Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/eloFkTkHGXpqVkmMrBWWSz3YAEE.roa
File: eloFkTkHGXpqVkmMrBWWSz3YAEE.roa (raw, json)
Hash identifier: j9EV6eqdg2hjOlHPhuyEW2AJoaBI6zAYmXGft+B3zHo=
Subject key identifier: 7A:5A:05:91:39:07:19:7A:6A:56:49:8C:AC:15:96:4B:3D:D8:00:41
Certificate issuer: /CN=2d7479f45643a2b82e10dabf73efef7703b1e2d2
Certificate serial: 018571BA227AE02A82606451DB4E1D5C78B7
Authority key identifier: 2D:74:79:F4:56:43:A2:B8:2E:10:DA:BF:73:EF:EF:77:03:B1:E2:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LXR59FZDorguENq_c-_vdwOx4tI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/eloFkTkHGXpqVkmMrBWWSz3YAEE.roa
Signing time: Mon 02 Jan 2023 09:05:02 +0000
ROA not before: Mon 02 Jan 2023 09:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41405
IP address blocks: 45.146.212.0/22 maxlen: 22
185.123.84.0/22 maxlen: 22
195.200.217.0/24 maxlen: 24
91.223.159.0/24 maxlen: 24
2a06:ac00::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:22:7a:e0:2a:82:60:64:51:db:4e:1d:5c:78:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d7479f45643a2b82e10dabf73efef7703b1e2d2
Validity
Not Before: Jan 2 09:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a5a05913907197a6a56498cac15964b3dd80041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a9:95:c5:0a:08:71:6b:74:25:1d:5e:ae:f2:
38:55:fd:42:08:8b:ba:71:77:f8:e3:e7:2e:ab:87:
c8:2c:6a:25:71:f9:d2:f0:7b:e6:5f:2c:4e:98:a1:
dd:fc:03:3b:d3:89:50:85:67:88:fc:b8:bc:58:61:
af:8c:68:e7:91:d6:bb:cb:0e:fb:3b:a7:b3:1f:c2:
fc:ae:14:a0:84:94:a2:d4:69:50:e2:22:ea:e8:f4:
d4:9a:90:86:19:b4:47:c8:e3:64:f5:7a:a7:a3:08:
a3:17:75:d4:3d:6c:1b:14:b5:be:97:ee:7e:8d:e8:
af:52:2e:21:62:77:31:6d:06:46:3c:84:16:38:bb:
22:f0:3f:b0:77:9a:c8:7b:8e:d4:ec:6f:31:c4:57:
50:67:c4:e6:e7:2c:58:e3:92:45:01:0a:77:5a:c9:
01:7b:7e:be:61:b9:9a:48:50:33:75:87:29:56:74:
78:44:46:53:61:f5:7c:e0:a6:74:76:ab:a1:0b:10:
b0:30:21:41:9f:ed:54:e6:7f:7b:69:22:0b:3b:c3:
78:75:9b:0e:9b:77:bd:cc:bc:44:c9:9e:83:61:b0:
c4:bd:26:78:d3:27:0d:2c:39:d6:0d:c3:6a:5a:2e:
bb:e0:ba:04:8e:24:96:72:1b:c7:68:d1:3d:f8:b1:
b4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:5A:05:91:39:07:19:7A:6A:56:49:8C:AC:15:96:4B:3D:D8:00:41
X509v3 Authority Key Identifier:
keyid:2D:74:79:F4:56:43:A2:B8:2E:10:DA:BF:73:EF:EF:77:03:B1:E2:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LXR59FZDorguENq_c-_vdwOx4tI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/eloFkTkHGXpqVkmMrBWWSz3YAEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/LXR59FZDorguENq_c-_vdwOx4tI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.212.0/22
91.223.159.0/24
185.123.84.0/22
