Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/DfEisclF6t4TP4dLXlfJLrENpSA.roa
File: DfEisclF6t4TP4dLXlfJLrENpSA.roa (raw, json)
Hash identifier: rHi3jqu3Ll2bieQE6Ee3EdDLFVdeIwaoU15KBejKvgI=
Subject key identifier: 0D:F1:22:B1:C9:45:EA:DE:13:3F:87:4B:5E:57:C9:2E:B1:0D:A5:20
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 018DD57BC35796ED5EAAB3B7CF669382DB6A
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/DfEisclF6t4TP4dLXlfJLrENpSA.roa
Signing time: Fri 23 Feb 2024 10:21:14 +0000
ROA not before: Fri 23 Feb 2024 10:21:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 2.58.76.0/22 maxlen: 32
5.44.248.0/24 maxlen: 32
45.67.4.0/22 maxlen: 32
46.16.32.0/24 maxlen: 32
46.254.105.0/24 maxlen: 32
80.73.243.0/24 maxlen: 32
87.236.144.0/24 maxlen: 32
92.119.168.0/22 maxlen: 32
93.157.108.0/24 maxlen: 32
137.59.4.0/22 maxlen: 32
146.255.187.0/24 maxlen: 32
178.212.226.0/24 maxlen: 32
185.72.240.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
Validation: Failed, certificate revoked on Fri 17 May 2024 12:21:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:7b:c3:57:96:ed:5e:aa:b3:b7:cf:66:93:82:db:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Feb 23 10:21:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0df122b1c945eade133f874b5e57c92eb10da520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c8:68:bb:47:83:68:b1:4c:0a:13:fe:95:28:
e8:1c:c9:0b:53:3b:55:7a:0e:c9:5a:a8:d6:37:4c:
4c:88:f4:3b:12:c6:e6:fb:a7:b5:e6:a4:e2:73:ad:
35:09:9c:4a:65:88:76:45:a7:bc:69:16:cb:ac:a9:
9e:3c:c0:38:05:b1:5e:eb:df:76:08:70:a3:03:f3:
bc:7d:5c:16:90:a2:eb:29:c4:79:7a:ea:50:53:f9:
aa:c6:08:18:c5:cc:6b:63:2f:79:55:ec:6e:76:86:
6e:ac:e0:08:ec:ae:e3:18:2e:d5:9f:a1:33:50:02:
78:20:f2:ce:05:d6:39:40:4a:91:9a:6a:ef:50:c4:
84:af:f0:af:cd:63:fc:1e:ec:73:81:15:df:87:49:
9a:41:12:b6:b7:10:52:ea:d2:7a:3d:37:da:59:94:
77:d4:da:ad:a9:cf:a1:8b:54:36:bd:80:35:13:b2:
23:af:cd:40:58:2e:2a:c3:d2:31:b2:c5:a9:13:02:
d2:8d:64:16:07:0d:63:a7:30:c0:a2:78:16:5f:3a:
bf:07:60:55:53:33:7c:3a:eb:19:ad:c3:59:d6:03:
c6:88:b3:09:d0:13:05:82:f9:b3:3e:87:72:a2:77:
04:9f:87:8b:72:ae:8a:ea:2f:15:93:d1:87:83:90:
86:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F1:22:B1:C9:45:EA:DE:13:3F:87:4B:5E:57:C9:2E:B1:0D:A5:20
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/DfEisclF6t4TP4dLXlfJLrENpSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
5.44.248.0/24
45.67.4.0/22
46.16.32.0/24
