Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/ejslSVBUEdkAoliB2AUH71CzU-Q.roa
File: ejslSVBUEdkAoliB2AUH71CzU-Q.roa (raw, json)
Hash identifier: fx/OvivsntilNa+acQdbqZtY9YZloju9eNn6sZOeqnU=
Subject key identifier: 7A:3B:25:49:50:54:11:D9:00:A2:58:81:D8:05:07:EF:50:B3:53:E4
Certificate issuer: /CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Certificate serial: 01923263B732551DE88701E02923E42A3704
Authority key identifier: 39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/ejslSVBUEdkAoliB2AUH71CzU-Q.roa
Signing time: Fri 27 Sep 2024 07:30:48 +0000
ROA not before: Fri 27 Sep 2024 07:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34285
IP address blocks: 185.197.244.0/22 maxlen: 22
217.12.16.0/24 maxlen: 24
217.12.17.0/24 maxlen: 24
217.12.18.0/24 maxlen: 24
217.12.20.0/22 maxlen: 22
217.12.20.0/23 maxlen: 23
217.12.22.0/23 maxlen: 23
217.12.24.0/22 maxlen: 22
217.12.24.0/24 maxlen: 24
217.12.25.0/24 maxlen: 24
217.12.26.0/24 maxlen: 24
217.12.27.0/24 maxlen: 24
217.12.28.0/22 maxlen: 22
217.12.28.0/24 maxlen: 24
217.12.29.0/24 maxlen: 24
217.12.30.0/24 maxlen: 24
217.12.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 13:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:32:63:b7:32:55:1d:e8:87:01:e0:29:23:e4:2a:37:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Validity
Not Before: Sep 27 07:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a3b2549505411d900a25881d80507ef50b353e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b0:65:62:49:fd:0b:99:6b:0b:a0:44:4c:5a:
9c:54:40:79:cf:58:c8:8a:bb:7e:d4:3a:15:e6:31:
ee:13:6f:ed:05:64:52:2d:34:7a:bb:cd:ca:48:c0:
55:6e:2c:e7:2a:0e:b2:3c:16:0b:a5:7c:0a:de:cf:
1f:c9:26:be:a9:56:8c:64:88:1b:2a:da:cc:e9:13:
63:6f:4a:b2:dc:44:73:da:07:cf:83:5e:81:d2:9c:
31:05:23:df:78:09:3e:1b:48:ee:16:1a:58:e7:1f:
67:46:b5:db:e1:bb:38:d2:68:0f:5c:03:f0:a4:7e:
e5:9f:3f:57:19:04:ab:08:a5:9d:46:75:8e:38:54:
2f:35:62:0f:3e:52:57:29:60:68:09:6b:a9:aa:95:
08:ea:1d:0d:99:e3:38:87:fd:a2:1b:eb:dc:d0:ce:
3d:ef:03:cb:30:82:be:04:01:65:fd:13:17:07:ee:
bb:9a:94:5f:16:d2:09:49:1b:ce:55:24:9f:69:26:
d2:6d:18:31:b8:15:7d:26:f7:f0:37:7b:0b:c4:51:
e5:71:be:55:59:48:4f:9b:3c:32:18:48:db:9f:c7:
1d:c9:dd:77:aa:3d:68:70:01:53:ce:8c:47:fa:79:
28:3e:61:75:dc:c2:c1:17:7a:c9:fc:8e:8b:ce:a2:
37:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:3B:25:49:50:54:11:D9:00:A2:58:81:D8:05:07:EF:50:B3:53:E4
X509v3 Authority Key Identifier:
keyid:39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/ejslSVBUEdkAoliB2AUH71CzU-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.244.0/22
