Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/eZAOr3PuTJ5VNWXZQUfjCpF3Y64.roa
File: eZAOr3PuTJ5VNWXZQUfjCpF3Y64.roa (raw, json)
Hash identifier: LXsWsMLtqGJtz3GVX+OxLZUh0e6e3Ey598fPPoYqsTs=
Subject key identifier: 79:90:0E:AF:73:EE:4C:9E:55:35:65:D9:41:47:E3:0A:91:77:63:AE
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E0EF5EE85F3705FDCDA2A220AE1075698
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/eZAOr3PuTJ5VNWXZQUfjCpF3Y64.roa
Signing time: Tue 05 Mar 2024 14:13:02 +0000
ROA not before: Tue 05 Mar 2024 14:13:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
188.95.71.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
212.18.100.0/24 maxlen: 24
212.52.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 12:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:f5:ee:85:f3:70:5f:dc:da:2a:22:0a:e1:07:56:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 5 14:13:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79900eaf73ee4c9e553565d94147e30a917763ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:34:5b:3c:59:97:59:ce:af:bd:fa:77:56:64:
05:05:73:57:cf:59:d7:f9:c9:40:5b:bf:75:74:16:
ad:41:95:41:43:f5:e4:94:cc:b0:6c:ed:db:cc:23:
bb:df:e8:92:8e:b5:dc:96:28:fe:45:5a:80:ad:6f:
06:e9:4f:d0:2c:cf:3c:27:a7:41:ea:46:10:2a:12:
db:10:9a:29:58:72:79:31:09:41:62:9c:fc:19:11:
d0:ae:8f:90:e6:cd:a9:37:58:fc:e4:98:0c:a1:ae:
3b:fd:97:59:b6:ac:3e:06:56:0e:c1:4e:d6:c8:f6:
70:bc:a6:2d:45:f9:82:65:6a:79:fa:51:74:0c:50:
f4:73:41:21:16:90:21:ae:e9:5e:94:01:5f:b7:7f:
67:31:c3:67:c3:36:59:a6:de:2b:14:b9:fa:08:ba:
04:49:ed:a8:26:db:24:1c:ca:19:be:4a:7b:73:d1:
54:75:67:ed:87:fd:06:d7:62:d0:4a:62:31:d9:ab:
31:6d:6b:a4:a0:3e:54:6d:a2:6b:81:09:93:70:99:
fc:d9:54:68:0b:e1:0b:63:20:7d:2c:d7:42:18:2a:
a9:03:43:af:4d:e1:64:81:0f:58:25:59:72:ab:6a:
92:b7:1e:75:85:ac:da:7e:e7:8e:1f:51:d6:da:5b:
0a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:90:0E:AF:73:EE:4C:9E:55:35:65:D9:41:47:E3:0A:91:77:63:AE
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/eZAOr3PuTJ5VNWXZQUfjCpF3Y64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
37.221.80.0/24
45.11.22.0/24
45.14.221.0/24
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.56.35.0/24
176.124.34.0/24
185.212.112.0/24
185.234.8.0/24
188.95.71.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.225.96.0/24
212.18.100.0/24
212.52.4.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:df:62:37:8f:bd:28:0c:7b:4e:55:0b:2b:f4:10:41:ba:1b:
e5:90:4a:21:f8:50:69:3c:bd:75:fe:c8:2f:2d:7a:44:9d:e8:
15:77:39:c8:70:b0:b9:c2:65:9b:6f:d8:bb:67:76:9f:23:2b:
6b:d3:f0:cb:21:5d:c7:d2:ac:c9:85:f5:5b:22:4b:08:f2:55:
83:8a:5d:25:73:d5:19:e9:58:a6:9d:6d:6c:75:c0:08:1b:e4:
9f:cd:da:5b:ff:e8:60:8b:f0:6c:40:98:a2:ee:f8:d1:a4:c4:
b5:37:61:7f:ca:df:e5:f7:ff:d4:ce:8d:10:87:72:4f:93:2f:
c8:82:7d:ff:b9:f9:36:7e:ba:03:bb:54:19:90:e0:f6:6a:35:
d6:71:7f:86:8c:c0:d3:82:3e:a9:68:f1:71:09:89:f9:90:15:
c1:51:82:2b:81:65:b2:01:86:7d:21:77:fc:27:42:ed:a8:08:
12:d1:09:a5:bd:34:c8:23:2e:e5:16:54:c6:d0:86:9e:0f:3c:
9f:72:a2:a5:fb:b5:3c:41:73:2e:cb:dc:f5:be:69:97:b9:94:
b9:52:02:94:2b:a4:2f:47:3b:bd:96:6f:71:e8:07:6e:74:5d:
68:aa:cc:4e:d5:a7:e6:b6:c2:25:f2:a4:e8:98:b8:ce:62:bd:
8d:e2:5f:4e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY4O9e6F83Bf3NoqIgrhB1aYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzA1MTQxMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTkwMGVhZjczZWU0YzllNTUzNTY1ZDk0MTQ3ZTMwYTkxNzc2M2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTRbPFmXWc6vvfp3VmQFBXNXz1nX
+clAW791dBatQZVBQ/XklMywbO3bzCO73+iSjrXclij+RVqArW8G6U/QLM88J6dB
6kYQKhLbEJopWHJ5MQlBYpz8GRHQro+Q5s2pN1j85JgMoa47/ZdZtqw+BlYOwU7W
yPZwvKYtRfmCZWp5+lF0DFD0c0EhFpAhrulelAFft39nMcNnwzZZpt4rFLn6CLoE
Se2oJtskHMoZvkp7c9FUdWfth/0G12LQSmIx2asxbWukoD5UbaJrgQmTcJn82VRo
C+ELYyB9LNdCGCqpA0OvTeFkgQ9YJVlyq2qStx51hazafueOH1HW2lsKpQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFHmQDq9z7kyeVTVl2UFH4wqRd2OuMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvZVpBT3IzUHVUSjVWTldYWlFVZmpDcEYzWTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAC
OzADBAAf3vADBAAl3VADBAAtCxYDBAAtDt0DBAAtWUQDBAAtWUcDBABbvNwDBABe
nrwDBACwOCMDBACwfCIDBAC51HADBAC56ggDBAC8X0cDBADBAxIDBADByXIDBADC
IPADBADDEhoDBADDRZQDBADDRZYDBADD4WADBADUEmQDBADUNAQwDQYJKoZIhvcN
AQELBQADggEBAF/fYjePvSgMe05VCyv0EEG6G+WQSiH4UGk8vXX+yC8tekSd6BV3
OchwsLnCZZtv2Ltndp8jK2vT8MshXcfSrMmF9VsiSwjyVYOKXSVz1RnpWKadbWx1
wAgb5J/N2lv/6GCL8GxAmKLu+NGkxLU3YX/K3+X3/9TOjRCHck+TL8iCff+5+TZ+
ugO7VBmQ4PZqNdZxf4aMwNOCPqlo8XEJifmQFcFRgiuBZbIBhn0hd/wnQu2oCBLR
CaW9NMgjLuUWVMbQhp4PPJ9yoqX7tTxBcy7L3PW+aZe5lLlSApQrpC9HO72Wb3Ho
B250XWiqzE7Vp+a2wiXypOiYuM5ivY3iX04=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org