Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/e9SK-itZXHfV3y7x13CdeyyVcqg.roa
File: e9SK-itZXHfV3y7x13CdeyyVcqg.roa (raw, json)
Hash identifier: sTgUN0h6tO53ktYT2R7uvyTRGBE+dneQIIq2VWV5Z1M=
Subject key identifier: 7B:D4:8A:FA:2B:59:5C:77:D5:DF:2E:F1:D7:70:9D:7B:2C:95:72:A8
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 01902610346193465C5BA95F7ADC8D5BA324
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/e9SK-itZXHfV3y7x13CdeyyVcqg.roa
Signing time: Mon 17 Jun 2024 11:58:34 +0000
ROA not before: Mon 17 Jun 2024 11:58:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 145.219.22.0/24 maxlen: 24
145.219.23.0/24 maxlen: 24
145.219.24.0/22 maxlen: 22
145.219.28.0/22 maxlen: 22
145.219.32.0/22 maxlen: 22
2a04:b0c0:10::/48 maxlen: 48
2a04:b0c0:11::/48 maxlen: 48
2a04:b0c0:12::/48 maxlen: 48
2a04:b0c0:13::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Jun 2024 13:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:10:34:61:93:46:5c:5b:a9:5f:7a:dc:8d:5b:a3:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jun 17 11:58:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bd48afa2b595c77d5df2ef1d7709d7b2c9572a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:b2:d6:06:f6:21:ae:5b:01:6b:46:53:b7:
20:3e:d9:db:50:7d:9d:87:c1:b8:84:ac:ac:13:c2:
96:77:1a:9c:52:d0:93:51:1e:38:53:28:bd:7b:a3:
f1:a9:ce:2c:a7:fe:cc:fc:ce:05:25:bc:84:84:6a:
0b:07:55:cd:1e:f5:de:4e:ea:f6:ca:eb:7c:79:eb:
d0:39:9a:35:5a:3c:af:77:09:b1:d9:5d:cc:0e:50:
58:d3:8f:59:be:ac:7e:fd:59:4e:e0:a0:bd:6b:a0:
55:e5:08:ef:da:0a:0c:52:dc:4f:a4:84:ec:68:1e:
e8:7d:b7:67:29:dd:c4:c0:03:12:e1:9c:aa:01:71:
07:8b:95:66:12:92:2a:fd:2a:75:68:65:3d:01:d7:
1a:ec:3f:0e:b6:cc:47:59:12:1e:c2:24:86:bf:1f:
e0:02:9a:7a:ed:0f:47:bc:2e:1f:45:3f:46:ed:c2:
f9:f9:ce:f1:0c:d0:5d:ba:98:ed:9d:4d:51:fe:33:
fc:4d:71:13:cd:cb:62:31:b5:c7:b4:07:d5:c0:65:
b0:68:76:16:f2:ab:c4:3a:15:c1:0c:7a:b3:b2:e6:
ac:f2:2c:7e:42:a6:d7:f5:e5:41:34:b6:5b:86:8e:
e4:ed:83:85:2b:bf:e8:92:19:41:b5:9c:71:3f:59:
e9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D4:8A:FA:2B:59:5C:77:D5:DF:2E:F1:D7:70:9D:7B:2C:95:72:A8
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/e9SK-itZXHfV3y7x13CdeyyVcqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.22.0-145.219.35.255
IPv6:
2a04:b0c0:10::/46
Signature Algorithm: sha256WithRSAEncryption
7b:3a:bd:fa:2a:0f:fa:b3:0d:f4:7b:90:e2:ba:dc:ac:75:9f:
98:05:86:d0:e2:8d:8c:3d:3a:43:b4:34:69:c4:89:d0:42:19:
d7:f2:7e:87:87:68:20:8e:68:0c:72:fd:90:4f:b6:14:53:32:
9e:7d:46:94:eb:d8:b1:30:17:6a:99:63:e4:4f:87:2e:fa:1f:
ac:88:9e:46:75:db:88:0d:11:1c:ac:fa:ee:87:a6:ea:44:2a:
99:23:de:d1:a6:eb:46:26:c8:fc:b1:4c:10:b9:db:3d:fc:94:
3d:6e:49:0d:5c:8b:93:fe:5b:a2:d6:9e:1e:f0:5b:ca:23:d0:
e8:1e:13:8e:50:22:a5:88:97:4d:4a:ba:eb:5a:7a:dd:d1:4d:
07:60:04:30:07:df:c0:eb:a1:93:cb:09:fb:02:f0:d9:ff:31:
b4:93:8c:55:06:d9:dd:05:7c:4e:25:3c:4f:c1:6f:e6:2f:f4:
c8:1f:b0:4d:fe:c0:da:f4:a4:00:99:fa:96:fa:f5:c8:07:9a:
43:f5:1b:98:17:24:58:4f:55:bd:2b:02:78:19:5b:93:67:d0:
a4:2e:ef:4b:07:16:64:25:5d:70:cd:3a:57:19:c1:56:e2:e9:
70:c2:ee:2f:83:f7:0a:f7:ad:35:69:ce:96:31:60:07:92:76:
e3:2f:eb:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAmEDRhk0ZcW6lfetyNW6MkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwNjE3MTE1ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQ0OGFmYTJiNTk1Yzc3ZDVkZjJlZjFkNzcwOWQ3YjJjOTU3MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3+y1gb2Ia5bAWtGU7cgPtnbUH2d
h8G4hKysE8KWdxqcUtCTUR44Uyi9e6Pxqc4sp/7M/M4FJbyEhGoLB1XNHvXeTur2
yut8eevQOZo1Wjyvdwmx2V3MDlBY049Zvqx+/VlO4KC9a6BV5Qjv2goMUtxPpITs
aB7ofbdnKd3EwAMS4ZyqAXEHi5VmEpIq/Sp1aGU9Adca7D8OtsxHWRIewiSGvx/g
App67Q9HvC4fRT9G7cL5+c7xDNBdupjtnU1R/jP8TXETzctiMbXHtAfVwGWwaHYW
8qvEOhXBDHqzsuas8ix+QqbX9eVBNLZbho7k7YOFK7/okhlBtZxxP1npFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvUivorWVx31d8u8ddwnXsslXKoMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvZTlTSy1pdFpYSGZWM3k3eDEzQ2RleXlWY3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAGR2xYD
BAKR2yAwDwQCAAIwCQMHAioEsMAAEDANBgkqhkiG9w0BAQsFAAOCAQEAezq9+ioP
+rMN9HuQ4rrcrHWfmAWG0OKNjD06Q7Q0acSJ0EIZ1/J+h4doII5oDHL9kE+2FFMy
nn1GlOvYsTAXaplj5E+HLvofrIieRnXbiA0RHKz67oem6kQqmSPe0abrRibI/LFM
ELnbPfyUPW5JDVyLk/5botaeHvBbyiPQ6B4TjlAipYiXTUq661p63dFNB2AEMAff
wOuhk8sJ+wLw2f8xtJOMVQbZ3QV8TiU8T8Fv5i/0yB+wTf7A2vSkAJn6lvr1yAea
Q/UbmBckWE9VvSsCeBlbk2fQpC7vSwcWZCVdcM06VxnBVuLpcMLuL4P3CvetNWnO
ljFgB5J24y/rYg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:14 2025 by rpki-client