Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/E7P6ur329WXM6QSzH5eEL0mqEK0.roa
File: E7P6ur329WXM6QSzH5eEL0mqEK0.roa (raw, json)
Hash identifier: eHwoGeaoHxKpgFyduAjrBlQ79OrqazV0iGlFtC2Wa6A=
Subject key identifier: 13:B3:FA:BA:BD:F6:F5:65:CC:E9:04:B3:1F:97:84:2F:49:AA:10:AD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824CF94C7A961D0A0958A2BBAD8094C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/E7P6ur329WXM6QSzH5eEL0mqEK0.roa
Signing time: Thu 02 Jan 2025 17:51:28 +0000
ROA not before: Thu 02 Jan 2025 17:51:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 45.95.3.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
87.121.98.0/24 maxlen: 24
87.121.218.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
193.168.196.0/24 maxlen: 24
193.168.197.0/24 maxlen: 24
193.168.198.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 11:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:cf:94:c7:a9:61:d0:a0:95:8a:2b:ba:d8:09:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13b3fababdf6f565cce904b31f97842f49aa10ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c2:16:b1:e7:df:ef:af:75:49:21:9f:f3:bb:
84:2d:bc:c7:cd:b2:b6:0e:58:f2:08:fc:84:56:32:
4e:8f:dd:b1:c1:76:41:0d:01:a8:c2:0d:13:fb:30:
2c:74:63:f6:d7:d7:d1:66:42:14:6d:ee:1f:56:36:
e9:b3:22:a8:33:d8:22:19:78:3d:be:84:b8:18:75:
a1:7c:2c:ef:bc:9a:09:d9:b8:c5:57:95:a5:53:4a:
1e:f5:08:43:91:0f:83:a0:06:81:8d:09:1c:8b:bc:
06:f6:31:4e:f2:cc:75:45:7e:73:7e:83:99:91:5d:
d1:33:4d:de:ce:19:b4:42:16:cd:37:d0:b8:dd:d2:
b4:3a:15:2b:31:17:34:5e:97:63:dd:43:a1:41:3f:
3c:99:eb:70:9f:82:9e:d3:bd:8b:d5:e2:3e:4a:a8:
86:0c:72:8a:1b:95:c5:62:6c:a4:78:ad:07:41:39:
fc:f6:fb:60:2a:2c:68:9b:18:89:ce:46:ca:58:23:
6f:6d:18:54:3a:a1:cf:63:ba:0b:0e:25:1a:01:c2:
d1:22:da:a7:97:08:db:fa:e3:ce:b2:69:8e:1e:af:
0f:9f:5d:7d:2a:bd:23:95:62:f5:08:a6:62:97:90:
80:3e:31:37:18:8e:94:3d:8a:2d:07:55:b2:af:57:
39:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:B3:FA:BA:BD:F6:F5:65:CC:E9:04:B3:1F:97:84:2F:49:AA:10:AD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/E7P6ur329WXM6QSzH5eEL0mqEK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.3.0/24
83.143.113.0/24
87.121.98.0/24
87.121.218.0/24
185.246.222.0/24
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
36:78:c3:cd:4d:45:e6:1b:ad:0c:c5:da:f0:94:be:87:ae:14:
f0:38:9e:69:b1:5e:43:e3:6f:f5:f3:2a:4d:35:f5:ea:dc:b0:
a5:30:3b:49:47:2d:0a:ef:bf:b7:5c:23:a6:16:e2:25:40:76:
85:f3:93:51:86:71:a0:05:1c:41:04:76:b7:03:a8:30:b4:5e:
6d:77:a8:10:9a:d1:f5:72:e8:e2:7c:a1:ca:5c:1f:84:c4:27:
fc:09:b2:d8:8c:a2:07:e7:d3:2b:67:41:23:46:30:57:aa:9e:
f7:69:67:e6:7e:f7:8f:b3:de:02:e7:63:98:05:56:07:b3:ae:
30:4e:cf:f5:db:e6:2f:a9:9a:0f:eb:c4:40:3e:8c:8c:17:dc:
3b:cf:31:1d:e5:01:e5:3c:e4:48:6c:8c:3c:c0:c7:86:84:5d:
14:d6:73:ab:12:8e:5c:28:3f:72:96:4a:2c:76:36:c7:04:c7:
9c:00:9e:a6:35:4b:a6:68:bf:82:34:79:0f:30:36:83:fc:b2:
45:90:c5:60:a8:4b:8c:b4:9f:ef:bf:bf:48:5e:7d:42:ec:5e:
f1:ef:05:28:10:9e:28:a3:f6:0e:d1:ad:04:82:0e:7e:42:16:
b3:38:66:e7:ab:d9:48:fa:c5:36:d7:9e:59:6c:bf:4d:d0:b6:
d7:14:55:23
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQoJM+Ux6lh0KCViiu62AlMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2IzZmFiYWJkZjZmNTY1Y2NlOTA0YjMxZjk3ODQyZjQ5YWExMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsIWseff7691SSGf87uELbzHzbK2
DljyCPyEVjJOj92xwXZBDQGowg0T+zAsdGP219fRZkIUbe4fVjbpsyKoM9giGXg9
voS4GHWhfCzvvJoJ2bjFV5WlU0oe9QhDkQ+DoAaBjQkci7wG9jFO8sx1RX5zfoOZ
kV3RM03ezhm0QhbNN9C43dK0OhUrMRc0Xpdj3UOhQT88metwn4Ke072L1eI+SqiG
DHKKG5XFYmykeK0HQTn89vtgKixomxiJzkbKWCNvbRhUOqHPY7oLDiUaAcLRItqn
lwjb+uPOsmmOHq8Pn119Kr0jlWL1CKZil5CAPjE3GI6UPYotB1Wyr1c56QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBOz+rq99vVlzOkEsx+XhC9JqhCtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRTdQNnVyMzI5V1hNNlFTekg1ZUVMMG1xRUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALV8DAwQA
U49xAwQAV3liAwQAV3naAwQAufbeAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQA2
eMPNTUXmG60MxdrwlL6HrhTwOJ5psV5D42/18ypNNfXq3LClMDtJRy0K77+3XCOm
FuIlQHaF85NRhnGgBRxBBHa3A6gwtF5td6gQmtH1cujifKHKXB+ExCf8CbLYjKIH
59MrZ0EjRjBXqp73aWfmfvePs94C52OYBVYHs64wTs/12+YvqZoP68RAPoyMF9w7
zzEd5QHlPORIbIw8wMeGhF0U1nOrEo5cKD9ylkosdjbHBMecAJ6mNUumaL+CNHkP
MDaD/LJFkMVgqEuMtJ/vv79IXn1C7F7x7wUoEJ4oo/YO0a0Egg5+QhazOGbnq9lI
+sU2155ZbL9N0LbXFFUj
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:26:28 2025 by rpki-client