Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/EWPvOS4ELv7MK3VoTHCxwWvhMn4.roa
File: EWPvOS4ELv7MK3VoTHCxwWvhMn4.roa (raw, json)
Hash identifier: ZgQ9wwQW9LwwyBW+e3K4uyMmVIAH90gAsKb/uiV5AqI=
Subject key identifier: 11:63:EF:39:2E:04:2E:FE:CC:2B:75:68:4C:70:B1:C1:6B:E1:32:7E
Certificate issuer: /CN=4225b570f46de5c6e8b2b64ed090ad1385dab731
Certificate serial: 0185710C01CAD0F05F2F4D23F09D7C2F43A2
Authority key identifier: 42:25:B5:70:F4:6D:E5:C6:E8:B2:B6:4E:D0:90:AD:13:85:DA:B7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiW1cPRt5cbosrZO0JCtE4XatzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/EWPvOS4ELv7MK3VoTHCxwWvhMn4.roa
Signing time: Mon 02 Jan 2023 05:54:50 +0000
ROA not before: Mon 02 Jan 2023 05:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60377
IP address blocks: 45.13.4.0/22 maxlen: 22
45.13.5.0/24 maxlen: 24
145.40.128.0/18 maxlen: 18
2a0e:cb00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:01:ca:d0:f0:5f:2f:4d:23:f0:9d:7c:2f:43:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4225b570f46de5c6e8b2b64ed090ad1385dab731
Validity
Not Before: Jan 2 05:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1163ef392e042efecc2b75684c70b1c16be1327e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0b:8b:a8:fb:91:84:bd:10:f6:d5:d3:5f:3b:
4f:e4:33:50:a1:06:b2:3e:9f:3e:0c:bc:cc:2b:7c:
ce:b9:c7:8f:b1:4d:0e:df:72:0b:58:5f:91:0f:50:
47:63:85:aa:d4:83:c2:90:40:8f:63:b2:6a:91:0a:
95:8b:0b:be:00:88:ca:54:9d:b6:05:46:7e:48:44:
46:a5:e0:01:80:2a:9e:0d:0f:94:d1:9e:f6:0e:20:
76:e0:f8:d0:e7:3c:4d:44:1d:0d:e6:69:b8:87:b1:
7b:ea:52:46:4b:86:65:60:ce:63:5d:4c:25:45:47:
05:03:50:21:2f:53:9a:72:a1:11:95:c9:ee:10:94:
18:ad:08:2e:85:0f:a0:6e:ef:c4:1e:e6:01:14:48:
ec:ef:4d:e7:73:b7:66:16:0f:c1:3d:45:a0:fa:04:
70:2e:4c:47:a2:fa:d7:e3:bc:96:41:bc:1e:6f:d5:
e3:56:4f:36:70:79:93:59:c7:7d:9c:71:4e:45:37:
4e:9f:8f:40:8c:0a:0d:7e:c8:71:38:96:0d:0c:32:
de:6e:4d:f3:57:eb:a4:1f:10:0e:96:85:38:67:7f:
7a:cb:43:01:9f:86:1b:d0:bf:55:16:8f:4e:65:75:
9d:3c:d4:00:0a:86:db:b0:77:cd:5c:c6:10:fb:68:
34:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:63:EF:39:2E:04:2E:FE:CC:2B:75:68:4C:70:B1:C1:6B:E1:32:7E
X509v3 Authority Key Identifier:
keyid:42:25:B5:70:F4:6D:E5:C6:E8:B2:B6:4E:D0:90:AD:13:85:DA:B7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiW1cPRt5cbosrZO0JCtE4XatzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/EWPvOS4ELv7MK3VoTHCxwWvhMn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/QiW1cPRt5cbosrZO0JCtE4XatzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.4.0/22
145.40.128.0/18
IPv6:
