Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/d0c3e5-99c5-4f12-9da2-c59e94bff743/1/Eqyjo6RXHGdZ7lpCBynu9-ndZjU.roa
File: Eqyjo6RXHGdZ7lpCBynu9-ndZjU.roa (raw, json)
Hash identifier: YVAqy2weIwCtNtnJZm/KGlUcIOcKqSYYfffmITF9pzY=
Subject key identifier: 12:AC:A3:A3:A4:57:1C:67:59:EE:5A:42:07:29:EE:F7:E9:DD:66:35
Certificate issuer: /CN=3e1fd138f102d7dcb1583b4494102f0fe587e45d
Certificate serial: 018CC34912C5145E61878C844B3B00BD437A
Authority key identifier: 3E:1F:D1:38:F1:02:D7:DC:B1:58:3B:44:94:10:2F:0F:E5:87:E4:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph_ROPEC19yxWDtElBAvD-WH5F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/d0c3e5-99c5-4f12-9da2-c59e94bff743/1/Eqyjo6RXHGdZ7lpCBynu9-ndZjU.roa
Signing time: Mon 01 Jan 2024 04:29:55 +0000
ROA not before: Mon 01 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12703
IP address blocks: 212.20.224.0/19 maxlen: 24
195.248.70.0/24 maxlen: 24
185.64.88.0/22 maxlen: 24
195.47.244.0/24 maxlen: 24
87.246.64.0/18 maxlen: 24
5.172.152.0/21 maxlen: 24
5.153.64.0/19 maxlen: 24
193.29.223.0/24 maxlen: 24
46.249.192.0/19 maxlen: 24
84.19.224.0/19 maxlen: 24
217.30.112.0/20 maxlen: 24
2a02:16e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:12:c5:14:5e:61:87:8c:84:4b:3b:00:bd:43:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1fd138f102d7dcb1583b4494102f0fe587e45d
Validity
Not Before: Jan 1 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12aca3a3a4571c6759ee5a420729eef7e9dd6635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e3:c3:fd:12:65:44:39:c7:27:be:21:f0:52:
08:21:36:e4:10:6e:2f:b9:ec:43:6f:4d:eb:3f:d8:
72:45:35:bf:75:c0:0d:2b:4d:af:57:aa:9b:77:86:
99:92:25:b9:90:4a:c0:cf:28:89:76:1a:2e:ad:67:
02:97:1f:4b:90:8e:11:fa:1b:c8:5a:6c:46:34:07:
4e:e7:44:65:1a:d0:e1:01:17:22:33:bf:2c:b3:e3:
00:be:4e:09:76:b2:d7:22:a7:b2:79:03:94:63:fd:
5f:2f:7c:27:33:57:c6:45:03:7f:80:b1:b2:72:01:
61:00:97:cb:87:87:d1:d2:59:21:9d:ee:eb:84:04:
e8:8c:a9:e2:cf:f2:1c:7d:32:ca:89:e8:08:d4:cd:
4b:ef:a7:0e:52:db:15:44:18:79:33:b4:84:62:3f:
10:6f:48:e0:ac:6c:3f:ce:83:0d:47:a5:34:f3:02:
0e:fc:4e:a6:f2:d3:0b:50:41:1b:e6:d4:ea:5e:08:
0f:fa:97:66:0e:e4:74:25:56:79:34:9c:71:ab:20:
31:90:b6:07:0f:b6:83:56:d2:ba:8f:2b:89:02:12:
43:6e:6d:bd:dc:6e:54:55:fb:17:22:02:46:31:ef:
bf:2e:4c:ad:b2:ab:2d:59:1d:53:0f:66:9c:e9:46:
fb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:AC:A3:A3:A4:57:1C:67:59:EE:5A:42:07:29:EE:F7:E9:DD:66:35
X509v3 Authority Key Identifier:
keyid:3E:1F:D1:38:F1:02:D7:DC:B1:58:3B:44:94:10:2F:0F:E5:87:E4:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph_ROPEC19yxWDtElBAvD-WH5F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d0c3e5-99c5-4f12-9da2-c59e94bff743/1/Eqyjo6RXHGdZ7lpCBynu9-ndZjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d0c3e5-99c5-4f12-9da2-c59e94bff743/1/Ph_ROPEC19yxWDtElBAvD-WH5F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.64.0/19
