Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/232cfd-76dc-49e9-a94d-5188ea17d9a9/1/E4yycqohGkC-XxmZgouWOj-U-G0.roa
File: E4yycqohGkC-XxmZgouWOj-U-G0.roa (raw, json)
Hash identifier: qAC10Ztzcv8ehFxpH/l9Mknv1zUj3ldK2x7pT+fV0mw=
Subject key identifier: 13:8C:B2:72:AA:21:1A:40:BE:5F:19:99:82:8B:96:3A:3F:94:F8:6D
Certificate issuer: /CN=3066af73eff3ac21ff17a0952ff370e60ca44b5d
Certificate serial: 018CC4935A45CC934C3B77DC3FDEFAC0FB46
Authority key identifier: 30:66:AF:73:EF:F3:AC:21:FF:17:A0:95:2F:F3:70:E6:0C:A4:4B:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGavc-_zrCH_F6CVL_Nw5gykS10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/232cfd-76dc-49e9-a94d-5188ea17d9a9/1/E4yycqohGkC-XxmZgouWOj-U-G0.roa
Signing time: Mon 01 Jan 2024 10:30:40 +0000
ROA not before: Mon 01 Jan 2024 10:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60444
IP address blocks: 185.30.216.0/22 maxlen: 22
2a00:b760::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5a:45:cc:93:4c:3b:77:dc:3f:de:fa:c0:fb:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3066af73eff3ac21ff17a0952ff370e60ca44b5d
Validity
Not Before: Jan 1 10:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=138cb272aa211a40be5f1999828b963a3f94f86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d9:2e:46:ac:93:0e:b3:51:6a:27:ac:81:bc:
64:03:a6:16:81:36:c4:c3:6f:53:42:48:0c:dc:ae:
d3:9c:fa:37:37:9c:9e:cc:1b:c4:aa:55:cd:5a:b7:
4e:79:e4:f5:08:3d:b0:2a:04:ab:f3:a8:5f:0b:d2:
20:c9:a5:03:60:06:31:06:9a:49:e3:4c:48:f1:56:
8c:46:55:19:87:81:d7:33:a2:28:64:b1:40:d5:69:
a6:8a:f2:f5:36:15:c3:4c:d5:ab:68:5b:89:84:88:
6a:07:87:ed:30:0c:72:ed:62:50:4e:d1:cd:5c:f8:
9e:47:ab:c6:cd:ea:c3:78:0a:5b:26:85:fa:27:f3:
c8:3d:a8:cf:5f:43:40:b5:56:b3:8c:10:f0:d8:ff:
f8:ae:3f:78:74:38:56:50:8f:4c:c2:f6:68:99:13:
86:5b:a3:6e:8d:e1:69:e1:2e:58:4d:0d:df:34:c7:
4f:94:ea:de:4a:d8:3c:ae:ae:1a:40:30:10:8d:21:
0f:30:8f:9f:6f:d6:e1:77:6c:f7:3e:37:12:e1:6a:
76:f5:9b:b2:24:c0:be:3b:89:9a:d8:a7:d0:0a:cc:
23:08:8c:4a:41:54:51:f5:90:d1:8b:21:f4:72:fb:
73:65:63:1a:b9:e5:55:9c:ac:e7:e0:66:6c:65:26:
0a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:8C:B2:72:AA:21:1A:40:BE:5F:19:99:82:8B:96:3A:3F:94:F8:6D
X509v3 Authority Key Identifier:
keyid:30:66:AF:73:EF:F3:AC:21:FF:17:A0:95:2F:F3:70:E6:0C:A4:4B:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGavc-_zrCH_F6CVL_Nw5gykS10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/232cfd-76dc-49e9-a94d-5188ea17d9a9/1/E4yycqohGkC-XxmZgouWOj-U-G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/232cfd-76dc-49e9-a94d-5188ea17d9a9/1/MGavc-_zrCH_F6CVL_Nw5gykS10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.216.0/22
