Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/CeVJBdprHGVs3izj7dtWZms0rZE.roa
File: CeVJBdprHGVs3izj7dtWZms0rZE.roa (raw, json)
Hash identifier: W+16x5qK0kEteBWjRy0XLY8JSbvZzRhCflvJI6DSBk0=
Subject key identifier: 09:E5:49:05:DA:6B:1C:65:6C:DE:2C:E3:ED:DB:56:66:6B:34:AD:91
Certificate issuer: /CN=e0d435784da8c218e0ff107cdcfe24ca4569c949
Certificate serial: 018CCA99628D6BAF1AAAC8F1CEACEE249FA9
Authority key identifier: E0:D4:35:78:4D:A8:C2:18:E0:FF:10:7C:DC:FE:24:CA:45:69:C9:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4NQ1eE2owhjg_xB83P4kykVpyUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/CeVJBdprHGVs3izj7dtWZms0rZE.roa
Signing time: Tue 02 Jan 2024 14:34:58 +0000
ROA not before: Tue 02 Jan 2024 14:34:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202463
IP address blocks: 185.73.236.0/24 maxlen: 24
185.73.238.0/24 maxlen: 24
185.73.237.0/24 maxlen: 24
87.243.69.0/24 maxlen: 24
87.243.71.0/24 maxlen: 24
87.243.77.0/24 maxlen: 24
87.243.79.0/24 maxlen: 24
185.49.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 23 Mar 2024 10:24:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:62:8d:6b:af:1a:aa:c8:f1:ce:ac:ee:24:9f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0d435784da8c218e0ff107cdcfe24ca4569c949
Validity
Not Before: Jan 2 14:34:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09e54905da6b1c656cde2ce3eddb56666b34ad91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b5:e2:07:ce:58:8b:80:db:16:a6:c8:68:9a:
98:05:4b:98:14:76:d5:8d:39:f8:8b:e4:ab:a5:e7:
bb:6e:a5:44:04:eb:2c:b2:55:d8:7f:d9:0f:35:3b:
ba:0b:14:bb:50:d0:1f:b1:2f:fa:de:07:f9:4b:ac:
9d:48:cf:fa:86:75:73:da:df:65:37:93:01:1b:05:
86:ee:02:d7:40:5e:de:b9:f5:de:91:0a:21:c8:8d:
82:17:ae:1a:07:81:8a:1a:73:4c:f5:6b:cd:13:6d:
cf:02:b5:28:3c:8f:c9:86:01:86:45:04:14:54:51:
8a:25:7b:4c:7b:0b:b2:8b:fc:c9:1e:99:0c:4c:2e:
7f:8c:7b:51:01:c9:41:56:ba:75:ce:d0:84:f4:77:
ba:1a:74:34:06:f3:6d:5e:5f:90:1e:c0:d4:6f:18:
92:07:e2:d2:25:9e:42:3b:8a:79:6b:cc:57:3a:8e:
ef:56:ee:97:a8:ee:6f:6f:55:0a:9b:97:f9:12:58:
82:a7:b9:c5:6e:79:2d:72:8b:87:c7:54:ce:3f:62:
29:3c:be:a3:2e:a4:65:38:eb:78:2d:c9:79:d5:59:
72:a2:19:ce:08:1d:e5:1f:ac:96:aa:bb:27:fd:e5:
97:7d:80:1a:cf:32:95:3e:89:2c:14:20:fd:6f:33:
35:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E5:49:05:DA:6B:1C:65:6C:DE:2C:E3:ED:DB:56:66:6B:34:AD:91
X509v3 Authority Key Identifier:
keyid:E0:D4:35:78:4D:A8:C2:18:E0:FF:10:7C:DC:FE:24:CA:45:69:C9:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4NQ1eE2owhjg_xB83P4kykVpyUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/CeVJBdprHGVs3izj7dtWZms0rZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/4NQ1eE2owhjg_xB83P4kykVpyUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.243.69.0/24
