Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/EXusHSGDocvJGZbuyyvPTW9bMeA.roa
File: EXusHSGDocvJGZbuyyvPTW9bMeA.roa (raw, json)
Hash identifier: qSBzx//jNV/mOG0QyWgrv+A3JGhkzKNaQtG3ectW64c=
Subject key identifier: 11:7B:AC:1D:21:83:A1:CB:C9:19:96:EE:CB:2B:CF:4D:6F:5B:31:E0
Certificate issuer: /CN=a5d08b3150ad34de2b88592174192408396f11fb
Certificate serial: 018CC801B55A44ADFD9EC11DDFC4574F561C
Authority key identifier: A5:D0:8B:31:50:AD:34:DE:2B:88:59:21:74:19:24:08:39:6F:11:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pdCLMVCtNN4riFkhdBkkCDlvEfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/EXusHSGDocvJGZbuyyvPTW9bMeA.roa
Signing time: Tue 02 Jan 2024 02:30:04 +0000
ROA not before: Tue 02 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12414
IP address blocks: 83.247.0.0/17 maxlen: 24
212.84.128.0/19 maxlen: 24
81.24.96.0/20 maxlen: 24
87.195.0.0/16 maxlen: 24
212.45.32.0/19 maxlen: 24
213.233.192.0/18 maxlen: 24
213.134.224.0/19 maxlen: 24
185.83.32.0/22 maxlen: 24
2001:9e0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b5:5a:44:ad:fd:9e:c1:1d:df:c4:57:4f:56:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5d08b3150ad34de2b88592174192408396f11fb
Validity
Not Before: Jan 2 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=117bac1d2183a1cbc91996eecb2bcf4d6f5b31e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e0:70:d8:e7:61:93:c5:93:77:4a:7f:14:a4:
fe:a0:62:81:37:0e:d7:6a:00:29:b0:2a:75:0b:82:
fe:37:e9:b2:0b:ff:45:c5:a6:07:a1:fd:80:51:1e:
a7:2e:82:1c:49:e1:63:7c:6a:72:78:f7:14:f5:e6:
4f:1d:aa:49:69:cf:38:10:cb:12:aa:b3:c9:9d:40:
a7:6f:d8:66:c7:b4:bb:5c:98:7a:6a:32:f4:7a:94:
cd:79:68:e3:e6:3d:0c:54:c8:49:62:03:d2:26:9f:
c3:54:45:64:c6:de:a1:23:20:30:0b:36:a8:e3:e9:
47:83:c1:68:62:57:d6:83:f6:06:72:3f:32:fd:b3:
95:81:96:cc:da:81:55:82:f0:d8:3e:5e:81:c1:d8:
22:04:f1:92:d4:2f:87:fb:96:07:40:ae:b6:c7:0a:
69:7e:32:70:3f:b9:ce:d8:c9:fe:9e:50:d5:0a:03:
cf:63:9e:03:d7:aa:d6:db:ab:55:2f:ea:8a:00:e3:
a8:aa:b3:07:b1:6a:2f:3c:4d:f0:a5:cb:50:09:15:
9b:3d:44:60:e6:e0:b4:86:88:30:62:4d:22:cd:a1:
98:b8:6d:56:a1:1a:90:bb:c3:a2:9f:31:68:df:50:
e8:1c:bc:3f:77:33:af:d3:91:8b:6c:a9:dd:4a:dc:
23:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7B:AC:1D:21:83:A1:CB:C9:19:96:EE:CB:2B:CF:4D:6F:5B:31:E0
X509v3 Authority Key Identifier:
keyid:A5:D0:8B:31:50:AD:34:DE:2B:88:59:21:74:19:24:08:39:6F:11:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pdCLMVCtNN4riFkhdBkkCDlvEfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/EXusHSGDocvJGZbuyyvPTW9bMeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/901839-0ef2-40ec-99b3-43cc5b46d5b2/1/pdCLMVCtNN4riFkhdBkkCDlvEfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.96.0/20
83.247.0.0/17
