Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/e4krk-JTjvIK8I42ntaYoxjL6Es.roa
File: e4krk-JTjvIK8I42ntaYoxjL6Es.roa (raw, json)
Hash identifier: pgkrKFT/WQXhX9JTfljAgFRIhK+O3FMESIuw3dJZC5s=
Subject key identifier: 7B:89:2B:93:E2:53:8E:F2:0A:F0:8E:36:9E:D6:98:A3:18:CB:E8:4B
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01926CCD63B60BD2B69F73548EC4ABFD194F
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/e4krk-JTjvIK8I42ntaYoxjL6Es.roa
Signing time: Tue 08 Oct 2024 15:44:12 +0000
ROA not before: Tue 08 Oct 2024 15:44:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.13.179.0/24 maxlen: 24
95.214.38.0/24 maxlen: 24
95.214.39.0/24 maxlen: 24
212.87.201.0/24 maxlen: 24
212.87.202.0/24 maxlen: 24
212.87.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 14:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:cd:63:b6:0b:d2:b6:9f:73:54:8e:c4:ab:fd:19:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Oct 8 15:44:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b892b93e2538ef20af08e369ed698a318cbe84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:91:7a:b1:ad:1b:a3:85:f9:4a:e7:c5:32:a5:
27:cd:e5:f3:8a:af:5e:1c:0b:8d:36:e2:d4:da:9b:
46:5d:6b:6d:09:f4:7f:05:dd:b3:2d:f1:c8:7e:d7:
1a:40:ee:51:e2:2a:7d:b3:5f:56:c2:c8:fb:0c:bc:
a3:54:77:81:23:bc:fe:f1:8b:51:6c:44:c8:0c:c1:
53:d4:b7:68:53:39:cb:48:dd:00:d6:87:c1:ea:5c:
a3:4f:a0:45:19:36:b0:56:38:4c:00:d5:65:d5:11:
4b:cc:96:02:75:0a:61:63:59:2e:24:ae:08:a6:64:
4f:30:a7:65:66:c9:3e:7d:c2:9c:25:32:66:31:b1:
c9:2c:ef:bb:ec:1c:56:db:35:53:d1:ab:78:c8:a5:
f9:54:6b:bf:4d:fa:68:3e:f5:d9:b3:79:82:6e:00:
37:26:14:f5:46:05:d7:36:d2:c0:d7:e0:8e:d1:77:
97:d8:fa:56:fa:6c:ac:a6:88:f6:5b:f5:e5:e8:60:
6e:25:33:15:41:a0:fe:cc:e5:0c:1b:93:46:ab:cd:
97:d0:81:17:a3:0f:1f:82:fe:c0:20:a2:8c:5a:bd:
76:f8:90:27:44:57:92:ea:69:ad:90:77:36:c4:b2:
d1:4f:dd:b6:8f:d7:ae:61:96:34:11:44:03:e7:13:
47:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:89:2B:93:E2:53:8E:F2:0A:F0:8E:36:9E:D6:98:A3:18:CB:E8:4B
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/e4krk-JTjvIK8I42ntaYoxjL6Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.179.0/24
95.214.38.0/23
212.87.201.0-212.87.203.255
Signature Algorithm: sha256WithRSAEncryption
3b:e2:5b:6b:a4:dc:43:af:61:42:65:c9:28:54:58:d0:29:84:
ca:57:ff:90:3b:ed:c8:99:5f:1d:75:4f:bb:5f:2f:b8:29:31:
20:5c:da:f8:a3:97:68:11:c1:e0:55:30:b5:68:94:61:7e:69:
e5:f9:ea:c4:dc:eb:38:01:6a:e6:fe:85:83:cf:97:8b:9b:c1:
3e:de:20:50:6a:9a:51:69:9e:ad:ef:fe:4d:18:98:3d:6a:6f:
76:56:99:ee:7d:2c:96:3a:b8:da:68:e0:4e:03:86:cd:ee:68:
5e:e9:67:30:aa:bb:a5:7a:0e:e3:69:92:b6:a9:9a:38:2c:93:
3e:5f:0f:68:b9:1c:e8:ac:62:f1:53:e6:47:b9:30:7c:84:35:
d9:f1:ba:b1:65:82:b7:38:fb:4a:78:6e:b6:01:98:7e:b2:06:
ce:8c:80:4d:a7:2b:e8:e6:dc:e0:69:82:ae:51:69:5f:de:c3:
e1:69:34:c0:ed:dc:f9:b4:d9:31:2e:51:13:78:31:ea:6e:89:
3c:e6:df:cb:24:4d:9b:13:8a:96:31:5f:14:a4:d9:77:1b:e6:
15:b1:96:0b:7d:1f:3b:cd:97:d4:fe:b8:70:da:42:ce:e6:7e:
9f:80:38:66:76:5e:a5:f6:db:30:06:84:fc:00:8e:80:ea:ef:
ac:5b:c5:1e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZJszWO2C9K2n3NUjsSr/RlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQxMDA4MTU0NDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjg5MmI5M2UyNTM4ZWYyMGFmMDhlMzY5ZWQ2OThhMzE4Y2JlODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpF6sa0bo4X5SufFMqUnzeXziq9e
HAuNNuLU2ptGXWttCfR/Bd2zLfHIftcaQO5R4ip9s19Wwsj7DLyjVHeBI7z+8YtR
bETIDMFT1LdoUznLSN0A1ofB6lyjT6BFGTawVjhMANVl1RFLzJYCdQphY1kuJK4I
pmRPMKdlZsk+fcKcJTJmMbHJLO+77BxW2zVT0at4yKX5VGu/TfpoPvXZs3mCbgA3
JhT1RgXXNtLA1+CO0XeX2PpW+myspoj2W/Xl6GBuJTMVQaD+zOUMG5NGq82X0IEX
ow8fgv7AIKKMWr12+JAnRFeS6mmtkHc2xLLRT922j9euYZY0EUQD5xNHjwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHuJK5PiU47yCvCONp7WmKMYy+hLMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvZTRrcmstSlRqdklLOEk0Mm50YVlveGpMNkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALQ2zAwQB
X9YmMAwDBADUV8kDBALUV8gwDQYJKoZIhvcNAQELBQADggEBADviW2uk3EOvYUJl
yShUWNAphMpX/5A77ciZXx11T7tfL7gpMSBc2vijl2gRweBVMLVolGF+aeX56sTc
6zgBaub+hYPPl4ubwT7eIFBqmlFpnq3v/k0YmD1qb3ZWme59LJY6uNpo4E4Dhs3u
aF7pZzCqu6V6DuNpkrapmjgskz5fD2i5HOisYvFT5ke5MHyENdnxurFlgrc4+0p4
brYBmH6yBs6MgE2nK+jm3OBpgq5RaV/ew+FpNMDt3Pm02TEuURN4MepuiTzm38sk
TZsTipYxXxSk2Xcb5hWxlgt9HzvNl9T+uHDaQs7mfp+AOGZ2XqX22zAGhPwAjoDq
76xbxR4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:13 2025 by rpki-client