Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/fEpqwqxYtlkWl0-aIfLVDSigToQ.roa
File: fEpqwqxYtlkWl0-aIfLVDSigToQ.roa (raw, json)
Hash identifier: My2G5+91gT1zvRobaMsk1138ViqShhfCi0m8mRA9pBI=
Subject key identifier: 7C:4A:6A:C2:AC:58:B6:59:16:97:4F:9A:21:F2:D5:0D:28:A0:4E:84
Certificate issuer: /CN=24b086f4824266384e078cf777375f21bd370b70
Certificate serial: 019076D7E45F2BF7A15969E88E45647695D8
Authority key identifier: 24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/fEpqwqxYtlkWl0-aIfLVDSigToQ.roa
Signing time: Wed 03 Jul 2024 04:26:18 +0000
ROA not before: Wed 03 Jul 2024 04:26:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62382
IP address blocks: 80.72.216.0/21 maxlen: 21
80.72.216.0/24 maxlen: 24
80.72.217.0/24 maxlen: 24
80.72.218.0/24 maxlen: 24
80.72.219.0/24 maxlen: 24
80.72.220.0/24 maxlen: 24
80.72.221.0/24 maxlen: 24
80.72.222.0/24 maxlen: 24
185.37.188.0/22 maxlen: 22
185.37.188.0/24 maxlen: 24
185.37.189.0/24 maxlen: 24
185.37.191.0/24 maxlen: 24
193.143.96.0/23 maxlen: 23
193.143.96.0/24 maxlen: 24
193.143.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:76:d7:e4:5f:2b:f7:a1:59:69:e8:8e:45:64:76:95:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24b086f4824266384e078cf777375f21bd370b70
Validity
Not Before: Jul 3 04:26:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c4a6ac2ac58b65916974f9a21f2d50d28a04e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e5:4f:7a:eb:c1:a6:53:54:96:60:a4:a9:4b:
5a:39:c6:b5:8e:c3:99:2c:5b:06:e1:82:fb:90:0b:
50:ca:81:8a:a1:8b:26:fd:55:cf:bc:a5:da:fe:30:
4e:4d:53:2f:ad:8b:88:ce:68:d8:11:d0:f3:6e:3f:
92:82:ac:e0:9c:0a:13:29:b4:5c:1f:f8:d6:e8:98:
66:9a:df:04:ae:23:7a:6f:e3:06:5a:b0:89:bd:f9:
b9:10:61:82:10:fc:0d:1e:41:c6:fa:c2:ce:36:a3:
48:bb:d9:dd:e9:33:d5:f4:a9:ad:14:16:d4:92:ec:
a1:29:62:c7:f3:9e:cf:ce:1d:48:95:60:e3:c6:1f:
60:c9:1b:28:49:48:b9:b1:24:00:76:35:80:e5:6b:
43:a8:9e:77:39:da:e0:61:3e:a6:25:1d:82:81:8a:
47:74:cf:3e:59:f6:52:10:be:ec:ea:32:af:3c:29:
d3:d1:6c:79:e6:a6:b4:6e:12:2f:70:50:07:cc:52:
68:14:a1:5a:f8:e1:d0:41:4a:ea:4b:5e:d0:bb:ec:
f0:e4:2f:12:1b:8c:7b:c7:1b:aa:c2:5d:d1:8c:97:
51:e0:b5:98:27:94:a9:62:bc:ed:8d:83:59:b1:e3:
7c:eb:fe:5b:bd:f2:46:fc:29:d5:b2:04:c9:07:ba:
78:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:4A:6A:C2:AC:58:B6:59:16:97:4F:9A:21:F2:D5:0D:28:A0:4E:84
X509v3 Authority Key Identifier:
keyid:24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/fEpqwqxYtlkWl0-aIfLVDSigToQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/JLCG9IJCZjhOB4z3dzdfIb03C3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.216.0/21
