Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/eaKf6AI-rr7gfcnsnjGSv02R9i4.roa
File: eaKf6AI-rr7gfcnsnjGSv02R9i4.roa (raw, json)
Hash identifier: gp+ukxxDy1UXFY8BvubwobBg+l7rWzgfAkApA35/bhg=
Subject key identifier: 79:A2:9F:E8:02:3E:AE:BE:E0:7D:C9:EC:9E:31:92:BF:4D:91:F6:2E
Certificate issuer: /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Certificate serial: 018DC0AE41F918E81B820663B173AA41C2F3
Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/eaKf6AI-rr7gfcnsnjGSv02R9i4.roa
Signing time: Mon 19 Feb 2024 09:24:21 +0000
ROA not before: Mon 19 Feb 2024 09:24:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29180
IP address blocks: 82.132.128.0/22 maxlen: 24
82.132.132.0/22 maxlen: 24
82.132.136.0/23 maxlen: 24
82.132.140.0/23 maxlen: 24
82.132.142.0/23 maxlen: 24
185.238.16.0/23 maxlen: 24
185.238.18.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 15:35:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:ae:41:f9:18:e8:1b:82:06:63:b1:73:aa:41:c2:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Validity
Not Before: Feb 19 09:24:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79a29fe8023eaebee07dc9ec9e3192bf4d91f62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e1:4e:2b:de:2a:15:60:e2:4c:b0:83:f1:db:
46:dd:83:23:f9:90:6d:69:3a:66:ab:21:01:8c:c1:
a6:93:57:a4:c6:06:97:e2:7b:3d:b2:24:fc:d3:58:
df:a9:a5:35:0d:a7:71:01:84:af:25:31:7a:4f:73:
a6:8c:a3:a2:87:9e:8c:47:9a:dc:6f:6c:3e:9e:35:
c2:dd:92:85:c5:9c:23:6f:a0:84:9a:98:f1:8c:44:
da:71:0c:9f:e8:a4:1e:ed:f9:f5:36:63:0a:b1:50:
29:fa:29:e8:6d:34:30:8e:c8:9c:28:01:ed:d9:f7:
c8:06:9f:c6:95:e2:19:87:6d:42:cf:ef:7e:8a:a8:
1d:40:12:bd:5a:04:82:63:25:b9:f1:64:f9:47:65:
df:60:ec:29:96:ac:94:dd:4e:05:e9:c5:80:b8:96:
c5:56:ce:ed:d4:00:44:5a:38:11:26:e1:6f:c1:9a:
99:50:e4:6e:83:24:50:fa:ef:27:da:88:2a:53:c8:
ba:0c:e4:e0:4d:62:fa:bd:15:9d:7d:92:e4:af:d6:
24:4b:5d:7e:8a:ea:41:a9:eb:95:30:c1:de:c6:20:
e3:ca:ef:70:0d:92:cd:89:e7:67:5f:89:f1:23:43:
d8:23:20:2f:74:c6:0f:41:5c:bf:64:d5:8f:85:5f:
0e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A2:9F:E8:02:3E:AE:BE:E0:7D:C9:EC:9E:31:92:BF:4D:91:F6:2E
X509v3 Authority Key Identifier:
keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/eaKf6AI-rr7gfcnsnjGSv02R9i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.132.128.0-82.132.137.255
82.132.140.0/22
185.238.16.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:72:52:5e:1c:35:cd:f2:f7:79:16:44:17:92:bd:19:5f:2e:
1b:90:fc:64:90:9a:66:fd:52:32:24:a5:0e:8b:26:84:ce:96:
86:b8:51:b3:f0:87:df:f4:09:9c:71:2d:31:3c:94:c8:62:28:
9c:28:53:21:12:86:ad:2b:5d:51:a4:bd:c3:23:f3:96:ab:22:
36:7a:1f:5d:01:d0:85:d9:6d:9c:a2:98:32:a9:f4:88:c6:21:
88:95:e0:10:af:9e:83:88:d8:e2:bb:65:35:ac:06:5f:0f:3a:
d1:1a:38:9e:3d:5b:b3:94:f3:f3:b2:78:39:77:41:fc:8a:77:
f8:1c:53:6c:a4:7c:24:b6:8c:d8:3f:01:f7:cc:9c:c3:f0:a5:
a2:53:3e:06:66:a0:6c:4a:5d:b7:60:d0:30:5c:e3:28:46:b9:
a9:2d:3e:07:27:3f:03:d4:67:e9:99:9c:33:b8:ca:bb:c8:33:
2d:bc:9c:08:50:30:43:d4:51:4f:cc:7c:52:01:fd:16:61:01:
27:67:26:b9:84:fd:7c:a3:2b:c6:91:07:17:0f:af:72:ca:59:
5c:43:34:71:f7:84:09:c4:e6:e1:ff:41:ce:c8:26:b2:fd:5c:
8b:e1:e1:e8:80:c1:f4:e0:6a:74:0f:7a:a0:a1:88:c0:47:9c:
c7:70:f3:58
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY3ArkH5GOgbggZjsXOqQcLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw
ZWEzYTYwHhcNMjQwMjE5MDkyNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWEyOWZlODAyM2VhZWJlZTA3ZGM5ZWM5ZTMxOTJiZjRkOTFmNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuFOK94qFWDiTLCD8dtG3YMj+ZBt
aTpmqyEBjMGmk1ekxgaX4ns9siT801jfqaU1DadxAYSvJTF6T3OmjKOih56MR5rc
b2w+njXC3ZKFxZwjb6CEmpjxjETacQyf6KQe7fn1NmMKsVAp+inobTQwjsicKAHt
2ffIBp/GleIZh21Cz+9+iqgdQBK9WgSCYyW58WT5R2XfYOwplqyU3U4F6cWAuJbF
Vs7t1ABEWjgRJuFvwZqZUORugyRQ+u8n2ogqU8i6DOTgTWL6vRWdfZLkr9YkS11+
iupBqeuVMMHexiDjyu9wDZLNiednX4nxI0PYIyAvdMYPQVy/ZNWPhV8OIQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHmin+gCPq6+4H3J7J4xkr9NkfYuMB8GA1UdIwQY
MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt
ZWU3M2ZlMjFlZDIzLzEvZWFLZjZBSS1ycjdnZmNuc25qR1N2MDJSOWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz
LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAdShIAD
BAFShIgDBAJShIwDBAK57hAwDQYJKoZIhvcNAQELBQADggEBAAtyUl4cNc3y93kW
RBeSvRlfLhuQ/GSQmmb9UjIkpQ6LJoTOloa4UbPwh9/0CZxxLTE8lMhiKJwoUyES
hq0rXVGkvcMj85arIjZ6H10B0IXZbZyimDKp9IjGIYiV4BCvnoOI2OK7ZTWsBl8P
OtEaOJ49W7OU8/OyeDl3QfyKd/gcU2ykfCS2jNg/AffMnMPwpaJTPgZmoGxKXbdg
0DBc4yhGuaktPgcnPwPUZ+mZnDO4yrvIMy28nAhQMEPUUU/MfFIB/RZhASdnJrmE
/XyjK8aRBxcPr3LKWVxDNHH3hAnE5uH/Qc7IJrL9XIvh4eiAwfTganQPeqChiMBH
nMdw81g=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:06 2025 by rpki-client