Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/eN1G1irlZjAmp_vPCr_eL5Uot9k.roa
File: eN1G1irlZjAmp_vPCr_eL5Uot9k.roa (raw, json)
Hash identifier: b2ffjYxK9nGeiEjs8nMql7VRzsenZE3xvVVpJQF7M7k=
Subject key identifier: 78:DD:46:D6:2A:E5:66:30:26:A7:FB:CF:0A:BF:DE:2F:95:28:B7:D9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01942CAD8EF9EF9E6AAA5CCB1D632A749C38
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/eN1G1irlZjAmp_vPCr_eL5Uot9k.roa
Signing time: Fri 03 Jan 2025 14:59:19 +0000
ROA not before: Fri 03 Jan 2025 14:59:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197549
IP address blocks: 5.231.254.0/24 maxlen: 24
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.249.218.0/23 maxlen: 32
94.249.222.0/23 maxlen: 32
217.69.175.0/24 maxlen: 32
Validation: Failed, certificate revoked on Sun 05 Jan 2025 09:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2c:ad:8e:f9:ef:9e:6a:aa:5c:cb:1d:63:2a:74:9c:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 3 14:59:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78dd46d62ae5663026a7fbcf0abfde2f9528b7d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:77:17:39:76:3a:49:c6:b6:0b:e7:2e:58:7f:
46:ce:70:ef:31:5c:9c:a4:2e:a2:48:0b:bf:bd:a7:
88:9c:3b:95:4d:5f:2c:5c:6b:78:7c:78:26:fd:55:
3e:7b:03:25:d6:42:b3:76:ca:9c:bc:c9:d2:9f:b7:
a7:8a:ff:99:59:b4:12:bc:dd:78:fb:69:33:c2:b9:
1e:ee:08:74:7f:28:42:87:e7:79:61:25:6d:42:52:
c8:29:4c:cd:53:39:f6:48:9d:ab:bd:00:7d:23:1e:
9a:c8:54:81:f2:cf:68:ec:a4:5b:ab:d0:a5:fd:3f:
7e:72:e0:96:dc:c5:21:d3:8e:ab:06:97:4f:8d:16:
b0:39:c5:02:ef:0f:0b:5a:36:6c:61:c6:56:c1:f2:
f4:dc:0b:f6:7a:ad:0b:c5:2b:a7:88:ed:4b:af:35:
f4:c6:a0:cf:53:75:fb:1c:83:2f:fe:af:94:ec:ee:
18:6f:4c:af:a8:38:69:50:e5:7a:c7:a5:18:6e:26:
c6:cf:b5:ca:55:bc:13:62:15:84:17:ae:8f:eb:ca:
3e:04:f3:65:9d:85:0a:c0:23:3f:6c:23:3d:88:fe:
82:b7:7a:63:34:79:60:fb:d1:07:ce:63:78:bd:fa:
ab:15:7e:8b:66:92:24:5f:42:2f:d4:f8:7a:ad:0e:
56:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:DD:46:D6:2A:E5:66:30:26:A7:FB:CF:0A:BF:DE:2F:95:28:B7:D9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/eN1G1irlZjAmp_vPCr_eL5Uot9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.254.0/24
85.93.0.0/19
89.106.64.0/19
89.144.0.0/18
94.249.218.0/23
94.249.222.0/23
217.69.175.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:ad:e2:ed:d9:4d:c0:a8:50:63:33:3a:a2:f7:f7:5e:ea:0b:
4b:18:62:1e:db:dc:97:08:75:10:e4:03:40:10:f6:a5:58:4d:
d0:11:79:0a:d3:9b:43:64:e2:3f:b0:7a:92:72:79:4e:f0:ee:
eb:c7:82:59:39:b9:28:03:2f:ba:d8:f8:2c:49:41:b8:46:5d:
72:f6:b4:20:92:1c:7c:a4:5b:af:4a:92:c0:b3:a7:d3:96:13:
56:2c:bc:1d:d0:62:3f:3f:46:0b:f1:8f:fe:40:94:a4:ef:79:
10:ea:16:54:6d:a9:86:09:a2:96:a6:a4:34:7c:e8:aa:69:83:
72:1b:fc:94:4a:14:d8:27:5e:dd:90:a6:92:35:c3:ca:39:fa:
9d:4d:c2:ce:29:8d:aa:2b:20:0c:ef:f6:03:c7:95:ed:5f:fa:
6b:73:db:3e:1f:1f:ad:f6:41:3f:8a:ee:25:6d:c7:ec:44:25:
f1:5d:14:fa:09:19:eb:a5:49:15:10:b3:fa:32:dc:32:64:2b:
d4:1b:b1:6d:96:d6:9d:e7:e6:2d:42:90:e7:62:5b:58:8a:03:
8d:8f:be:65:13:06:ed:e9:b5:fc:a9:40:f6:37:67:88:9b:f5:
90:ed:6e:0d:e7:62:c6:ae:74:82:fd:b9:af:e3:66:24:57:f1:
34:aa:1a:a0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQsrY75755qqlzLHWMqdJw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTAzMTQ1OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGRkNDZkNjJhZTU2NjMwMjZhN2ZiY2YwYWJmZGUyZjk1MjhiN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63cXOXY6Sca2C+cuWH9GznDvMVyc
pC6iSAu/vaeInDuVTV8sXGt4fHgm/VU+ewMl1kKzdsqcvMnSn7eniv+ZWbQSvN14
+2kzwrke7gh0fyhCh+d5YSVtQlLIKUzNUzn2SJ2rvQB9Ix6ayFSB8s9o7KRbq9Cl
/T9+cuCW3MUh046rBpdPjRawOcUC7w8LWjZsYcZWwfL03Av2eq0LxSuniO1LrzX0
xqDPU3X7HIMv/q+U7O4Yb0yvqDhpUOV6x6UYbibGz7XKVbwTYhWEF66P68o+BPNl
nYUKwCM/bCM9iP6Ct3pjNHlg+9EHzmN4vfqrFX6LZpIkX0Iv1Ph6rQ5WiQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHjdRtYq5WYwJqf7zwq/3i+VKLfZMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZU4xRzFpcmxaakFtcF92UENyX2VMNVVvdDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABef+AwQF
VV0AAwQFWWpAAwQGWZAAAwQBXvnaAwQBXvneAwQA2UWvMA0GCSqGSIb3DQEBCwUA
A4IBAQCsreLt2U3AqFBjMzqi9/de6gtLGGIe29yXCHUQ5ANAEPalWE3QEXkK05tD
ZOI/sHqScnlO8O7rx4JZObkoAy+62PgsSUG4Rl1y9rQgkhx8pFuvSpLAs6fTlhNW
LLwd0GI/P0YL8Y/+QJSk73kQ6hZUbamGCaKWpqQ0fOiqaYNyG/yUShTYJ17dkKaS
NcPKOfqdTcLOKY2qKyAM7/YDx5XtX/prc9s+Hx+t9kE/iu4lbcfsRCXxXRT6CRnr
pUkVELP6MtwyZCvUG7Ftltad5+YtQpDnYltYigONj75lEwbt6bX8qUD2N2eIm/WQ
7W4N52LGrnSC/bmv42YkV/E0qhqg
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:34:25 2025 by rpki-client