Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/eNOxU9tHRXLYiSValP-0UkHuP5I.roa
File: eNOxU9tHRXLYiSValP-0UkHuP5I.roa (raw, json)
Hash identifier: Zl1oFgle+NJ8x0Cg3ZDLP4oTi/kY9VgtjTzyDww8d40=
Subject key identifier: 78:D3:B1:53:DB:47:45:72:D8:89:25:5A:94:FF:B4:52:41:EE:3F:92
Certificate issuer: /CN=b05442c4ffe9c1d761e7c569360ead042438f903
Certificate serial: 018CC801A4092A99B9D1611486D949C51B8D
Authority key identifier: B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/eNOxU9tHRXLYiSValP-0UkHuP5I.roa
Signing time: Tue 02 Jan 2024 02:29:59 +0000
ROA not before: Tue 02 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50533
IP address blocks: 145.14.224.0/23 maxlen: 23
185.160.248.0/22 maxlen: 22
145.14.224.0/20 maxlen: 20
134.101.64.0/24 maxlen: 24
134.101.64.0/19 maxlen: 19
2a00:17f1::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Sep 2024 08:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a4:09:2a:99:b9:d1:61:14:86:d9:49:c5:1b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05442c4ffe9c1d761e7c569360ead042438f903
Validity
Not Before: Jan 2 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78d3b153db474572d889255a94ffb45241ee3f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1c:37:71:f8:06:79:2d:25:b7:20:09:53:03:
16:0a:de:a6:d4:ee:50:56:cf:fa:66:a6:7a:dd:1d:
e6:6f:d9:e7:05:e2:3e:d3:13:76:a6:e7:05:33:28:
43:a7:95:04:3b:74:86:08:e7:33:77:0b:5d:37:ad:
c5:4f:db:f4:b0:6f:f0:27:4e:ff:97:16:76:d7:ac:
5a:d8:16:a7:9d:74:23:79:75:5a:c0:9b:11:dd:ce:
f1:6b:a4:ef:1b:8b:07:ce:3e:6b:e4:02:ac:b2:c9:
b5:cf:34:83:e3:18:67:62:fb:a7:dc:5d:fe:7b:36:
ed:9f:7a:dd:99:47:30:12:8f:f7:7e:0a:f9:62:ae:
94:fa:f8:ca:dd:f3:ba:fc:b0:4d:e5:8e:a9:48:1f:
f3:10:d6:7a:28:50:4d:b5:90:a0:bb:75:d4:35:29:
4f:d5:32:08:6e:6d:de:68:44:c6:c3:e4:2d:95:8c:
56:78:68:20:b7:6f:1a:ea:69:a5:59:d8:b2:e2:60:
2c:7a:6c:0f:27:55:e9:0d:25:8d:1f:aa:1f:af:dd:
1c:c9:83:05:da:03:72:c4:4a:ad:ef:7d:90:6f:7f:
9d:dd:cc:2d:df:5e:f7:db:b2:f8:2f:15:f1:76:91:
e9:d3:73:a0:27:15:7e:46:69:90:f1:c2:35:34:fb:
08:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D3:B1:53:DB:47:45:72:D8:89:25:5A:94:FF:B4:52:41:EE:3F:92
X509v3 Authority Key Identifier:
keyid:B0:54:42:C4:FF:E9:C1:D7:61:E7:C5:69:36:0E:AD:04:24:38:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFRCxP_pwddh58VpNg6tBCQ4-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/eNOxU9tHRXLYiSValP-0UkHuP5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/4b77e7-347c-49fa-808b-6ed331f31e09/1/sFRCxP_pwddh58VpNg6tBCQ4-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.101.64.0/19
145.14.224.0/20
185.160.248.0/22
