Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/Ea_-Y5W16baGl2d5sd8XUjXM0k4.roa
File: Ea_-Y5W16baGl2d5sd8XUjXM0k4.roa (raw, json)
Hash identifier: 5T8FUrI34HUnf8r/vrkw8Xpw6U/hBSuIaP5dOoGNLcE=
Subject key identifier: 11:AF:FE:63:95:B5:E9:B6:86:97:67:79:B1:DF:17:52:35:CC:D2:4E
Certificate issuer: /CN=14c66a786e6ef31674bec6833c78aebec1633972
Certificate serial: 018CC348D5CB496F6C39EC3C83710AA3CBA5
Authority key identifier: 14:C6:6A:78:6E:6E:F3:16:74:BE:C6:83:3C:78:AE:BE:C1:63:39:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/Ea_-Y5W16baGl2d5sd8XUjXM0k4.roa
Signing time: Mon 01 Jan 2024 04:29:39 +0000
ROA not before: Mon 01 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28685
IP address blocks: 46.44.128.0/18 maxlen: 24
89.146.0.0/18 maxlen: 24
37.0.80.0/20 maxlen: 24
213.144.224.0/19 maxlen: 24
37.153.192.0/18 maxlen: 24
213.247.64.0/18 maxlen: 24
212.121.96.0/19 maxlen: 24
84.246.0.0/18 maxlen: 24
2a02:22a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d5:cb:49:6f:6c:39:ec:3c:83:71:0a:a3:cb:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14c66a786e6ef31674bec6833c78aebec1633972
Validity
Not Before: Jan 1 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11affe6395b5e9b686976779b1df175235ccd24e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:68:18:27:0d:c7:50:d0:32:a9:95:7a:8c:88:
3d:6a:b0:f5:5a:24:cc:bb:24:e8:b0:73:84:ff:8a:
42:6b:53:a2:d9:87:cc:c7:ed:3c:02:f5:24:f0:80:
d2:6b:f9:4e:ba:5b:43:72:f4:28:c9:8e:6f:63:92:
f0:14:79:16:7f:06:a7:ca:43:cf:40:93:5a:92:30:
ba:01:49:6a:69:bf:ed:3b:27:68:ee:c1:47:73:fb:
d1:ee:47:be:34:42:29:d6:bc:f7:cb:46:1c:2e:ae:
03:b1:ef:99:58:6d:b4:3f:fb:44:40:2d:39:ec:f0:
03:70:74:87:6d:27:c1:14:a0:7b:dc:ac:b0:9a:a2:
d0:55:3d:c6:18:29:69:4c:6e:6e:c0:f9:12:8f:37:
f7:0c:41:26:da:6d:4e:f4:d0:95:5e:0d:c3:d4:90:
e3:69:9e:3d:10:07:7e:ad:b6:8e:e6:5e:1d:f0:1b:
94:7d:41:33:c7:29:f2:bc:28:a5:3a:63:19:e0:17:
7a:16:a2:fd:ab:de:2d:d2:bd:2d:44:d5:dd:9a:a3:
96:31:e9:67:d2:95:97:24:98:b5:31:b1:30:f7:c4:
56:e5:eb:52:c9:97:f6:4f:76:35:1d:1d:c2:3a:e6:
a6:a6:1e:19:cd:10:3a:5d:8d:5a:ed:98:39:80:14:
a5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AF:FE:63:95:B5:E9:B6:86:97:67:79:B1:DF:17:52:35:CC:D2:4E
X509v3 Authority Key Identifier:
keyid:14:C6:6A:78:6E:6E:F3:16:74:BE:C6:83:3C:78:AE:BE:C1:63:39:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/Ea_-Y5W16baGl2d5sd8XUjXM0k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.80.0/20
37.153.192.0/18
46.44.128.0/18
84.246.0.0/18
89.146.0.0/18
212.121.96.0/19
213.144.224.0/19
213.247.64.0/18
IPv6:
2a02:22a0::/32