IPv6:
2a00:b760::/32
Signature Algorithm: sha256WithRSAEncryption
0a:0b:a3:3a:00:b0:c9:6b:dd:3a:1e:d4:c8:70:6b:cd:2b:21:
6c:78:ed:e4:80:bc:9e:66:ca:6b:2d:f3:72:ae:29:40:a0:35:
f4:10:c9:c8:94:3a:ca:36:eb:75:10:b8:fc:83:5b:3d:14:90:
ee:f1:0e:12:45:90:95:a9:a3:fe:50:76:93:fe:f8:b6:3c:6c:
f6:11:ad:97:af:8f:84:c9:93:00:6a:c2:7b:73:da:37:62:7f:
46:34:14:0a:ba:61:4d:98:d7:f8:86:2c:d6:c5:89:cb:88:ac:
af:4e:a7:e9:ff:16:53:c7:f8:d4:2f:7c:b1:e8:c2:60:38:84:
5c:e2:26:20:55:52:2b:f6:45:3f:b1:5a:ec:89:71:86:d2:f8:
20:2b:9e:0e:4f:6d:fd:c5:da:50:0f:90:f8:51:3c:13:bd:19:
e9:9d:cf:80:86:e6:95:e6:02:d7:ea:1e:7f:76:7f:42:72:50:
8c:d3:1b:b4:00:d2:b0:c7:ca:0d:22:18:46:00:37:ec:b1:47:
2a:17:6c:10:bd:40:59:e8:02:e8:8b:b1:ac:c1:27:28:a9:e5:
b2:90:08:56:97:5d:4a:1b:d2:a0:c5:18:ea:ec:b8:5e:3f:92:
fb:24:f0:a3:62:f5:0c:e7:63:6d:07:cf:14:7d:33:19:08:52:
ec:95:cd:45
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk1pFzJNMO3fcP976wPtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNjZhZjczZWZmM2FjMjFmZjE3YTA5NTJmZjM3MGU2MGNh
NDRiNWQwHhcNMjQwMTAxMTAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzhjYjI3MmFhMjExYTQwYmU1ZjE5OTk4MjhiOTYzYTNmOTRmODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotkuRqyTDrNRaiesgbxkA6YWgTbE
w29TQkgM3K7TnPo3N5yezBvEqlXNWrdOeeT1CD2wKgSr86hfC9IgyaUDYAYxBppJ
40xI8VaMRlUZh4HXM6IoZLFA1WmmivL1NhXDTNWraFuJhIhqB4ftMAxy7WJQTtHN
XPieR6vGzerDeApbJoX6J/PIPajPX0NAtVazjBDw2P/4rj94dDhWUI9MwvZomROG
W6NujeFp4S5YTQ3fNMdPlOreStg8rq4aQDAQjSEPMI+fb9bhd2z3PjcS4Wp29Zuy
JMC+O4ma2KfQCswjCIxKQVRR9ZDRiyH0cvtzZWMaueVVnKzn4GZsZSYKJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBOMsnKqIRpAvl8ZmYKLljo/lPhtMB8GA1UdIwQY
MBaAFDBmr3Pv86wh/xeglS/zcOYMpEtdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUdhdmMtX3pyQ0hfRjZDVkxfTnc1Z3lrUzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMzJjZmQtNzZkYy00OWU5LWE5NGQt
NTE4OGVhMTdkOWE5LzEvRTR5eWNxb2hHa0MtWHhtWmdvdVdPai1VLUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yMzJjZmQtNzZkYy00OWU5LWE5NGQtNTE4OGVhMTdkOWE5
LzEvTUdhdmMtX3pyQ0hfRjZDVkxfTnc1Z3lrUzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR7YMA0E
AgACMAcDBQAqALdgMA0GCSqGSIb3DQEBCwUAA4IBAQAKC6M6ALDJa906HtTIcGvN
KyFseO3kgLyeZsprLfNyrilAoDX0EMnIlDrKNut1ELj8g1s9FJDu8Q4SRZCVqaP+
UHaT/vi2PGz2Ea2Xr4+EyZMAasJ7c9o3Yn9GNBQKumFNmNf4hizWxYnLiKyvTqfp
/xZTx/jUL3yx6MJgOIRc4iYgVVIr9kU/sVrsiXGG0vggK54OT239xdpQD5D4UTwT
vRnpnc+AhuaV5gLX6h5/dn9CclCM0xu0ANKwx8oNIhhGADfssUcqF2wQvUBZ6ALo
i7GswScoqeWykAhWl11KG9KgxRjq7LheP5L7JPCjYvUM52NtB88UfTMZCFLslc1F
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:46 2025 by rpki-client