Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/EBOk2JDEw-UdjzvNqajG_Lh7ebs.roa
File: EBOk2JDEw-UdjzvNqajG_Lh7ebs.roa (raw, json)
Hash identifier: VIS9fstL2hnsZNiICjStUujcXzAqa/HVYNW5t/O5fZM=
Subject key identifier: 10:13:A4:D8:90:C4:C3:E5:1D:8F:3B:CD:A9:A8:C6:FC:B8:7B:79:BB
Certificate issuer: /CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485
Certificate serial: 018F548E3402224DB268FA2E792E4DBEDDB3
Authority key identifier: D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/EBOk2JDEw-UdjzvNqajG_Lh7ebs.roa
Signing time: Tue 07 May 2024 19:35:56 +0000
ROA not before: Tue 07 May 2024 19:35:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40866
IP address blocks: 185.224.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 16:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:54:8e:34:02:22:4d:b2:68:fa:2e:79:2e:4d:be:dd:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485
Validity
Not Before: May 7 19:35:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1013a4d890c4c3e51d8f3bcda9a8c6fcb87b79bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:af:71:cd:78:85:b5:a5:6b:9b:59:85:fb:16:
e3:e7:1d:43:32:34:2b:e0:2b:24:6c:ea:54:41:cd:
ae:c5:19:f5:23:65:2f:cd:49:0b:f1:11:bf:1d:6c:
2d:7d:98:94:26:27:96:0c:57:ef:03:eb:86:64:09:
85:3b:5c:a4:d2:ea:2c:6c:d4:6d:24:2f:58:82:30:
0b:5a:2e:1a:27:06:85:ae:4e:63:5a:a8:29:95:5f:
80:dc:16:23:d5:0b:cd:65:f8:4f:b9:a8:d3:ad:af:
88:ee:54:9c:a2:fb:00:e2:91:96:75:74:c8:ab:6d:
c8:64:15:55:33:9d:04:a6:ea:18:8c:21:a6:17:81:
93:1f:f4:84:34:f2:7b:7c:ce:a8:5e:19:90:c3:81:
64:9c:46:88:df:6a:57:b9:e4:27:f0:37:4c:94:25:
fd:35:9d:e4:51:02:38:56:a3:c5:9b:06:3b:25:cd:
08:ad:ff:50:6f:0b:5c:0b:dc:ac:b4:55:0e:9a:b4:
d9:cf:03:8b:a3:83:af:e8:fa:cc:91:bb:6b:42:b4:
88:43:73:63:b6:48:a1:e3:e8:4d:88:7b:71:93:b3:
ed:23:c6:8a:80:99:c7:1e:a3:73:e3:85:a3:16:31:
83:02:f3:24:2a:a2:ee:05:f7:92:78:37:78:6c:28:
e1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:13:A4:D8:90:C4:C3:E5:1D:8F:3B:CD:A9:A8:C6:FC:B8:7B:79:BB
X509v3 Authority Key Identifier:
keyid:D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/EBOk2JDEw-UdjzvNqajG_Lh7ebs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.3.0/24
Signature Algorithm: sha256WithRSAEncryption
23:13:35:e0:85:b7:43:87:f2:6c:ba:fb:ec:ae:4d:d2:76:80:
e4:3b:bb:a7:4f:6b:a0:10:ae:81:32:c4:54:98:f4:2f:bf:33:
4f:ec:00:88:18:72:55:7b:78:bc:a5:de:ca:57:cd:e4:b9:7d:
7e:ac:98:f5:25:dd:be:83:d0:cb:16:be:2d:1d:83:d7:f1:77:
5e:1d:3c:b2:d3:5f:8a:37:7d:53:c8:df:e6:0d:06:29:ba:d8:
4e:da:cf:3f:db:15:a3:5d:4e:72:ca:ee:19:d9:96:fb:d2:3b:
13:4d:e3:35:d2:6c:24:b3:e4:9a:34:0b:ba:37:75:e9:8e:e9:
49:2d:d5:cc:e7:f1:37:af:99:7b:9d:6c:7a:e3:a1:39:e6:1f:
da:3a:e7:db:38:b8:78:88:db:7a:a0:96:8d:37:3b:1f:67:a9:
f5:a0:a4:87:79:32:d8:4b:33:07:81:1c:0b:7b:67:20:ce:49:
19:ad:32:35:43:bc:15:26:de:5e:0b:98:5a:96:14:fa:f3:4e:
13:45:43:19:d6:2e:64:bf:3f:9c:ed:25:b6:58:e1:83:c4:6a:
61:ea:09:81:87:9b:f5:7e:66:2a:51:38:8b:1f:3e:8e:03:94:
cd:9f:35:c9:f6:2a:b9:8b:e4:a6:e9:9c:fe:23:04:6c:db:71:
fd:41:0a:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9UjjQCIk2yaPoueS5Nvt2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDEyZmFmOTgyNzVhZTRmM2Y4ZDg3ZjA4NGVlNGZmODQy
MGM0ODUwHhcNMjQwNTA3MTkzNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDEzYTRkODkwYzRjM2U1MWQ4ZjNiY2RhOWE4YzZmY2I4N2I3OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa9xzXiFtaVrm1mF+xbj5x1DMjQr
4CskbOpUQc2uxRn1I2UvzUkL8RG/HWwtfZiUJieWDFfvA+uGZAmFO1yk0uosbNRt
JC9YgjALWi4aJwaFrk5jWqgplV+A3BYj1QvNZfhPuajTra+I7lScovsA4pGWdXTI
q23IZBVVM50EpuoYjCGmF4GTH/SENPJ7fM6oXhmQw4FknEaI32pXueQn8DdMlCX9
NZ3kUQI4VqPFmwY7Jc0Irf9QbwtcC9ystFUOmrTZzwOLo4Ov6PrMkbtrQrSIQ3Nj
tkih4+hNiHtxk7PtI8aKgJnHHqNz44WjFjGDAvMkKqLuBfeSeDd4bCjhuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBATpNiQxMPlHY87zamoxvy4e3m7MB8GA1UdIwQY
MBaAFNgBL6+YJ1rk8/jYfwhO5P+EIMSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjIt
NmQ1NjBkZWJmN2IzLzEvRUJPazJKREV3LVVkanp2TnFhakdfTGg3ZWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjItNmQ1NjBkZWJmN2Iz
LzEvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueADMA0G
CSqGSIb3DQEBCwUAA4IBAQAjEzXghbdDh/Jsuvvsrk3SdoDkO7unT2ugEK6BMsRU
mPQvvzNP7ACIGHJVe3i8pd7KV83kuX1+rJj1Jd2+g9DLFr4tHYPX8XdeHTyy01+K
N31TyN/mDQYputhO2s8/2xWjXU5yyu4Z2Zb70jsTTeM10mwks+SaNAu6N3XpjulJ
LdXM5/E3r5l7nWx646E55h/aOufbOLh4iNt6oJaNNzsfZ6n1oKSHeTLYSzMHgRwL
e2cgzkkZrTI1Q7wVJt5eC5halhT6804TRUMZ1i5kvz+c7SW2WOGDxGph6gmBh5v1
fmYqUTiLHz6OA5TNnzXJ9iq5i+Sm6Zz+IwRs23H9QQpu
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:27:47 2025 by rpki-client