Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/egL3FaAMnV4tPxmc483j3EKI2wM.roa
File: egL3FaAMnV4tPxmc483j3EKI2wM.roa (raw, json)
Hash identifier: zKRJX/n+5Pprp4ciGSPp4jjEczaHSIHSMx/NjI2VMEU=
Subject key identifier: 7A:02:F7:15:A0:0C:9D:5E:2D:3F:19:9C:E3:CD:E3:DC:42:88:DB:03
Certificate issuer: /CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Certificate serial: 018CC9BBED0E1CED4DC5F11DE04163401F00
Authority key identifier: 85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/egL3FaAMnV4tPxmc483j3EKI2wM.roa
Signing time: Tue 02 Jan 2024 10:33:05 +0000
ROA not before: Tue 02 Jan 2024 10:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 80.79.112.0/20 maxlen: 24
185.246.184.0/22 maxlen: 24
46.22.208.0/20 maxlen: 24
2a01:97a0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ed:0e:1c:ed:4d:c5:f1:1d:e0:41:63:40:1f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Validity
Not Before: Jan 2 10:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a02f715a00c9d5e2d3f199ce3cde3dc4288db03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8b:19:70:2d:8f:11:80:3b:a3:64:da:d7:31:
30:80:a8:07:1b:e2:cd:b2:64:b0:73:75:05:14:56:
e2:13:e5:5f:1a:73:e0:8a:18:ee:c0:cd:6d:d4:b4:
af:da:bc:bc:84:39:0e:6b:ce:e1:95:88:46:57:6b:
b6:46:2d:bc:71:35:19:f4:e2:3b:d9:01:72:cc:65:
b4:a9:a6:c4:41:ca:21:6e:18:ba:7e:fc:76:3e:de:
d2:47:84:04:7d:e6:af:25:52:02:b9:92:00:91:8a:
52:a9:22:d2:80:bd:29:9d:a1:ae:03:84:e7:01:dc:
0e:c0:18:1c:5d:78:1b:0c:75:81:f3:ec:e0:d4:ff:
ee:d3:2c:2f:61:7b:93:ff:e2:81:0e:ae:de:01:11:
a7:b3:cd:2f:94:9e:6e:a0:c1:87:07:b1:27:76:5c:
8c:4f:80:b4:ea:57:42:8e:4c:b3:ed:ed:8a:66:cd:
2a:34:64:0e:f1:09:cc:08:74:d1:06:5a:cb:51:08:
24:44:12:12:fd:09:6c:d3:b3:9b:7e:2e:97:e2:61:
89:bd:39:d6:84:65:44:06:8b:84:4a:e8:8f:49:49:
71:2e:58:57:c6:d6:6e:62:50:d7:5a:74:24:ab:18:
64:c4:b2:4e:83:2f:bf:9a:b2:38:c8:35:3b:6d:14:
1c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:02:F7:15:A0:0C:9D:5E:2D:3F:19:9C:E3:CD:E3:DC:42:88:DB:03
X509v3 Authority Key Identifier:
keyid:85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/egL3FaAMnV4tPxmc483j3EKI2wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.208.0/20
80.79.112.0/20
185.246.184.0/22
IPv6:
2a01:97a0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:aa:8e:de:8c:5e:16:02:2e:3b:be:9b:78:81:2e:b9:d1:d3:
9d:97:8c:9a:58:74:ed:e4:49:ad:d3:ec:d9:c7:79:f6:2a:59:
47:e8:be:00:7d:a1:64:5f:f8:c7:99:bd:3a:c2:92:32:7e:e6:
a9:30:85:e5:62:25:0e:3f:cb:cb:80:97:fc:7f:53:1b:34:48:
88:b4:1f:4e:ee:44:b0:4e:11:a3:a5:f8:70:68:cf:4d:2e:c6:
1d:af:c2:0f:cb:b4:ac:93:68:3b:09:65:a1:72:3c:f0:1f:d0:
a4:21:76:01:5b:66:d4:22:1a:58:ee:05:87:7c:38:da:f5:bb:
61:db:e2:50:cb:08:13:c2:16:af:16:5c:27:4c:35:3b:be:6f:
c5:66:e0:61:f8:d5:0a:1a:a7:b7:4f:91:50:4c:9f:88:f9:ad:
9d:29:d7:e7:2f:2d:89:49:9a:6a:80:59:f1:e9:d5:1f:c4:fa:
b7:7f:0c:0a:17:70:99:d8:4a:2d:ee:01:07:99:d0:b0:04:f9:
49:50:4a:48:8a:a4:60:d9:37:94:cf:e5:59:a1:1c:39:0d:fb:
e4:f0:04:55:67:55:1b:d6:e0:c8:d3:7b:a8:ed:54:82:62:26:
9d:dd:0a:4d:ab:bb:f0:17:68:7a:96:87:9e:2c:f2:2a:57:ce:
62:ec:28:07
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJu+0OHO1NxfEd4EFjQB8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzcwY2M1ZDI2MGYzZTJhZWZmNWRkOGY4ZjRhNDE1YTIz
NDVhODEwHhcNMjQwMTAyMTAzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTAyZjcxNWEwMGM5ZDVlMmQzZjE5OWNlM2NkZTNkYzQyODhkYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYsZcC2PEYA7o2Ta1zEwgKgHG+LN
smSwc3UFFFbiE+VfGnPgihjuwM1t1LSv2ry8hDkOa87hlYhGV2u2Ri28cTUZ9OI7
2QFyzGW0qabEQcohbhi6fvx2Pt7SR4QEfeavJVICuZIAkYpSqSLSgL0pnaGuA4Tn
AdwOwBgcXXgbDHWB8+zg1P/u0ywvYXuT/+KBDq7eARGns80vlJ5uoMGHB7EndlyM
T4C06ldCjkyz7e2KZs0qNGQO8QnMCHTRBlrLUQgkRBIS/Qls07Obfi6X4mGJvTnW
hGVEBouESuiPSUlxLlhXxtZuYlDXWnQkqxhkxLJOgy+/mrI4yDU7bRQcwwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHoC9xWgDJ1eLT8ZnOPN49xCiNsDMB8GA1UdIwQY
MBaAFIU3DMXSYPPirv9d2Pj0pBWiNFqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEt
YWU2MGJlYTA2YTljLzEvZWdMM0ZhQU1uVjR0UHhtYzQ4M2ozRUtJMndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEtYWU2MGJlYTA2YTlj
LzEvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQELhbQAwQE
UE9wAwQCufa4MA0EAgACMAcDBQAqAZegMA0GCSqGSIb3DQEBCwUAA4IBAQCLqo7e
jF4WAi47vpt4gS650dOdl4yaWHTt5Emt0+zZx3n2KllH6L4AfaFkX/jHmb06wpIy
fuapMIXlYiUOP8vLgJf8f1MbNEiItB9O7kSwThGjpfhwaM9NLsYdr8IPy7Ssk2g7
CWWhcjzwH9CkIXYBW2bUIhpY7gWHfDja9bth2+JQywgTwhavFlwnTDU7vm/FZuBh
+NUKGqe3T5FQTJ+I+a2dKdfnLy2JSZpqgFnx6dUfxPq3fwwKF3CZ2Eot7gEHmdCw
BPlJUEpIiqRg2TeUz+VZoRw5Dfvk8ARVZ1Ub1uDI03uo7VSCYiad3QpNq7vwF2h6
loeeLPIqV85i7CgH
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:13 2025 by rpki-client