Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/eehCD3u3eZ-6EMM9pMIiQS2mGtE.roa
File: eehCD3u3eZ-6EMM9pMIiQS2mGtE.roa (raw, json)
Hash identifier: o/SbBgRbsycH5QGHvO/44LCMTcNvct5j0N9s8X1rR9w=
Subject key identifier: 79:E8:42:0F:7B:B7:79:9F:BA:10:C3:3D:A4:C2:22:41:2D:A6:1A:D1
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0194274732B6799F0752232542D0EFBEF68D
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/eehCD3u3eZ-6EMM9pMIiQS2mGtE.roa
Signing time: Thu 02 Jan 2025 13:49:24 +0000
ROA not before: Thu 02 Jan 2025 13:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211567
IP address blocks: 109.236.48.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 14:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:32:b6:79:9f:07:52:23:25:42:d0:ef:be:f6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79e8420f7bb7799fba10c33da4c222412da61ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5f:27:2a:46:28:9f:94:85:83:e1:b1:08:e2:
23:b8:44:a0:ce:e9:6b:fb:85:c6:11:cc:1e:51:86:
68:a8:0c:17:58:f3:38:c1:4c:3c:ad:25:56:5c:ff:
38:25:21:b2:61:c5:a1:cc:08:3c:7c:f7:d6:d2:d0:
9c:b0:58:a1:39:4d:79:9c:ef:61:d3:11:44:35:d4:
81:92:be:fc:89:04:3d:5b:ec:55:9d:5f:2e:f0:9d:
4c:ee:4a:ba:4c:64:05:73:50:b3:1c:d7:62:e5:c1:
ef:9e:64:ad:03:40:34:95:f1:9a:81:4c:55:bf:65:
1b:42:2f:81:8c:ce:59:36:e4:d3:57:6c:54:b2:b1:
4c:ab:38:29:8e:6f:f3:63:af:56:b2:cb:b9:dd:28:
15:8e:b8:db:59:5e:0d:cd:4b:cd:42:d7:97:d2:e1:
ab:20:15:0b:44:96:e4:b4:a9:45:5d:4b:75:d0:87:
2e:31:45:5e:81:18:c9:6d:d0:13:4d:4b:7d:80:33:
12:60:77:6f:95:0c:c6:fe:6d:a2:9a:f0:0a:08:71:
0d:24:82:d0:25:10:48:e7:57:39:be:6d:d8:cf:82:
65:43:18:3b:74:97:2d:a2:8d:e2:9f:b1:a6:af:64:
3f:34:1c:ac:23:63:0f:11:d3:0d:91:7e:33:23:51:
39:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E8:42:0F:7B:B7:79:9F:BA:10:C3:3D:A4:C2:22:41:2D:A6:1A:D1
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/eehCD3u3eZ-6EMM9pMIiQS2mGtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.48.0/24
185.88.173.0/24
185.243.180.0/24
185.250.210.0/24
194.62.52.0/24
Signature Algorithm: sha256WithRSAEncryption
40:15:73:23:03:7e:0d:32:fb:83:7f:bc:df:e3:e4:e7:eb:55:
e7:e9:50:f2:e4:b1:32:f6:f8:90:88:97:c9:b8:03:35:17:dd:
7d:65:a6:db:f3:47:53:35:bf:70:5b:01:53:6e:66:d5:1b:2c:
e9:b0:7a:6b:73:e2:11:6d:e1:54:cc:c1:28:df:e9:bf:fa:f5:
2f:2c:d6:aa:ea:14:79:b7:e7:f8:d9:77:12:d1:a3:7c:e9:68:
ff:e5:7c:1d:96:06:85:57:f2:45:2a:25:98:02:8c:6a:f3:b8:
4c:ae:04:71:03:f4:65:ed:ac:c5:56:77:53:bd:d5:a2:e6:fb:
7e:2f:b0:22:11:df:56:d0:b7:20:0c:2e:8b:bc:69:d2:1e:4d:
63:59:92:c6:8d:2f:e7:6e:b4:a6:a8:d3:43:7a:67:7a:38:8a:
89:ec:36:ae:56:1b:33:d6:a9:11:0b:05:da:83:2d:b0:e3:e0:
04:d8:d4:06:fc:c3:ee:9e:39:0b:f4:ad:db:50:ff:8d:61:a0:
d2:87:ce:98:ba:1a:d2:a8:d4:b3:53:bb:3b:ca:a4:11:fb:82:
e7:bc:8c:2a:16:64:1e:2e:f7:22:6a:df:23:e7:ed:8d:19:07:
22:a5:85:40:41:09:89:fd:1e:01:a5:af:1e:5b:63:1a:ab:ac:
ba:59:c6:1c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnRzK2eZ8HUiMlQtDvvvaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWU4NDIwZjdiYjc3OTlmYmExMGMzM2RhNGMyMjI0MTJkYTYxYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl8nKkYon5SFg+GxCOIjuESgzulr
+4XGEcweUYZoqAwXWPM4wUw8rSVWXP84JSGyYcWhzAg8fPfW0tCcsFihOU15nO9h
0xFENdSBkr78iQQ9W+xVnV8u8J1M7kq6TGQFc1CzHNdi5cHvnmStA0A0lfGagUxV
v2UbQi+BjM5ZNuTTV2xUsrFMqzgpjm/zY69Wssu53SgVjrjbWV4NzUvNQteX0uGr
IBULRJbktKlFXUt10IcuMUVegRjJbdATTUt9gDMSYHdvlQzG/m2imvAKCHENJILQ
JRBI51c5vm3Yz4JlQxg7dJctoo3in7Gmr2Q/NBysI2MPEdMNkX4zI1E5mQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHnoQg97t3mfuhDDPaTCIkEtphrRMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZWVoQ0QzdTNlWi02RU1NOXBNSWlRUzJtR3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAbewwAwQA
uVitAwQAufO0AwQAufrSAwQAwj40MA0GCSqGSIb3DQEBCwUAA4IBAQBAFXMjA34N
MvuDf7zf4+Tn61Xn6VDy5LEy9viQiJfJuAM1F919Zabb80dTNb9wWwFTbmbVGyzp
sHprc+IRbeFUzMEo3+m/+vUvLNaq6hR5t+f42XcS0aN86Wj/5XwdlgaFV/JFKiWY
Aoxq87hMrgRxA/Rl7azFVndTvdWi5vt+L7AiEd9W0LcgDC6LvGnSHk1jWZLGjS/n
brSmqNNDemd6OIqJ7DauVhsz1qkRCwXagy2w4+AE2NQG/MPunjkL9K3bUP+NYaDS
h86YuhrSqNSzU7s7yqQR+4LnvIwqFmQeLvciat8j5+2NGQcipYVAQQmJ/R4Bpa8e
W2Maq6y6WcYc
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:37:58 2025 by rpki-client