Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/EYbea8jykB0TwVtNUpsvRS4k4zc.roa
File: EYbea8jykB0TwVtNUpsvRS4k4zc.roa (raw, json)
Hash identifier: BZbL+8HyaI+gqfzLcTgackw+uAqpPRyuUFN/EzHhUfQ=
Subject key identifier: 11:86:DE:6B:C8:F2:90:1D:13:C1:5B:4D:52:9B:2F:45:2E:24:E3:37
Certificate issuer: /CN=235163d39db88816cddc597a5db5eae707d3de39
Certificate serial: 018CC5DC65346D6A091C11AF6B6CDDE14534
Authority key identifier: 23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/EYbea8jykB0TwVtNUpsvRS4k4zc.roa
Signing time: Mon 01 Jan 2024 16:30:04 +0000
ROA not before: Mon 01 Jan 2024 16:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208250
IP address blocks: 45.150.120.0/24 maxlen: 24
45.150.120.0/22 maxlen: 22
45.150.121.0/24 maxlen: 24
45.150.122.0/24 maxlen: 24
2a0f:be00::/29 maxlen: 29
2a0f:be00:2::/48 maxlen: 48
2a0f:be00::/48 maxlen: 48
2a0f:be00:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:65:34:6d:6a:09:1c:11:af:6b:6c:dd:e1:45:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=235163d39db88816cddc597a5db5eae707d3de39
Validity
Not Before: Jan 1 16:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1186de6bc8f2901d13c15b4d529b2f452e24e337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c8:e2:c3:18:7a:d3:12:60:7e:7b:48:27:4e:
11:5e:b1:2e:c0:81:6b:aa:2b:b7:70:53:37:6a:82:
f4:b1:c4:99:a5:41:be:95:18:d6:fd:cf:24:00:c9:
5f:f2:8e:f1:fc:6f:4f:d3:e9:44:ad:5e:d6:10:b7:
16:11:0c:55:38:10:82:ef:1c:ea:b9:fc:3c:00:33:
0d:12:03:73:58:5c:f4:af:5b:93:ac:55:55:9f:b8:
16:a9:fe:52:0c:05:cb:34:3a:99:16:00:8f:11:71:
de:e6:8b:03:24:e7:d2:3e:71:be:6c:9b:d9:6e:da:
3e:5d:a9:62:bc:94:63:13:e0:2b:1e:cf:b4:ec:e4:
b0:4f:75:f7:5a:cc:b5:5f:0f:ae:45:38:2a:8f:56:
30:74:5d:d3:62:5e:90:77:d2:55:f1:76:f9:66:05:
0c:b0:22:02:b4:6d:94:6d:fe:b0:f1:ed:a6:dc:3f:
a4:df:7b:94:92:34:ba:61:07:96:86:fe:c7:f4:cd:
2a:60:26:b5:62:ce:49:8b:99:cf:04:94:ff:cc:e0:
a8:30:b7:7b:53:b7:bf:9c:cb:53:d8:e8:62:5a:44:
1f:2d:ef:7f:7a:54:2d:0f:dd:93:d6:4c:be:c6:6e:
8d:1a:aa:33:bc:1a:cd:87:3f:e3:ac:24:0f:2e:dc:
f8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:86:DE:6B:C8:F2:90:1D:13:C1:5B:4D:52:9B:2F:45:2E:24:E3:37
X509v3 Authority Key Identifier:
keyid:23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/EYbea8jykB0TwVtNUpsvRS4k4zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.120.0/22
IPv6:
2a0f:be00::/29
