Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/EKl2Gw8wREjzw7PwrnW2975zz9I.roa
File: EKl2Gw8wREjzw7PwrnW2975zz9I.roa (raw, json)
Hash identifier: 1lDpp4oVvBWVxjD37VoA7DBIY0G7iwOGHDXEMDsNtcI=
Subject key identifier: 10:A9:76:1B:0F:30:44:48:F3:C3:B3:F0:AE:75:B6:F7:BE:73:CF:D2
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 018CC7270AA0EE2C7007C6848BAFC790C9D2
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/EKl2Gw8wREjzw7PwrnW2975zz9I.roa
Signing time: Mon 01 Jan 2024 22:31:13 +0000
ROA not before: Mon 01 Jan 2024 22:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4134
IP address blocks: 81.173.16.0/24 maxlen: 24
81.173.17.0/24 maxlen: 24
81.173.20.0/24 maxlen: 24
81.173.19.0/24 maxlen: 24
81.173.22.0/24 maxlen: 24
81.173.21.0/24 maxlen: 24
81.173.18.0/24 maxlen: 24
81.173.23.0/24 maxlen: 24
81.173.24.0/24 maxlen: 24
81.173.28.0/24 maxlen: 24
2a04:f580:8030:100::/56 maxlen: 56
Validation: Failed, certificate revoked on Thu 15 Aug 2024 13:59:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:0a:a0:ee:2c:70:07:c6:84:8b:af:c7:90:c9:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 1 22:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10a9761b0f304448f3c3b3f0ae75b6f7be73cfd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9e:78:cc:3c:95:19:61:f8:3c:c3:3a:7d:13:
8a:55:6c:92:07:89:b3:b7:04:ea:f3:12:93:0c:c6:
90:5c:ad:d1:13:95:c5:8c:57:08:c0:a0:4e:57:48:
f9:0f:08:23:c9:04:00:21:6c:25:28:82:0d:9a:35:
47:f5:00:d3:b6:ec:a2:35:da:84:95:ee:82:7e:28:
40:d9:2b:a0:4b:66:73:43:1a:b5:4b:26:5b:a5:e5:
09:eb:a8:94:e0:53:bc:13:16:60:70:ef:ea:a8:b7:
e5:ae:12:98:ae:e0:ce:87:e4:ad:df:ff:c0:55:bd:
c4:de:2e:d6:76:af:02:a8:5f:81:86:5d:09:f7:c5:
f6:4e:4a:80:f1:dc:c1:e6:13:e3:fc:28:d8:5c:2a:
e4:eb:ef:b9:cc:8c:a8:14:d4:0e:25:da:02:f0:db:
4f:f9:0c:fc:6e:73:66:e2:74:a5:10:5e:67:a6:61:
2e:46:e4:73:20:a2:43:7b:0e:08:31:2c:f7:83:b0:
30:4d:40:2f:4d:91:d4:79:9c:ee:6b:4c:70:1e:eb:
3a:1f:a0:2a:3d:b3:72:73:92:7c:87:be:b1:2d:cf:
7d:7c:d2:58:10:22:c5:1f:db:11:16:50:bd:79:27:
1c:bf:a9:3e:c4:8f:40:29:76:4d:13:15:4d:92:1b:
db:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A9:76:1B:0F:30:44:48:F3:C3:B3:F0:AE:75:B6:F7:BE:73:CF:D2
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/EKl2Gw8wREjzw7PwrnW2975zz9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.16.0-81.173.24.255
81.173.28.0/24
IPv6:
2a04:f580:8030:100::/56
Signature Algorithm: sha256WithRSAEncryption
1e:11:3d:8c:a2:51:d3:66:85:88:1e:b8:4f:1d:40:6c:17:c8:
b5:d9:88:55:ad:5d:7d:6b:05:6b:69:cc:cb:95:80:16:ef:ad:
a6:83:e0:90:3d:91:b7:98:cf:8f:b5:ef:ae:dd:2a:61:e6:7a:
a2:8d:05:61:41:36:88:8e:72:98:5f:33:38:7c:a3:8d:f0:63:
c4:a4:9a:71:03:29:b3:cc:6e:33:0f:bd:e0:24:52:46:41:6f:
e4:7e:34:fb:ea:5d:c7:1b:b6:e9:e5:3e:65:ce:e2:30:f5:12:
58:7f:fe:b7:aa:9a:0d:4a:ce:b1:9d:e0:aa:93:75:83:b5:c4:
1e:77:75:3f:01:fe:fb:3b:45:4d:d4:bd:02:6e:5a:e6:50:59:
c1:7e:9e:b5:54:d4:f5:64:02:d0:36:dd:d2:c8:69:05:61:0a:
fb:cd:56:39:39:dc:97:0f:fb:cb:c9:03:55:f4:71:eb:fb:3b:
1d:0f:b1:f3:38:39:a9:99:37:24:3b:af:de:26:df:58:49:d8:
1d:35:34:e3:97:d9:74:d6:52:9d:e7:cd:6e:48:64:2d:a1:cd:
e3:5a:7a:64:14:50:5f:11:a9:b1:ca:4a:78:0f:47:e0:a1:b5:
1a:a0:65:78:2b:b7:18:40:2d:83:22:ed:f8:54:9c:8a:b6:21:
bd:c1:de:05
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHJwqg7ixwB8aEi6/HkMnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjQwMTAxMjIzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGE5NzYxYjBmMzA0NDQ4ZjNjM2IzZjBhZTc1YjZmN2JlNzNjZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3554zDyVGWH4PMM6fROKVWySB4mz
twTq8xKTDMaQXK3RE5XFjFcIwKBOV0j5DwgjyQQAIWwlKIINmjVH9QDTtuyiNdqE
le6CfihA2SugS2ZzQxq1SyZbpeUJ66iU4FO8ExZgcO/qqLflrhKYruDOh+St3//A
Vb3E3i7Wdq8CqF+Bhl0J98X2TkqA8dzB5hPj/CjYXCrk6++5zIyoFNQOJdoC8NtP
+Qz8bnNm4nSlEF5npmEuRuRzIKJDew4IMSz3g7AwTUAvTZHUeZzua0xwHus6H6Aq
PbNyc5J8h76xLc99fNJYECLFH9sRFlC9eSccv6k+xI9AKXZNExVNkhvbOQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBCpdhsPMERI88Oz8K51tve+c8/SMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvRUtsMkd3OHdSRWp6dzdQd3JuVzI5NzV6ejlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAaBAIAATAUMAwDBARRrRAD
BABRrRgDBABRrRwwEAQCAAIwCgMIACoE9YCAMAEwDQYJKoZIhvcNAQELBQADggEB
AB4RPYyiUdNmhYgeuE8dQGwXyLXZiFWtXX1rBWtpzMuVgBbvraaD4JA9kbeYz4+1
767dKmHmeqKNBWFBNoiOcphfMzh8o43wY8SkmnEDKbPMbjMPveAkUkZBb+R+NPvq
XccbtunlPmXO4jD1Elh//reqmg1KzrGd4KqTdYO1xB53dT8B/vs7RU3UvQJuWuZQ
WcF+nrVU1PVkAtA23dLIaQVhCvvNVjk53JcP+8vJA1X0cev7Ox0PsfM4OamZNyQ7
r94m31hJ2B01NOOX2XTWUp3nzW5IZC2hzeNaemQUUF8RqbHKSngPR+ChtRqgZXgr
txhALYMi7fhUnIq2Ib3B3gU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:01 2025 by rpki-client