Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/eIk_XiD8l6TGfEmETe4XDYKxBhg.roa
File: eIk_XiD8l6TGfEmETe4XDYKxBhg.roa (raw, json)
Hash identifier: L1Z92+QKEYNAM3Sm2E1OGV1vbBUqmNYpgoUv1mIxYfw=
Subject key identifier: 78:89:3F:5E:20:FC:97:A4:C6:7C:49:84:4D:EE:17:0D:82:B1:06:18
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0193B9C4CC5066856BFE8D96F1B0C53BCF1C
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/eIk_XiD8l6TGfEmETe4XDYKxBhg.roa
Signing time: Thu 12 Dec 2024 07:28:22 +0000
ROA not before: Thu 12 Dec 2024 07:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197343
IP address blocks: 5.56.128.0/22 maxlen: 22
5.57.34.0/24 maxlen: 24
37.32.40.0/22 maxlen: 24
37.32.42.0/24 maxlen: 24
178.239.144.0/24 maxlen: 24
185.212.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b9:c4:cc:50:66:85:6b:fe:8d:96:f1:b0:c5:3b:cf:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 12 07:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78893f5e20fc97a4c67c49844dee170d82b10618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:19:77:c7:51:38:30:b4:9e:a6:53:9c:1b:46:
36:da:a9:d6:bd:92:d8:fb:2a:ba:29:44:c9:7e:a3:
90:4c:64:7e:1b:fe:c9:11:b6:c0:56:c4:41:c4:7e:
60:eb:48:f2:02:e9:ef:33:71:5a:8f:f9:d0:31:09:
98:ee:66:02:44:c0:da:13:ab:97:d1:43:88:27:4b:
61:d0:fd:ce:7e:5e:60:f2:90:d1:04:21:42:59:6f:
bb:4f:13:b3:c2:9b:41:67:ec:da:f9:a0:86:e0:8b:
a3:81:c1:5e:15:15:78:0a:aa:9e:36:e5:ef:eb:a8:
fe:e5:7c:97:e3:77:6f:61:98:43:d5:55:cd:c6:b5:
cb:c7:87:e9:64:65:cc:77:a0:71:89:51:8f:11:29:
98:4a:7e:f3:ec:5c:61:6e:61:f3:ba:35:ed:04:cf:
b4:0b:97:2f:e7:d6:5a:b6:cb:96:cc:9a:b2:13:de:
70:86:30:e6:0d:ac:f7:23:6a:23:d0:6f:c3:91:e0:
fa:19:97:f6:a9:96:5f:91:4d:91:d4:44:db:38:0f:
34:84:e9:ca:22:8c:0e:6a:88:31:00:2c:6d:49:e1:
7c:6f:36:47:c2:54:a9:e7:62:e8:ae:2e:e2:30:6f:
b5:7e:e2:f9:5b:0c:f4:27:b5:9c:74:5b:db:05:93:
6c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:89:3F:5E:20:FC:97:A4:C6:7C:49:84:4D:EE:17:0D:82:B1:06:18
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/eIk_XiD8l6TGfEmETe4XDYKxBhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.128.0/22
5.57.34.0/24
37.32.40.0/22
178.239.144.0/24
185.212.48.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:bf:53:4c:b2:59:71:32:59:25:0f:77:8e:75:8e:42:c8:73:
16:01:70:be:3b:dd:ac:b4:ff:53:ff:d0:c0:2e:87:df:23:54:
ac:56:25:ec:2e:e9:86:56:11:db:66:55:94:a3:b7:cb:60:46:
cd:67:e8:6d:77:81:70:0c:d2:ab:85:07:35:ea:5a:60:4a:ef:
c3:1b:46:07:c6:91:17:dd:f2:61:dd:dd:5e:42:a7:81:55:5b:
ee:c9:0c:ea:4a:d8:26:41:3c:8e:9a:14:d6:35:cd:95:aa:33:
0d:f7:11:c0:14:df:93:2f:94:dd:9c:1b:45:10:6e:88:45:7f:
c8:89:e1:5c:a7:d9:b2:ed:2d:d1:1c:a7:b8:1a:dd:5e:2e:da:
18:80:0f:a3:ca:e1:1c:78:df:39:40:12:1c:3e:c9:7c:6a:97:
74:91:3e:57:af:0d:14:67:a6:86:ab:22:b6:0e:c7:96:8f:1c:
ad:9c:57:04:f4:1a:e0:25:9c:77:6e:75:97:88:17:54:3e:f9:
22:78:cc:b7:aa:81:4e:fc:c5:55:0c:5f:91:c3:fc:ea:98:9b:
ca:11:c8:62:5d:3c:da:14:29:03:a2:85:ba:ef:c5:aa:3e:30:
4a:cc:98:d5:d2:de:82:37:97:82:7c:a5:77:58:c8:7d:a5:ab:
2b:83:3d:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZO5xMxQZoVr/o2W8bDFO88cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQxMjEyMDcyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODg5M2Y1ZTIwZmM5N2E0YzY3YzQ5ODQ0ZGVlMTcwZDgyYjEwNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRl3x1E4MLSeplOcG0Y22qnWvZLY
+yq6KUTJfqOQTGR+G/7JEbbAVsRBxH5g60jyAunvM3Faj/nQMQmY7mYCRMDaE6uX
0UOIJ0th0P3Ofl5g8pDRBCFCWW+7TxOzwptBZ+za+aCG4IujgcFeFRV4CqqeNuXv
66j+5XyX43dvYZhD1VXNxrXLx4fpZGXMd6BxiVGPESmYSn7z7FxhbmHzujXtBM+0
C5cv59ZatsuWzJqyE95whjDmDaz3I2oj0G/DkeD6GZf2qZZfkU2R1ETbOA80hOnK
IowOaogxACxtSeF8bzZHwlSp52Lori7iMG+1fuL5Wwz0J7WcdFvbBZNsGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHiJP14g/JekxnxJhE3uFw2CsQYYMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvZUlrX1hpRDhsNlRHZkVtRVRlNFhEWUt4QmhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBTiAAwQA
BTkiAwQCJSAoAwQAsu+QAwQAudQwMA0GCSqGSIb3DQEBCwUAA4IBAQAfv1NMsllx
MlklD3eOdY5CyHMWAXC+O92stP9T/9DALoffI1SsViXsLumGVhHbZlWUo7fLYEbN
Z+htd4FwDNKrhQc16lpgSu/DG0YHxpEX3fJh3d1eQqeBVVvuyQzqStgmQTyOmhTW
Nc2VqjMN9xHAFN+TL5TdnBtFEG6IRX/IieFcp9my7S3RHKe4Gt1eLtoYgA+jyuEc
eN85QBIcPsl8apd0kT5Xrw0UZ6aGqyK2DseWjxytnFcE9BrgJZx3bnWXiBdUPvki
eMy3qoFO/MVVDF+Rw/zqmJvKEchiXTzaFCkDooW678WqPjBKzJjV0t6CN5eCfKV3
WMh9pasrgz3S
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:26:47 2025 by rpki-client