87.243.71.0/24
87.243.77.0/24
87.243.79.0/24
185.49.88.0/22
185.73.236.0-185.73.238.255
Signature Algorithm: sha256WithRSAEncryption
f4:99:64:f2:c1:06:58:a6:ef:0a:07:a1:43:b1:0b:8b:fa:32:
9c:c5:8c:4d:36:b8:94:12:40:8c:ec:8a:2a:24:ef:d6:88:b1:
d6:9b:69:c3:aa:2e:db:a3:ec:5d:91:01:a1:7c:4a:72:be:c7:
26:7e:d0:7c:5f:26:76:aa:21:cf:bf:f7:22:9f:3e:52:57:07:
cd:80:bc:c4:85:6a:23:25:c9:00:a1:11:53:31:07:ae:7d:3d:
00:b1:b7:24:cd:87:da:f0:8b:e4:a9:8b:98:c0:6d:8d:40:61:
59:58:1d:fb:cd:99:a7:bb:00:40:aa:3e:ac:b7:c5:6c:c8:fa:
93:47:0c:1a:b1:4a:da:a8:3e:c0:69:16:8b:70:6f:57:fe:19:
7c:18:1a:d4:dc:cd:28:c6:e4:d3:3c:0e:45:7f:50:da:f0:e4:
68:6d:f6:90:35:0d:33:a1:52:af:0a:93:29:71:d9:4d:e8:37:
16:04:4e:c1:cb:4e:22:e3:da:ef:5f:7d:23:e0:27:cf:45:b1:
78:e4:fe:27:75:40:1d:cb:ef:30:1f:d0:f0:23:6a:65:1c:c7:
b1:0c:1d:9d:70:0c:07:25:82:03:c0:06:a0:45:38:cf:0f:a5:
f2:8b:52:85:7b:f5:3e:7f:59:a3:3b:69:10:84:35:7f:64:86:
cd:db:1f:4a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzKmWKNa68aqsjxzqzuJJ+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZDQzNTc4NGRhOGMyMThlMGZmMTA3Y2RjZmUyNGNhNDU2
OWM5NDkwHhcNMjQwMTAyMTQzNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWU1NDkwNWRhNmIxYzY1NmNkZTJjZTNlZGRiNTY2NjZiMzRhZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrXiB85Yi4DbFqbIaJqYBUuYFHbV
jTn4i+Srpee7bqVEBOssslXYf9kPNTu6CxS7UNAfsS/63gf5S6ydSM/6hnVz2t9l
N5MBGwWG7gLXQF7eufXekQohyI2CF64aB4GKGnNM9WvNE23PArUoPI/JhgGGRQQU
VFGKJXtMewuyi/zJHpkMTC5/jHtRAclBVrp1ztCE9He6GnQ0BvNtXl+QHsDUbxiS
B+LSJZ5CO4p5a8xXOo7vVu6XqO5vb1UKm5f5EliCp7nFbnktcouHx1TOP2IpPL6j
LqRlOOt4Lcl51VlyohnOCB3lH6yWqrsn/eWXfYAazzKVPoksFCD9bzM18QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAnlSQXaaxxlbN4s4+3bVmZrNK2RMB8GA1UdIwQY
MBaAFODUNXhNqMIY4P8QfNz+JMpFaclJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE5RMWVFMm93aGpnX3hCODNQNGt5a1ZweVVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMDVlYmEtOWQ4NS00ODliLWFlYzct
ZWQ0MmQzYTYyNWE0LzEvQ2VWSkJkcHJIR1ZzM2l6ajdkdFdabXMwclpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hMDVlYmEtOWQ4NS00ODliLWFlYzctZWQ0MmQzYTYyNWE0
LzEvNE5RMWVFMm93aGpnX3hCODNQNGt5a1ZweVVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAV/NFAwQA
V/NHAwQAV/NNAwQAV/NPAwQCuTFYMAwDBAK5SewDBAC5Se4wDQYJKoZIhvcNAQEL
BQADggEBAPSZZPLBBlim7woHoUOxC4v6MpzFjE02uJQSQIzsiiok79aIsdabacOq
Ltuj7F2RAaF8SnK+xyZ+0HxfJnaqIc+/9yKfPlJXB82AvMSFaiMlyQChEVMxB659
PQCxtyTNh9rwi+Spi5jAbY1AYVlYHfvNmae7AECqPqy3xWzI+pNHDBqxStqoPsBp
Fotwb1f+GXwYGtTczSjG5NM8DkV/UNrw5Ght9pA1DTOhUq8Kkylx2U3oNxYETsHL
TiLj2u9ffSPgJ89FsXjk/id1QB3L7zAf0PAjamUcx7EMHZ1wDAclggPABqBFOM8P
pfKLUoV79T5/WaM7aRCENX9khs3bH0o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:24 2024 by rpki-client on console-fra.rpki-client.org