Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/ELq1vd5UXElum5a7M8vdDcMmocE.roa
File: ELq1vd5UXElum5a7M8vdDcMmocE.roa (raw, json)
Hash identifier: QLaQk0l7Nzhms+RyYZsUAQGtLSnwLE37oNVw4MPeeLc=
Subject key identifier: 10:BA:B5:BD:DE:54:5C:49:6E:9B:96:BB:33:CB:DD:0D:C3:26:A1:C1
Certificate issuer: /CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Certificate serial: 018CC4252226AD181A5DF72E8856A5674DFE
Authority key identifier: 9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/ELq1vd5UXElum5a7M8vdDcMmocE.roa
Signing time: Mon 01 Jan 2024 08:30:16 +0000
ROA not before: Mon 01 Jan 2024 08:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42474
IP address blocks: 193.169.228.0/23 maxlen: 24
185.239.48.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:22:26:ad:18:1a:5d:f7:2e:88:56:a5:67:4d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a48c1d8008cdc059db0b27aa9514799c06d5443
Validity
Not Before: Jan 1 08:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10bab5bdde545c496e9b96bb33cbdd0dc326a1c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8f:3e:c8:57:c8:79:45:7d:50:3f:32:b7:94:
25:3d:7c:5e:5c:e5:07:22:dd:ec:9f:7d:63:2d:e4:
e2:a8:0b:ac:a0:b6:9e:27:b6:0b:0b:5b:18:69:1a:
a5:2d:f0:54:27:32:25:f0:cc:96:19:43:7e:e8:2e:
59:77:95:7f:85:3b:a7:35:be:d9:bb:ae:51:b5:30:
b4:5d:58:6b:c8:37:29:be:c2:01:13:a3:66:01:94:
aa:9e:33:63:0b:96:6b:14:0b:74:a6:3a:aa:a1:25:
35:93:e6:f4:7b:5b:40:51:c4:8b:f7:2b:c4:31:01:
7b:dd:0e:58:b8:5f:5d:d5:c5:46:3d:1d:91:b2:05:
16:7a:23:fd:87:9d:e6:9a:4b:64:90:63:08:3a:ac:
c8:c9:a3:b1:18:f0:1b:d3:64:1d:0c:ba:e6:95:97:
69:0e:13:7e:12:78:28:f4:db:69:7c:c5:d4:94:86:
06:b2:c9:5c:d6:5c:13:85:02:91:db:5f:07:11:64:
df:4a:ba:36:33:e5:15:77:1e:5e:ce:63:fe:6c:4e:
b5:2e:7d:89:b1:c5:5d:f6:92:31:d9:73:6b:98:76:
ff:97:0d:bd:cc:4a:74:34:92:3c:0f:cd:23:ed:23:
bc:73:6a:fe:55:c2:3f:74:06:c6:50:81:a1:28:2d:
42:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:BA:B5:BD:DE:54:5C:49:6E:9B:96:BB:33:CB:DD:0D:C3:26:A1:C1
X509v3 Authority Key Identifier:
keyid:9A:48:C1:D8:00:8C:DC:05:9D:B0:B2:7A:A9:51:47:99:C0:6D:54:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/ELq1vd5UXElum5a7M8vdDcMmocE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/cb614c-495e-410e-8730-5a366315c166/1/mkjB2ACM3AWdsLJ6qVFHmcBtVEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.48.0/23
193.169.228.0/23
Signature Algorithm: sha256WithRSAEncryption
