Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/EWkB3s9VEP85oZdkdAm6c0_OBGs.roa
File: EWkB3s9VEP85oZdkdAm6c0_OBGs.roa (raw, json)
Hash identifier: WOgmUAtl+rlTiiAfHIK1xKyXa7XpsjKeSqXQ8zjCPJg=
Subject key identifier: 11:69:01:DE:CF:55:10:FF:39:A1:97:64:74:09:BA:73:4F:CE:04:6B
Certificate issuer: /CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Certificate serial: 018CC94ABE3558C7FE28A8F733EDA85AD041
Authority key identifier: 43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/EWkB3s9VEP85oZdkdAm6c0_OBGs.roa
Signing time: Tue 02 Jan 2024 08:29:27 +0000
ROA not before: Tue 02 Jan 2024 08:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41327
IP address blocks: 5.183.110.0/24 maxlen: 24
185.198.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 12:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:be:35:58:c7:fe:28:a8:f7:33:ed:a8:5a:d0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Validity
Not Before: Jan 2 08:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=116901decf5510ff39a197647409ba734fce046b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1f:e2:7f:4a:13:29:17:a4:60:53:12:94:d9:
6d:5b:f0:0f:8b:d8:a6:cc:68:c7:ec:ff:25:4f:98:
fc:02:ac:22:41:88:8d:d9:80:a3:f9:d3:16:30:e8:
55:b9:53:4d:73:f6:7b:8e:78:28:a4:8b:55:f8:a7:
27:ab:52:91:0d:e6:ca:2f:8b:dc:68:98:98:f2:a1:
ea:72:02:fa:24:00:85:a2:81:76:43:6a:6c:ad:86:
11:64:0d:f7:4d:66:85:90:9f:ab:41:5d:63:64:71:
88:21:16:73:22:8c:ac:7a:5d:ec:f0:d2:d9:ec:4f:
49:ee:08:8d:9f:42:86:c9:11:45:59:01:15:8f:59:
5a:31:24:eb:23:2f:67:9c:96:68:3f:76:70:ac:6d:
41:47:6d:28:7b:b3:d0:d9:af:3f:b0:77:f6:af:99:
34:96:46:e4:99:4d:56:5c:c5:76:be:78:b8:3f:68:
f8:81:b8:d1:30:dc:3e:dc:bd:2d:46:0c:8f:1a:f7:
1e:ad:1d:9f:af:fd:c7:2a:23:54:ca:58:69:2f:2a:
39:ae:96:0b:e8:a4:0b:e9:50:d2:93:33:56:e8:25:
7a:fa:d5:43:0e:7d:65:1f:77:e2:56:56:ab:86:27:
47:ea:81:85:2e:d9:da:4f:cc:15:59:8d:24:b7:0d:
d2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:69:01:DE:CF:55:10:FF:39:A1:97:64:74:09:BA:73:4F:CE:04:6B
X509v3 Authority Key Identifier:
keyid:43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/EWkB3s9VEP85oZdkdAm6c0_OBGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/Q4T2-m3sztVXioWlHgvWVwHqNOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.110.0/24
185.198.210.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:38:cf:4d:fa:11:19:b3:bb:c4:fa:3c:8b:ad:7c:ed:23:39:
a8:09:5e:99:4c:66:7b:45:02:38:ce:49:4d:eb:43:89:23:30:
5d:37:dc:62:b5:e6:f2:90:9b:ad:d9:cf:2f:7d:b2:76:d2:7f:
83:65:67:a7:eb:7a:4b:8c:79:4a:c2:f4:92:12:4a:c1:e9:71:
c6:56:5c:13:0b:2b:40:ea:a9:45:2e:9c:35:0f:75:04:e0:59:
2d:71:f7:ca:d0:b4:65:34:ba:0c:56:af:67:08:c3:4d:ef:7c:
37:ce:0d:a2:b0:f4:c3:75:4a:d3:a1:cb:e5:23:1f:02:a2:41:
ad:f8:96:6b:b2:80:7b:ab:ff:86:c7:67:d0:6c:91:8f:85:ed:
1f:2c:e6:f4:29:cf:3f:f7:44:6b:5b:2c:40:9d:ce:9d:09:e3:
11:f1:2c:a8:df:5f:32:96:fd:9e:29:14:3c:0c:ff:0f:e3:eb:
d8:5f:90:7f:f5:85:88:a3:e4:e3:57:82:db:c8:aa:12:b4:8e:
86:d3:05:f6:50:23:b2:04:31:07:59:c3:c0:74:4b:63:af:8a:
00:be:e7:8e:c0:cd:96:0e:d9:08:0c:d5:6a:5c:9b:d9:52:71:
a1:72:98:35:b2:be:c5:ad:08:36:c1:34:39:35:dd:4d:8e:7a:
67:40:09:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJSr41WMf+KKj3M+2oWtBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzODRmNmZhNmRlY2NlZDU1NzhhODVhNTFlMGJkNjU3MDFl
YTM0ZWMwHhcNMjQwMTAyMDgyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY5MDFkZWNmNTUxMGZmMzlhMTk3NjQ3NDA5YmE3MzRmY2UwNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB/if0oTKRekYFMSlNltW/APi9im
zGjH7P8lT5j8AqwiQYiN2YCj+dMWMOhVuVNNc/Z7jngopItV+Kcnq1KRDebKL4vc
aJiY8qHqcgL6JACFooF2Q2psrYYRZA33TWaFkJ+rQV1jZHGIIRZzIoysel3s8NLZ
7E9J7giNn0KGyRFFWQEVj1laMSTrIy9nnJZoP3ZwrG1BR20oe7PQ2a8/sHf2r5k0
lkbkmU1WXMV2vni4P2j4gbjRMNw+3L0tRgyPGvcerR2fr/3HKiNUylhpLyo5rpYL
6KQL6VDSkzNW6CV6+tVDDn1lH3fiVlarhidH6oGFLtnaT8wVWY0ktw3SzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBFpAd7PVRD/OaGXZHQJunNPzgRrMB8GA1UdIwQY
MBaAFEOE9vpt7M7VV4qFpR4L1lcB6jTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMt
MWIxM2JkNDU2NmE1LzEvRVdrQjNzOVZFUDg1b1pka2RBbTZjMF9PQkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMtMWIxM2JkNDU2NmE1
LzEvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbduAwQB
ucbSMA0GCSqGSIb3DQEBCwUAA4IBAQA+OM9N+hEZs7vE+jyLrXztIzmoCV6ZTGZ7
RQI4zklN60OJIzBdN9xitebykJut2c8vfbJ20n+DZWen63pLjHlKwvSSEkrB6XHG
VlwTCytA6qlFLpw1D3UE4FktcffK0LRlNLoMVq9nCMNN73w3zg2isPTDdUrTocvl
Ix8CokGt+JZrsoB7q/+Gx2fQbJGPhe0fLOb0Kc8/90RrWyxAnc6dCeMR8Syo318y
lv2eKRQ8DP8P4+vYX5B/9YWIo+TjV4LbyKoStI6G0wX2UCOyBDEHWcPAdEtjr4oA
vueOwM2WDtkIDNVqXJvZUnGhcpg1sr7FrQg2wTQ5Nd1NjnpnQAng
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:35:13 2025 by rpki-client