Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/EGrATU_CmOxrSwa5CnDfBCMfepE.roa
File: EGrATU_CmOxrSwa5CnDfBCMfepE.roa (raw, json)
Hash identifier: mdAqePffyGgF7OaJhKVpG0rbpVD+jQQRvTp7G6PFdfc=
Subject key identifier: 10:6A:C0:4D:4F:C2:98:EC:6B:4B:06:B9:0A:70:DF:04:23:1F:7A:91
Certificate issuer: /CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Certificate serial: 018570DE71A6EFB8E17D5394FA24D57588E1
Authority key identifier: 9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/EGrATU_CmOxrSwa5CnDfBCMfepE.roa
Signing time: Mon 02 Jan 2023 05:05:04 +0000
ROA not before: Mon 02 Jan 2023 05:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39761
IP address blocks: 45.14.156.0/22 maxlen: 22
45.87.12.0/22 maxlen: 22
84.246.160.0/21 maxlen: 24
81.90.240.0/20 maxlen: 24
45.83.212.0/22 maxlen: 22
45.11.132.0/22 maxlen: 22
2a0e:6d00::/29 maxlen: 29
2a00:1268::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:71:a6:ef:b8:e1:7d:53:94:fa:24:d5:75:88:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Validity
Not Before: Jan 2 05:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=106ac04d4fc298ec6b4b06b90a70df04231f7a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:65:40:71:d1:80:bf:ee:68:6f:66:81:55:9e:
63:4c:27:29:59:aa:3d:81:3f:9c:5b:99:35:5a:28:
77:84:30:61:f2:1f:1e:0a:0e:8a:8b:fb:4c:38:b5:
59:d0:d2:dc:f7:da:19:7d:09:f8:bd:70:11:4a:91:
29:08:42:9b:aa:35:3b:14:f0:e6:3f:f4:31:a1:a0:
04:66:a0:17:14:32:b6:f9:e0:44:18:c4:c6:c9:03:
03:a9:eb:51:c4:e7:f3:98:62:8c:ff:5b:cf:78:75:
49:0e:b9:08:76:a4:b8:1a:80:ee:08:63:73:c6:f8:
1d:cc:71:37:fb:6e:30:78:80:ce:1e:00:a5:a3:5b:
13:b5:6a:cf:9f:77:b6:8c:6e:66:37:2d:d3:9a:b4:
ec:d9:02:c1:ed:cd:85:c3:61:cc:dc:50:e2:aa:4a:
ae:36:16:a7:d4:00:73:b2:32:ab:58:71:6a:3f:10:
97:fb:df:c0:88:b9:28:cb:1f:99:60:8d:33:84:4d:
17:1b:63:1b:2b:12:7e:c6:98:ee:ba:e9:14:d2:9a:
5a:b3:61:70:d7:8b:2c:ff:e9:a3:2a:9d:88:c4:b4:
ab:56:82:72:47:7b:e1:a7:fa:95:7f:36:c1:be:ba:
02:ee:c0:76:d7:2c:ce:3d:56:c0:a2:f3:0b:57:9c:
98:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:6A:C0:4D:4F:C2:98:EC:6B:4B:06:B9:0A:70:DF:04:23:1F:7A:91
X509v3 Authority Key Identifier:
keyid:9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/EGrATU_CmOxrSwa5CnDfBCMfepE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/m5hvxkb9oM8UXhDZP-GxDrDe5iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.132.0/22
45.14.156.0/22
45.83.212.0/22
45.87.12.0/22
81.90.240.0/20
84.246.160.0/21
IPv6:
2a00:1268::/32
2a0e:6d00::/29
Signature Algorithm: sha256WithRSAEncryption
ae:82:ea:20:20:3f:a7:5b:50:22:ed:6f:39:db:36:14:04:5f:
