Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EEuFTWVMBqgHrx4gerMNl5f9bQI.roa
File: EEuFTWVMBqgHrx4gerMNl5f9bQI.roa (raw, json)
Hash identifier: UryxC5O0+DqE9NTC3ky/h7NWXZRD3P8ZbmltmYbb1Ns=
Subject key identifier: 10:4B:85:4D:65:4C:06:A8:07:AF:1E:20:7A:B3:0D:97:97:FD:6D:02
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D599EDD75AA5FCC939EE8E15D35EF90DB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EEuFTWVMBqgHrx4gerMNl5f9bQI.roa
Signing time: Tue 30 Jan 2024 09:06:40 +0000
ROA not before: Tue 30 Jan 2024 09:06:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197450
IP address blocks: 45.128.233.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.44.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
185.225.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 08:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:9e:dd:75:aa:5f:cc:93:9e:e8:e1:5d:35:ef:90:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 30 09:06:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=104b854d654c06a807af1e207ab30d9797fd6d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:97:26:34:11:57:b1:f4:21:91:12:ed:78:66:
fa:4c:60:93:4d:b5:75:3d:74:93:34:65:37:91:bb:
f4:6c:21:c1:f7:ef:cb:13:aa:ed:d6:4a:47:e9:10:
07:d1:be:1b:f4:fa:13:1e:00:fd:00:e6:34:6b:55:
c4:6e:60:50:c9:0a:b7:e5:cf:5d:ad:17:e2:50:48:
43:58:43:44:ba:fc:38:b8:27:68:e9:6d:80:d0:9e:
1d:bf:ca:e7:8f:29:ee:1d:b4:b1:72:99:44:a4:aa:
c8:0b:9c:ea:43:86:a4:2b:3a:1b:1c:2d:29:85:63:
06:68:cc:e8:ea:3d:53:4f:e5:25:39:eb:99:87:27:
20:ec:bc:75:05:31:ee:93:49:7c:3f:ce:b6:a9:ac:
e4:f8:da:36:26:05:db:d1:df:c6:42:e7:11:7f:e4:
39:74:45:e0:c0:8b:34:8e:64:0d:c2:45:8b:60:d4:
b3:9e:17:bf:b6:73:6d:7c:dc:41:25:d5:0a:c8:ec:
23:4f:02:5b:22:9c:90:cc:1f:59:eb:db:d3:29:5f:
2a:00:c6:72:dc:b7:c5:da:32:71:39:3a:c9:22:7d:
0e:b3:ab:28:3f:b5:07:30:28:81:14:71:1a:98:bf:
d6:01:c2:a2:9e:e9:1a:a2:a2:86:45:e6:be:6b:65:
61:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:4B:85:4D:65:4C:06:A8:07:AF:1E:20:7A:B3:0D:97:97:FD:6D:02
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EEuFTWVMBqgHrx4gerMNl5f9bQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.129.86.0/24
81.161.230.0/24
85.31.47.0/24
87.120.166.0/24
87.121.44.0/24
87.121.46.0/24
94.156.8.0/24
94.156.79.0/24
178.215.239.0/24
185.221.64.0/24
185.225.75.0/24
Signature Algorithm: sha256WithRSAEncryption
27:56:31:6c:fc:18:8e:a7:0c:9b:79:51:24:96:ac:47:29:9d:
c9:7e:f8:ea:ca:97:d4:51:bd:a2:bf:5a:ee:c5:89:b9:bc:f2:
cb:1f:84:2a:af:38:dd:52:84:69:c0:48:ef:63:bc:4c:71:c2:
81:c2:28:8c:1f:ed:67:7c:16:1d:2f:18:89:7b:a0:f1:96:b5:
2e:39:1f:26:ce:d4:b3:cb:5b:e3:cd:16:b1:06:a3:e1:b2:c8:
9e:f2:81:c0:3c:b8:b3:6a:6d:a4:f2:e5:52:5a:d2:86:ab:90:
dc:8b:31:2f:b4:79:c9:ea:6c:83:61:0a:f1:b3:b3:c2:c9:18:
99:05:04:3c:55:3e:a8:2c:9e:2f:1c:20:11:97:f0:b6:41:26:
90:e5:bf:54:2b:ea:f4:0d:89:f2:15:cb:68:b2:a3:c1:ca:c4:
68:de:94:78:d4:37:da:63:29:5a:59:1a:cf:fb:26:5e:a1:87:
9b:da:c9:98:f7:17:6d:98:a5:67:e0:dd:34:89:3e:df:26:01:
be:2f:64:42:22:bb:50:6a:25:38:aa:46:3e:41:22:7c:be:09:
9b:e0:b9:d5:16:9c:6d:df:9a:fb:eb:5c:b1:c0:64:d3:99:f2:
de:4c:77:ad:1f:5f:63:38:b5:12:4d:ce:17:21:80:a9:ca:a5:
28:44:54:17
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY1Znt11ql/Mk57o4V0175DbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTMwMDkwNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDRiODU0ZDY1NGMwNmE4MDdhZjFlMjA3YWIzMGQ5Nzk3ZmQ2ZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJcmNBFXsfQhkRLteGb6TGCTTbV1
PXSTNGU3kbv0bCHB9+/LE6rt1kpH6RAH0b4b9PoTHgD9AOY0a1XEbmBQyQq35c9d
rRfiUEhDWENEuvw4uCdo6W2A0J4dv8rnjynuHbSxcplEpKrIC5zqQ4akKzobHC0p
hWMGaMzo6j1TT+UlOeuZhycg7Lx1BTHuk0l8P862qazk+No2JgXb0d/GQucRf+Q5
dEXgwIs0jmQNwkWLYNSznhe/tnNtfNxBJdUKyOwjTwJbIpyQzB9Z69vTKV8qAMZy
3LfF2jJxOTrJIn0Os6soP7UHMCiBFHEamL/WAcKinukaoqKGRea+a2VhCwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBBLhU1lTAaoB68eIHqzDZeX/W0CMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRUV1RlRXVk1CcWdIcng0Z2VyTU5sNWY5YlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALYDpAwQA
LYFWAwQAUaHmAwQAVR8vAwQAV3imAwQAV3ksAwQAV3kuAwQAXpwIAwQAXpxPAwQA
stfvAwQAud1AAwQAueFLMA0GCSqGSIb3DQEBCwUAA4IBAQAnVjFs/BiOpwybeVEk
lqxHKZ3JfvjqypfUUb2iv1ruxYm5vPLLH4QqrzjdUoRpwEjvY7xMccKBwiiMH+1n
fBYdLxiJe6DxlrUuOR8mztSzy1vjzRaxBqPhssie8oHAPLizam2k8uVSWtKGq5Dc
izEvtHnJ6myDYQrxs7PCyRiZBQQ8VT6oLJ4vHCARl/C2QSaQ5b9UK+r0DYnyFcto
sqPBysRo3pR41DfaYylaWRrP+yZeoYeb2smY9xdtmKVn4N00iT7fJgG+L2RCIrtQ
aiU4qkY+QSJ8vgmb4LnVFpxt35r761yxwGTTmfLeTHetH19jOLUSTc4XIYCpyqUo
RFQX
-----END CERTIFICATE-----
Generated at Tue Feb 6 12:22:07 2024 by rpki-client on console-fra.rpki-client.org