5d:c8:84:72:c8:6f:fd:
8c:4b:45:3f:30:dd:7b:b4:7a:6f:30:d2:e8:70:98:
50:67:8c:bc:6b:dd:2b:c3:6d:72:80:f1:cd:5f:88:
d4:61:29:0b:6a:9a:9d:80:86:37:b8:64:6b:06:ef:
88:f3:4b:c2:81:b8:16:f3:bb:de:96:a9:fd:df:12:
27:9f:16:9d:8c:19:b8:7a:40:ce:4c:9c:6f:2d:00:
57:cb:63:e3:6a:fd:43:de:00:9f:51:06:75:36:80:
e9:d9:b4:24:32:e0:f8:db:0d:5a:9c:6a:a6:ea:60:
d4:57:22:db:18:f7:88:90:7d:16:17:d6:b5:f4:5c:
d1:84:cc:e0:3a:cc:72:e5:89:a9:b2:c1:0d:d6:06:
1e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:45:90:0B:7A:08:94:44:B0:70:08:C2:72:F4:51:6B:AE:A9:51:FA
X509v3 Authority Key Identifier:
keyid:99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/cEWQC3oIlESwcAjCcvRRa66pUfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.209.128.0/19
89.236.192.0/18
185.6.40.0/22
185.248.44.0/22
194.55.92.0/22
IPv6:
2a02:f10::/32
2a03:540::/32
Signature Algorithm: sha256WithRSAEncryption
9e:20:0f:d6:74:ce:af:5e:51:22:94:ff:a0:8f:20:b6:50:d1:
9f:ed:6c:6d:61:a2:ea:82:0f:b3:d3:4d:a4:3d:e2:d1:17:4a:
8c:38:d2:12:c6:61:8d:de:8b:77:9b:60:a5:90:4b:7b:43:b7:
6b:63:67:ae:30:92:a2:cf:f0:dd:75:9d:22:db:3e:e4:87:a8:
c5:96:3b:e4:b2:d2:ee:a4:90:c2:cd:1d:55:a0:33:80:82:83:
fa:dd:83:15:14:f7:36:4e:1b:cb:f8:a8:cd:30:04:7c:07:69:
45:68:ab:ed:f4:aa:21:14:ab:78:29:1f:e1:ee:84:cb:fc:fb:
fc:b6:d7:b9:9e:4c:2f:3f:9a:f0:2a:68:7a:e5:22:50:fa:50:
c4:b5:9a:2b:41:48:6c:86:40:fa:10:d8:ad:a2:f4:d1:0b:c8:
21:04:52:42:bb:cf:9c:ef:5e:57:73:4a:e3:82:ff:71:28:f0:
4e:1c:87:c0:5f:15:25:3f:e2:d0:0c:90:4b:43:d8:71:37:96:
d5:38:ac:1c:ad:cd:29:58:3e:e4:c9:04:aa:f1:83:35:d8:8a:
89:a6:dc:07:ba:cd:0a:1f:2a:ab:c8:95:4c:ff:b5:41:6f:62:
5e:00:3b:e8:5d:17:05:22:36:44:24:57:bf:7e:df:21:22:e6:
47:52:4c:dd
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZO+/U+gB3OsnXPHYw3uZyZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzkwMGY2NmU3MGIyZmZmZDljMGNlOTI2MDJmMmY0NWM2
NTk5NjEwHhcNMjQxMjEzMDc0ODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQ1OTAwYjdhMDg5NDQ0YjA3MDA4YzI3MmY0NTE2YmFlYTk1MWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS7if6k5prNTfKVjKkjHec7byP7S
fusCwVSK2ab9lLei7y1PXfI+U+ZtUbd8Kd2QrW/5eQoTFu48SIDX1Yxkrgmd4k3h
8wkIBQYE3IfXm0jRRvoqeJdQ3Fw590iSMQ4MC0fgSrwwbxt7IvwyH7RU313IhHLI
b/2MS0U/MN17tHpvMNLocJhQZ4y8a90rw21ygPHNX4jUYSkLapqdgIY3uGRrBu+I
80vCgbgW87velqn93xInnxadjBm4ekDOTJxvLQBXy2Pjav1D3gCfUQZ1NoDp2bQk
MuD42w1anGqm6mDUVyLbGPeIkH0WF9a19FzRhMzgOsxy5YmpssEN1gYeSwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFHBFkAt6CJREsHAIwnL0UWuuqVH6MB8GA1UdIwQY
MBaAFJk5APZucLL//ZwM6SYC8vRcZZlhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2Qt
ZGVmNmVmYjQ0MzE5LzEvY0VXUUMzb0lsRVN3Y0FqQ2N2UlJhNjZwVWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2QtZGVmNmVmYjQ0MzE5
LzEvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQFPtGAAwQG
WezAAwQCuQYoAwQCufgsAwQCwjdcMBQEAgACMA4DBQAqAg8QAwUAKgMFQDANBgkq
hkiG9w0BAQsFAAOCAQEAniAP1nTOr15RIpT/oI8gtlDRn+1sbWGi6oIPs9NNpD3i
0RdKjDjSEsZhjd6Ld5tgpZBLe0O3a2NnrjCSos/w3XWdIts+5IeoxZY75LLS7qSQ
ws0dVaAzgIKD+t2DFRT3Nk4by/iozTAEfAdpRWir7fSqIRSreCkf4e6Ey/z7/LbX
uZ5MLz+a8CpoeuUiUPpQxLWaK0FIbIZA+hDYraL00QvIIQRSQrvPnO9eV3NK44L/
cSjwThyHwF8VJT/i0AyQS0PYcTeW1TisHK3NKVg+5MkEqvGDNdiKiabcB7rNCh8q
q8iVTP+1QW9iXgA76F0XBSI2RCRXv37fISLmR1JM3Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:19:12 2025 by rpki-client