Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/E0zL5VeK6Lpom11hs5a3r55ZQpI.roa
File: E0zL5VeK6Lpom11hs5a3r55ZQpI.roa (raw, json)
Hash identifier: vVNLuBx0JRsNodHZc4DnJ5OIdDf3J7WSd1m3GuBpXY0=
Subject key identifier: 13:4C:CB:E5:57:8A:E8:BA:68:9B:5D:61:B3:96:B7:AF:9E:59:42:92
Certificate issuer: /CN=efad344eb5f7eb1dee4b8f8435fb5b9d87663e9d
Certificate serial: 018CCFA5F4BE983DCF1DAE0B4C1E81E229AE
Authority key identifier: EF:AD:34:4E:B5:F7:EB:1D:EE:4B:8F:84:35:FB:5B:9D:87:66:3E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7600TrX36x3uS4-ENftbnYdmPp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/E0zL5VeK6Lpom11hs5a3r55ZQpI.roa
Signing time: Wed 03 Jan 2024 14:06:48 +0000
ROA not before: Wed 03 Jan 2024 14:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 145.1.232.0/21 maxlen: 21
62.36.0.0/16 maxlen: 16
145.1.240.0/20 maxlen: 20
93.117.88.0/21 maxlen: 21
149.74.0.0/16 maxlen: 16
1.178.232.0/21 maxlen: 21
85.48.0.0/12 maxlen: 12
90.160.0.0/12 maxlen: 12
Validation: Failed, certificate revoked on Wed 03 Jan 2024 17:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:a5:f4:be:98:3d:cf:1d:ae:0b:4c:1e:81:e2:29:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efad344eb5f7eb1dee4b8f8435fb5b9d87663e9d
Validity
Not Before: Jan 3 14:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=134ccbe5578ae8ba689b5d61b396b7af9e594292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b3:a6:de:dd:0a:4f:22:89:72:7d:04:3e:31:
71:e3:b1:0c:26:44:a4:fe:05:12:79:76:d5:9a:d9:
8b:d7:49:c4:cb:76:5e:56:88:fd:bf:3a:f6:49:e6:
e9:69:11:c1:3e:71:e7:71:a1:a2:57:24:b0:d8:f9:
b8:f1:c5:12:d1:1e:f1:e3:24:4e:cf:48:1f:75:20:
74:60:03:05:31:81:6c:19:1d:39:ab:9e:af:2d:06:
a9:43:ba:66:95:0a:4d:10:75:37:88:76:66:87:74:
33:51:02:40:0b:dd:8e:08:62:49:42:b9:44:8f:31:
ea:ad:83:d1:35:68:30:95:6f:59:15:47:d3:2e:96:
c1:ec:a0:8b:7f:5c:17:ab:b2:ba:f3:6e:92:89:bb:
65:af:08:01:66:fd:d9:5c:0f:4f:c5:42:16:e0:e2:
a6:bc:80:16:a2:47:e7:65:6e:6a:3e:c7:98:7c:84:
9c:12:87:0a:38:7b:dc:66:c0:10:64:f9:b0:ad:10:
48:03:e0:c1:2b:8e:52:a0:4a:43:83:b4:4b:cc:45:
4a:42:b4:98:2c:8f:65:a9:78:d8:07:3f:a7:2d:c8:
50:55:1f:bc:64:57:13:ad:30:87:9c:73:50:ee:5d:
51:c9:0f:a6:eb:ad:c3:b0:78:b6:d6:cb:da:08:db:
c0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:4C:CB:E5:57:8A:E8:BA:68:9B:5D:61:B3:96:B7:AF:9E:59:42:92
X509v3 Authority Key Identifier:
keyid:EF:AD:34:4E:B5:F7:EB:1D:EE:4B:8F:84:35:FB:5B:9D:87:66:3E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7600TrX36x3uS4-ENftbnYdmPp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/E0zL5VeK6Lpom11hs5a3r55ZQpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1a830a-f061-4cdc-bafb-a2fe9f015d71/1/7600TrX36x3uS4-ENftbnYdmPp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