195.200.217.0/24
IPv6:
2a06:ac00::/29
Signature Algorithm: sha256WithRSAEncryption
92:52:bb:a7:16:59:48:1b:59:ed:7c:d8:15:4b:37:b2:bb:25:
3c:e3:1a:73:5a:0d:0b:2b:75:ed:88:5d:74:87:82:f8:2e:bf:
83:89:21:5f:ad:49:23:50:68:16:50:f3:1a:5d:1e:90:fb:8b:
46:ea:db:72:12:d7:94:71:f9:de:b3:51:68:4e:8f:b7:c9:38:
2d:c8:a2:f3:94:3d:88:0a:02:3e:24:d0:3f:b0:08:f6:09:85:
59:16:41:62:52:56:17:c5:21:21:39:c1:5a:fa:d5:97:8b:c3:
89:43:71:27:21:22:dd:65:74:86:c2:70:ef:aa:cb:8c:f2:37:
86:b5:5e:55:74:80:e1:91:12:98:ce:f1:0d:6c:33:ac:22:5f:
be:30:6f:3c:ba:e2:ae:df:ff:f6:81:63:f1:2a:08:2f:cf:a3:
ba:a5:00:bc:98:45:54:19:21:3c:e1:5d:51:fb:e6:72:49:94:
c3:47:fb:f8:b6:62:95:14:05:58:da:65:ba:09:48:5e:56:3d:
a3:c6:6f:52:f8:61:21:a4:b8:91:6b:0b:05:29:1f:c4:9d:17:
9f:49:c5:ae:a7:f2:24:fa:e9:20:08:5b:25:6f:f6:19:5f:ef:
23:d2:3e:93:f6:b4:9c:91:14:0c:89:04:3e:ab:06:d4:dc:af:
51:16:2f:5a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxuiJ64CqCYGRR204dXHi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNzQ3OWY0NTY0M2EyYjgyZTEwZGFiZjczZWZlZjc3MDNi
MWUyZDIwHhcNMjMwMTAyMDkwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTVhMDU5MTM5MDcxOTdhNmE1NjQ5OGNhYzE1OTY0YjNkZDgwMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKmVxQoIcWt0JR1ervI4Vf1CCIu6
cXf44+cuq4fILGolcfnS8HvmXyxOmKHd/AM704lQhWeI/Li8WGGvjGjnkda7yw77
O6ezH8L8rhSghJSi1GlQ4iLq6PTUmpCGGbRHyONk9XqnowijF3XUPWwbFLW+l+5+
jeivUi4hYncxbQZGPIQWOLsi8D+wd5rIe47U7G8xxFdQZ8Tm5yxY45JFAQp3WskB
e36+YbmaSFAzdYcpVnR4REZTYfV84KZ0dquhCxCwMCFBn+1U5n97aSILO8N4dZsO
m3e9zLxEyZ6DYbDEvSZ40ycNLDnWDcNqWi674LoEjiSWchvHaNE9+LG07wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHpaBZE5Bxl6alZJjKwVlks92ABBMB8GA1UdIwQY
MBaAFC10efRWQ6K4LhDav3Pv73cDseLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFhSNTlGWkRvcmd1RU5xX2MtX3Zkd094NHRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZGZlMWUtY2Q3NC00NzFlLTkxYmYt
MGZjM2ZkY2Y1OWFlLzEvZWxvRmtUa0hHWHBxVmttTXJCV1dTejNZQUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZGZlMWUtY2Q3NC00NzFlLTkxYmYtMGZjM2ZkY2Y1OWFl
LzEvTFhSNTlGWkRvcmd1RU5xX2MtX3Zkd094NHRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZLUAwQA
W9+fAwQCuXtUAwQAw8jZMA0EAgACMAcDBQMqBqwAMA0GCSqGSIb3DQEBCwUAA4IB
AQCSUrunFllIG1ntfNgVSzeyuyU84xpzWg0LK3XtiF10h4L4Lr+DiSFfrUkjUGgW
UPMaXR6Q+4tG6ttyEteUcfnes1FoTo+3yTgtyKLzlD2ICgI+JNA/sAj2CYVZFkFi
UlYXxSEhOcFa+tWXi8OJQ3EnISLdZXSGwnDvqsuM8jeGtV5VdIDhkRKYzvENbDOs
Il++MG88uuKu3//2gWPxKggvz6O6pQC8mEVUGSE84V1R++ZySZTDR/v4tmKVFAVY
2mW6CUheVj2jxm9S+GEhpLiRawsFKR/EnRefScWup/Ik+ukgCFslb/YZX+8j0j6T
9rSckRQMiQQ+qwbU3K9RFi9a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:06 2024 by rpki-client on console-fra.rpki-client.org