Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/EHpvnjfQiDyfGdckEYfptrkMFI0.roa
File: EHpvnjfQiDyfGdckEYfptrkMFI0.roa (raw, json)
Hash identifier: +XiX9fcGBfceIjYznREQjmRJNJd+uzvLdskDOj5FYP0=
Subject key identifier: 10:7A:6F:9E:37:D0:88:3C:9F:19:D7:24:11:87:E9:B6:B9:0C:14:8D
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018CC5DD1477F6A38043E5D3F1A0B33B603E
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/EHpvnjfQiDyfGdckEYfptrkMFI0.roa
Signing time: Mon 01 Jan 2024 16:30:49 +0000
ROA not before: Mon 01 Jan 2024 16:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51102
IP address blocks: 45.86.242.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:14:77:f6:a3:80:43:e5:d3:f1:a0:b3:3b:60:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 16:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=107a6f9e37d0883c9f19d7241187e9b6b90c148d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e7:b7:dc:8d:62:31:b3:ea:5a:69:72:e2:6b:
80:2d:da:7d:6b:97:fa:8d:78:9b:d1:b5:0a:48:08:
8a:0f:54:3c:11:74:2a:fb:5f:93:a2:fb:b2:cc:93:
88:d6:8b:2e:5d:49:c2:17:89:8c:e8:4d:6a:1e:ac:
94:5e:3c:c9:bf:32:91:19:d6:8e:18:7f:0e:94:c2:
e4:1e:c2:5a:56:e6:c7:97:9b:ef:e8:65:5d:e1:63:
52:29:e7:c7:78:8e:88:c1:54:17:15:42:3a:c6:d2:
8d:9f:17:d1:11:b9:12:2a:1a:65:db:3b:32:7c:a9:
ad:99:8b:4f:77:c4:3c:5a:d8:6f:25:7c:ab:f6:34:
9a:22:fd:e4:99:c6:28:a8:f2:c5:0a:5d:f9:c6:8e:
84:f4:d8:bc:b6:39:80:a2:a9:a2:b8:75:68:77:bc:
de:84:65:c9:a6:32:bc:92:c3:0f:1b:96:5a:c2:62:
08:04:97:82:2b:d6:61:5d:1d:60:5d:8b:f0:15:b6:
f1:04:2f:18:fe:34:ef:7b:d4:50:5c:96:f5:69:2e:
ad:1f:c0:8a:f9:b7:a7:dc:77:14:35:c2:64:27:fc:
96:46:1d:04:2b:44:a7:61:b5:5c:7b:8f:bc:67:cb:
b2:cc:20:56:2d:30:3f:c6:07:40:c2:c6:31:8e:72:
c0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7A:6F:9E:37:D0:88:3C:9F:19:D7:24:11:87:E9:B6:B9:0C:14:8D
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/EHpvnjfQiDyfGdckEYfptrkMFI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.242.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:a8:1b:77:df:06:cf:97:62:3f:6a:59:85:54:35:de:ff:06:
83:29:c7:bd:47:a6:b6:17:e9:84:b6:30:12:d3:cb:8b:94:a9:
84:22:50:bb:2e:f2:dc:2c:42:9d:5f:fe:3f:ea:f8:aa:07:8c:
53:60:d2:d1:32:0d:e8:8d:09:0a:57:44:49:fe:ae:97:7d:1b:
91:c0:a7:87:d8:86:01:83:a1:de:bf:aa:69:5a:3a:e3:7c:be:
b2:ad:31:63:05:55:09:c3:0f:64:fe:e8:9b:ff:42:2e:ce:30:
2e:63:bc:1c:c3:cd:8f:08:50:b0:5a:1a:e6:ad:02:b2:29:e8:
6a:eb:8d:8b:69:67:0c:3a:ea:39:28:b7:75:84:bf:13:93:d5:
fd:56:8c:f4:76:89:52:65:a6:7b:58:bc:d0:a0:66:9c:e1:81:
f4:2b:08:bb:50:66:a1:d4:4d:e7:92:b9:39:c5:cd:9e:df:35:
a5:be:20:5b:fa:7f:29:cd:a3:9e:0c:63:04:e3:ae:45:f0:de:
bb:93:f2:4f:11:32:b3:be:36:2d:b1:d3:01:49:05:01:ee:d1:
fd:03:a5:03:44:0b:e1:88:41:e2:06:fa:40:c1:f8:3c:e4:8e:
d4:df:43:a8:33:cc:61:67:be:97:56:26:0b:5b:b2:f7:5c:e3:
91:6b:5d:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3RR39qOAQ+XT8aCzO2A+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwMTAxMTYzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdhNmY5ZTM3ZDA4ODNjOWYxOWQ3MjQxMTg3ZTliNmI5MGMxNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOe33I1iMbPqWmly4muALdp9a5f6
jXib0bUKSAiKD1Q8EXQq+1+TovuyzJOI1osuXUnCF4mM6E1qHqyUXjzJvzKRGdaO
GH8OlMLkHsJaVubHl5vv6GVd4WNSKefHeI6IwVQXFUI6xtKNnxfREbkSKhpl2zsy
fKmtmYtPd8Q8WthvJXyr9jSaIv3kmcYoqPLFCl35xo6E9Ni8tjmAoqmiuHVod7ze
hGXJpjK8ksMPG5ZawmIIBJeCK9ZhXR1gXYvwFbbxBC8Y/jTve9RQXJb1aS6tH8CK
+ben3HcUNcJkJ/yWRh0EK0SnYbVce4+8Z8uyzCBWLTA/xgdAwsYxjnLAkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBB6b5430Ig8nxnXJBGH6ba5DBSNMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvRUhwdm5qZlFpRHlmR2Rja0VZZnB0cmtNRkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVbyMA0G
CSqGSIb3DQEBCwUAA4IBAQCuqBt33wbPl2I/almFVDXe/waDKce9R6a2F+mEtjAS
08uLlKmEIlC7LvLcLEKdX/4/6viqB4xTYNLRMg3ojQkKV0RJ/q6XfRuRwKeH2IYB
g6Hev6ppWjrjfL6yrTFjBVUJww9k/uib/0IuzjAuY7wcw82PCFCwWhrmrQKyKehq
642LaWcMOuo5KLd1hL8Tk9X9Voz0dolSZaZ7WLzQoGac4YH0Kwi7UGah1E3nkrk5
xc2e3zWlviBb+n8pzaOeDGME465F8N67k/JPETKzvjYtsdMBSQUB7tH9A6UDRAvh
iEHiBvpAwfg85I7U30OoM8xhZ76XViYLW7L3XOORa133
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:16:12 2025 by rpki-client