87.195.0.0/16
185.83.32.0/22
212.45.32.0/19
212.84.128.0/19
213.134.224.0/19
213.233.192.0/18
IPv6:
2001:9e0::/29
Signature Algorithm: sha256WithRSAEncryption
22:26:0a:29:1c:73:f4:88:df:7d:7e:a8:fb:40:57:3b:a6:67:
de:e3:35:b2:38:80:02:1b:52:66:91:92:e7:78:34:56:79:af:
d1:a5:9c:01:2b:64:74:59:42:d3:5a:d0:e7:b0:e8:80:c9:e1:
8e:a6:d6:bf:4a:d9:6f:79:8f:0b:a7:7f:b1:dd:d3:b6:d9:85:
5a:00:a7:e8:f5:1a:57:45:50:1b:f4:23:8b:41:5c:6e:56:91:
54:0b:e0:7d:11:7b:ab:2d:6d:09:e0:e9:e3:52:9f:d4:52:34:
90:28:9b:93:5f:4d:b6:aa:b9:82:52:8e:29:7f:25:5f:71:05:
c1:28:14:3b:93:a3:58:03:10:c7:fd:e7:97:b4:62:e0:97:90:
8e:0a:03:37:62:43:b5:84:ec:2f:4c:10:cd:f2:fb:1f:92:19:
38:60:9a:e2:d7:e8:53:b8:ff:ae:27:f7:d9:67:1d:db:6a:e9:
c9:26:d3:02:07:4f:7b:38:db:cf:d9:c8:c6:1a:f3:3a:f1:42:
ac:bf:fc:df:e4:4c:95:28:a9:3f:cb:72:fa:13:f6:c9:54:6b:
54:d4:60:93:ee:1a:0d:4e:02:cf:90:98:56:41:f6:6e:3b:77:
f9:f5:4d:3a:9b:7f:a4:04:b6:a9:b7:c8:c2:13:2e:93:ad:44:
f1:a0:cc:80
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzIAbVaRK39nsEd38RXT1YcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZDA4YjMxNTBhZDM0ZGUyYjg4NTkyMTc0MTkyNDA4Mzk2
ZjExZmIwHhcNMjQwMTAyMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTdiYWMxZDIxODNhMWNiYzkxOTk2ZWVjYjJiY2Y0ZDZmNWIzMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+Bw2Odhk8WTd0p/FKT+oGKBNw7X
agApsCp1C4L+N+myC/9FxaYHof2AUR6nLoIcSeFjfGpyePcU9eZPHapJac84EMsS
qrPJnUCnb9hmx7S7XJh6ajL0epTNeWjj5j0MVMhJYgPSJp/DVEVkxt6hIyAwCzao
4+lHg8FoYlfWg/YGcj8y/bOVgZbM2oFVgvDYPl6BwdgiBPGS1C+H+5YHQK62xwpp
fjJwP7nO2Mn+nlDVCgPPY54D16rW26tVL+qKAOOoqrMHsWovPE3wpctQCRWbPURg
5uC0hogwYk0izaGYuG1WoRqQu8OinzFo31DoHLw/dzOv05GLbKndStwjowIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBF7rB0hg6HLyRmW7ssrz01vWzHgMB8GA1UdIwQY
MBaAFKXQizFQrTTeK4hZIXQZJAg5bxH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGRDTE1WQ3ROTjRyaUZraGRCa2tDRGx2RWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85MDE4MzktMGVmMi00MGVjLTk5YjMt
NDNjYzViNDZkNWIyLzEvRVh1c0hTR0RvY3ZKR1pidXl5dlBUVzliTWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85MDE4MzktMGVmMi00MGVjLTk5YjMtNDNjYzViNDZkNWIy
LzEvcGRDTE1WQ3ROTjRyaUZraGRCa2tDRGx2RWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQEURhgAwQH
U/cAAwMAV8MDBAK5UyADBAXULSADBAXUVIADBAXVhuADBAbV6cAwDQQCAAIwBwMF
AyABCeAwDQYJKoZIhvcNAQELBQADggEBACImCikcc/SI331+qPtAVzumZ97jNbI4
gAIbUmaRkud4NFZ5r9GlnAErZHRZQtNa0Oew6IDJ4Y6m1r9K2W95jwunf7Hd07bZ
hVoAp+j1GldFUBv0I4tBXG5WkVQL4H0Re6stbQng6eNSn9RSNJAom5NfTbaquYJS
jil/JV9xBcEoFDuTo1gDEMf955e0YuCXkI4KAzdiQ7WE7C9MEM3y+x+SGThgmuLX
6FO4/64n99lnHdtq6ckm0wIHT3s428/ZyMYa8zrxQqy//N/kTJUoqT/LcvoT9slU
a1TUYJPuGg1OAs+QmFZB9m47d/n1TTqbf6QEtqm3yMITLpOtRPGgzIA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:28 2025 by rpki-client