Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/EHysh9UnoYPJypp5xbg5lnUyoAI.roa
File: EHysh9UnoYPJypp5xbg5lnUyoAI.roa (raw, json)
Hash identifier: xGbgf0r2sT4QnVHSz96qRrVE9Vl41YB0OkFKNenpj+8=
Subject key identifier: 10:7C:AC:87:D5:27:A1:83:C9:CA:9A:79:C5:B8:39:96:75:32:A0:02
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 018CF8C664EB8645F7E3C554756DA0CBA6E5
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/EHysh9UnoYPJypp5xbg5lnUyoAI.roa
Signing time: Thu 11 Jan 2024 13:46:40 +0000
ROA not before: Thu 11 Jan 2024 13:46:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33845
IP address blocks: 149.126.48.0/21 maxlen: 24
162.23.0.0/16 maxlen: 16
193.5.216.0/21 maxlen: 21
131.102.0.0/16 maxlen: 16
2a07:2900::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Jan 2024 09:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:c6:64:eb:86:45:f7:e3:c5:54:75:6d:a0:cb:a6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 11 13:46:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=107cac87d527a183c9ca9a79c5b839967532a002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ac:26:48:45:d8:06:dc:51:39:0a:d5:e7:9f:
38:c0:21:1f:d7:39:d3:0b:c5:83:fa:6c:85:dc:c1:
0e:a9:52:47:18:99:1d:e0:c4:e6:f3:a4:7a:e6:7f:
2c:bc:a1:18:76:a5:85:d8:15:d7:77:4b:d6:77:7c:
ff:03:b6:b8:ba:ce:e2:bb:90:b7:38:d8:4e:34:cc:
81:4f:6a:2a:f8:b5:a9:d2:e3:15:e2:cb:d7:70:22:
fa:bb:70:33:12:de:a7:e4:73:a6:ca:aa:62:68:5d:
b5:0a:4e:35:8d:3f:7d:e1:36:2f:e4:28:26:11:59:
32:c5:7d:ff:b7:11:65:4b:10:4a:82:3c:e5:7b:3e:
67:ad:a8:19:14:a3:0d:d0:ae:19:10:a7:41:e4:39:
b8:01:94:72:4b:4c:0d:0d:69:5c:ba:13:ed:0c:43:
70:4f:c0:f0:d9:47:aa:f9:7d:0f:55:9a:cc:5b:a3:
cf:0d:08:af:a5:fc:20:84:fc:48:9f:77:77:2a:49:
e6:e2:0a:9c:d2:95:80:2c:47:9f:38:ed:c1:c7:1d:
71:fe:3d:70:e8:77:98:e8:a6:15:c4:93:7a:01:92:
e3:86:de:c8:ec:68:fd:d1:37:c3:72:5d:2a:56:67:
87:b0:14:c3:1e:1f:10:5c:73:0d:54:08:c6:33:99:
00:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7C:AC:87:D5:27:A1:83:C9:CA:9A:79:C5:B8:39:96:75:32:A0:02
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/EHysh9UnoYPJypp5xbg5lnUyoAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.102.0.0/16
149.126.48.0/21
162.23.0.0/16
193.5.216.0/21
IPv6:
2a07:2900::/32
Signature Algorithm: sha256WithRSAEncryption
41:9a:91:77:4e:f6:04:a9:41:e2:3d:b7:af:ce:f3:28:42:c2:
18:1d:93:3c:3d:7f:f1:7b:b2:af:e5:e5:f9:75:6a:92:c4:1e:
a7:e0:d2:ba:68:56:9c:19:cd:3e:e6:a2:73:25:bc:a8:5b:07:
31:42:10:93:08:62:2e:08:1b:60:bc:71:59:34:d7:1f:ef:65:
a8:e9:d3:11:38:be:30:bb:27:87:25:b8:54:b2:c5:50:1b:64:
ec:04:7f:33:10:1c:10:78:98:2e:c8:1b:a2:8b:f0:cf:42:6f:
c7:60:74:88:dd:bb:5a:80:7b:4c:0d:33:d0:d6:4f:b9:5a:74:
34:30:7b:c3:c7:f3:77:ae:c4:d9:b3:de:6c:e0:e2:6b:8b:4b:
9d:65:bd:85:99:32:1e:ed:07:ca:29:1e:c8:bf:24:70:95:57:
cd:da:dc:75:16:ee:8e:7f:63:65:ab:29:c6:00:46:c9:bd:3a:
a3:e3:00:45:9a:28:9d:d2:e1:ee:ef:21:28:92:7d:c4:76:a9:
57:a4:46:5e:4d:1e:2f:3f:29:84:95:92:fb:a5:7b:09:0f:be:
eb:69:83:47:ca:ba:25:30:92:cf:d7:17:68:68:6d:79:1c:e3:
0c:ca:dc:38:27:17:d6:5b:c3:fd:d5:97:fb:4c:43:2d:d1:33:
04:d8:88:ef
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYz4xmTrhkX348VUdW2gy6blMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjQwMTExMTM0NjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdjYWM4N2Q1MjdhMTgzYzljYTlhNzljNWI4Mzk5Njc1MzJhMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqwmSEXYBtxROQrV5584wCEf1znT
C8WD+myF3MEOqVJHGJkd4MTm86R65n8svKEYdqWF2BXXd0vWd3z/A7a4us7iu5C3
ONhONMyBT2oq+LWp0uMV4svXcCL6u3AzEt6n5HOmyqpiaF21Ck41jT994TYv5Cgm
EVkyxX3/txFlSxBKgjzlez5nragZFKMN0K4ZEKdB5Dm4AZRyS0wNDWlcuhPtDENw
T8Dw2Ueq+X0PVZrMW6PPDQivpfwghPxIn3d3Kknm4gqc0pWALEefOO3Bxx1x/j1w
6HeY6KYVxJN6AZLjht7I7Gj90TfDcl0qVmeHsBTDHh8QXHMNVAjGM5kARwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFBB8rIfVJ6GDycqaecW4OZZ1MqACMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvRUh5c2g5VW5vWVBKeXBwNXhiZzVsblV5b0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAcBAIAATAWAwMAg2YDBAOV
fjADAwCiFwMEA8EF2DANBAIAAjAHAwUAKgcpADANBgkqhkiG9w0BAQsFAAOCAQEA
QZqRd072BKlB4j23r87zKELCGB2TPD1/8Xuyr+Xl+XVqksQep+DSumhWnBnNPuai
cyW8qFsHMUIQkwhiLggbYLxxWTTXH+9lqOnTETi+MLsnhyW4VLLFUBtk7AR/MxAc
EHiYLsgboovwz0Jvx2B0iN27WoB7TA0z0NZPuVp0NDB7w8fzd67E2bPebODia4tL
nWW9hZkyHu0HyikeyL8kcJVXzdrcdRbujn9jZaspxgBGyb06o+MARZoondLh7u8h
KJJ9xHapV6RGXk0eLz8phJWS+6V7CQ++62mDR8q6JTCSz9cXaGhteRzjDMrcOCcX
1lvD/dWX+0xDLdEzBNiI7w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:18 2025 by rpki-client