Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/EBNapJHE2K7Shux0hVRBCOC19qo.roa
File: EBNapJHE2K7Shux0hVRBCOC19qo.roa (raw, json)
Hash identifier: f+v9fT9kZ9lgh1QZ8FckPMeOpDyx7MnDGN8jmTIepgA=
Subject key identifier: 10:13:5A:A4:91:C4:D8:AE:D2:86:EC:74:85:54:41:08:E0:B5:F6:AA
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0191763446454B9D1090B7BB0631FA4B6809
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/EBNapJHE2K7Shux0hVRBCOC19qo.roa
Signing time: Wed 21 Aug 2024 18:30:22 +0000
ROA not before: Wed 21 Aug 2024 18:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.84.216.0/24 maxlen: 24
45.95.243.0/24 maxlen: 24
45.130.143.0/24 maxlen: 24
45.146.53.0/24 maxlen: 24
45.148.25.0/24 maxlen: 24
45.157.98.0/24 maxlen: 24
136.144.26.0/24 maxlen: 24
136.144.27.0/24 maxlen: 24
185.227.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 07:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:34:46:45:4b:9d:10:90:b7:bb:06:31:fa:4b:68:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Aug 21 18:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10135aa491c4d8aed286ec7485544108e0b5f6aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5c:ed:b8:e2:c9:f9:5e:86:56:14:b8:a3:df:
ab:d0:60:ce:3c:4f:b5:9c:96:37:1b:bf:f4:c8:87:
7e:92:8d:9b:4d:5a:92:4f:ca:39:8d:3d:10:ba:df:
54:e5:07:f1:65:bc:3e:ed:3f:7b:b3:8e:59:3a:ff:
23:7f:d1:1d:f9:bc:f3:e3:28:76:0c:2d:95:d2:f6:
6d:17:be:94:6e:45:66:53:96:b8:ba:c9:88:d1:35:
7c:d2:65:2b:3b:1c:19:4a:ef:93:41:2d:76:21:1e:
9d:63:2f:23:ef:8a:49:f6:23:84:ca:28:56:50:26:
d5:13:c6:a8:95:64:11:bc:fd:59:47:45:98:95:f7:
56:4a:8d:e6:ee:79:4b:10:15:d5:01:51:19:a6:14:
91:5f:3e:a2:00:8a:84:93:4a:8b:2e:94:44:c0:c5:
93:3d:14:c3:85:8e:20:6a:fe:7a:04:1d:87:78:3a:
21:e5:a2:2f:a1:4b:df:3e:33:4c:fb:24:85:a3:f8:
e1:d4:cb:47:1c:4d:d5:33:06:13:22:8e:e3:59:c1:
99:e7:f8:cc:51:fa:dd:ca:83:1f:35:eb:3a:44:60:
5a:f6:f7:77:57:46:d9:eb:22:c8:af:8b:27:0b:d9:
76:e5:77:7c:2c:8c:cb:3c:7d:8c:a1:cf:cf:aa:08:
ea:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:13:5A:A4:91:C4:D8:AE:D2:86:EC:74:85:54:41:08:E0:B5:F6:AA
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/EBNapJHE2K7Shux0hVRBCOC19qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.216.0/24
45.95.243.0/24
45.130.143.0/24
45.146.53.0/24
45.148.25.0/24
45.157.98.0/24
136.144.26.0/23
185.227.33.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:0f:f1:db:4f:cc:3b:d8:d1:94:d5:8c:a3:90:3a:65:7b:3b:
95:cb:be:14:75:7d:8c:69:98:39:c6:8a:f3:ba:96:04:17:81:
dd:d1:09:02:ff:5c:54:d1:02:ad:60:09:3e:42:7f:30:0d:20:
1b:8d:dd:88:b2:1a:8f:33:82:af:b0:4d:80:bf:20:8f:49:d3:
2e:a6:5d:dd:99:38:d2:b2:07:5b:b0:87:7b:c5:9a:7e:0f:5d:
eb:5a:10:59:ac:b2:26:87:d7:34:18:86:27:ea:2d:53:1b:e9:
b6:6b:ff:aa:dd:51:79:d2:30:20:50:13:5e:80:34:d8:02:1e:
a9:85:e7:a8:be:8c:3a:0b:4c:e5:ed:5d:42:8d:6e:8d:5c:d9:
af:be:7a:25:a1:13:f4:f1:f0:58:8e:2f:78:ca:2c:ba:37:6d:
b6:ea:bc:a3:52:27:fe:62:ec:0d:4a:1b:78:99:d8:e0:ee:c8:
06:fe:88:8f:ac:5d:25:7c:3c:44:f4:2f:29:ad:c8:b2:aa:e6:
40:d7:51:dc:49:84:cf:bf:3e:62:d0:db:03:f2:59:db:fb:1d:
6e:8e:bc:ca:d6:f6:2e:14:92:ff:db:75:aa:37:48:b7:87:53:
90:c4:3b:fc:c8:b1:c3:de:6b:5f:ff:ab:b7:82:ae:e3:41:f3:
a8:04:d8:82
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZF2NEZFS50QkLe7BjH6S2gJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwODIxMTgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDEzNWFhNDkxYzRkOGFlZDI4NmVjNzQ4NTU0NDEwOGUwYjVmNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlztuOLJ+V6GVhS4o9+r0GDOPE+1
nJY3G7/0yId+ko2bTVqST8o5jT0Qut9U5QfxZbw+7T97s45ZOv8jf9Ed+bzz4yh2
DC2V0vZtF76UbkVmU5a4usmI0TV80mUrOxwZSu+TQS12IR6dYy8j74pJ9iOEyihW
UCbVE8aolWQRvP1ZR0WYlfdWSo3m7nlLEBXVAVEZphSRXz6iAIqEk0qLLpREwMWT
PRTDhY4gav56BB2HeDoh5aIvoUvfPjNM+ySFo/jh1MtHHE3VMwYTIo7jWcGZ5/jM
UfrdyoMfNes6RGBa9vd3V0bZ6yLIr4snC9l25Xd8LIzLPH2Moc/PqgjqoQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBATWqSRxNiu0obsdIVUQQjgtfaqMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvRUJOYXBKSEUySzdTaHV4MGhWUkJDT0MxOXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVTYAwQA
LV/zAwQALYKPAwQALZI1AwQALZQZAwQALZ1iAwQBiJAaAwQAueMhMA0GCSqGSIb3
DQEBCwUAA4IBAQBfD/HbT8w72NGU1YyjkDplezuVy74UdX2MaZg5xorzupYEF4Hd
0QkC/1xU0QKtYAk+Qn8wDSAbjd2IshqPM4KvsE2AvyCPSdMupl3dmTjSsgdbsId7
xZp+D13rWhBZrLImh9c0GIYn6i1TG+m2a/+q3VF50jAgUBNegDTYAh6pheeovow6
C0zl7V1CjW6NXNmvvnoloRP08fBYji94yiy6N2226ryjUif+YuwNSht4mdjg7sgG
/oiPrF0lfDxE9C8prciyquZA11HcSYTPvz5i0NsD8lnb+x1ujrzK1vYuFJL/23Wq
N0i3h1OQxDv8yLHD3mtf/6u3gq7jQfOoBNiC
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:17 2024 by rpki-client on console-fra.rpki-client.org