Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/4ewmEQ3qQXH69B5S8PzfSd_O3U8.roa
File: 4ewmEQ3qQXH69B5S8PzfSd_O3U8.roa (raw, json)
Hash identifier: eEQpkS9PiXu5u4sO51pBMX5/Vxvy2uaO0bt776YQ2xA=
Subject key identifier: E1:EC:26:11:0D:EA:41:71:FA:F4:1E:52:F0:FC:DF:49:DF:CE:DD:4F
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 0192AA7D6245C3B6DB0924113DE8D0C3C849
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/4ewmEQ3qQXH69B5S8PzfSd_O3U8.roa
Signing time: Sun 20 Oct 2024 15:13:16 +0000
ROA not before: Sun 20 Oct 2024 15:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203560
IP address blocks: 178.21.144.0/24 maxlen: 24
178.21.145.0/24 maxlen: 24
178.21.146.0/24 maxlen: 24
185.8.168.0/24 maxlen: 24
185.8.169.0/24 maxlen: 24
2a02:2c0::/48 maxlen: 48
2a02:2c0:1::/48 maxlen: 48
2a02:2c0:2::/48 maxlen: 48
2a02:2c0:10::/48 maxlen: 48
2a02:2c0:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:aa:7d:62:45:c3:b6:db:09:24:11:3d:e8:d0:c3:c8:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Oct 20 15:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1ec26110dea4171faf41e52f0fcdf49dfcedd4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0a:b2:ba:db:1a:cd:00:c9:ab:c5:fb:66:3f:
1f:5d:df:fb:f6:d3:25:53:49:42:c6:91:0c:cb:80:
f0:4c:9f:58:49:4b:e9:42:a5:2b:89:9f:2c:40:ba:
3d:96:ff:e9:1a:cc:2d:58:40:1c:8f:bb:fd:ea:f7:
6c:f6:d6:49:40:35:68:5d:90:54:b9:e1:a9:bb:52:
a2:0a:3a:28:1f:e6:09:91:84:a8:c2:55:77:d2:37:
7d:97:dd:d5:26:4c:6c:64:a6:96:4f:03:38:96:44:
4a:03:bb:a2:6f:ea:58:27:3c:98:71:ed:20:11:8a:
43:bb:ca:76:8d:f3:04:f8:86:d6:36:35:3a:ea:4e:
ba:26:a6:60:1b:cb:df:24:07:d1:bf:04:a4:63:2d:
04:d3:63:48:ab:f6:9c:68:3a:4d:ee:75:e4:68:2c:
a2:01:16:3b:55:dc:5e:74:f4:48:43:e6:f4:d7:7b:
38:5d:26:66:94:69:76:36:1c:5c:a7:90:5b:8c:c6:
4c:a0:e9:08:07:c6:8a:4a:04:8c:56:b3:31:d1:c8:
60:29:4c:7c:f1:68:60:62:9c:5d:98:2a:25:ad:da:
20:16:66:ba:09:f6:cb:fd:df:e3:0a:d3:12:bb:ca:
53:54:a0:3e:2b:32:1b:7b:74:ae:25:2c:c9:f2:c7:
cc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:EC:26:11:0D:EA:41:71:FA:F4:1E:52:F0:FC:DF:49:DF:CE:DD:4F
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/4ewmEQ3qQXH69B5S8PzfSd_O3U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0-178.21.146.255
185.8.168.0/23
IPv6:
2a02:2c0::-2a02:2c0:2:ffff:ffff:ffff:ffff:ffff
2a02:2c0:10::/47
Signature Algorithm: sha256WithRSAEncryption
4e:bf:76:08:93:cf:42:74:19:7a:fd:95:fb:6e:94:be:6c:f9:
99:e1:44:bb:b4:70:5d:39:c1:12:dd:33:6d:9f:8b:44:5d:9b:
28:89:1e:43:b1:ae:d6:68:d6:a4:73:49:81:96:76:f5:94:91:
0f:43:f6:9c:b3:32:a2:c2:d7:fb:95:d9:ac:1a:ac:cd:6e:71:
4a:24:38:fe:d5:74:b5:71:19:8d:f6:38:e3:34:85:68:01:70:
10:84:13:16:4d:d9:34:b0:df:a5:25:48:20:fd:33:82:51:5a:
33:c0:a3:9a:ca:c7:f3:68:e3:1b:7e:7b:e4:f0:36:26:e9:34:
1f:ce:08:e5:a7:fb:95:b9:34:61:fc:39:a5:b0:34:33:d1:db:
e5:18:c5:7b:c4:71:8e:e7:b6:cd:1b:15:cb:e4:11:5f:45:01:
ca:a9:7c:6d:43:92:5d:0a:3d:22:e0:95:fe:66:83:0e:53:d2:
87:8c:47:55:79:2e:95:64:64:8d:8b:cd:29:0c:d9:ab:e2:12:
20:29:fb:2c:ac:b9:9f:ac:a0:23:c6:1d:b4:3d:a8:84:98:6d:
cf:41:80:c6:ec:f0:4d:a4:d2:cb:00:d1:a3:b4:2b:77:46:86:
99:43:3c:44:67:ef:77:16:35:a8:4b:ca:ef:7e:52:bb:ee:e7:
a8:ec:8e:ca
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZKqfWJFw7bbCSQRPejQw8hJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjQxMDIwMTUxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWVjMjYxMTBkZWE0MTcxZmFmNDFlNTJmMGZjZGY0OWRmY2VkZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwqyutsazQDJq8X7Zj8fXd/79tMl
U0lCxpEMy4DwTJ9YSUvpQqUriZ8sQLo9lv/pGswtWEAcj7v96vds9tZJQDVoXZBU
ueGpu1KiCjooH+YJkYSowlV30jd9l93VJkxsZKaWTwM4lkRKA7uib+pYJzyYce0g
EYpDu8p2jfME+IbWNjU66k66JqZgG8vfJAfRvwSkYy0E02NIq/acaDpN7nXkaCyi
ARY7VdxedPRIQ+b013s4XSZmlGl2Nhxcp5BbjMZMoOkIB8aKSgSMVrMx0chgKUx8
8WhgYpxdmColrdogFma6CfbL/d/jCtMSu8pTVKA+KzIbe3SuJSzJ8sfM1wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFOHsJhEN6kFx+vQeUvD830nfzt1PMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvNGV3bUVRM3FRWEg2OUI1UzhQemZTZF9PM1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAaBAIAATAUMAwDBASyFZAD
BACyFZIDBAG5CKgwIQQCAAIwGzAQAwUGKgICwAMHACoCAsAAAgMHASoCAsAAEDAN
BgkqhkiG9w0BAQsFAAOCAQEATr92CJPPQnQZev2V+26Uvmz5meFEu7RwXTnBEt0z
bZ+LRF2bKIkeQ7Gu1mjWpHNJgZZ29ZSRD0P2nLMyosLX+5XZrBqszW5xSiQ4/tV0
tXEZjfY44zSFaAFwEIQTFk3ZNLDfpSVIIP0zglFaM8CjmsrH82jjG3575PA2Juk0
H84I5af7lbk0Yfw5pbA0M9Hb5RjFe8Rxjue2zRsVy+QRX0UByql8bUOSXQo9IuCV
/maDDlPSh4xHVXkulWRkjYvNKQzZq+ISICn7LKy5n6ygI8YdtD2ohJhtz0GAxuzw
TaTSywDRo7Qrd0aGmUM8RGfvdxY1qEvK735Su+7nqOyOyg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:40 2025 by rpki-client