Signature Algorithm: sha256WithRSAEncryption
3a:f9:d1:bb:1b:d2:34:c0:6e:49:c7:36:4f:a5:6e:34:b4:6e:
22:b0:72:79:29:9e:bc:ad:14:3a:51:8e:23:91:f6:a0:ef:1f:
32:b7:dc:02:82:cc:b7:48:f6:73:66:33:a3:5a:f0:29:f3:cd:
94:51:91:79:9e:77:f3:d7:f2:82:ad:f1:e4:e7:01:31:48:a9:
a4:23:3d:d4:e0:de:16:07:fc:3a:c3:b2:25:32:29:90:21:c8:
4c:ee:f4:9a:2f:1d:55:85:b2:91:b1:07:3f:5d:b4:ee:12:0f:
98:44:9c:55:f7:c0:37:15:af:06:10:2a:49:2a:ff:3d:f8:58:
00:7d:e2:1f:52:95:d4:98:c3:42:6c:15:b5:34:60:8a:c4:59:
bf:da:44:38:21:6f:70:f4:b6:31:e8:84:fe:18:ed:2f:7d:b0:
1c:b5:eb:c8:6a:74:4a:b4:e3:98:20:1e:0c:b1:69:2d:ef:0f:
12:13:40:c5:52:9b:62:52:08:3e:e6:73:b7:54:c4:d4:ae:ae:
f1:04:56:f6:63:7f:d9:10:f0:b3:78:13:ea:66:6e:a0:57:dd:
77:5b:8c:7e:0c:3d:97:06:fa:ec:00:06:b1:b4:6c:23:20:34:
95:81:eb:1a:3e:5e:98:0e:1e:25:25:78:3a:0d:f4:dd:a7:c6:
af:e6:81:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3GU0bWoJHBGva2zd4UU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTE2M2QzOWRiODg4MTZjZGRjNTk3YTVkYjVlYWU3MDdk
M2RlMzkwHhcNMjQwMTAxMTYzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTg2ZGU2YmM4ZjI5MDFkMTNjMTViNGQ1MjliMmY0NTJlMjRlMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8jiwxh60xJgfntIJ04RXrEuwIFr
qiu3cFM3aoL0scSZpUG+lRjW/c8kAMlf8o7x/G9P0+lErV7WELcWEQxVOBCC7xzq
ufw8ADMNEgNzWFz0r1uTrFVVn7gWqf5SDAXLNDqZFgCPEXHe5osDJOfSPnG+bJvZ
bto+XalivJRjE+ArHs+07OSwT3X3Wsy1Xw+uRTgqj1YwdF3TYl6Qd9JV8Xb5ZgUM
sCICtG2Ubf6w8e2m3D+k33uUkjS6YQeWhv7H9M0qYCa1Ys5Ji5nPBJT/zOCoMLd7
U7e/nMtT2OhiWkQfLe9/elQtD92T1ky+xm6NGqozvBrNhz/jrCQPLtz47QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBGG3mvI8pAdE8FbTVKbL0UuJOM3MB8GA1UdIwQY
MBaAFCNRY9OduIgWzdxZel216ucH0945MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgt
OTE1MDI5NmRhYTBhLzEvRVliZWE4anlrQjBUd1Z0TlVwc3ZSUzRrNHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgtOTE1MDI5NmRhYTBh
LzEvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZZ4MA0E
AgACMAcDBQMqD74AMA0GCSqGSIb3DQEBCwUAA4IBAQA6+dG7G9I0wG5JxzZPpW40
tG4isHJ5KZ68rRQ6UY4jkfag7x8yt9wCgsy3SPZzZjOjWvAp882UUZF5nnfz1/KC
rfHk5wExSKmkIz3U4N4WB/w6w7IlMimQIchM7vSaLx1VhbKRsQc/XbTuEg+YRJxV
98A3Fa8GECpJKv89+FgAfeIfUpXUmMNCbBW1NGCKxFm/2kQ4IW9w9LYx6IT+GO0v
fbActevIanRKtOOYIB4MsWkt7w8SE0DFUptiUgg+5nO3VMTUrq7xBFb2Y3/ZEPCz
eBPqZm6gV913W4x+DD2XBvrsAAaxtGwjIDSVgesaPl6YDh4lJXg6DfTdp8av5oEo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:54 2025 by rpki-client