185.37.188.0/22
193.143.96.0/23
Signature Algorithm: sha256WithRSAEncryption
38:6e:34:aa:5a:24:90:9a:40:32:7b:86:a7:d3:5d:13:9e:b9:
0e:de:f0:71:74:d4:81:f5:44:ad:1b:46:1e:37:e7:76:cf:23:
31:79:28:eb:09:b1:b6:f0:45:98:d8:17:d2:dd:2e:d6:47:f9:
f7:a9:dc:e2:32:39:87:b4:1e:d3:65:2d:21:a5:97:90:43:18:
6b:c4:1a:8e:1e:00:75:0c:ef:1a:40:22:2f:82:b1:c9:4c:0e:
09:1c:fc:87:fc:95:65:71:a0:8d:79:dd:25:14:85:bf:f6:c6:
57:f2:72:99:f3:07:86:4c:a7:79:47:6b:fe:bd:1e:9c:e6:5a:
0f:93:5e:46:60:7c:72:42:0d:c5:2e:fb:6e:83:4b:00:1c:1a:
a2:4f:9f:5d:43:f1:62:83:1c:54:6a:9d:51:08:dc:4f:f0:71:
c0:6d:55:3a:e6:76:69:08:18:ad:9b:19:3b:b2:8b:db:b4:3c:
d0:18:a1:b1:3e:f7:71:41:ef:98:70:94:22:2f:4d:01:2d:5e:
ae:5f:8b:fd:67:ed:7a:61:db:0f:23:e5:51:d9:e0:46:54:d3:
e0:6c:aa:49:17:43:b4:77:5a:90:a7:9f:0a:16:05:81:e8:62:
d1:d7:c1:0b:c0:18:5c:af:89:42:31:b8:08:bf:01:ba:13:fa:
c4:d4:ac:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZB21+RfK/ehWWnojkVkdpXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YjA4NmY0ODI0MjY2Mzg0ZTA3OGNmNzc3Mzc1ZjIxYmQz
NzBiNzAwHhcNMjQwNzAzMDQyNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzRhNmFjMmFjNThiNjU5MTY5NzRmOWEyMWYyZDUwZDI4YTA0ZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouVPeuvBplNUlmCkqUtaOca1jsOZ
LFsG4YL7kAtQyoGKoYsm/VXPvKXa/jBOTVMvrYuIzmjYEdDzbj+SgqzgnAoTKbRc
H/jW6Jhmmt8EriN6b+MGWrCJvfm5EGGCEPwNHkHG+sLONqNIu9nd6TPV9KmtFBbU
kuyhKWLH857Pzh1IlWDjxh9gyRsoSUi5sSQAdjWA5WtDqJ53OdrgYT6mJR2CgYpH
dM8+WfZSEL7s6jKvPCnT0Wx55qa0bhIvcFAHzFJoFKFa+OHQQUrqS17Qu+zw5C8S
G4x7xxuqwl3RjJdR4LWYJ5SpYrztjYNZseN86/5bvfJG/CnVsgTJB7p4jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHxKasKsWLZZFpdPmiHy1Q0ooE6EMB8GA1UdIwQY
MBaAFCSwhvSCQmY4TgeM93c3XyG9NwtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxDRzlJSkNaamhPQjR6M2R6ZGZJYjAzQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lZTEzOGYtNWU2My00Y2M0LThlNzUt
ZGVjYjE4OGEwMDBkLzEvZkVwcXdxeFl0bGtXbDAtYUlmTFZEU2lnVG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lZTEzOGYtNWU2My00Y2M0LThlNzUtZGVjYjE4OGEwMDBk
LzEvSkxDRzlJSkNaamhPQjR6M2R6ZGZJYjAzQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUEjYAwQC
uSW8AwQBwY9gMA0GCSqGSIb3DQEBCwUAA4IBAQA4bjSqWiSQmkAye4an010TnrkO
3vBxdNSB9UStG0YeN+d2zyMxeSjrCbG28EWY2BfS3S7WR/n3qdziMjmHtB7TZS0h
pZeQQxhrxBqOHgB1DO8aQCIvgrHJTA4JHPyH/JVlcaCNed0lFIW/9sZX8nKZ8weG
TKd5R2v+vR6c5loPk15GYHxyQg3FLvtug0sAHBqiT59dQ/FigxxUap1RCNxP8HHA
bVU65nZpCBitmxk7sovbtDzQGKGxPvdxQe+YcJQiL00BLV6uX4v9Z+16YdsPI+VR
2eBGVNPgbKpJF0O0d1qQp58KFgWB6GLR18ELwBhcr4lCMbgIvwG6E/rE1KzQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:54 2025 by rpki-client