Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/eEUzbsMqcuUIxKhlpYWtDrdxQmg.roa
File: eEUzbsMqcuUIxKhlpYWtDrdxQmg.roa (raw, json)
Hash identifier: b1LHMYZlMJZ1HbW99AJXSMe+1scSA0vocz8WZd8khyw=
Subject key identifier: 78:45:33:6E:C3:2A:72:E5:08:C4:A8:65:A5:85:AD:0E:B7:71:42:68
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018F5A5B30E94C76EAF1BCD844C8C23E2AF3
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/eEUzbsMqcuUIxKhlpYWtDrdxQmg.roa
Signing time: Wed 08 May 2024 22:37:56 +0000
ROA not before: Wed 08 May 2024 22:37:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208258
IP address blocks: 45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
195.88.226.0/24 maxlen: 24
195.88.227.0/24 maxlen: 24
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Jul 2024 08:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5a:5b:30:e9:4c:76:ea:f1:bc:d8:44:c8:c2:3e:2a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 8 22:37:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7845336ec32a72e508c4a865a585ad0eb7714268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5b:16:b4:17:2a:c7:86:94:eb:45:4e:cc:97:
c5:02:1b:4e:c5:e7:ba:69:57:70:ac:bc:99:05:c4:
19:86:36:a8:1d:78:7e:e1:c8:e2:1e:7f:ed:8f:d6:
3b:18:92:5d:d1:4c:f1:3a:22:06:ad:76:c2:c8:5e:
7e:09:15:b7:63:8f:9c:2e:b9:11:5a:d0:f5:2c:c3:
e6:6d:4e:f3:41:71:8c:d6:36:2a:18:51:86:ef:eb:
76:96:27:d7:5b:db:02:ff:eb:4f:14:f7:31:0a:72:
12:83:5e:36:64:7d:f9:c7:7c:9d:1c:c0:fe:5b:69:
09:9a:14:1e:c3:d2:0b:72:11:63:2b:43:24:0b:18:
09:c2:6d:40:87:ab:6b:65:d1:7c:18:62:9a:2f:6d:
c8:7a:03:77:42:1c:4b:71:41:f1:13:e2:63:44:80:
9d:61:63:6b:7f:c2:89:60:50:c2:9f:25:24:6e:c5:
65:94:06:c3:63:e4:ee:32:fa:8f:f3:62:8a:cb:3f:
ec:fe:ff:a9:38:50:a4:27:88:e4:0e:c8:2d:13:4c:
a1:59:2b:0b:12:f9:3e:00:4d:b5:9c:58:30:9d:4e:
ce:ac:51:8a:a1:70:a2:f1:26:d5:54:00:c9:f2:53:
88:5d:6d:bb:fe:13:7e:bb:3c:bd:5e:1d:0e:82:cd:
1c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:45:33:6E:C3:2A:72:E5:08:C4:A8:65:A5:85:AD:0E:B7:71:42:68
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/eEUzbsMqcuUIxKhlpYWtDrdxQmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
195.88.226.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
72:7f:cd:a5:24:a4:54:6d:99:81:f1:72:30:89:eb:bf:f7:cc:
b0:43:e0:8e:a2:b7:2f:6f:b4:f6:a8:c5:36:95:85:f7:ab:a6:
a7:49:10:e0:1a:41:f6:21:c2:2f:18:fd:00:18:37:8a:d6:9c:
2f:22:7e:ab:ac:c6:6f:05:c5:94:4f:74:c8:1f:ce:ba:8a:70:
ee:9c:61:80:3f:7e:f1:21:ac:e7:49:a2:8c:0f:14:0e:be:37:
8e:69:d0:39:3a:43:4f:e7:ae:f8:60:7b:46:87:d9:e7:f5:48:
e0:09:59:36:91:87:ab:37:4c:92:41:a9:27:f0:a0:a7:82:8d:
cd:5a:d8:bf:0f:44:d9:b0:1b:fa:ae:de:33:ff:27:24:d4:ea:
35:f3:1b:a8:05:fa:35:67:1b:84:94:55:00:f9:c6:5e:57:0f:
ab:a5:85:fa:ca:6e:cc:00:98:85:03:db:93:d0:67:50:5d:50:
2e:6b:99:6e:e2:d5:dd:4a:6e:80:da:0d:45:e3:85:78:d3:b2:
ef:8c:64:89:eb:a7:8a:df:10:34:d3:ed:02:f4:98:67:47:ca:
75:a3:0a:6f:10:58:07:1f:72:53:65:af:33:b4:56:ba:d9:f4:
96:f5:35:42:23:28:c3:12:73:54:e5:1e:44:0f:54:f0:40:c5:
e7:80:1d:9a
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY9aWzDpTHbq8bzYRMjCPirzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNTA4MjIzNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODQ1MzM2ZWMzMmE3MmU1MDhjNGE4NjVhNTg1YWQwZWI3NzE0MjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlsWtBcqx4aU60VOzJfFAhtOxee6
aVdwrLyZBcQZhjaoHXh+4cjiHn/tj9Y7GJJd0UzxOiIGrXbCyF5+CRW3Y4+cLrkR
WtD1LMPmbU7zQXGM1jYqGFGG7+t2lifXW9sC/+tPFPcxCnISg142ZH35x3ydHMD+
W2kJmhQew9ILchFjK0MkCxgJwm1Ah6trZdF8GGKaL23IegN3QhxLcUHxE+JjRICd
YWNrf8KJYFDCnyUkbsVllAbDY+TuMvqP82KKyz/s/v+pOFCkJ4jkDsgtE0yhWSsL
Evk+AE21nFgwnU7OrFGKoXCi8SbVVADJ8lOIXW27/hN+uzy9Xh0Ogs0ceQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFHhFM27DKnLlCMSoZaWFrQ63cUJoMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvZUVVemJzTXFjdVVJeEtobHBZV3REcmR4UW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jBMBAIAATBGMAwDBAIt
kPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEArnQ0AMEALnjUgMEALnkUwMEAbnzcAME
AMKSMAMEAcMaBgMEAcNY4jCBgQQCAAIwewMHACoLPEAAAQMHACoLPEAACTASAwcA
Kgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxAABADBwEqCzxAACADBwAq
CzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoOVUAAEAMHACoOVUAAEgMHACoO
VUABADANBgkqhkiG9w0BAQsFAAOCAQEAcn/NpSSkVG2ZgfFyMInrv/fMsEPgjqK3
L2+09qjFNpWF96ump0kQ4BpB9iHCLxj9ABg3itacLyJ+q6zGbwXFlE90yB/Ouopw
7pxhgD9+8SGs50mijA8UDr43jmnQOTpDT+eu+GB7RofZ5/VI4AlZNpGHqzdMkkGp
J/Cgp4KNzVrYvw9E2bAb+q7eM/8nJNTqNfMbqAX6NWcbhJRVAPnGXlcPq6WF+spu
zACYhQPbk9BnUF1QLmuZbuLV3UpugNoNReOFeNOy74xkieunit8QNNPtAvSYZ0fK
daMKbxBYBx9yU2WvM7RWutn0lvU1QiMowxJzVOUeRA9U8EDF54Admg==
-----END CERTIFICATE-----
Generated at Wed Jul 24 09:38:43 2024 by rpki-client on console-fra.rpki-client.org