Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/fKa2pPEwgWubyIepWNsrourrtUA.roa
File: fKa2pPEwgWubyIepWNsrourrtUA.roa (raw, json)
Hash identifier: 5JFaayud5MuD4+1U6LBeHYpEPFV1xUEJqt2WbrDpVkc=
Subject key identifier: 7C:A6:B6:A4:F1:30:81:6B:9B:C8:87:A9:58:DB:2B:A2:EA:EB:B5:40
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 018CC4924C1F3862AFBC192B3066A2F5D2CA
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/fKa2pPEwgWubyIepWNsrourrtUA.roa
Signing time: Mon 01 Jan 2024 10:29:31 +0000
ROA not before: Mon 01 Jan 2024 10:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29582
IP address blocks: 95.158.145.0/24 maxlen: 24
80.95.19.0/24 maxlen: 24
93.152.240.0/24 maxlen: 24
93.152.246.0/24 maxlen: 24
93.152.247.0/24 maxlen: 24
2a00:e200:103::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:4c:1f:38:62:af:bc:19:2b:30:66:a2:f5:d2:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 10:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ca6b6a4f130816b9bc887a958db2ba2eaebb540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:05:d8:e1:35:be:c0:3a:74:fc:7a:e7:d2:af:
46:e1:2e:b1:a9:9b:34:e2:c5:3a:a2:36:e1:9a:e8:
4c:4b:39:67:80:ae:40:3f:7f:bb:4a:07:84:67:e1:
e7:37:7b:3e:8a:b6:0a:f8:92:6d:5a:d8:b9:6a:ef:
99:7c:1a:32:9c:43:3e:79:03:75:cf:dc:73:64:f4:
4a:00:3a:23:24:f6:81:32:04:63:8e:1e:f9:0c:0c:
0d:09:bc:2e:f6:c3:84:4e:7e:fc:e5:c7:c4:8a:c5:
0a:8e:65:b9:0e:a1:2e:f4:dc:b2:74:07:89:7f:f6:
74:42:12:f6:e9:ca:ca:f6:a7:ee:30:ad:07:e0:b8:
cf:0c:21:4c:9c:40:47:57:21:84:4d:80:dc:ad:bf:
8f:ac:49:c8:6b:75:78:04:7d:c1:e1:63:e9:21:17:
10:a7:aa:47:2c:2c:f2:13:b8:3c:89:21:cd:d3:48:
b2:86:33:ae:2c:04:af:c3:8c:5d:ad:63:b6:e8:c5:
ab:43:ce:31:d8:05:b2:5d:0a:ad:0f:7f:d9:f1:45:
ee:d8:72:cb:8b:da:3e:84:77:7e:10:3a:6d:bd:e0:
51:1d:11:ab:68:b7:94:ae:a2:c4:5e:36:07:eb:b4:
06:da:9f:07:a4:af:e2:bd:0a:a7:f2:bb:7a:7b:87:
3f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A6:B6:A4:F1:30:81:6B:9B:C8:87:A9:58:DB:2B:A2:EA:EB:B5:40
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/fKa2pPEwgWubyIepWNsrourrtUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.95.19.0/24
93.152.240.0/24
93.152.246.0/23
95.158.145.0/24
IPv6:
2a00:e200:103::/48
Signature Algorithm: sha256WithRSAEncryption
8f:f6:45:07:9d:38:61:ae:90:a8:69:57:3a:e8:ed:84:aa:8e:
0f:2c:7c:20:c6:a0:1a:73:4a:d5:9a:e2:59:13:79:cd:f8:84:
a4:5b:3e:16:f0:3f:fa:fb:d9:2c:b5:54:59:03:b9:14:67:df:
03:69:bf:6e:b8:ce:de:58:fd:9e:24:83:14:e1:77:76:77:30:
19:2c:81:37:13:e2:29:bf:48:47:de:be:f2:48:f6:81:90:86:
ee:9a:c2:a5:f2:23:f2:07:b2:06:1d:92:1e:e7:97:28:d7:af:
2c:88:06:fc:c8:ff:a8:84:2d:bb:a0:2c:3c:6f:41:ee:6c:29:
96:2e:29:3f:33:ea:8b:77:4f:27:b2:a9:20:d0:fa:66:62:e5:
8f:1e:11:6a:19:1f:2f:fd:1e:16:55:65:39:e0:3a:aa:c7:40:
ca:de:a9:cd:c8:05:6d:7d:a9:6e:f1:13:95:1e:af:f4:f5:75:
0b:ce:45:06:c2:ea:04:f3:3f:55:53:9a:ee:ea:7a:4d:13:ab:
e8:e5:7a:91:5f:bb:bc:f9:0f:f3:b5:0f:a5:84:56:fc:62:c4:
87:9a:c8:7a:b8:bf:cf:40:21:2d:38:a9:53:8e:17:ac:83:c1:
b1:80:29:c5:a9:75:54:7e:83:ab:b4:94:75:e0:55:0f:b3:f0:
cc:b6:b3:ec
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzEkkwfOGKvvBkrMGai9dLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjQwMTAxMTAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2E2YjZhNGYxMzA4MTZiOWJjODg3YTk1OGRiMmJhMmVhZWJiNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwXY4TW+wDp0/Hrn0q9G4S6xqZs0
4sU6ojbhmuhMSzlngK5AP3+7SgeEZ+HnN3s+irYK+JJtWti5au+ZfBoynEM+eQN1
z9xzZPRKADojJPaBMgRjjh75DAwNCbwu9sOETn785cfEisUKjmW5DqEu9NyydAeJ
f/Z0QhL26crK9qfuMK0H4LjPDCFMnEBHVyGETYDcrb+PrEnIa3V4BH3B4WPpIRcQ
p6pHLCzyE7g8iSHN00iyhjOuLASvw4xdrWO26MWrQ84x2AWyXQqtD3/Z8UXu2HLL
i9o+hHd+EDptveBRHRGraLeUrqLEXjYH67QG2p8HpK/ivQqn8rt6e4c/pwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFHymtqTxMIFrm8iHqVjbK6Lq67VAMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvZkthMnBQRXdnV3VieUllcFdOc3JvdXJydFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAUF8TAwQA
XZjwAwQBXZj2AwQAX56RMA8EAgACMAkDBwAqAOIAAQMwDQYJKoZIhvcNAQELBQAD
ggEBAI/2RQedOGGukKhpVzro7YSqjg8sfCDGoBpzStWa4lkTec34hKRbPhbwP/r7
2Sy1VFkDuRRn3wNpv264zt5Y/Z4kgxThd3Z3MBksgTcT4im/SEfevvJI9oGQhu6a
wqXyI/IHsgYdkh7nlyjXryyIBvzI/6iELbugLDxvQe5sKZYuKT8z6ot3TyeyqSDQ
+mZi5Y8eEWoZHy/9HhZVZTngOqrHQMreqc3IBW19qW7xE5Uer/T1dQvORQbC6gTz
P1VTmu7qek0Tq+jlepFfu7z5D/O1D6WEVvxixIeayHq4v89AIS04qVOOF6yDwbGA
KcWpdVR+g6u0lHXgVQ+z8My2s+w=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:10:01 2025 by rpki-client