81:6a:ea:9e:eb:5b:ab:a0:7c:cf:85:52:1e:72:83:c9:19:c2:
68:c2:9e:e5:1e:96:f7:fe:c6:58:bd:37:bc:cc:1d:09:af:25:
ce:e2:3d:a3:7d:f1:0d:17:dc:a5:86:a6:c5:03:63:48:26:75:
79:4b:d4:29:06:6c:6b:01:89:28:d9:26:80:11:89:d2:0a:57:
54:ff:5e:00:fc:fb:a0:ff:ac:87:a9:9f:71:e5:02:93:09:a3:
3e:02:fc:cb:e9:40:b4:ac:6b:84:15:69:1b:4c:25:cc:ca:16:
a9:b6:8b:78:ed:33:5c:c8:ba:36:91:77:23:3c:20:70:44:03:
ce:bc:b8:70:ac:60:76:00:da:6c:83:97:22:9d:e3:0e:c1:a2:
8b:e1:6d:f0:62:5b:6c:a9:15:0f:89:a8:06:e0:b1:34:3c:fd:
1e:59:43:73:48:69:63:48:bf:42:cd:b9:33:4c:f5:c5:ef:49:
82:9b:84:09:ae:b1:f0:64:fd:03:46:b0:0d:31:5e:b5:37:0f:
a8:59:16:07:3a:74:37:da:61:fd:c9:83:76:38:c7:70:32:2a:
cf:c8:aa:f2:15:e9:8a:ea:f4:8d:67:23:59:6d:98:39:ce:86:
93:35:dd:9a:44:c2:9a:aa:83:e4:9f:e1:62:25:c5:71:20:f5:
af:c0:4a:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJSImrRgaXfcuiFalZ03+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNDhjMWQ4MDA4Y2RjMDU5ZGIwYjI3YWE5NTE0Nzk5YzA2
ZDU0NDMwHhcNMjQwMTAxMDgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGJhYjViZGRlNTQ1YzQ5NmU5Yjk2YmIzM2NiZGQwZGMzMjZhMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjI8+yFfIeUV9UD8yt5QlPXxeXOUH
It3sn31jLeTiqAusoLaeJ7YLC1sYaRqlLfBUJzIl8MyWGUN+6C5Zd5V/hTunNb7Z
u65RtTC0XVhryDcpvsIBE6NmAZSqnjNjC5ZrFAt0pjqqoSU1k+b0e1tAUcSL9yvE
MQF73Q5YuF9d1cVGPR2RsgUWeiP9h53mmktkkGMIOqzIyaOxGPAb02QdDLrmlZdp
DhN+Engo9NtpfMXUlIYGsslc1lwThQKR218HEWTfSro2M+UVdx5ezmP+bE61Ln2J
scVd9pIx2XNrmHb/lw29zEp0NJI8D80j7SO8c2r+VcI/dAbGUIGhKC1CHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBC6tb3eVFxJbpuWuzPL3Q3DJqHBMB8GA1UdIwQY
MBaAFJpIwdgAjNwFnbCyeqlRR5nAbVRDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAt
NWEzNjYzMTVjMTY2LzEvRUxxMXZkNVVYRWx1bTVhN004dmREY01tb2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jYjYxNGMtNDk1ZS00MTBlLTg3MzAtNWEzNjYzMTVjMTY2
LzEvbWtqQjJBQ00zQVdkc0xKNnFWRkhtY0J0VkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBue8wAwQB
wankMA0GCSqGSIb3DQEBCwUAA4IBAQCBauqe61uroHzPhVIecoPJGcJowp7lHpb3
/sZYvTe8zB0JryXO4j2jffENF9ylhqbFA2NIJnV5S9QpBmxrAYko2SaAEYnSCldU
/14A/Pug/6yHqZ9x5QKTCaM+AvzL6UC0rGuEFWkbTCXMyhaptot47TNcyLo2kXcj
PCBwRAPOvLhwrGB2ANpsg5cineMOwaKL4W3wYltsqRUPiagG4LE0PP0eWUNzSGlj
SL9CzbkzTPXF70mCm4QJrrHwZP0DRrANMV61Nw+oWRYHOnQ32mH9yYN2OMdwMirP
yKryFemK6vSNZyNZbZg5zoaTNd2aRMKaqoPkn+FiJcVxIPWvwEqc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:16 2025 by rpki-client