Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/e6TuiSL7JhObXsq3z3tQHZsYZTc.roa
File: e6TuiSL7JhObXsq3z3tQHZsYZTc.roa (raw, json)
Hash identifier: mEOpHjtrN4MUP50b066uo1tm1EvgSudFmu/oK01JASo=
Subject key identifier: 7B:A4:EE:89:22:FB:26:13:9B:5E:CA:B7:CF:7B:50:1D:9B:18:65:37
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 01942444F91C308D2CFB83E607584488474C
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/e6TuiSL7JhObXsq3z3tQHZsYZTc.roa
Signing time: Wed 01 Jan 2025 23:48:07 +0000
ROA not before: Wed 01 Jan 2025 23:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205516
IP address blocks: 5.35.80.0/24 maxlen: 24
5.35.81.0/24 maxlen: 24
83.222.22.0/23 maxlen: 24
89.169.36.0/23 maxlen: 24
90.156.252.0/23 maxlen: 24
91.218.140.0/24 maxlen: 24
91.218.141.0/24 maxlen: 24
178.236.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 08:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:f9:1c:30:8d:2c:fb:83:e6:07:58:44:88:47:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Jan 1 23:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ba4ee8922fb26139b5ecab7cf7b501d9b186537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:20:3d:52:12:db:b8:1a:6d:fc:19:8e:71:f9:
43:7f:cf:4e:64:c8:8d:16:1c:b2:e9:50:b6:2a:a3:
f2:7b:de:82:1b:87:a6:5c:e1:e8:5b:f6:cb:16:3b:
a5:8a:cf:5f:52:e1:ea:2a:f6:94:80:b0:0b:a2:36:
c0:a3:8a:3a:4e:d2:13:1d:4e:e5:16:f2:17:e7:d4:
33:49:10:91:52:b6:4a:be:7b:24:89:6d:f2:bc:ab:
b2:c9:8e:3c:4f:a4:4b:f0:56:b9:75:ae:9a:95:9b:
5f:23:be:ed:04:81:8b:36:e6:f7:e9:69:59:8f:45:
6a:93:c5:a2:37:56:f3:26:7a:3c:ca:46:1c:eb:db:
74:95:a7:95:bb:67:32:e2:1b:b0:df:45:1a:f1:1d:
ca:68:a2:cc:5d:19:bd:64:0a:72:9b:6e:3e:aa:b1:
03:fe:94:ee:bc:3e:9e:2d:d2:4e:a5:f2:aa:57:4d:
4d:2f:1e:46:c8:db:29:bb:a6:ab:d0:79:11:15:44:
f4:59:41:53:63:23:ca:d6:68:12:be:56:68:5c:75:
fa:40:90:f1:b9:3e:83:0a:72:91:f5:2e:d6:83:cf:
4f:e0:a4:a2:f9:7e:6d:cd:5e:4c:7e:49:42:46:45:
09:f2:d9:26:07:df:32:02:87:74:ec:f4:b2:0e:ff:
b4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A4:EE:89:22:FB:26:13:9B:5E:CA:B7:CF:7B:50:1D:9B:18:65:37
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/e6TuiSL7JhObXsq3z3tQHZsYZTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.80.0/23
83.222.22.0/23
89.169.36.0/23
90.156.252.0/23
91.218.140.0/23
178.236.17.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f9:9e:1a:30:45:5e:d9:e5:57:f2:ee:31:36:eb:ea:31:8c:
99:1e:b5:65:63:f4:3b:c0:b9:f0:3f:ae:b6:d3:f4:f7:e4:09:
48:51:f3:b4:f5:f1:a3:51:68:f0:b0:29:12:91:51:19:18:85:
3e:c4:69:d1:04:34:87:54:64:aa:52:e0:b4:1f:7a:51:50:e9:
bf:cf:78:57:f1:26:73:02:10:da:78:0c:d0:eb:20:40:0c:ac:
06:67:0d:ac:25:c7:8e:ac:ed:5e:be:e6:fd:a9:0b:45:a1:77:
04:65:e2:24:dd:f8:72:15:91:f2:d1:c3:b4:6d:1b:1d:af:35:
7a:f3:73:e9:9d:06:c4:fd:3f:ee:a7:ab:bf:1c:7a:64:5e:f4:
46:cf:00:32:fc:da:bc:89:51:1d:f3:ea:d3:2c:fb:b3:d9:65:
53:c3:e5:9c:68:4d:ee:1a:c7:65:2e:a5:2f:41:0e:89:c5:55:
f4:94:f1:8c:d1:a5:a4:93:32:1b:f2:4b:bd:44:92:96:70:fd:
94:63:12:c4:cb:03:04:14:6b:65:3d:7d:9b:5c:d1:2b:ec:5d:
f2:5e:18:d0:cd:5b:77:b1:d9:5a:33:32:e0:bd:17:da:50:9d:
b1:42:e7:82:20:fd:c9:4f:46:b9:8f:ee:88:d2:a4:1c:01:37:
3c:78:25:8b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQkRPkcMI0s+4PmB1hEiEdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjUwMTAxMjM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmE0ZWU4OTIyZmIyNjEzOWI1ZWNhYjdjZjdiNTAxZDliMTg2NTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiA9UhLbuBpt/BmOcflDf89OZMiN
Fhyy6VC2KqPye96CG4emXOHoW/bLFjulis9fUuHqKvaUgLALojbAo4o6TtITHU7l
FvIX59QzSRCRUrZKvnskiW3yvKuyyY48T6RL8Fa5da6alZtfI77tBIGLNub36WlZ
j0Vqk8WiN1bzJno8ykYc69t0laeVu2cy4huw30Ua8R3KaKLMXRm9ZApym24+qrED
/pTuvD6eLdJOpfKqV01NLx5GyNspu6ar0HkRFUT0WUFTYyPK1mgSvlZoXHX6QJDx
uT6DCnKR9S7Wg89P4KSi+X5tzV5MfklCRkUJ8tkmB98yAod07PSyDv+00QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHuk7oki+yYTm17Kt897UB2bGGU3MB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvZTZUdWlTTDdKaE9iWHNxM3ozdFFIWnNZWlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBSNQAwQB
U94WAwQBWakkAwQBWpz8AwQBW9qMAwQAsuwRMA0GCSqGSIb3DQEBCwUAA4IBAQCO
+Z4aMEVe2eVX8u4xNuvqMYyZHrVlY/Q7wLnwP6620/T35AlIUfO09fGjUWjwsCkS
kVEZGIU+xGnRBDSHVGSqUuC0H3pRUOm/z3hX8SZzAhDaeAzQ6yBADKwGZw2sJceO
rO1evub9qQtFoXcEZeIk3fhyFZHy0cO0bRsdrzV683PpnQbE/T/up6u/HHpkXvRG
zwAy/Nq8iVEd8+rTLPuz2WVTw+WcaE3uGsdlLqUvQQ6JxVX0lPGM0aWkkzIb8ku9
RJKWcP2UYxLEywMEFGtlPX2bXNEr7F3yXhjQzVt3sdlaMzLgvRfaUJ2xQueCIP3J
T0a5j+6I0qQcATc8eCWL
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:41:23 2025 by rpki-client