Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/01EBD7pQ2FNd9qDIujAcqjwLvT8.roa
File: 01EBD7pQ2FNd9qDIujAcqjwLvT8.roa (raw, json)
Hash identifier: aK1kLjlUCH5SFeqQ60Arj6t06jiGt2ZcWYGgbXYC/2k=
Subject key identifier: D3:51:01:0F:BA:50:D8:53:5D:F6:A0:C8:BA:30:1C:AA:3C:0B:BD:3F
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 01938D32641E7CF50974C66B777FA73C57CF
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/01EBD7pQ2FNd9qDIujAcqjwLvT8.roa
Signing time: Tue 03 Dec 2024 15:45:09 +0000
ROA not before: Tue 03 Dec 2024 15:45:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 46.229.243.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
76.164.200.0/24 maxlen: 24
76.164.201.0/24 maxlen: 24
76.164.202.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
92.42.100.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
103.121.48.0/24 maxlen: 24
103.121.49.0/24 maxlen: 24
103.126.50.0/24 maxlen: 24
103.126.51.0/24 maxlen: 24
103.244.144.0/24 maxlen: 24
103.244.145.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
203.14.32.0/24 maxlen: 24
203.25.108.0/24 maxlen: 24
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
2a12:3200:5000::/36 maxlen: 36
2a12:3200:6000::/36 maxlen: 36
2a12:3200:7000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 04 Dec 2024 22:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:32:64:1e:7c:f5:09:74:c6:6b:77:7f:a7:3c:57:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Dec 3 15:45:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d351010fba50d8535df6a0c8ba301caa3c0bbd3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e2:8e:d1:23:f9:ff:45:32:2e:ea:52:bf:cb:
3a:3d:b7:bb:cf:97:24:6d:54:7c:80:41:87:1e:93:
06:ca:ed:0c:85:d8:8a:e3:8b:f1:d1:8a:b4:5d:57:
87:95:3f:f1:3a:52:2c:9d:c0:8e:74:e4:d5:b8:2b:
6a:bc:20:08:a2:77:7e:7f:45:6e:07:86:c4:c8:83:
0f:8a:5e:c3:89:61:82:d1:df:5b:60:73:84:65:60:
75:07:9b:1b:a0:f2:47:41:0d:97:01:71:2e:2a:0d:
65:86:0f:60:6a:aa:fb:bc:60:18:cc:82:6f:b9:20:
e8:95:c6:4e:5d:0f:ff:c6:4c:83:a1:8b:29:08:66:
cf:10:e2:d4:55:2c:e0:12:1e:88:81:83:3f:b3:51:
f1:34:b5:ad:66:69:90:32:c9:13:b2:74:e4:2e:9d:
b8:e4:7b:9c:d2:6a:05:d5:5e:f7:0b:40:8f:23:a3:
69:cd:15:f7:e7:34:73:0f:40:ef:42:7e:2e:e1:4e:
b6:fb:45:9f:f5:c6:6f:8a:55:7a:e6:35:2b:ec:71:
94:b1:09:9a:44:18:e7:a5:89:af:34:db:44:05:9f:
17:29:4e:71:f8:f2:4f:c2:d3:d8:af:a3:17:a8:de:
15:fb:98:32:83:9f:5d:b7:3f:60:9f:66:46:db:dc:
e4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:51:01:0F:BA:50:D8:53:5D:F6:A0:C8:BA:30:1C:AA:3C:0B:BD:3F
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/01EBD7pQ2FNd9qDIujAcqjwLvT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