46.254.105.0/24
80.73.243.0/24
87.236.144.0/24
92.119.168.0/22
93.157.108.0/24
137.59.4.0/22
146.255.187.0/24
178.212.226.0/24
185.72.240.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:3f:7e:49:c7:2f:b8:21:0d:65:0b:5e:ea:2a:d7:f7:43:06:
69:83:b2:96:cc:cb:6f:ad:b6:30:c0:fe:5f:39:0c:56:49:85:
7c:75:30:c4:ee:f5:1b:ad:20:da:37:30:02:f5:ba:a3:7e:a2:
3c:8c:1d:7d:57:90:fa:09:32:68:83:21:9b:ec:da:80:ec:25:
6f:2f:5c:6d:69:e7:84:fd:8e:2e:f4:b5:4d:2b:70:b4:c2:5f:
e9:12:73:a3:ab:38:7e:be:09:c4:80:0e:24:49:36:95:f4:98:
45:70:2b:fc:df:a4:b3:f2:d2:17:0a:80:7b:9a:78:ea:59:46:
48:46:fd:bb:fe:27:d3:83:fe:a3:78:56:da:1e:cf:ff:9d:c7:
83:b2:4e:67:f2:de:b3:b3:ee:02:d0:28:c2:6f:d3:6d:55:b6:
cf:d6:ff:37:25:8d:2f:1f:3c:6d:61:1d:a3:3d:c4:cb:8a:6d:
75:bd:72:1b:7c:3d:58:f6:56:f9:46:0a:a3:82:c1:cb:7b:a7:
cb:48:a6:44:c9:10:34:98:9b:be:e2:21:51:31:a5:33:93:f8:
80:e1:f5:68:0e:87:f2:a3:5e:55:34:87:a6:58:91:4c:64:2a:
fc:13:a8:97:d0:51:61:d7:65:12:a6:e3:26:f9:13:89:05:dd:
71:28:6b:17
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY3Ve8NXlu1eqrO3z2aTgttqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjQwMjIzMTAyMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGYxMjJiMWM5NDVlYWRlMTMzZjg3NGI1ZTU3YzkyZWIxMGRhNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoshou0eDaLFMChP+lSjoHMkLUztV
eg7JWqjWN0xMiPQ7Esbm+6e15qTic601CZxKZYh2Rae8aRbLrKmePMA4BbFe6992
CHCjA/O8fVwWkKLrKcR5eupQU/mqxggYxcxrYy95VexudoZurOAI7K7jGC7Vn6Ez
UAJ4IPLOBdY5QEqRmmrvUMSEr/CvzWP8HuxzgRXfh0maQRK2txBS6tJ6PTfaWZR3
1Nqtqc+hi1Q2vYA1E7Ijr81AWC4qw9IxssWpEwLSjWQWBw1jpzDAongWXzq/B2BV
UzN8OusZrcNZ1gPGiLMJ0BMFgvmzPodyoncEn4eLcq6K6i8Vk9GHg5CGhQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFA3xIrHJRereEz+HS15XyS6xDaUgMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvRGZFaXNjbEY2dDRUUDRkTFhsZkpMckVOcFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCAjpMAwQA
BSz4AwQCLUMEAwQALhAgAwQALv5pAwQAUEnzAwQAV+yQAwQCXHeoAwQAXZ1sAwQC
iTsEAwQAkv+7AwQAstTiAwQCuUjwAwQC1a08MA0GCSqGSIb3DQEBCwUAA4IBAQAf
P35Jxy+4IQ1lC17qKtf3QwZpg7KWzMtvrbYwwP5fOQxWSYV8dTDE7vUbrSDaNzAC
9bqjfqI8jB19V5D6CTJogyGb7NqA7CVvL1xtaeeE/Y4u9LVNK3C0wl/pEnOjqzh+
vgnEgA4kSTaV9JhFcCv836Sz8tIXCoB7mnjqWUZIRv27/ifTg/6jeFbaHs//nceD
sk5n8t6zs+4C0CjCb9NtVbbP1v83JY0vHzxtYR2jPcTLim11vXIbfD1Y9lb5Rgqj
gsHLe6fLSKZEyRA0mJu+4iFRMaUzk/iA4fVoDofyo15VNIemWJFMZCr8E6iX0FFh
12USpuMm+ROJBd1xKGsX
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:02:44 2025 by rpki-client