Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/erIH_LB-jMAQgLigMBFHq5y7NlQ.roa
File: erIH_LB-jMAQgLigMBFHq5y7NlQ.roa (raw, json)
Hash identifier: 64RWuahfWMY9nLhZ3jPTRipDLL7Mlr2gRMqt9IySQ9I=
Subject key identifier: 7A:B2:07:FC:B0:7E:8C:C0:10:80:B8:A0:30:11:47:AB:9C:BB:36:54
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018CE067306E915253262FCE240F528A98AA
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/erIH_LB-jMAQgLigMBFHq5y7NlQ.roa
Signing time: Sat 06 Jan 2024 20:11:48 +0000
ROA not before: Sat 06 Jan 2024 20:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 91.217.125.0/24 maxlen: 24
188.64.162.0/24 maxlen: 24
45.131.51.0/24 maxlen: 24
45.93.82.0/24 maxlen: 24
185.210.136.0/24 maxlen: 24
80.64.24.0/24 maxlen: 24
80.64.25.0/24 maxlen: 24
80.64.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 08:11:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e0:67:30:6e:91:52:53:26:2f:ce:24:0f:52:8a:98:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 6 20:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ab207fcb07e8cc01080b8a0301147ab9cbb3654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:d5:4c:12:95:92:73:f3:3d:5c:c2:a5:bd:
7f:e1:3d:3e:c5:62:0f:2b:1d:2b:be:3f:ad:72:c7:
c3:e9:c2:c6:de:8f:95:e1:7d:f0:b3:11:0e:9e:df:
58:88:d4:cc:43:6b:75:1d:a5:15:89:1c:a7:be:95:
1c:a4:76:6f:5e:c6:37:7c:46:47:31:e2:36:21:7d:
2f:8d:61:4f:48:ed:b2:4f:b8:64:78:cc:5f:9d:97:
be:d0:4c:bc:d2:c4:c1:1e:95:d2:f1:e0:03:c1:a9:
1f:5e:48:95:7d:75:97:74:a9:0e:16:d4:c3:6f:17:
cb:d7:fa:37:26:fb:b8:3c:1a:5f:95:7b:a9:76:d2:
b2:ac:7e:32:b9:7e:7e:d1:7a:2e:11:3e:c1:bf:60:
f3:9b:e0:95:aa:b2:7d:73:0a:60:21:fb:42:4f:42:
50:5e:fd:22:97:f3:8a:59:8c:73:98:e0:00:c7:e6:
53:a5:0a:08:62:bc:4a:69:f1:39:25:f2:fe:be:15:
b8:a3:af:ad:a7:88:f3:1d:b0:69:88:9e:28:c7:ca:
65:b9:83:f0:7d:70:fe:2b:0f:32:86:55:eb:db:b2:
87:aa:5b:c1:e1:d4:f9:12:8d:d6:5a:93:0b:dd:fa:
61:7a:02:90:db:e5:6c:36:59:bf:58:4d:b7:61:94:
71:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B2:07:FC:B0:7E:8C:C0:10:80:B8:A0:30:11:47:AB:9C:BB:36:54
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/erIH_LB-jMAQgLigMBFHq5y7NlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.82.0/24
45.131.51.0/24
80.64.24.0/23
80.64.27.0/24
91.217.125.0/24
185.210.136.0/24
188.64.162.0/24
Signature Algorithm: sha256WithRSAEncryption
91:82:ee:ca:d8:3d:da:3c:ec:b4:73:cc:56:66:78:8e:9d:57:
bf:91:dc:f7:60:62:e3:d7:b3:b7:1d:3e:83:56:21:ec:69:8e:
17:b1:9e:95:b7:a4:98:c9:9e:0d:9a:e3:fd:c3:fe:ec:b5:7b:
f0:18:3f:25:75:7a:5a:bb:7c:c5:80:5d:35:35:d5:d7:94:8e:
88:95:81:20:b1:76:af:c4:10:de:17:c3:30:21:55:bd:a4:3b:
d3:50:6f:8e:ef:17:76:f7:27:79:91:b2:74:a2:f7:b4:45:62:
84:db:af:eb:c2:65:72:22:33:fa:f8:fe:0d:76:f1:98:75:ea:
40:75:e0:24:12:58:7a:ca:f6:e8:ef:f1:24:0c:21:3d:3e:21:
d9:e4:65:a6:ab:7e:2e:f3:19:55:75:00:47:b0:37:aa:c4:92:
43:85:aa:1f:16:3d:40:84:1e:18:29:45:71:0b:06:e5:9d:4c:
80:b2:33:66:be:4e:18:54:f0:64:b1:86:b8:c9:2d:e6:2e:fa:
cb:ae:8a:fb:d8:0e:62:74:a3:60:65:96:23:d5:61:24:f4:13:
b3:57:65:09:ee:64:58:f2:44:b8:5e:de:8d:6c:8c:26:c0:29:
49:c5:07:d1:12:0e:68:ef:5e:7d:88:e9:18:ec:e8:a6:be:01:
2d:eb:41:ec
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzgZzBukVJTJi/OJA9SipiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMTA2MjAxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWIyMDdmY2IwN2U4Y2MwMTA4MGI4YTAzMDExNDdhYjljYmIzNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxLVTBKVknPzPVzCpb1/4T0+xWIP
Kx0rvj+tcsfD6cLG3o+V4X3wsxEOnt9YiNTMQ2t1HaUViRynvpUcpHZvXsY3fEZH
MeI2IX0vjWFPSO2yT7hkeMxfnZe+0Ey80sTBHpXS8eADwakfXkiVfXWXdKkOFtTD
bxfL1/o3Jvu4PBpflXupdtKyrH4yuX5+0XouET7Bv2Dzm+CVqrJ9cwpgIftCT0JQ
Xv0il/OKWYxzmOAAx+ZTpQoIYrxKafE5JfL+vhW4o6+tp4jzHbBpiJ4ox8pluYPw
fXD+Kw8yhlXr27KHqlvB4dT5Eo3WWpML3fphegKQ2+VsNlm/WE23YZRxDwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHqyB/ywfozAEIC4oDARR6ucuzZUMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvZXJJSF9MQi1qTUFRZ0xpZ01CRkhxNXk3TmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALV1SAwQA
LYMzAwQBUEAYAwQAUEAbAwQAW9l9AwQAudKIAwQAvECiMA0GCSqGSIb3DQEBCwUA
A4IBAQCRgu7K2D3aPOy0c8xWZniOnVe/kdz3YGLj17O3HT6DViHsaY4XsZ6Vt6SY
yZ4NmuP9w/7stXvwGD8ldXpau3zFgF01NdXXlI6IlYEgsXavxBDeF8MwIVW9pDvT
UG+O7xd29yd5kbJ0ove0RWKE26/rwmVyIjP6+P4NdvGYdepAdeAkElh6yvbo7/Ek
DCE9PiHZ5GWmq34u8xlVdQBHsDeqxJJDhaofFj1AhB4YKUVxCwblnUyAsjNmvk4Y
VPBksYa4yS3mLvrLror72A5idKNgZZYj1WEk9BOzV2UJ7mRY8kS4Xt6NbIwmwClJ
xQfREg5o7159iOkY7OimvgEt60Hs
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:29 2025 by rpki-client