217.12.16.0-217.12.18.255
217.12.20.0-217.12.31.255
Signature Algorithm: sha256WithRSAEncryption
06:b6:2b:85:a5:c4:50:ec:53:47:ad:02:62:b5:f9:2c:05:c4:
92:98:da:05:4c:78:61:0b:1a:11:73:fb:82:24:f8:22:2d:9a:
21:92:32:38:ca:ee:bf:f3:c9:ca:00:bb:36:a3:37:9e:1b:6e:
98:f9:e5:13:33:ba:30:62:52:ca:29:69:66:de:df:67:44:25:
4e:97:fa:73:98:0d:6b:07:40:48:5c:7e:5a:5a:a2:5d:01:15:
ed:e7:b2:a9:a4:d3:f0:6a:1f:6a:2c:08:9b:dc:d0:86:8c:dc:
2e:d5:1a:bd:21:d9:cb:d4:e1:9b:08:b2:1b:0b:2b:da:a2:fa:
8a:7a:6c:f4:fc:4c:10:ac:7f:93:42:ba:a7:7d:ff:09:97:fc:
4e:d0:1b:44:9a:84:2a:23:c7:5f:27:95:5c:81:95:d5:e5:b4:
a4:9f:b3:f0:83:b4:ce:b5:0f:87:25:15:e0:e8:9d:4b:a8:bf:
4b:ad:00:ab:ee:dc:74:12:c3:83:67:cb:0f:c1:ea:c7:ca:bd:
c7:cd:aa:61:dd:7b:7e:6a:71:b3:21:75:2e:32:bd:b5:a0:62:
cc:7e:9e:a3:4d:6e:3f:ea:8e:a1:ea:0a:ed:9c:62:dc:28:27:
b2:f4:fd:f2:63:ca:4e:e4:f4:d2:eb:e7:57:9f:78:cc:df:95:
4a:9e:cd:e6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZIyY7cyVR3ohwHgKSPkKjcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzlmOTJiODI1Y2UxMTA5MDNjMzFkNTIyYjBmNTBjYWZk
NzRhNmYwHhcNMjQwOTI3MDczMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTNiMjU0OTUwNTQxMWQ5MDBhMjU4ODFkODA1MDdlZjUwYjM1M2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbBlYkn9C5lrC6BETFqcVEB5z1jI
irt+1DoV5jHuE2/tBWRSLTR6u83KSMBVbiznKg6yPBYLpXwK3s8fySa+qVaMZIgb
KtrM6RNjb0qy3ERz2gfPg16B0pwxBSPfeAk+G0juFhpY5x9nRrXb4bs40mgPXAPw
pH7lnz9XGQSrCKWdRnWOOFQvNWIPPlJXKWBoCWupqpUI6h0NmeM4h/2iG+vc0M49
7wPLMIK+BAFl/RMXB+67mpRfFtIJSRvOVSSfaSbSbRgxuBV9JvfwN3sLxFHlcb5V
WUhPmzwyGEjbn8cdyd13qj1ocAFTzoxH+nkoPmF13MLBF3rJ/I6LzqI3+QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHo7JUlQVBHZAKJYgdgFB+9Qs1PkMB8GA1UdIwQY
MBaAFDk5+SuCXOEQkDwx1SKw9Qyv10pvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMt
OWZjMzY0MTFhY2NjLzEvZWpzbFNWQlVFZGtBb2xpQjJBVUg3MUN6VS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMtOWZjMzY0MTFhY2Nj
LzEvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCucX0MAwD
BATZDBADBADZDBIwDAMEAtkMFAMEBdkMADANBgkqhkiG9w0BAQsFAAOCAQEABrYr
haXEUOxTR60CYrX5LAXEkpjaBUx4YQsaEXP7giT4Ii2aIZIyOMruv/PJygC7NqM3
nhtumPnlEzO6MGJSyilpZt7fZ0QlTpf6c5gNawdASFx+WlqiXQEV7eeyqaTT8Gof
aiwIm9zQhozcLtUavSHZy9ThmwiyGwsr2qL6inps9PxMEKx/k0K6p33/CZf8TtAb
RJqEKiPHXyeVXIGV1eW0pJ+z8IO0zrUPhyUV4OidS6i/S60Aq+7cdBLDg2fLD8Hq
x8q9x82qYd17fmpxsyF1LjK9taBizH6eo01uP+qOoeoK7Zxi3CgnsvT98mPKTuT0
0uvnV594zN+VSp7N5g==
-----END CERTIFICATE-----
Generated at Mon Nov 4 17:34:01 2024 by rpki-client on console-ams.rpki-client.org