Signature Algorithm: sha256WithRSAEncryption
53:3b:9e:4d:60:ca:aa:25:90:da:35:31:65:c5:c5:32:22:6a:
db:84:b4:77:32:7b:cd:6a:d1:9a:6d:29:00:7b:d1:f4:ad:8b:
72:1f:af:8e:ba:70:8b:6b:eb:0e:b4:03:14:c8:ae:7a:af:bb:
04:73:51:51:51:a3:3c:fa:86:3a:8b:ab:80:7a:34:61:a0:04:
1a:bf:6b:e7:29:45:d8:2f:a1:3d:76:ca:11:af:be:ea:e3:e7:
a1:26:44:48:5c:22:dd:98:b6:a1:a6:f6:d7:70:bb:c6:16:b1:
55:e9:c7:3e:13:8f:80:fc:91:72:5e:72:8a:d3:36:4b:d7:19:
c2:c6:b0:95:e7:66:80:0e:f2:86:ee:d4:73:3e:2b:5e:2f:9c:
89:1d:84:a2:c3:23:77:88:10:c3:ca:db:ad:2c:c4:bf:0e:ea:
dd:59:bf:db:66:80:f3:1f:24:e8:d4:b6:40:c4:bd:0c:3d:97:
d0:09:d9:70:4b:b8:cd:5e:bc:cc:1e:4e:db:95:b7:48:87:34:
11:7f:90:39:cb:fd:db:ff:58:4e:04:ed:e7:a1:17:f4:71:ed:
32:d4:95:38:f2:ea:d7:16:3b:09:a7:89:82:32:86:0f:45:d0:
fd:e9:e0:a0:cc:00:de:b5:af:e4:be:f9:c0:9b:38:7b:c4:bc:
1c:73:8d:0c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzDSNXLSW9sOew8g3EKo8ulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzY2YTc4NmU2ZWYzMTY3NGJlYzY4MzNjNzhhZWJlYzE2
MzM5NzIwHhcNMjQwMTAxMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWFmZmU2Mzk1YjVlOWI2ODY5NzY3NzliMWRmMTc1MjM1Y2NkMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWgYJw3HUNAyqZV6jIg9arD1WiTM
uyTosHOE/4pCa1Oi2YfMx+08AvUk8IDSa/lOultDcvQoyY5vY5LwFHkWfwanykPP
QJNakjC6AUlqab/tOydo7sFHc/vR7ke+NEIp1rz3y0YcLq4Dse+ZWG20P/tEQC05
7PADcHSHbSfBFKB73KywmqLQVT3GGClpTG5uwPkSjzf3DEEm2m1O9NCVXg3D1JDj
aZ49EAd+rbaO5l4d8BuUfUEzxynyvCilOmMZ4Bd6FqL9q94t0r0tRNXdmqOWMeln
0pWXJJi1MbEw98RW5etSyZf2T3Y1HR3COuamph4ZzRA6XY1a7Zg5gBSl9wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBGv/mOVtem2hpdnebHfF1I1zNJOMB8GA1UdIwQY
MBaAFBTGanhubvMWdL7Ggzx4rr7BYzlyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1acWVHNXU4eFowdnNhRFBIaXV2c0ZqT1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9hMTZjNGUtYjVhZC00N2Q3LThiNWIt
MzllNzZkYjJmODA4LzEvRWFfLVk1VzE2YmFHbDJkNXNkOFhValhNMGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9hMTZjNGUtYjVhZC00N2Q3LThiNWItMzllNzZkYjJmODA4
LzEvRk1acWVHNXU4eFowdnNhRFBIaXV2c0ZqT1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEJQBQAwQG
JZnAAwQGLiyAAwQGVPYAAwQGWZIAAwQF1HlgAwQF1ZDgAwQG1fdAMA0EAgACMAcD
BQAqAiKgMA0GCSqGSIb3DQEBCwUAA4IBAQBTO55NYMqqJZDaNTFlxcUyImrbhLR3
MnvNatGabSkAe9H0rYtyH6+OunCLa+sOtAMUyK56r7sEc1FRUaM8+oY6i6uAejRh
oAQav2vnKUXYL6E9dsoRr77q4+ehJkRIXCLdmLahpvbXcLvGFrFV6cc+E4+A/JFy
XnKK0zZL1xnCxrCV52aADvKG7tRzPiteL5yJHYSiwyN3iBDDytutLMS/DurdWb/b
ZoDzHyTo1LZAxL0MPZfQCdlwS7jNXrzMHk7blbdIhzQRf5A5y/3b/1hOBO3noRf0
ce0y1JU48urXFjsJp4mCMoYPRdD96eCgzADeta/kvvnAmzh7xLwcc40M
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:31:30 2025 by rpki-client