Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/5mr7GpCQl6fAG9oLrPRaE6VoInQ.roa
File: 5mr7GpCQl6fAG9oLrPRaE6VoInQ.roa (raw, json)
Hash identifier: 6ClChH5Vp/hGKtryTcmWd24qewuBNmoyNL5l235yXZQ=
Subject key identifier: E6:6A:FB:1A:90:90:97:A7:C0:1B:DA:0B:AC:F4:5A:13:A5:68:22:74
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0191C305CC0A94E58553368F417CA4712B01
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/5mr7GpCQl6fAG9oLrPRaE6VoInQ.roa
Signing time: Thu 05 Sep 2024 16:30:22 +0000
ROA not before: Thu 05 Sep 2024 16:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.93.82.0/24 maxlen: 24
45.131.51.0/24 maxlen: 24
80.64.27.0/24 maxlen: 24
80.64.29.0/24 maxlen: 24
91.217.125.0/24 maxlen: 24
185.210.136.0/24 maxlen: 24
188.64.162.0/24 maxlen: 24
213.139.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:05:cc:0a:94:e5:85:53:36:8f:41:7c:a4:71:2b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Sep 5 16:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e66afb1a909097a7c01bda0bacf45a13a5682274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0b:7e:30:14:79:d6:34:fb:0c:fd:21:21:2c:
e1:9e:bf:05:5a:f5:87:07:70:f0:22:3b:6c:6a:87:
94:3a:f1:c3:50:b7:40:dd:e6:4f:dc:ee:d2:f1:67:
87:a4:2d:30:20:60:0f:a8:eb:a8:68:dc:7a:95:77:
8e:6b:19:a7:34:f1:25:fa:28:78:e9:15:e4:34:ef:
b6:e8:d6:2e:8b:ed:31:12:9c:30:aa:65:20:07:9c:
2d:8a:d8:0b:45:32:c3:a6:5b:9c:ee:56:80:f2:cd:
53:f7:b2:cb:d6:75:23:6b:37:dc:a0:a3:26:b7:90:
c3:14:a6:de:92:e5:00:02:93:1b:4c:bf:3f:33:5b:
7c:a2:d7:97:49:c3:eb:61:a4:7e:f4:05:a7:e5:28:
4f:39:8c:9b:4b:99:83:43:b1:e7:7b:54:25:bc:b8:
18:56:4c:4e:1b:54:fb:da:02:6f:70:81:43:a5:e8:
6f:15:25:90:0d:4d:ab:66:d8:7c:df:dc:a3:3f:84:
a3:db:a7:63:63:fe:83:7b:b7:89:46:7e:5a:95:c9:
1d:41:1f:28:43:50:12:fc:c3:ea:88:ba:cb:98:a7:
50:07:a9:05:fc:b6:ba:34:78:fb:0f:a1:72:60:ee:
32:06:55:7a:c2:08:e7:1e:61:2e:40:c0:50:64:29:
a6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:6A:FB:1A:90:90:97:A7:C0:1B:DA:0B:AC:F4:5A:13:A5:68:22:74
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/5mr7GpCQl6fAG9oLrPRaE6VoInQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.82.0/24
45.131.51.0/24
80.64.27.0/24
80.64.29.0/24
91.217.125.0/24
185.210.136.0/24
188.64.162.0/24
213.139.202.0/24
Signature Algorithm: sha256WithRSAEncryption
01:a1:79:fd:28:1a:55:eb:ca:93:9d:58:fe:ec:d0:86:5b:27:
de:f7:f4:52:e6:0a:83:55:43:fc:25:3c:93:f5:fe:32:01:16:
f6:b0:40:ed:96:54:df:c1:96:8b:18:42:93:1b:ea:b5:ca:c4:
30:ff:a8:b7:a0:8b:05:74:a0:65:c0:7f:cc:c3:dc:51:af:81:
3a:71:8e:a7:39:9c:4f:9f:0e:a3:53:2c:05:7c:73:4d:c6:35:
ce:11:eb:e3:8d:b7:91:5b:a5:dd:a1:3c:0f:21:48:c5:6f:6d:
c1:a3:a3:70:f8:ab:4e:5d:62:95:69:1c:87:00:90:fd:d3:84:
97:15:4b:dc:88:ad:df:df:3e:71:77:a4:6c:3e:78:5d:c3:8b:
e3:a1:db:b8:91:bd:d9:c3:8c:14:ae:08:93:f1:60:2f:65:32:
d0:cf:a8:ae:f8:99:87:8b:46:92:17:7b:de:87:36:83:48:55:
fb:8f:72:9b:85:cb:94:b3:e1:2f:3c:b2:ab:2b:48:3f:ca:1e:
02:74:74:a9:94:f8:2a:4d:91:eb:b9:1d:54:da:fe:63:7a:72:
42:8c:28:b3:da:42:28:4d:68:db:fd:d9:59:bd:b6:8d:23:a9:
1a:85:72:96:a9:9e:c8:83:28:03:19:fd:95:57:b5:66:ac:51:
80:94:e9:a4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZHDBcwKlOWFUzaPQXykcSsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwOTA1MTYzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjZhZmIxYTkwOTA5N2E3YzAxYmRhMGJhY2Y0NWExM2E1NjgyMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgt+MBR51jT7DP0hISzhnr8FWvWH
B3DwIjtsaoeUOvHDULdA3eZP3O7S8WeHpC0wIGAPqOuoaNx6lXeOaxmnNPEl+ih4
6RXkNO+26NYui+0xEpwwqmUgB5wtitgLRTLDpluc7laA8s1T97LL1nUjazfcoKMm
t5DDFKbekuUAApMbTL8/M1t8oteXScPrYaR+9AWn5ShPOYybS5mDQ7Hne1QlvLgY
VkxOG1T72gJvcIFDpehvFSWQDU2rZth839yjP4Sj26djY/6De7eJRn5alckdQR8o
Q1AS/MPqiLrLmKdQB6kF/La6NHj7D6FyYO4yBlV6wgjnHmEuQMBQZCmmiwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOZq+xqQkJenwBvaC6z0WhOlaCJ0MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvNW1yN0dwQ1FsNmZBRzlvTHJQUmFFNlZvSW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALV1SAwQA
LYMzAwQAUEAbAwQAUEAdAwQAW9l9AwQAudKIAwQAvECiAwQA1YvKMA0GCSqGSIb3
DQEBCwUAA4IBAQABoXn9KBpV68qTnVj+7NCGWyfe9/RS5gqDVUP8JTyT9f4yARb2
sEDtllTfwZaLGEKTG+q1ysQw/6i3oIsFdKBlwH/Mw9xRr4E6cY6nOZxPnw6jUywF
fHNNxjXOEevjjbeRW6XdoTwPIUjFb23Bo6Nw+KtOXWKVaRyHAJD904SXFUvciK3f
3z5xd6RsPnhdw4vjodu4kb3Zw4wUrgiT8WAvZTLQz6iu+JmHi0aSF3vehzaDSFX7
j3KbhcuUs+EvPLKrK0g/yh4CdHSplPgqTZHruR1U2v5jenJCjCiz2kIoTWjb/dlZ
vbaNI6kahXKWqZ7IgygDGf2VV7VmrFGAlOmk
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:42:26 2025 by rpki-client