Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ewADNDhqXJrBbzhZhCVgW8uwNbY.roa
File: ewADNDhqXJrBbzhZhCVgW8uwNbY.roa (raw, json)
Hash identifier: hAG2GbTXk/zz4W+5cxTWpcW584PXoTLNKkX1sLu8oKg=
Subject key identifier: 7B:00:03:34:38:6A:5C:9A:C1:6F:38:59:84:25:60:5B:CB:B0:35:B6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019492C8D058D40EC60FFD0957507DA240A3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ewADNDhqXJrBbzhZhCVgW8uwNbY.roa
Signing time: Thu 23 Jan 2025 10:50:21 +0000
ROA not before: Thu 23 Jan 2025 10:50:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 45.66.230.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Feb 2025 17:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:c8:d0:58:d4:0e:c6:0f:fd:09:57:50:7d:a2:40:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 23 10:50:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b000334386a5c9ac16f38598425605bcbb035b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1d:5b:87:c0:54:5e:da:17:13:2b:b1:48:4e:
c5:45:c1:25:a9:24:2d:70:c3:b7:45:e6:3d:8e:3f:
ea:bf:39:79:1f:d4:be:e4:c9:7e:51:7f:ce:aa:4b:
80:4d:ea:b9:03:12:08:1f:10:0a:2c:bf:ae:d3:75:
82:f4:4d:71:e0:07:35:48:38:a1:d8:3e:b8:7b:c2:
d9:03:66:5c:c9:59:1f:fa:8c:3f:a7:51:84:a8:f7:
f1:04:b7:e0:8d:34:31:82:a2:43:b9:5f:a8:aa:c4:
47:07:2d:44:20:d5:0a:8b:bb:26:8f:39:a5:65:b3:
4c:88:10:c8:ff:5a:d0:d4:d7:f3:eb:84:21:e7:2e:
3c:bb:7c:d9:37:d2:31:0c:85:ec:f7:84:65:1a:9d:
4f:84:ee:d5:cf:bb:5a:ba:9f:b1:df:30:86:a2:ae:
2b:23:6b:f5:8f:c1:d9:61:43:d8:0d:39:99:a6:a5:
94:23:b3:1f:88:e3:cc:2e:a5:58:58:0e:1f:88:1a:
6e:d2:aa:0e:ab:ca:ea:eb:59:8f:85:3d:f7:62:b2:
6e:ee:ca:50:30:d6:ab:ae:6c:3f:9f:a7:20:45:85:
34:04:08:20:ac:e6:92:64:91:8a:fc:96:db:5d:3e:
a3:41:d3:98:87:3d:82:40:5c:6e:44:e0:64:8b:4e:
16:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:00:03:34:38:6A:5C:9A:C1:6F:38:59:84:25:60:5B:CB:B0:35:B6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ewADNDhqXJrBbzhZhCVgW8uwNbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.230.0/24
83.219.97.0/24
87.121.221.0/24
141.98.6.0/24
176.125.254.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
24:f4:ec:d0:aa:0f:44:ca:ad:fe:99:8b:0f:63:7b:53:b3:ab:
93:8d:bb:b6:36:cb:60:d8:2c:bc:e0:cd:c6:dd:ee:d3:36:3b:
b9:fe:57:52:82:2e:5e:d4:dd:33:dc:87:b6:5e:89:44:8e:e7:
4e:26:32:b8:17:3a:c2:b9:66:7b:6b:13:27:ce:00:1b:03:e4:
b3:63:1d:87:8c:dd:66:2e:8a:f5:21:0e:88:bc:ab:89:b7:68:
22:3f:34:3e:69:c0:fd:54:bd:c6:47:ed:5a:43:61:82:77:37:
ce:3f:00:ef:f4:0c:3c:12:37:53:76:44:a1:5d:d0:2e:bf:f0:
c5:5a:42:9e:cd:ce:17:f4:8f:b0:b8:94:c6:9b:9a:49:14:d5:
a6:5e:c2:ab:a6:ff:71:a3:ca:f0:9c:91:c0:ec:f1:33:f1:67:
8e:1b:35:16:97:f3:4a:72:53:34:e1:0f:be:0a:66:8d:1b:f4:
f3:ec:cc:7e:69:23:44:86:08:26:c1:68:f7:86:fa:0c:1f:88:
9e:0d:90:6c:19:06:11:d7:6f:ab:50:60:9f:38:33:23:95:4c:
b6:61:c8:34:0b:0a:12:73:83:3c:4b:44:32:0d:30:78:39:3a:
bc:e8:28:64:eb:d5:34:e8:aa:31:91:6b:52:c8:aa:31:64:a5:
a5:b1:27:c0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZSSyNBY1A7GD/0JV1B9okCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTIzMTA1MDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjAwMDMzNDM4NmE1YzlhYzE2ZjM4NTk4NDI1NjA1YmNiYjAzNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh1bh8BUXtoXEyuxSE7FRcElqSQt
cMO3ReY9jj/qvzl5H9S+5Ml+UX/OqkuATeq5AxIIHxAKLL+u03WC9E1x4Ac1SDih
2D64e8LZA2ZcyVkf+ow/p1GEqPfxBLfgjTQxgqJDuV+oqsRHBy1EINUKi7smjzml
ZbNMiBDI/1rQ1Nfz64Qh5y48u3zZN9IxDIXs94RlGp1PhO7Vz7taup+x3zCGoq4r
I2v1j8HZYUPYDTmZpqWUI7MfiOPMLqVYWA4fiBpu0qoOq8rq61mPhT33YrJu7spQ
MNarrmw/n6cgRYU0BAggrOaSZJGK/JbbXT6jQdOYhz2CQFxuROBki04WgQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHsAAzQ4alyawW84WYQlYFvLsDW2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZXdBRE5EaHFYSnJCYnpoWmhDVmdXOHV3TmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALULmAwQA
U9thAwQAV3ndAwQAjWIGAwQAsH3+AwQAwjD6MA0GCSqGSIb3DQEBCwUAA4IBAQAk
9OzQqg9Eyq3+mYsPY3tTs6uTjbu2Nstg2Cy84M3G3e7TNju5/ldSgi5e1N0z3Ie2
XolEjudOJjK4FzrCuWZ7axMnzgAbA+SzYx2HjN1mLor1IQ6IvKuJt2giPzQ+acD9
VL3GR+1aQ2GCdzfOPwDv9Aw8EjdTdkShXdAuv/DFWkKezc4X9I+wuJTGm5pJFNWm
XsKrpv9xo8rwnJHA7PEz8WeOGzUWl/NKclM04Q++CmaNG/Tz7Mx+aSNEhggmwWj3
hvoMH4ieDZBsGQYR12+rUGCfODMjlUy2Ycg0CwoSc4M8S0QyDTB4OTq86Chk69U0
6KoxkWtSyKoxZKWlsSfA
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:18:14 2025 by rpki-client