Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/eLkqKV2Ok2bI8ERdVetvnFaSJU8.roa
File: eLkqKV2Ok2bI8ERdVetvnFaSJU8.roa (raw, json)
Hash identifier: swb7iCpkarQvJl3DevfLZd/+shgcfmH2VrdEIDOTPhQ=
Subject key identifier: 78:B9:2A:29:5D:8E:93:66:C8:F0:44:5D:55:EB:6F:9C:56:92:25:4F
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0192243FB9DF2009509EE252D218D03CE7DD
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/eLkqKV2Ok2bI8ERdVetvnFaSJU8.roa
Signing time: Tue 24 Sep 2024 13:36:48 +0000
ROA not before: Tue 24 Sep 2024 13:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 86.104.199.0/24 maxlen: 24
86.105.58.0/24 maxlen: 24
89.35.14.0/24 maxlen: 24
93.117.131.0/24 maxlen: 24
93.119.144.0/24 maxlen: 24
94.176.72.0/23 maxlen: 24
94.176.74.0/24 maxlen: 24
94.176.79.0/24 maxlen: 24
188.209.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 16:34:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:3f:b9:df:20:09:50:9e:e2:52:d2:18:d0:3c:e7:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Sep 24 13:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78b92a295d8e9366c8f0445d55eb6f9c5692254f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:43:77:ec:54:f3:b9:2c:3a:23:c6:79:08:9e:
37:1f:e6:03:b5:d1:ec:c1:be:7e:cd:7a:79:bb:d0:
7a:0a:2e:f9:49:da:e7:65:b0:9f:eb:63:a7:ac:c6:
45:84:82:51:e0:92:4f:5d:f7:ec:52:4f:ba:76:47:
2a:b3:79:7d:14:95:78:72:c4:df:6c:fa:7a:0e:3a:
8d:e8:2b:c8:dc:68:21:cd:76:85:99:5c:08:3a:1c:
3e:40:42:9f:8b:4f:ca:3b:0c:46:c2:3e:c0:61:17:
fc:32:34:59:bb:a5:5e:14:6a:a6:ab:f3:23:09:64:
d8:2a:2d:37:cb:a1:bc:87:f4:b9:39:95:af:13:2b:
9a:92:6b:9f:61:42:56:1a:15:c0:ac:55:ed:84:69:
79:89:f6:ec:31:0b:09:b1:81:03:83:25:50:63:10:
eb:a9:79:44:d3:37:34:51:b6:05:4d:7f:1e:82:0e:
1e:87:ae:06:d7:8f:33:04:57:2e:0d:44:82:04:86:
f8:38:fa:d5:5e:3b:f2:f1:a3:b3:7a:f5:a1:7f:44:
ab:c7:d1:4b:4e:21:0d:a1:6c:ec:c1:50:19:61:bc:
df:ff:32:2b:6f:de:f4:d6:25:6c:a3:dc:e7:f5:31:
23:3c:c0:c2:4e:ee:ae:01:ef:fa:61:91:53:b5:5b:
a5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:B9:2A:29:5D:8E:93:66:C8:F0:44:5D:55:EB:6F:9C:56:92:25:4F
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/eLkqKV2Ok2bI8ERdVetvnFaSJU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.199.0/24
86.105.58.0/24
89.35.14.0/24
93.117.131.0/24
93.119.144.0/24
94.176.72.0-94.176.74.255
94.176.79.0/24
188.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:55:17:5d:9f:1a:49:a5:7c:5f:34:b5:20:8e:44:56:e0:2b:
d3:19:ef:ed:29:37:a5:da:ad:96:8c:d6:7e:e8:7a:de:f1:d2:
f2:e4:ed:8f:95:f2:50:9b:df:d5:c5:dd:bf:c1:5e:f4:8f:c7:
7f:02:07:ef:70:8c:af:c7:60:a2:14:ac:ea:8e:79:ce:f5:69:
18:a8:69:9d:a0:a8:93:13:d5:6a:eb:4b:f8:90:30:26:f2:ba:
af:ac:20:9e:5d:72:07:48:ac:9b:e8:b8:6e:39:89:c0:a0:27:
08:b8:cb:78:fe:49:a5:9a:10:29:a0:65:2f:a9:ca:32:4d:05:
04:33:35:bb:28:b4:f0:26:a3:ef:db:59:f1:18:55:9c:f3:80:
55:15:d8:49:94:5c:0d:18:74:3e:67:27:3c:78:7c:56:7b:31:
4f:0f:2b:86:d5:c4:62:30:43:1b:76:0d:a6:38:66:da:22:ad:
71:06:98:d4:7c:28:d9:de:b7:00:51:bf:65:e0:9a:22:45:63:
f4:db:93:5d:65:54:ec:38:dc:90:c0:86:72:85:e3:78:2b:0f:
fa:92:c6:31:50:54:fb:df:06:9a:40:27:af:ae:45:6a:59:b7:
3b:48:46:7f:99:fd:71:53:99:c1:c2:00:09:8b:a4:9a:93:5f:
a2:ae:f7:cc
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZIkP7nfIAlQnuJS0hjQPOfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjQwOTI0MTMzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGI5MmEyOTVkOGU5MzY2YzhmMDQ0NWQ1NWViNmY5YzU2OTIyNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEN37FTzuSw6I8Z5CJ43H+YDtdHs
wb5+zXp5u9B6Ci75SdrnZbCf62OnrMZFhIJR4JJPXffsUk+6dkcqs3l9FJV4csTf
bPp6DjqN6CvI3GghzXaFmVwIOhw+QEKfi0/KOwxGwj7AYRf8MjRZu6VeFGqmq/Mj
CWTYKi03y6G8h/S5OZWvEyuakmufYUJWGhXArFXthGl5ifbsMQsJsYEDgyVQYxDr
qXlE0zc0UbYFTX8egg4eh64G148zBFcuDUSCBIb4OPrVXjvy8aOzevWhf0Srx9FL
TiENoWzswVAZYbzf/zIrb9701iVso9zn9TEjPMDCTu6uAe/6YZFTtVulRwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHi5KildjpNmyPBEXVXrb5xWkiVPMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvZUxrcUtWMk9rMmJJOEVSZFZldHZuRmFTSlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVmjHAwQA
Vmk6AwQAWSMOAwQAXXWDAwQAXXeQMAwDBANesEgDBABesEoDBABesE8DBAC80d8w
DQYJKoZIhvcNAQELBQADggEBABpVF12fGkmlfF80tSCORFbgK9MZ7+0pN6XarZaM
1n7oet7x0vLk7Y+V8lCb39XF3b/BXvSPx38CB+9wjK/HYKIUrOqOec71aRioaZ2g
qJMT1WrrS/iQMCbyuq+sIJ5dcgdIrJvouG45icCgJwi4y3j+SaWaECmgZS+pyjJN
BQQzNbsotPAmo+/bWfEYVZzzgFUV2EmUXA0YdD5nJzx4fFZ7MU8PK4bVxGIwQxt2
DaY4ZtoirXEGmNR8KNnetwBRv2XgmiJFY/Tbk11lVOw43JDAhnKF43grD/qSxjFQ
VPvfBppAJ6+uRWpZtztIRn+Z/XFTmcHCAAmLpJqTX6Ku98w=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:32 2025 by rpki-client