28:dd:57:e8:e8:4c:95:8e:da:b4:2a:f3:66:c1:d2:7f:45:f9:
18:d2:77:0b:d2:b9:2b:10:d5:80:8f:6d:2d:72:b1:c1:0d:89:
59:f2:bc:bf:45:38:2b:be:9a:fd:3c:3f:21:cf:3e:53:cd:9b:
01:97:89:2d:0f:da:66:55:30:1e:b7:bf:7e:04:97:14:77:eb:
d9:70:0e:3e:6a:d8:a8:31:eb:a9:76:de:44:7d:ec:a0:1e:af:
5e:b1:f2:58:e7:d0:5d:85:9f:a3:25:02:84:b3:f9:aa:12:5c:
ba:c4:61:0e:08:f5:90:80:ee:1d:c6:89:3a:5c:3c:3c:93:0b:
b6:d4:0a:45:2c:7e:46:74:e7:13:3b:12:44:53:30:0a:47:b5:
c6:4c:5f:f2:5b:7e:28:02:ca:25:b5:fa:2b:4f:f8:c1:bc:31:
44:61:16:f3:8a:3a:31:8b:c5:65:4d:6b:36:1e:73:d1:38:be:
5e:d3:65:94:3f:85:03:a5:e3:43:b9:55:b3:c5:a7:c1:5d:ae:
32:03:5f:ec:6c:1f:2c:b0:5a:08:75:dc:86:31:75:47:0d:07:
10:9a:e9:6f:f4:81:0d:14:c7:10:51:b6:98:84:ac:29:e1:26:
4e:80:43:0d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYVw3nGm77jhfVOU+iTVdYjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTg2ZmM2NDZmZGEwY2YxNDVlMTBkOTNmZTFiMTBlYjBk
ZWU2MjUwHhcNMjMwMTAyMDUwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDZhYzA0ZDRmYzI5OGVjNmI0YjA2YjkwYTcwZGYwNDIzMWY3YTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2VAcdGAv+5ob2aBVZ5jTCcpWao9
gT+cW5k1Wih3hDBh8h8eCg6Ki/tMOLVZ0NLc99oZfQn4vXARSpEpCEKbqjU7FPDm
P/QxoaAEZqAXFDK2+eBEGMTGyQMDqetRxOfzmGKM/1vPeHVJDrkIdqS4GoDuCGNz
xvgdzHE3+24weIDOHgClo1sTtWrPn3e2jG5mNy3TmrTs2QLB7c2Fw2HM3FDiqkqu
Nhan1ABzsjKrWHFqPxCX+9/AiLkoyx+ZYI0zhE0XG2MbKxJ+xpjuuukU0ppas2Fw
14ss/+mjKp2IxLSrVoJyR3vhp/qVfzbBvroC7sB21yzOPVbAovMLV5yYQQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFBBqwE1Pwpjsa0sGuQpw3wQjH3qRMB8GA1UdIwQY
MBaAFJuYb8ZG/aDPFF4Q2T/hsQ6w3uYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVodnhrYjlvTThVWGhEWlAtR3hEckRlNWlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8zNGJiNzctYzg0Ny00MTExLTk2ZjMt
YmRkNWNjNDQwMzk2LzEvRUdyQVRVX0NtT3hyU3dhNUNuRGZCQ01mZXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8zNGJiNzctYzg0Ny00MTExLTk2ZjMtYmRkNWNjNDQwMzk2
LzEvbTVodnhrYjlvTThVWGhEWlAtR3hEckRlNWlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLQuEAwQC
LQ6cAwQCLVPUAwQCLVcMAwQEUVrwAwQDVPagMBQEAgACMA4DBQAqABJoAwUDKg5t
ADANBgkqhkiG9w0BAQsFAAOCAQEAroLqICA/p1tQIu1vOds2FARfKN1X6OhMlY7a
tCrzZsHSf0X5GNJ3C9K5KxDVgI9tLXKxwQ2JWfK8v0U4K76a/Tw/Ic8+U82bAZeJ
LQ/aZlUwHre/fgSXFHfr2XAOPmrYqDHrqXbeRH3soB6vXrHyWOfQXYWfoyUChLP5
qhJcusRhDgj1kIDuHcaJOlw8PJMLttQKRSx+RnTnEzsSRFMwCke1xkxf8lt+KALK
JbX6K0/4wbwxRGEW84o6MYvFZU1rNh5z0Ti+XtNllD+FA6XjQ7lVs8WnwV2uMgNf
7GwfLLBaCHXchjF1Rw0HEJrpb/SBDRTHEFG2mISsKeEmToBDDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:20 2024 by rpki-client on console-fra.rpki-client.org