Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/e6o_xLFQsCOPY4MhEHluPkhlZ5k.roa
File: e6o_xLFQsCOPY4MhEHluPkhlZ5k.roa (raw, json)
Hash identifier: Wa+KC8md0R6xWShs978Q/q/DfYIo5nvbreV5h6Y2bLM=
Subject key identifier: 7B:AA:3F:C4:B1:50:B0:23:8F:63:83:21:10:79:6E:3E:48:65:67:99
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019422FBC6C6B1557503EE64780AFEFF8C9D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/e6o_xLFQsCOPY4MhEHluPkhlZ5k.roa
Signing time: Wed 01 Jan 2025 17:48:33 +0000
ROA not before: Wed 01 Jan 2025 17:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215124
IP address blocks: 45.88.139.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 20:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c6:c6:b1:55:75:03:ee:64:78:0a:fe:ff:8c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 1 17:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7baa3fc4b150b0238f63832110796e3e48656799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:91:5e:07:0e:38:03:80:6a:2b:60:a8:f1:97:
f3:25:1c:4c:be:ea:50:ff:02:59:33:24:f5:f2:f4:
75:e8:23:6b:30:c2:7d:ec:37:66:8c:56:90:72:01:
26:bc:2d:ae:46:0c:e4:84:4f:84:a9:fb:da:ad:25:
2a:5b:be:8f:ef:60:dc:a1:aa:f4:d2:6f:31:86:10:
df:58:84:c9:cd:4a:f7:ba:b9:f4:33:63:65:b2:0e:
3c:14:18:60:77:b2:09:ae:c1:b2:ea:81:35:c9:12:
a3:2f:ee:d5:d0:24:e6:7d:56:75:12:1b:2b:55:83:
59:d0:56:f6:e5:fb:3e:b0:c5:39:7c:ab:36:9f:6f:
80:0c:56:4c:0c:9a:00:38:6e:21:a6:83:d8:4f:79:
03:e2:b5:7d:8f:7e:3c:9d:ae:2a:09:11:75:4d:65:
1a:6f:e9:87:74:be:68:a7:4f:d5:16:eb:b4:2c:cc:
84:22:f5:a3:29:90:c5:5c:49:35:8f:18:4b:6c:5c:
48:07:07:6a:9d:8d:26:24:78:ad:c8:8e:ee:a0:a2:
ef:3d:1f:57:e7:29:91:d4:76:3b:21:8b:ac:35:dc:
d1:75:a4:03:33:d2:04:f0:71:14:81:d5:59:84:0c:
50:90:20:61:1f:8e:35:06:d6:38:0c:b0:a0:48:74:
60:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:AA:3F:C4:B1:50:B0:23:8F:63:83:21:10:79:6E:3E:48:65:67:99
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/e6o_xLFQsCOPY4MhEHluPkhlZ5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.139.0/24
85.209.120.0/24
Signature Algorithm: sha256WithRSAEncryption
25:61:6d:74:17:a6:1b:22:09:fa:b4:5b:55:f3:f8:c3:2f:8b:
59:af:7b:fc:e3:aa:5a:96:d3:c1:48:31:24:06:1f:04:13:5a:
28:62:20:eb:b7:df:e8:6a:a4:3f:a7:14:63:7a:bf:ad:0e:e9:
30:d0:2c:ad:f4:c8:8f:b7:b7:14:1c:2b:de:17:2c:ea:19:a4:
0c:e9:9c:b0:89:9b:fd:43:6f:dd:fc:e8:79:15:57:49:d4:d1:
22:da:7f:20:a1:6d:15:66:67:7f:29:cf:f6:3e:86:a6:b4:fd:
1e:77:e9:18:0a:45:c9:31:5e:cf:29:9e:c0:70:a0:27:02:0f:
ac:cb:b8:c9:cd:3d:d4:1f:06:b0:a8:f7:f7:cb:c8:30:7e:5b:
6a:d0:ba:7b:5e:92:43:f5:4e:96:c7:12:55:33:bb:c5:00:d7:
b3:f4:ee:fd:b7:38:9d:11:c6:10:66:81:58:d3:4d:df:09:10:
bd:4b:10:ae:29:f3:9d:db:92:c5:dd:5e:ac:0d:c1:30:f0:b7:
f6:20:27:9c:9d:e6:de:70:b6:d6:ef:b8:93:c7:2c:7c:33:8c:
54:73:8a:c0:e4:46:74:f6:8c:24:cf:4d:9e:c0:dd:c5:67:47:
db:5a:78:17:79:d3:d2:85:65:e6:61:84:be:3a:15:7d:ef:29:
8d:90:7c:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+8bGsVV1A+5keAr+/4ydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTAxMTc0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmFhM2ZjNGIxNTBiMDIzOGY2MzgzMjExMDc5NmUzZTQ4NjU2Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JFeBw44A4BqK2Co8ZfzJRxMvupQ
/wJZMyT18vR16CNrMMJ97DdmjFaQcgEmvC2uRgzkhE+EqfvarSUqW76P72Dcoar0
0m8xhhDfWITJzUr3urn0M2Nlsg48FBhgd7IJrsGy6oE1yRKjL+7V0CTmfVZ1Ehsr
VYNZ0Fb25fs+sMU5fKs2n2+ADFZMDJoAOG4hpoPYT3kD4rV9j348na4qCRF1TWUa
b+mHdL5op0/VFuu0LMyEIvWjKZDFXEk1jxhLbFxIBwdqnY0mJHityI7uoKLvPR9X
5ymR1HY7IYusNdzRdaQDM9IE8HEUgdVZhAxQkCBhH441BtY4DLCgSHRgUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHuqP8SxULAjj2ODIRB5bj5IZWeZMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZTZvX3hMRlFzQ09QWTRNaEVIbHVQa2hsWjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALViLAwQA
VdF4MA0GCSqGSIb3DQEBCwUAA4IBAQAlYW10F6YbIgn6tFtV8/jDL4tZr3v846pa
ltPBSDEkBh8EE1ooYiDrt9/oaqQ/pxRjer+tDukw0Cyt9MiPt7cUHCveFyzqGaQM
6ZywiZv9Q2/d/Oh5FVdJ1NEi2n8goW0VZmd/Kc/2PoamtP0ed+kYCkXJMV7PKZ7A
cKAnAg+sy7jJzT3UHwawqPf3y8gwfltq0Lp7XpJD9U6WxxJVM7vFANez9O79tzid
EcYQZoFY003fCRC9SxCuKfOd25LF3V6sDcEw8Lf2ICecnebecLbW77iTxyx8M4xU
c4rA5EZ09owkz02ewN3FZ0fbWngXedPShWXmYYS+OhV97ymNkHwK
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:04:56 2025 by rpki-client