2a0e:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
27:80:c0:1d:7a:21:ab:03:69:f8:43:21:2d:01:e1:c1:00:f9:
ac:35:6b:98:65:e9:88:d4:2b:ea:cd:a2:bb:9e:3c:3c:40:ef:
03:18:3b:0f:b9:10:27:38:7a:d8:e5:96:6b:d0:09:9d:6c:3e:
ad:9e:02:d7:34:8e:52:09:4b:d7:4d:59:bd:11:5d:41:ff:b3:
c8:2a:a9:f2:96:a6:f4:72:28:12:3c:cb:24:d8:8d:76:cd:8c:
ec:eb:7b:9f:cf:21:b5:f5:5b:2f:ad:af:ea:ce:bb:87:98:dd:
72:38:2c:c5:eb:3b:d7:f7:0e:c5:42:d7:3c:c0:ea:57:8c:23:
a8:bd:20:b9:87:99:cc:a1:ee:93:b8:42:3e:38:49:b6:d5:6f:
d9:eb:6a:ac:bc:8f:55:85:a8:12:13:df:26:d4:a5:de:33:9f:
44:9c:56:31:e6:f5:9e:c0:82:cc:d7:23:d9:7c:51:51:de:87:
cd:41:88:83:c5:6f:9a:30:2a:a3:6f:8a:88:45:d4:02:8d:da:
6d:d7:82:d0:de:9d:33:60:76:7d:e8:d8:5a:1f:1a:5c:b6:df:
5b:e9:d9:94:0d:ae:96:6c:37:33:9b:71:f3:2b:c7:d2:8c:38:
f0:e8:79:15:7e:f8:01:2b:01:ac:cb:b1:72:a2:17:fa:2c:3f:
33:1a:00:95
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxDAHK0PBfL00j8J18L0OiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjViNTcwZjQ2ZGU1YzZlOGIyYjY0ZWQwOTBhZDEzODVk
YWI3MzEwHhcNMjMwMTAyMDU1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTYzZWYzOTJlMDQyZWZlY2MyYjc1Njg0YzcwYjFjMTZiZTEzMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlguLqPuRhL0Q9tXTXztP5DNQoQay
Pp8+DLzMK3zOucePsU0O33ILWF+RD1BHY4Wq1IPCkECPY7JqkQqViwu+AIjKVJ22
BUZ+SERGpeABgCqeDQ+U0Z72DiB24PjQ5zxNRB0N5mm4h7F76lJGS4ZlYM5jXUwl
RUcFA1AhL1OacqERlcnuEJQYrQguhQ+gbu/EHuYBFEjs703nc7dmFg/BPUWg+gRw
LkxHovrX47yWQbweb9XjVk82cHmTWcd9nHFORTdOn49AjAoNfshxOJYNDDLebk3z
V+ukHxAOloU4Z396y0MBn4Yb0L9VFo9OZXWdPNQACobbsHfNXMYQ+2g0AQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBFj7zkuBC7+zCt1aExwscFr4TJ+MB8GA1UdIwQY
MBaAFEIltXD0beXG6LK2TtCQrROF2rcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlXMWNQUnQ1Y2Jvc3JaTzBKQ3RFNFhhdHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jMzRjOTktMThjOC00MWEyLTg3NGIt
MzkwYjg1Mzk0YmViLzEvRVdQdk9TNEVMdjdNSzNWb1RIQ3h3V3ZoTW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jMzRjOTktMThjOC00MWEyLTg3NGItMzkwYjg1Mzk0YmVi
LzEvUWlXMWNQUnQ1Y2Jvc3JaTzBKQ3RFNFhhdHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQ0EAwQG
kSiAMA0EAgACMAcDBQMqDssAMA0GCSqGSIb3DQEBCwUAA4IBAQAngMAdeiGrA2n4
QyEtAeHBAPmsNWuYZemI1CvqzaK7njw8QO8DGDsPuRAnOHrY5ZZr0AmdbD6tngLX
NI5SCUvXTVm9EV1B/7PIKqnylqb0cigSPMsk2I12zYzs63ufzyG19Vsvra/qzruH
mN1yOCzF6zvX9w7FQtc8wOpXjCOovSC5h5nMoe6TuEI+OEm21W/Z62qsvI9VhagS
E98m1KXeM59EnFYx5vWewILM1yPZfFFR3ofNQYiDxW+aMCqjb4qIRdQCjdpt14LQ
3p0zYHZ96NhaHxpctt9b6dmUDa6WbDczm3HzK8fSjDjw6HkVfvgBKwGsy7Fyohf6
LD8zGgCV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:58 2024 by rpki-client on console-fra.rpki-client.org