Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/EJgY8woJ69ALW2qUs40EVXPbDoM.roa
File: EJgY8woJ69ALW2qUs40EVXPbDoM.roa (raw, json)
Hash identifier: gJgsFzfcCYLW+UsmJGS+jHRvlH2e8oXUUoio5HuZUM8=
Subject key identifier: 10:98:18:F3:0A:09:EB:D0:0B:5B:6A:94:B3:8D:04:55:73:DB:0E:83
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 018E566E7C0601531C9D5E310412DC252116
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/EJgY8woJ69ALW2qUs40EVXPbDoM.roa
Signing time: Tue 19 Mar 2024 11:17:45 +0000
ROA not before: Tue 19 Mar 2024 11:17:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 145.219.22.0/23 maxlen: 23
145.219.24.0/22 maxlen: 22
145.219.28.0/22 maxlen: 22
2a04:b0c0:10:1001::/64 maxlen: 64
2a04:b0c0:10:1002::/64 maxlen: 64
2a04:b0c0:10:1003::/64 maxlen: 64
Validation: Failed, certificate revoked on Mon 25 Mar 2024 08:46:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:6e:7c:06:01:53:1c:9d:5e:31:04:12:dc:25:21:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Mar 19 11:17:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=109818f30a09ebd00b5b6a94b38d045573db0e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:41:c5:fd:25:3e:6d:f4:14:aa:c0:40:1c:01:
52:18:47:cf:ab:2b:1f:f9:01:86:27:00:a0:70:c5:
ef:4b:4d:d3:b6:d6:66:c5:87:29:1b:93:d5:2f:fb:
86:87:4f:f9:eb:9f:01:e5:75:d0:a5:81:0a:ea:b6:
36:9a:4a:86:f7:2c:1a:67:d6:36:8b:26:ba:54:15:
b2:8f:db:ec:95:72:77:24:e7:0d:7b:ed:e0:26:32:
49:16:d5:3e:1e:ec:68:a2:61:50:0b:95:24:8a:cb:
e9:5c:ab:40:9e:93:ed:89:24:43:68:56:d7:22:07:
48:b6:94:ac:9d:9d:73:43:0b:9c:5e:e0:6f:2d:14:
b6:c9:b9:23:e4:ea:ba:36:02:32:52:d6:14:31:22:
1c:5f:40:92:28:9b:1d:09:e9:57:55:ce:f0:95:07:
25:6f:61:f3:7c:c5:4e:1d:0d:96:d0:3f:ae:a2:f6:
1a:7a:57:a8:88:9d:bb:05:48:c6:7d:db:36:9a:38:
9c:2a:ea:83:10:e4:88:d4:84:fc:b4:90:90:d8:e3:
d5:42:1e:e0:d0:14:c5:3e:5f:43:8f:13:04:25:6b:
b4:88:18:59:43:f1:bd:67:b9:0f:c7:f0:bb:bb:ef:
75:ab:fb:3a:cd:5f:da:99:82:cf:57:b7:2e:50:bc:
1d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:98:18:F3:0A:09:EB:D0:0B:5B:6A:94:B3:8D:04:55:73:DB:0E:83
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/EJgY8woJ69ALW2qUs40EVXPbDoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.22.0-145.219.31.255
IPv6:
2a04:b0c0:10:1001::-2a04:b0c0:10:1003:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
99:95:73:32:56:f7:63:01:b9:2f:7a:28:72:42:bf:52:78:24:
0d:09:78:fc:3b:11:70:2d:04:20:72:1c:b7:7e:74:fa:df:f8:
38:cc:90:d4:83:01:0d:bb:1b:4e:11:42:24:9a:e8:7f:3b:b9:
69:3c:ac:ac:03:74:2b:f5:69:43:32:f5:41:e2:84:9a:e8:dd:
4d:25:ad:17:9a:2e:b3:2c:79:ef:4a:b1:9a:d3:10:8a:ca:28:
88:99:e5:a1:02:e1:73:f3:6f:3d:83:80:ef:06:d0:8b:79:18:
fe:a7:b9:71:61:be:14:0b:63:d2:5a:65:e7:c2:3f:fb:a7:0b:
38:57:c2:36:c4:d7:43:d2:1a:02:ff:8d:83:b1:e9:a5:03:e8:
05:af:b1:1e:d4:61:a3:ae:c3:70:28:86:6c:03:56:c0:c0:07:
b5:09:d7:6a:f2:d5:8c:4a:8c:d6:38:35:5a:04:7f:63:43:2f:
5d:5e:e1:4a:a7:83:14:97:49:67:0b:b2:01:87:73:4d:4f:d1:
58:bf:f6:1d:4b:4b:62:25:63:43:fb:25:dd:ea:ed:8d:61:d6:
f1:8f:1a:8c:3e:91:5b:fc:25:14:02:85:b2:8a:48:7c:fe:ac:
84:f0:eb:ee:25:57:c4:2d:cf:4f:d8:20:a1:63:7c:90:7a:24:
93:1d:b9:53
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY5WbnwGAVMcnV4xBBLcJSEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwMzE5MTExNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDk4MThmMzBhMDllYmQwMGI1YjZhOTRiMzhkMDQ1NTczZGIwZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0HF/SU+bfQUqsBAHAFSGEfPqysf
+QGGJwCgcMXvS03TttZmxYcpG5PVL/uGh0/5658B5XXQpYEK6rY2mkqG9ywaZ9Y2
iya6VBWyj9vslXJ3JOcNe+3gJjJJFtU+HuxoomFQC5UkisvpXKtAnpPtiSRDaFbX
IgdItpSsnZ1zQwucXuBvLRS2ybkj5Oq6NgIyUtYUMSIcX0CSKJsdCelXVc7wlQcl
b2HzfMVOHQ2W0D+uovYaeleoiJ27BUjGfds2mjicKuqDEOSI1IT8tJCQ2OPVQh7g
0BTFPl9DjxMEJWu0iBhZQ/G9Z7kPx/C7u+91q/s6zV/amYLPV7cuULwdFQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBCYGPMKCevQC1tqlLONBFVz2w6DMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvRUpnWTh3b0o2OUFMVzJxVXM0MEVWWFBiRG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAUBAIAATAOMAwDBAGR2xYD
BAWR2wAwHgQCAAIwGDAWAwkAKgSwwAAQEAEDCQIqBLDAABAQADANBgkqhkiG9w0B
AQsFAAOCAQEAmZVzMlb3YwG5L3oockK/UngkDQl4/DsRcC0EIHIct350+t/4OMyQ
1IMBDbsbThFCJJrofzu5aTysrAN0K/VpQzL1QeKEmujdTSWtF5ousyx570qxmtMQ
isooiJnloQLhc/NvPYOA7wbQi3kY/qe5cWG+FAtj0lpl58I/+6cLOFfCNsTXQ9Ia
Av+Ng7HppQPoBa+xHtRho67DcCiGbANWwMAHtQnXavLVjEqM1jg1WgR/Y0MvXV7h
SqeDFJdJZwuyAYdzTU/RWL/2HUtLYiVjQ/sl3ertjWHW8Y8ajD6RW/wlFAKFsopI
fP6shPDr7iVXxC3PT9ggoWN8kHokkx25Uw==
-----END CERTIFICATE-----
Generated at Mon Mar 25 12:45:39 2024 by rpki-client on console-ams.rpki-client.org