1.178.232.0/21
62.36.0.0/16
85.48.0.0/12
90.160.0.0/12
93.117.88.0/21
145.1.232.0-145.1.255.255
149.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:d5:d7:38:34:e9:eb:94:e1:ec:be:de:5f:ec:54:f5:1a:0b:
99:2c:89:c1:3d:c2:52:60:4b:f3:9f:cb:31:37:87:74:11:27:
49:ec:2d:7c:f7:01:94:35:8d:0a:d0:a6:8b:c8:be:75:77:ec:
7f:85:e9:67:72:02:ef:c5:d6:a4:4f:50:d8:74:b5:2d:fd:e0:
1f:83:51:ff:f2:15:11:43:0b:c3:a7:4b:f4:18:66:bb:8a:4c:
19:a1:6e:39:93:2f:06:3f:1e:cd:ac:af:b4:e9:c9:bb:aa:5c:
c0:b1:57:86:33:84:a3:ff:5d:a2:72:3d:78:b0:b5:1a:f5:c9:
07:f2:8c:c9:9f:ce:07:7b:be:05:de:8c:b4:1a:6f:e5:bf:a8:
94:55:8a:19:d2:48:c0:f2:dc:c6:43:a5:a2:5c:a0:5a:14:91:
b3:87:4a:8a:db:87:85:b2:d4:63:be:3c:a5:f8:e5:32:ab:6c:
5c:36:bd:0d:b4:14:a0:a4:3e:32:a1:3c:55:b3:1e:4f:b0:fd:
4e:85:a2:5e:50:ca:61:12:08:24:c2:9f:5d:15:0a:56:b4:1c:
28:41:8a:0c:cc:03:22:ad:23:4c:f6:7f:b1:50:d1:78:dd:1b:
fc:dc:88:85:fe:cd:60:31:33:19:70:86:97:6f:23:a1:52:71:
b6:1d:c3:5a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzPpfS+mD3PHa4LTB6B4imuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYWQzNDRlYjVmN2ViMWRlZTRiOGY4NDM1ZmI1YjlkODc2
NjNlOWQwHhcNMjQwMTAzMTQwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzRjY2JlNTU3OGFlOGJhNjg5YjVkNjFiMzk2YjdhZjllNTk0MjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbOm3t0KTyKJcn0EPjFx47EMJkSk
/gUSeXbVmtmL10nEy3ZeVoj9vzr2SebpaRHBPnHncaGiVySw2Pm48cUS0R7x4yRO
z0gfdSB0YAMFMYFsGR05q56vLQapQ7pmlQpNEHU3iHZmh3QzUQJAC92OCGJJQrlE
jzHqrYPRNWgwlW9ZFUfTLpbB7KCLf1wXq7K6826SibtlrwgBZv3ZXA9PxUIW4OKm
vIAWokfnZW5qPseYfIScEocKOHvcZsAQZPmwrRBIA+DBK45SoEpDg7RLzEVKQrSY
LI9lqXjYBz+nLchQVR+8ZFcTrTCHnHNQ7l1RyQ+m663DsHi21svaCNvA3QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBNMy+VXiui6aJtdYbOWt6+eWUKSMB8GA1UdIwQY
MBaAFO+tNE619+sd7kuPhDX7W52HZj6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzYwMFRyWDM2eDN1UzQtRU5mdGJuWWRtUHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xYTgzMGEtZjA2MS00Y2RjLWJhZmIt
YTJmZTlmMDE1ZDcxLzEvRTB6TDVWZUs2THBvbTExaHM1YTNyNTVaUXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xYTgzMGEtZjA2MS00Y2RjLWJhZmItYTJmZTlmMDE1ZDcx
LzEvNzYwMFRyWDM2eDN1UzQtRU5mdGJuWWRtUHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtAwQDAbLoAwMA
PiQDAwRVMAMDBFqgAwQDXXVYMAsDBAORAegDAwGRAAMDAJVKMA0GCSqGSIb3DQEB
CwUAA4IBAQB71dc4NOnrlOHsvt5f7FT1GguZLInBPcJSYEvzn8sxN4d0ESdJ7C18
9wGUNY0K0KaLyL51d+x/helncgLvxdakT1DYdLUt/eAfg1H/8hURQwvDp0v0GGa7
ikwZoW45ky8GPx7NrK+06cm7qlzAsVeGM4Sj/12icj14sLUa9ckH8ozJn84He74F
3oy0Gm/lv6iUVYoZ0kjA8tzGQ6WiXKBaFJGzh0qK24eFstRjvjyl+OUyq2xcNr0N
tBSgpD4yoTxVsx5PsP1OhaJeUMphEggkwp9dFQpWtBwoQYoMzAMirSNM9n+xUNF4
3Rv83IiF/s1gMTMZcIaXbyOhUnG2HcNa
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:36 2025 by rpki-client