Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/EpNjqZ-6RxN5Nju_to1-pnLxKj4.roa
File: EpNjqZ-6RxN5Nju_to1-pnLxKj4.roa (raw, json)
Hash identifier: SWsJXy3j/S+zIT56myYNH3cCOogi0mKiXYKvTvCuBQs=
Subject key identifier: 12:93:63:A9:9F:BA:47:13:79:36:3B:BF:B6:8D:7E:A6:72:F1:2A:3E
Certificate issuer: /CN=877aad307ad330ebb8cf44ec21389a170436fd53
Certificate serial: 018CC56EF8D816064932FAE9BAC6315CA92D
Authority key identifier: 87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/EpNjqZ-6RxN5Nju_to1-pnLxKj4.roa
Signing time: Mon 01 Jan 2024 14:30:33 +0000
ROA not before: Mon 01 Jan 2024 14:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199272
IP address blocks: 185.14.25.0/24 maxlen: 24
185.14.27.0/24 maxlen: 24
185.14.26.0/24 maxlen: 24
185.14.24.0/22 maxlen: 22
185.14.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f8:d8:16:06:49:32:fa:e9:ba:c6:31:5c:a9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877aad307ad330ebb8cf44ec21389a170436fd53
Validity
Not Before: Jan 1 14:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=129363a99fba471379363bbfb68d7ea672f12a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2a:07:ab:45:66:8e:1c:0e:65:14:81:2a:d7:
99:2b:9d:d0:84:c8:3d:42:15:91:02:94:82:6b:0a:
17:df:5d:e5:82:91:4c:eb:56:d2:15:43:0b:3d:81:
15:c0:ac:d3:43:e7:16:43:14:05:97:07:ed:ed:1e:
84:00:8f:9b:6c:7f:89:91:df:f3:49:e6:06:0d:8b:
64:95:4c:47:e9:71:ef:80:00:88:95:cb:a8:b0:1c:
9b:4e:9f:a6:a6:9c:e0:28:b9:34:53:f8:fa:b7:17:
93:f7:b6:07:d2:6e:4c:e5:27:eb:6b:f0:cf:72:84:
52:ce:bf:97:66:3d:c7:20:b4:dc:6d:c4:16:09:5d:
7c:2d:4e:d6:da:48:be:2f:25:bd:36:27:90:48:67:
3e:52:69:49:d6:8d:f6:3a:86:59:5f:9a:f8:c5:d4:
06:32:f9:4f:ef:7e:58:a6:79:91:cf:e9:97:42:4c:
01:0b:80:f6:c6:55:b2:e4:10:52:f6:3e:81:f6:37:
42:e1:eb:b6:fa:b6:b9:3d:e5:ec:cf:12:e8:d1:88:
5c:bd:a8:d0:81:0a:96:b9:a2:63:3d:5f:95:62:e3:
88:1f:86:b9:b7:42:45:0d:2d:63:b3:8b:2b:fb:a1:
e4:0a:4f:f9:af:55:64:71:3e:10:e0:d2:13:ce:fc:
ed:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:93:63:A9:9F:BA:47:13:79:36:3B:BF:B6:8D:7E:A6:72:F1:2A:3E
X509v3 Authority Key Identifier:
keyid:87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/EpNjqZ-6RxN5Nju_to1-pnLxKj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.24.0/22
Signature Algorithm: sha256WithRSAEncryption
10:93:30:ba:a9:5b:4a:ea:83:90:25:10:a4:7f:4d:50:79:7a:
61:57:2d:ca:65:66:74:6a:8f:e3:20:c2:fe:c4:5b:0b:0c:02:
eb:99:c6:bb:51:ae:56:69:75:e3:8f:b2:6e:7d:b4:82:b1:eb:
11:ca:6b:96:13:7e:50:93:c3:0e:7c:2a:6d:8b:bc:9b:26:c0:
b8:0b:ab:74:a0:c1:d5:27:05:43:95:7b:a2:05:b8:51:81:8a:
bc:de:12:2f:72:bb:47:b1:a8:20:d8:fc:4b:a7:f7:43:87:24:
cc:8a:24:2a:e1:04:55:9d:7f:08:b1:80:45:c6:43:05:c9:fd:
37:ed:d0:7f:20:5c:19:20:52:88:dc:24:e5:47:bd:48:20:39:
75:0f:24:e8:75:6a:d6:7e:9b:f3:00:99:16:04:25:82:23:23:
6b:db:f3:30:11:e5:d3:73:ab:6e:c1:4c:39:45:94:f1:bc:da:
6f:bd:15:9d:01:9e:c2:b6:0c:75:de:9a:70:aa:1f:1c:12:32:
33:28:08:56:68:cd:43:a9:6f:56:bb:73:68:d3:2f:b6:81:05:
c6:50:39:fd:a6:2d:a4:48:cf:2e:4c:01:ea:62:56:d4:47:3f:
d5:d9:82:91:3f:cd:01:b2:fa:ec:6d:19:31:69:17:c0:ac:d1:
26:87:b7:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbvjYFgZJMvrpusYxXKktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2FhZDMwN2FkMzMwZWJiOGNmNDRlYzIxMzg5YTE3MDQz
NmZkNTMwHhcNMjQwMTAxMTQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjkzNjNhOTlmYmE0NzEzNzkzNjNiYmZiNjhkN2VhNjcyZjEyYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCoHq0VmjhwOZRSBKteZK53QhMg9
QhWRApSCawoX313lgpFM61bSFUMLPYEVwKzTQ+cWQxQFlwft7R6EAI+bbH+Jkd/z
SeYGDYtklUxH6XHvgACIlcuosBybTp+mppzgKLk0U/j6txeT97YH0m5M5Sfra/DP
coRSzr+XZj3HILTcbcQWCV18LU7W2ki+LyW9NieQSGc+UmlJ1o32OoZZX5r4xdQG
MvlP735YpnmRz+mXQkwBC4D2xlWy5BBS9j6B9jdC4eu2+ra5PeXszxLo0YhcvajQ
gQqWuaJjPV+VYuOIH4a5t0JFDS1js4sr+6HkCk/5r1VkcT4Q4NITzvztAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBKTY6mfukcTeTY7v7aNfqZy8So+MB8GA1UdIwQY
MBaAFId6rTB60zDruM9E7CE4mhcENv1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUt
NTA4MDk5YzEzM2JiLzEvRXBOanFaLTZSeE41Tmp1X3RvMS1wbkx4S2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUtNTA4MDk5YzEzM2Ji
LzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ4YMA0G
CSqGSIb3DQEBCwUAA4IBAQAQkzC6qVtK6oOQJRCkf01QeXphVy3KZWZ0ao/jIML+
xFsLDALrmca7Ua5WaXXjj7JufbSCsesRymuWE35Qk8MOfCpti7ybJsC4C6t0oMHV
JwVDlXuiBbhRgYq83hIvcrtHsagg2PxLp/dDhyTMiiQq4QRVnX8IsYBFxkMFyf03
7dB/IFwZIFKI3CTlR71IIDl1DyTodWrWfpvzAJkWBCWCIyNr2/MwEeXTc6tuwUw5
RZTxvNpvvRWdAZ7Ctgx13ppwqh8cEjIzKAhWaM1DqW9Wu3No0y+2gQXGUDn9pi2k
SM8uTAHqYlbURz/V2YKRP80BsvrsbRkxaRfArNEmh7eI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:53 2025 by rpki-client