76.164.200.0-76.164.202.255
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
92.42.100.0/24
103.112.171.0/24
103.121.48.0/23
103.126.50.0/23
103.244.144.0/23
103.246.248.0/24
185.104.63.0/24
195.74.93.0/24
203.14.32.0/24
203.25.108.0/24
IPv6:
2a12:3200::/33
Signature Algorithm: sha256WithRSAEncryption
e3:3c:bf:4e:9c:fb:3a:91:74:df:b1:30:d4:94:68:6d:aa:8f:
af:14:9b:f3:17:0d:cd:9e:6e:57:b0:8b:ca:bd:e8:33:96:b7:
6f:1f:7b:75:b9:2e:f5:9e:b4:ee:69:9d:9f:4b:6a:45:5f:02:
fd:9a:0e:9e:cd:e7:52:e5:15:e3:b1:be:70:5d:24:72:53:9f:
bb:fa:a8:16:93:6c:51:f2:34:bd:87:5f:59:cb:85:a5:5d:c3:
d7:a2:8a:6c:41:5e:bb:64:a2:15:90:fe:24:68:96:23:0a:ee:
65:33:81:f5:7c:46:a0:2b:05:14:3f:7c:e7:b2:85:cc:0f:96:
72:78:87:f0:f7:db:49:35:93:f9:c3:78:f0:cd:bc:7f:17:49:
3e:4c:ed:11:e7:92:49:42:4c:a6:6f:01:cb:61:a2:99:21:42:
9f:5c:92:bc:3e:42:8f:4e:22:bf:cc:49:09:1a:8a:d7:7b:f8:
06:4f:32:3f:01:6a:d0:96:d4:b4:b9:21:d4:bb:72:f1:ec:96:
8d:a2:8c:b5:0c:8d:0d:04:08:f3:61:ad:8e:fc:fd:70:08:b3:
1b:53:6b:15:90:3d:f6:87:b3:79:5e:95:7c:4c:43:d8:a4:36:
94:84:5d:f3:19:b9:85:12:de:49:72:93:45:af:f4:89:ca:98:
48:f5:54:c2
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZONMmQefPUJdMZrd3+nPFfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjQxMjAzMTU0NTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzUxMDEwZmJhNTBkODUzNWRmNmEwYzhiYTMwMWNhYTNjMGJiZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOKO0SP5/0UyLupSv8s6Pbe7z5ck
bVR8gEGHHpMGyu0MhdiK44vx0Yq0XVeHlT/xOlIsncCOdOTVuCtqvCAIond+f0Vu
B4bEyIMPil7DiWGC0d9bYHOEZWB1B5sboPJHQQ2XAXEuKg1lhg9gaqr7vGAYzIJv
uSDolcZOXQ//xkyDoYspCGbPEOLUVSzgEh6IgYM/s1HxNLWtZmmQMskTsnTkLp24
5Huc0moF1V73C0CPI6NpzRX35zRzD0DvQn4u4U62+0Wf9cZvilV65jUr7HGUsQma
RBjnpYmvNNtEBZ8XKU5x+PJPwtPYr6MXqN4V+5gyg59dtz9gn2ZG29zkQwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFNNRAQ+6UNhTXfagyLowHKo8C70/MB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvMDFFQkQ3cFEyRk5kOXFESXVqQWNxandMdlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB0BAIAATBuAwQALuXz
AwQALuX7AwQALuX9MAwDBANMpMgDBABMpMoDBABNSnsDBABT5T0DBABVzGsDBABc
KmQDBABncKsDBAFneTADBAFnfjIDBAFn9JADBABn9vgDBAC5aD8DBADDSl0DBADL
DiADBADLGWwwDgQCAAIwCAMGByoSMgAAMA0GCSqGSIb3DQEBCwUAA4IBAQDjPL9O
nPs6kXTfsTDUlGhtqo+vFJvzFw3Nnm5XsIvKvegzlrdvH3t1uS71nrTuaZ2fS2pF
XwL9mg6ezedS5RXjsb5wXSRyU5+7+qgWk2xR8jS9h19Zy4WlXcPXoopsQV67ZKIV
kP4kaJYjCu5lM4H1fEagKwUUP3znsoXMD5ZyeIfw99tJNZP5w3jwzbx/F0k+TO0R
55JJQkymbwHLYaKZIUKfXJK8PkKPTiK/zEkJGorXe/gGTzI/AWrQltS0uSHUu3Lx
7JaNooy1DI0NBAjzYa2O/P1wCLMbU2sVkD32h7N5XpV8TEPYpDaUhF3zGbmFEt5J
cpNFr/SJyphI9VTC
-----END CERTIFICATE-----
Generated at Thu Apr 10 20:21:58 2025 by rpki-client