Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ENWzDMLHlhQpLX_a0Qbprk3fCyo.roa
File: ENWzDMLHlhQpLX_a0Qbprk3fCyo.roa (raw, json)
Hash identifier: J3DaGbJIGnv8G6onhXM54iyY6zUmJrzyDjkTLIpOuDc=
Subject key identifier: 10:D5:B3:0C:C2:C7:96:14:29:2D:7F:DA:D1:06:E9:AE:4D:DF:0B:2A
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018CC9BCA3628409E7EC298B3E99DA8D26C3
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ENWzDMLHlhQpLX_a0Qbprk3fCyo.roa
Signing time: Tue 02 Jan 2024 10:33:52 +0000
ROA not before: Tue 02 Jan 2024 10:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1162
IP address blocks: 145.100.32.0/22 maxlen: 22
145.100.9.0/30 maxlen: 30
2001:610:108:3017::/64 maxlen: 64
2001:610:108:3014::/64 maxlen: 64
2001:610:108:203a::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a3:62:84:09:e7:ec:29:8b:3e:99:da:8d:26:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 10:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10d5b30cc2c79614292d7fdad106e9ae4ddf0b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fc:c7:b2:9f:32:79:09:0c:be:df:d3:6f:3d:
a0:7f:00:d2:64:4a:0e:6b:f0:0a:0d:77:b5:ee:15:
3c:41:13:94:f5:47:12:fc:c1:d1:6b:37:55:05:b1:
9c:78:3e:7b:ce:1b:bd:0c:a6:65:91:1c:c2:12:64:
90:0b:d3:39:f6:28:3a:bd:0d:de:39:5a:b7:98:59:
3e:d1:fc:92:1f:a4:4a:2d:35:c2:1a:fd:f9:1a:8e:
5b:70:2a:ac:99:6d:c0:96:b5:69:67:5a:9e:6c:5d:
e2:25:e3:4d:6e:b3:ab:7b:2e:02:b9:83:e0:d1:ad:
9a:d5:50:26:75:2d:cc:3e:d8:5b:3d:f0:09:11:e9:
8b:6c:00:76:a5:12:54:1c:44:34:e5:dc:15:98:47:
db:f2:37:0c:6d:5f:b1:ec:23:81:6d:6e:7c:98:82:
a6:75:21:2e:a3:31:f1:b6:7e:ff:32:47:c8:7a:bb:
ee:8f:05:68:d1:9b:8c:02:48:f0:d2:32:f1:7a:82:
85:3a:fa:03:46:97:bd:1d:3c:14:3f:3d:f3:a7:9e:
dc:9e:80:49:36:df:92:e0:bd:10:8a:d2:d0:57:a6:
75:2d:3c:ba:e5:2b:7b:bd:98:44:ba:94:58:d1:17:
be:25:75:7d:1a:35:a2:82:62:cf:12:fa:07:e4:91:
81:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D5:B3:0C:C2:C7:96:14:29:2D:7F:DA:D1:06:E9:AE:4D:DF:0B:2A
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ENWzDMLHlhQpLX_a0Qbprk3fCyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.100.9.0/30
145.100.32.0/22
IPv6:
2001:610:108:203a::/64
2001:610:108:3014::/64
2001:610:108:3017::/64
Signature Algorithm: sha256WithRSAEncryption
11:55:61:84:03:d6:46:e0:f1:e2:52:c1:f0:45:28:51:c4:f0:
66:2f:1b:76:61:ff:e2:cc:c1:bf:23:f2:e0:0f:c2:25:d9:63:
38:ed:88:30:4b:73:12:8d:be:04:72:02:41:a0:e1:96:ed:d9:
89:22:a6:76:b8:52:fb:db:ac:35:e9:b6:53:7b:fc:f4:0d:9d:
53:93:d9:3b:e2:8f:25:b1:8a:e5:ec:af:20:a6:95:a9:3c:b8:
cd:9a:38:41:b8:9e:8e:42:7f:94:e8:a5:00:84:67:01:ef:20:
dd:38:13:c0:79:21:f4:52:02:0e:de:33:f4:89:60:f7:32:77:
52:70:fc:83:f9:6e:40:0d:62:c3:cd:ff:de:8b:2a:e5:e7:8e:
ea:03:21:0e:3f:0f:02:93:05:aa:fa:f7:d9:4f:30:0d:68:6b:
e1:e0:e6:e6:68:0c:d4:a0:22:20:e2:9e:84:3d:1d:8e:40:fd:
7d:da:7b:f3:62:90:32:40:48:78:25:37:0a:2c:fc:8a:56:54:
74:62:e2:36:9e:89:a1:80:fd:24:f7:a1:4b:3c:28:57:ff:0a:
8e:11:c6:18:06:2a:14:e0:0e:aa:7b:4e:27:ff:50:b1:a2:a7:
8b:ef:8c:3b:ef:61:ee:79:08:ea:d3:05:52:d9:9a:56:b4:23:
64:03:6b:82
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzJvKNihAnn7CmLPpnajSbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQwMTAyMTAzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGQ1YjMwY2MyYzc5NjE0MjkyZDdmZGFkMTA2ZTlhZTRkZGYwYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPzHsp8yeQkMvt/Tbz2gfwDSZEoO
a/AKDXe17hU8QROU9UcS/MHRazdVBbGceD57zhu9DKZlkRzCEmSQC9M59ig6vQ3e
OVq3mFk+0fySH6RKLTXCGv35Go5bcCqsmW3AlrVpZ1qebF3iJeNNbrOrey4CuYPg
0a2a1VAmdS3MPthbPfAJEemLbAB2pRJUHEQ05dwVmEfb8jcMbV+x7COBbW58mIKm
dSEuozHxtn7/MkfIervujwVo0ZuMAkjw0jLxeoKFOvoDRpe9HTwUPz3zp57cnoBJ
Nt+S4L0QitLQV6Z1LTy65St7vZhEupRY0Re+JXV9GjWigmLPEvoH5JGBmwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBDVswzCx5YUKS1/2tEG6a5N3wsqMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvRU5XekRNTEhsaFFwTFhfYTBRYnByazNmQ3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjATBAIAATANAwUCkWQJAAME
ApFkIDAnBAIAAjAhAwkAIAEGEAEIIDoDCQAgAQYQAQgwFAMJACABBhABCDAXMA0G
CSqGSIb3DQEBCwUAA4IBAQARVWGEA9ZG4PHiUsHwRShRxPBmLxt2Yf/izMG/I/Lg
D8Il2WM47YgwS3MSjb4EcgJBoOGW7dmJIqZ2uFL726w16bZTe/z0DZ1Tk9k74o8l
sYrl7K8gppWpPLjNmjhBuJ6OQn+U6KUAhGcB7yDdOBPAeSH0UgIO3jP0iWD3MndS
cPyD+W5ADWLDzf/eiyrl547qAyEOPw8CkwWq+vfZTzANaGvh4ObmaAzUoCIg4p6E
PR2OQP192nvzYpAyQEh4JTcKLPyKVlR0YuI2nomhgP0k96FLPChX/wqOEcYYBioU
4A6qe04n/1CxoqeL74w772HueQjq0wVS2ZpWtCNkA2uC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:41:38 2025 by rpki-client