IPv6:
2a00:17f1::/32
Signature Algorithm: sha256WithRSAEncryption
1e:9a:0e:68:64:aa:fd:92:7a:02:2d:ea:32:f1:f4:72:02:a5:
4f:fd:27:70:55:f2:2f:be:70:28:16:a4:88:63:64:87:e0:10:
3e:35:d0:3e:09:83:1a:42:ae:71:dd:a1:7d:6c:38:49:a7:07:
9f:fb:0b:51:69:01:55:83:9a:e8:d7:5e:04:c3:4b:d2:d5:a0:
19:04:22:3a:6a:23:6d:ea:15:a4:30:ad:69:2d:b4:53:e1:41:
d9:ba:7d:92:0b:76:88:57:cb:72:42:2b:c0:b3:0f:d4:c4:a1:
70:f6:55:7c:ea:72:24:11:a0:fc:78:30:f6:37:05:05:94:f3:
ce:c4:19:36:dc:66:d7:3e:ea:ea:f1:31:d3:c6:39:4d:e6:16:
d6:b2:c3:f6:2c:22:4a:28:8f:46:c6:8b:dd:29:73:4f:ad:89:
bd:5d:77:df:ad:b4:fe:f1:41:5f:6f:54:59:ff:8e:81:18:df:
2c:53:ee:ba:bd:23:52:ca:9d:50:0e:9c:ae:63:8a:bc:29:0c:
14:b6:88:66:ca:5c:24:fb:e1:21:6e:cf:1d:50:58:c4:6c:65:
d1:d5:25:e2:f4:36:23:3e:90:2f:55:90:93:4e:e7:3d:ca:8c:
09:66:ee:39:0f:43:04:ad:70:83:1c:e5:1b:fb:0e:b6:5c:a9:
c9:62:cc:67
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAaQJKpm50WEUhtlJxRuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNTQ0MmM0ZmZlOWMxZDc2MWU3YzU2OTM2MGVhZDA0MjQz
OGY5MDMwHhcNMjQwMTAyMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGQzYjE1M2RiNDc0NTcyZDg4OTI1NWE5NGZmYjQ1MjQxZWUzZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxw3cfgGeS0ltyAJUwMWCt6m1O5Q
Vs/6ZqZ63R3mb9nnBeI+0xN2pucFMyhDp5UEO3SGCOczdwtdN63FT9v0sG/wJ07/
lxZ216xa2BannXQjeXVawJsR3c7xa6TvG4sHzj5r5AKsssm1zzSD4xhnYvun3F3+
ezbtn3rdmUcwEo/3fgr5Yq6U+vjK3fO6/LBN5Y6pSB/zENZ6KFBNtZCgu3XUNSlP
1TIIbm3eaETGw+QtlYxWeGggt28a6mmlWdiy4mAsemwPJ1XpDSWNH6ofr90cyYMF
2gNyxEqt732Qb3+d3cwt317327L4LxXxdpHp03OgJxV+RmmQ8cI1NPsIrQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHjTsVPbR0Vy2IklWpT/tFJB7j+SMB8GA1UdIwQY
MBaAFLBUQsT/6cHXYefFaTYOrQQkOPkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZSQ3hQX3B3ZGRoNThWcE5nNnRCQ1E0LVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80Yjc3ZTctMzQ3Yy00OWZhLTgwOGIt
NmVkMzMxZjMxZTA5LzEvZU5PeFU5dEhSWExZaVNWYWxQLTBVa0h1UDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80Yjc3ZTctMzQ3Yy00OWZhLTgwOGItNmVkMzMxZjMxZTA5
LzEvc0ZSQ3hQX3B3ZGRoNThWcE5nNnRCQ1E0LVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFhmVAAwQE
kQ7gAwQCuaD4MA0EAgACMAcDBQAqABfxMA0GCSqGSIb3DQEBCwUAA4IBAQAemg5o
ZKr9knoCLeoy8fRyAqVP/SdwVfIvvnAoFqSIY2SH4BA+NdA+CYMaQq5x3aF9bDhJ
pwef+wtRaQFVg5ro114Ew0vS1aAZBCI6aiNt6hWkMK1pLbRT4UHZun2SC3aIV8ty
QivAsw/UxKFw9lV86nIkEaD8eDD2NwUFlPPOxBk23GbXPurq8THTxjlN5hbWssP2
LCJKKI9GxovdKXNPrYm9XXffrbT+8UFfb1RZ/46BGN8sU+66vSNSyp1QDpyuY4q8
KQwUtohmylwk++Ehbs8dUFjEbGXR1SXi9DYjPpAvVZCTTuc9yowJZu45D0MErXCD
HOUb+w62XKnJYsxn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:27 2025 by rpki-client