Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/M0EJhiUXfV17gzKRj975QACwb6k.roa
File: M0EJhiUXfV17gzKRj975QACwb6k.roa (raw, json)
Hash identifier: 1Ib6CUQ9tN4m0xYtbJdBzFyjQGXvbKjnSiTzW0oUSZ8=
Subject key identifier: 33:41:09:86:25:17:7D:5D:7B:83:32:91:8F:DE:F9:40:00:B0:6F:A9
Certificate issuer: /CN=348cf9779a92efe97543b22a347b81c2eaa5bbfa
Certificate serial: 0192DE3A154BFD773BEAD2A285759D399E12
Authority key identifier: 34:8C:F9:77:9A:92:EF:E9:75:43:B2:2A:34:7B:81:C2:EA:A5:BB:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/M0EJhiUXfV17gzKRj975QACwb6k.roa
Signing time: Wed 30 Oct 2024 16:20:01 +0000
ROA not before: Wed 30 Oct 2024 16:20:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199752
IP address blocks: 45.113.236.0/24 maxlen: 24
185.36.132.0/22 maxlen: 22
185.187.108.0/22 maxlen: 22
185.239.171.0/24 maxlen: 24
2a00:ef20::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:55:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:de:3a:15:4b:fd:77:3b:ea:d2:a2:85:75:9d:39:9e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=348cf9779a92efe97543b22a347b81c2eaa5bbfa
Validity
Not Before: Oct 30 16:20:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3341098625177d5d7b8332918fdef94000b06fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:22:1e:60:7c:be:51:13:50:af:46:96:a3:2b:
98:2e:19:d2:8a:15:8a:f5:76:bb:57:ff:a0:e9:9d:
ac:3f:7c:25:2b:11:cd:08:6c:69:16:4d:3a:53:a6:
c3:93:2e:39:25:8a:39:72:67:4e:38:cd:4e:40:c4:
0a:12:36:ca:28:42:b0:fb:4e:33:85:1d:56:b9:b0:
7f:2f:39:14:94:47:1b:7f:b4:a1:10:77:89:97:49:
85:96:d1:6d:5a:8c:bc:e6:9d:35:de:d7:93:5c:8d:
53:02:bb:cd:71:71:ca:95:9d:2d:4e:76:01:3c:61:
31:af:03:6c:c1:33:a3:bf:c8:88:c2:dc:3c:1f:d1:
d6:93:98:0a:0b:6f:1d:a8:fe:8d:43:65:d1:2f:ea:
d6:0b:07:d0:ac:72:ad:84:1c:60:70:51:72:13:c8:
8e:6b:c8:fb:ab:fa:ef:71:cd:43:7d:35:ec:27:44:
9e:b5:ed:d0:a7:e1:51:fc:f0:e9:20:73:4e:e2:2c:
dd:51:fd:93:03:ab:12:da:df:cf:1a:a4:70:11:c7:
f6:bf:cb:a6:90:aa:b2:ad:a6:47:c0:13:6a:f5:1a:
5a:21:56:a0:a6:58:4d:82:75:00:9e:ed:fb:8c:af:
34:4b:16:e3:5c:76:f1:99:63:08:3b:ba:81:77:0a:
5f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:41:09:86:25:17:7D:5D:7B:83:32:91:8F:DE:F9:40:00:B0:6F:A9
X509v3 Authority Key Identifier:
keyid:34:8C:F9:77:9A:92:EF:E9:75:43:B2:2A:34:7B:81:C2:EA:A5:BB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/M0EJhiUXfV17gzKRj975QACwb6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.113.236.0/24
185.36.132.0/22
185.187.108.0/22
185.239.171.0/24
IPv6:
2a00:ef20::/29
Signature Algorithm: sha256WithRSAEncryption
