Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/5eoEXQ_3WvXppqlohy50yxtm18E.roa
File: 5eoEXQ_3WvXppqlohy50yxtm18E.roa (raw, json)
Hash identifier: 4DYkWMRXIyXgkKjoucZM0a9GOBE/a9lLrT5AQ/l7zNo=
Subject key identifier: E5:EA:04:5D:0F:F7:5A:F5:E9:A6:A9:68:87:2E:74:CB:1B:66:D7:C1
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 0191B289377BBC62A0FCF90F06B22627190E
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/5eoEXQ_3WvXppqlohy50yxtm18E.roa
Signing time: Mon 02 Sep 2024 11:40:22 +0000
ROA not before: Mon 02 Sep 2024 11:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34568
IP address blocks: 77.87.248.0/21 maxlen: 24
84.246.120.0/21 maxlen: 24
193.138.81.0/24 maxlen: 24
194.116.234.0/23 maxlen: 24
2a01:1f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:89:37:7b:bc:62:a0:fc:f9:0f:06:b2:26:27:19:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Sep 2 11:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5ea045d0ff75af5e9a6a968872e74cb1b66d7c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3b:a9:bc:db:9c:ea:49:30:30:22:a1:1e:b7:
7b:20:82:a4:17:82:be:4d:45:e7:45:f9:28:85:88:
59:6c:b0:9d:af:0a:c1:16:66:ee:f8:04:6d:6e:b1:
37:25:07:f2:9a:2d:5a:e0:95:a2:f4:ee:08:15:50:
ac:09:dc:ac:fc:28:2d:5a:94:76:8c:1e:03:78:25:
e5:0f:89:fb:81:00:1d:b4:53:ea:10:0f:03:87:16:
7a:bf:ea:98:d5:0c:68:67:d2:75:f3:b8:98:d5:e3:
cc:5d:cd:02:4c:15:12:d0:5a:80:b6:62:f3:ec:85:
0f:d2:2b:59:d6:19:38:d2:4c:80:56:48:82:d7:b2:
7c:95:ca:58:63:6d:8f:41:81:9f:b4:60:e7:c5:a8:
95:63:a4:7b:b1:c7:29:f8:4d:d0:5d:46:5b:50:2a:
0e:2f:49:9e:8a:d7:dd:ba:a2:42:2f:21:4b:d2:1d:
d0:77:fd:56:9f:5f:31:bb:34:2a:c9:e5:82:d2:34:
9d:7c:08:71:59:2b:fe:1d:47:c8:cd:cd:71:29:fd:
5a:e2:14:47:f1:80:96:90:e3:cd:0d:a5:27:a0:a0:
af:d9:23:96:b3:c9:d4:8c:57:90:b4:9e:1f:24:95:
e9:fa:50:7d:c9:0c:bb:db:e4:b0:e3:46:c7:70:84:
f7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EA:04:5D:0F:F7:5A:F5:E9:A6:A9:68:87:2E:74:CB:1B:66:D7:C1
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/5eoEXQ_3WvXppqlohy50yxtm18E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.248.0/21
84.246.120.0/21
193.138.81.0/24
194.116.234.0/23
IPv6:
2a01:1f8::/32
Signature Algorithm: sha256WithRSAEncryption
99:c8:37:64:37:c2:b9:5d:a6:02:06:7d:f0:e5:10:d7:95:08:
12:a2:27:bf:8f:d8:b3:67:14:de:9f:93:6d:25:2e:02:83:c8:
c8:b6:99:2c:39:2b:e5:76:b9:04:54:91:5b:0b:6c:f1:1f:98:
28:07:77:25:a1:c3:e1:cc:66:5b:1a:53:65:aa:52:43:97:fd:
b6:cd:aa:22:e1:3f:e6:ab:aa:58:02:61:bd:de:34:d7:6d:d6:
d4:b1:40:0f:c2:aa:51:6b:0f:95:6a:20:30:79:70:13:02:7d:
22:63:ca:fc:39:f2:65:c7:ed:de:a0:06:94:3b:df:d7:0e:47:
b6:22:69:91:67:cf:13:c8:47:27:31:b5:81:91:6c:13:a4:84:
d8:2c:93:16:fd:2d:fe:c2:81:e4:e1:de:58:b7:ae:52:22:04:
e5:36:78:99:33:21:51:8a:b8:9a:fd:24:21:44:ca:f1:b4:27:
63:08:84:22:f0:a8:eb:56:0f:4b:92:16:f1:50:ce:52:96:af:
f8:71:97:b6:28:c9:8c:51:53:de:80:2b:a5:0d:73:d6:7c:6c:
a9:02:a4:91:68:17:1c:b9:43:cf:12:88:6c:bb:02:6f:f0:c7:
04:1b:ad:76:28:db:97:e3:6c:ef:cf:7f:07:0f:66:cc:c8:82:
00:dd:06:48
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZGyiTd7vGKg/PkPBrImJxkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjQwOTAyMTE0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWVhMDQ1ZDBmZjc1YWY1ZTlhNmE5Njg4NzJlNzRjYjFiNjZkN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTupvNuc6kkwMCKhHrd7IIKkF4K+
TUXnRfkohYhZbLCdrwrBFmbu+ARtbrE3JQfymi1a4JWi9O4IFVCsCdys/CgtWpR2
jB4DeCXlD4n7gQAdtFPqEA8DhxZ6v+qY1QxoZ9J187iY1ePMXc0CTBUS0FqAtmLz
7IUP0itZ1hk40kyAVkiC17J8lcpYY22PQYGftGDnxaiVY6R7sccp+E3QXUZbUCoO
L0meitfduqJCLyFL0h3Qd/1Wn18xuzQqyeWC0jSdfAhxWSv+HUfIzc1xKf1a4hRH
8YCWkOPNDaUnoKCv2SOWs8nUjFeQtJ4fJJXp+lB9yQy72+Sw40bHcIT37wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOXqBF0P91r16aapaIcudMsbZtfBMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvNWVvRVhRXzNXdlhwcHFsb2h5NTB5eHRtMThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDTVf4AwQD
VPZ4AwQAwYpRAwQBwnTqMA0EAgACMAcDBQAqAQH4MA0GCSqGSIb3DQEBCwUAA4IB
AQCZyDdkN8K5XaYCBn3w5RDXlQgSoie/j9izZxTen5NtJS4Cg8jItpksOSvldrkE
VJFbC2zxH5goB3clocPhzGZbGlNlqlJDl/22zaoi4T/mq6pYAmG93jTXbdbUsUAP
wqpRaw+VaiAweXATAn0iY8r8OfJlx+3eoAaUO9/XDke2ImmRZ88TyEcnMbWBkWwT
pITYLJMW/S3+woHk4d5Yt65SIgTlNniZMyFRiria/SQhRMrxtCdjCIQi8KjrVg9L
khbxUM5Slq/4cZe2KMmMUVPegCulDXPWfGypAqSRaBccuUPPEohsuwJv8McEG612
KNuX42zvz38HD2bMyIIA3QZI
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:20 2025 by rpki-client