Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/RbEZ2xSYB4YroAvuxuvutZHkZnI.roa
File: RbEZ2xSYB4YroAvuxuvutZHkZnI.roa (raw, json)
Hash identifier: 9/yCcDH9nkUQuOhyWPScIUdAECGTII03bmD10EZR9Jk=
Subject key identifier: 45:B1:19:DB:14:98:07:86:2B:A0:0B:EE:C6:EB:EE:B5:91:E4:66:72
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0188959D457C88EFE08636A4675F8829E232
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/RbEZ2xSYB4YroAvuxuvutZHkZnI.roa
Signing time: Wed 07 Jun 2023 11:28:12 +0000
ROA not before: Wed 07 Jun 2023 11:28:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28964
IP address blocks: 178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.160.0/23 maxlen: 23
178.254.162.0/24 maxlen: 24
5.172.32.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.178.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.185.0/24 maxlen: 24
109.111.255.0/24 maxlen: 24
89.23.94.0/23 maxlen: 23
193.104.68.0/24 maxlen: 24
109.111.242.0/24 maxlen: 24
109.111.241.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
185.157.45.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
89.23.72.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 12 Jun 2023 22:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:9d:45:7c:88:ef:e0:86:36:a4:67:5f:88:29:e2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 7 11:28:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45b119db149807862ba00beec6ebeeb591e46672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:89:df:6a:83:48:dd:6d:60:56:d4:d1:36:28:
86:22:3e:b9:9b:0e:03:d4:f2:f6:82:04:b8:e7:f0:
94:6c:91:8b:a6:26:5b:ac:ee:4d:4a:82:4d:3a:08:
b9:c6:7d:c9:d5:e8:a5:3d:1a:1c:cd:dc:5a:48:20:
7f:b7:de:1a:ae:1f:26:93:03:21:0f:85:47:3a:ab:
10:dc:82:bd:97:cc:72:97:da:19:89:d9:9f:19:e4:
b1:a7:a0:7f:79:80:a8:d6:13:3b:04:89:f2:70:18:
1e:b0:27:d8:82:99:ec:25:37:62:84:15:80:db:42:
d1:cc:b3:e8:4a:a6:e6:6d:18:55:06:1f:a3:10:93:
87:e9:81:0b:2a:3a:32:bd:68:8a:47:4f:f1:8b:4c:
aa:15:52:0b:18:5d:ad:e0:12:49:16:96:8c:99:e6:
d8:25:dc:1f:21:c7:8c:fc:97:91:74:75:9e:03:61:
4e:5f:d9:e9:68:61:f6:64:90:21:36:07:03:74:33:
18:89:51:a3:47:59:c0:fd:e5:f1:2e:b2:a7:41:bd:
61:fa:1b:53:52:5c:d6:27:b2:c5:55:29:18:32:9a:
1e:e8:57:1c:b6:62:09:04:be:c4:0e:03:47:5b:93:
49:d2:94:55:6e:4b:cc:24:a1:57:64:fd:3c:48:e1:
b7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B1:19:DB:14:98:07:86:2B:A0:0B:EE:C6:EB:EE:B5:91:E4:66:72
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/RbEZ2xSYB4YroAvuxuvutZHkZnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.66.0/23
89.23.72.0/23
89.23.94.0/23
109.111.241.0-109.111.242.255
109.111.249.0/24
109.111.251.0/24
109.111.255.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.178.0/24
178.254.185.0/24
185.157.45.0-185.157.47.255
193.104.68.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:5e:7f:17:d8:7d:43:d8:23:5c:3f:8e:92:c0:57:35:1e:4f:
13:ee:25:dd:e6:73:93:52:a3:ac:28:a1:28:a1:58:0d:0c:59:
3e:59:2c:40:58:74:9d:34:35:f4:6b:cd:9b:0e:5d:28:f3:ad:
73:0c:f5:90:22:21:b1:b3:39:24:e7:3b:04:b6:3b:36:71:d2:
47:7f:8a:6b:bc:46:e2:1b:4e:07:70:f0:5d:f3:df:df:14:67:
55:88:86:b4:28:5c:15:b3:e0:2a:c1:7f:40:10:89:44:3c:30:
9c:4d:4e:35:12:6a:0f:65:81:78:8b:a6:d2:3d:e9:01:3c:4b:
b7:46:8f:63:0f:86:fb:13:3f:72:60:fa:57:39:7a:a0:30:22:
69:17:5d:36:fa:92:f3:14:d8:be:5d:af:66:06:e0:85:7d:ee:
cd:a8:0f:e0:1d:16:4a:17:0b:98:27:24:06:60:6e:87:3e:51:
a1:f4:28:96:43:8b:b5:ed:7a:de:05:a1:f6:d3:36:f6:2d:4d:
5a:c8:90:82:b5:0f:34:8b:8d:f5:82:ec:84:85:ae:23:06:7c:
25:60:2d:2a:4a:7f:ca:7b:07:51:2e:99:31:0f:90:d3:2b:c8:
3f:57:48:e3:b4:d7:e0:30:28:3a:9e:1b:08:9e:36:a8:fe:25:
0c:80:56:7f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYiVnUV8iO/ghjakZ1+IKeIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNjA3MTEyODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWIxMTlkYjE0OTgwNzg2MmJhMDBiZWVjNmViZWViNTkxZTQ2NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYnfaoNI3W1gVtTRNiiGIj65mw4D
1PL2ggS45/CUbJGLpiZbrO5NSoJNOgi5xn3J1eilPRoczdxaSCB/t94arh8mkwMh
D4VHOqsQ3IK9l8xyl9oZidmfGeSxp6B/eYCo1hM7BInycBgesCfYgpnsJTdihBWA
20LRzLPoSqbmbRhVBh+jEJOH6YELKjoyvWiKR0/xi0yqFVILGF2t4BJJFpaMmebY
JdwfIceM/JeRdHWeA2FOX9npaGH2ZJAhNgcDdDMYiVGjR1nA/eXxLrKnQb1h+htT
UlzWJ7LFVSkYMpoe6FcctmIJBL7EDgNHW5NJ0pRVbkvMJKFXZP08SOG3fQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFEWxGdsUmAeGK6AL7sbr7rWR5GZyMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvUmJFWjJ4U1lCNFlyb0F2dXh1dnV0WkhrWm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAF
rCADBABZF0ADBAFZF0IDBAFZF0gDBAFZF14wDAMEAG1v8QMEAG1v8gMEAG1v+QME
AG1v+wMEAG1v/zAMAwQFsv6gAwQAsv6iAwQAsv6kAwQBsv6mMAwDBACy/q0DBACy
/q4DBACy/rIDBACy/rkwDAMEALmdLQMEBLmdIAMEAMFoRDANBgkqhkiG9w0BAQsF
AAOCAQEAP15/F9h9Q9gjXD+OksBXNR5PE+4l3eZzk1KjrCihKKFYDQxZPlksQFh0
nTQ19GvNmw5dKPOtcwz1kCIhsbM5JOc7BLY7NnHSR3+Ka7xG4htOB3DwXfPf3xRn
VYiGtChcFbPgKsF/QBCJRDwwnE1ONRJqD2WBeIum0j3pATxLt0aPYw+G+xM/cmD6
Vzl6oDAiaRddNvqS8xTYvl2vZgbghX3uzagP4B0WShcLmCckBmBuhz5RofQolkOL
te163gWh9tM29i1NWsiQgrUPNIuN9YLshIWuIwZ8JWAtKkp/ynsHUS6ZMQ+Q0yvI
P1dI47TX4DAoOp4bCJ42qP4lDIBWfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org