8d:28:98:59:d7:99:cc:ea:96:2a:11:79:c6:d9:4a:ad:39:99:
a7:f1:6f:06:7f:b7:7e:7b:ef:34:83:74:c1:0a:52:3c:52:4f:
3f:1f:b1:2a:ce:78:2e:f0:e0:6b:53:3f:31:2e:3e:23:69:80:
e3:26:1f:f6:eb:ff:92:b5:3f:25:d0:fc:c0:82:66:2a:13:27:
d3:57:52:13:40:e6:10:f3:a2:58:da:70:e8:04:f5:e6:b0:28:
4f:fd:44:72:03:df:a9:42:f2:df:25:c8:74:ae:75:ce:46:5c:
94:5c:ad:88:fe:0c:1c:7e:37:2a:b2:88:80:6f:8a:0a:b2:cf:
90:a8:7f:dc:46:55:b7:d6:6e:8a:0f:c7:61:35:f8:2e:17:56:
47:d6:34:a0:c9:45:cc:4c:f7:e5:98:9b:8a:f0:5b:5e:44:17:
b1:dd:69:eb:40:b8:e3:db:39:08:20:02:be:23:fc:5d:06:e8:
a8:5f:2e:a2:29:ed:26:ca:99:87:2d:f2:ab:46:10:28:7f:c4:
17:29:88:80:5f:e1:25:c8:84:25:2a:d7:a5:ef:5b:a2:dd:f0:
14:fb:74:b0:8b:78:44:b0:22:46:8f:c1:22:fa:23:8a:58:f7:
fa:7b:f8:f6:5a:33:26:7e:f7:77:7a:e3:be:7f:8c:62:c0:8c:
2d:db:e8:72
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZLeOhVL/Xc76tKihXWdOZ4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OGNmOTc3OWE5MmVmZTk3NTQzYjIyYTM0N2I4MWMyZWFh
NWJiZmEwHhcNMjQxMDMwMTYyMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQxMDk4NjI1MTc3ZDVkN2I4MzMyOTE4ZmRlZjk0MDAwYjA2ZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiIeYHy+URNQr0aWoyuYLhnSihWK
9Xa7V/+g6Z2sP3wlKxHNCGxpFk06U6bDky45JYo5cmdOOM1OQMQKEjbKKEKw+04z
hR1WubB/LzkUlEcbf7ShEHeJl0mFltFtWoy85p013teTXI1TArvNcXHKlZ0tTnYB
PGExrwNswTOjv8iIwtw8H9HWk5gKC28dqP6NQ2XRL+rWCwfQrHKthBxgcFFyE8iO
a8j7q/rvcc1DfTXsJ0Sete3Qp+FR/PDpIHNO4izdUf2TA6sS2t/PGqRwEcf2v8um
kKqyraZHwBNq9RpaIVagplhNgnUAnu37jK80SxbjXHbxmWMIO7qBdwpf9wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDNBCYYlF31de4MykY/e+UAAsG+pMB8GA1UdIwQY
MBaAFDSM+Xeaku/pdUOyKjR7gcLqpbv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkl6NWQ1cVM3LWwxUTdJcU5IdUJ3dXFsdV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yOWNkNTgtODMyNy00MmJlLWI3Zjkt
Yzk4MTlhNDEwYTdhLzEvTTBFSmhpVVhmVjE3Z3pLUmo5NzVRQUN3YjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yOWNkNTgtODMyNy00MmJlLWI3ZjktYzk4MTlhNDEwYTdh
LzEvTkl6NWQ1cVM3LWwxUTdJcU5IdUJ3dXFsdV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALXHsAwQC
uSSEAwQCubtsAwQAue+rMA0EAgACMAcDBQMqAO8gMA0GCSqGSIb3DQEBCwUAA4IB
AQCNKJhZ15nM6pYqEXnG2UqtOZmn8W8Gf7d+e+80g3TBClI8Uk8/H7Eqzngu8OBr
Uz8xLj4jaYDjJh/26/+StT8l0PzAgmYqEyfTV1ITQOYQ86JY2nDoBPXmsChP/URy
A9+pQvLfJch0rnXORlyUXK2I/gwcfjcqsoiAb4oKss+QqH/cRlW31m6KD8dhNfgu
F1ZH1jSgyUXMTPflmJuK8FteRBex3WnrQLjj2zkIIAK+I/xdBuioXy6iKe0mypmH
LfKrRhAof8QXKYiAX+ElyIQlKtel71ui3fAU+3Swi3hEsCJGj8Ei+iOKWPf6e/j2
WjMmfvd3euO+f4xiwIwt2+hy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:01 2025 by rpki-client