5.172.152.0/21
46.249.192.0/19
84.19.224.0/19
87.246.64.0/18
185.64.88.0/22
193.29.223.0/24
195.47.244.0/24
195.248.70.0/24
212.20.224.0/19
217.30.112.0/20
IPv6:
2a02:16e0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:02:bd:72:51:ac:46:34:67:0d:d6:f6:34:af:5b:84:b5:77:
b9:7d:4e:63:03:97:98:04:32:06:62:60:b7:c2:7d:fc:36:26:
cf:66:dc:d1:25:ff:7e:c6:8d:38:01:b0:91:77:55:c0:ca:1b:
8c:42:dc:70:f0:a1:62:df:b5:33:12:63:9d:cf:f2:b5:11:0e:
1d:92:8d:5c:40:23:82:0c:42:00:15:13:1d:15:70:d9:29:b0:
94:e0:be:62:0c:a1:4f:dd:17:f6:e3:d2:77:5d:13:8c:9e:9f:
d6:38:29:bf:f6:d5:1b:4b:b1:50:48:d7:a6:34:5a:9b:75:ef:
f3:a4:69:10:b8:57:06:7f:8c:31:b7:a4:39:31:fb:41:09:5b:
3e:e6:64:a9:c8:0a:d5:be:66:5b:6f:e9:03:e7:d5:4a:8d:b4:
59:0b:6b:90:cc:1f:62:5c:59:97:16:cf:a6:34:bd:7f:d1:f6:
a2:fa:f3:fc:b7:3f:0e:8e:41:f7:ba:bf:a2:53:9b:30:d9:8e:
9f:58:b6:88:77:54:ad:0f:55:80:5c:e6:39:32:9e:60:02:13:
36:b9:55:bf:53:11:b4:47:00:d9:40:7f:e4:ce:f5:6e:07:d0:
e2:fe:db:43:df:57:cf:19:09:30:64:d3:ed:4f:d8:50:36:4d:
0d:b1:8c:b7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzDSRLFFF5hh4yESzsAvUN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWZkMTM4ZjEwMmQ3ZGNiMTU4M2I0NDk0MTAyZjBmZTU4
N2U0NWQwHhcNMjQwMTAxMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmFjYTNhM2E0NTcxYzY3NTllZTVhNDIwNzI5ZWVmN2U5ZGQ2NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOPD/RJlRDnHJ74h8FIIITbkEG4v
uexDb03rP9hyRTW/dcANK02vV6qbd4aZkiW5kErAzyiJdhourWcClx9LkI4R+hvI
WmxGNAdO50RlGtDhARciM78ss+MAvk4JdrLXIqeyeQOUY/1fL3wnM1fGRQN/gLGy
cgFhAJfLh4fR0lkhne7rhATojKniz/IcfTLKiegI1M1L76cOUtsVRBh5M7SEYj8Q
b0jgrGw/zoMNR6U08wIO/E6m8tMLUEEb5tTqXggP+pdmDuR0JVZ5NJxxqyAxkLYH
D7aDVtK6jyuJAhJDbm293G5UVfsXIgJGMe+/LkytsqstWR1TD2ac6Ub7QwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFBKso6OkVxxnWe5aQgcp7vfp3WY1MB8GA1UdIwQY
MBaAFD4f0TjxAtfcsVg7RJQQLw/lh+RdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGhfUk9QRUMxOXl4V0R0RWxCQXZELVdINUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9kMGMzZTUtOTljNS00ZjEyLTlkYTIt
YzU5ZTk0YmZmNzQzLzEvRXF5am82UlhIR2RaN2xwQ0J5bnU5LW5kWmpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9kMGMzZTUtOTljNS00ZjEyLTlkYTItYzU5ZTk0YmZmNzQz
LzEvUGhfUk9QRUMxOXl4V0R0RWxCQXZELVdINUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQFBZlAAwQD
BayYAwQFLvnAAwQFVBPgAwQGV/ZAAwQCuUBYAwQAwR3fAwQAwy/0AwQAw/hGAwQF
1BTgAwQE2R5wMA0EAgACMAcDBQAqAhbgMA0GCSqGSIb3DQEBCwUAA4IBAQALAr1y
UaxGNGcN1vY0r1uEtXe5fU5jA5eYBDIGYmC3wn38NibPZtzRJf9+xo04AbCRd1XA
yhuMQtxw8KFi37UzEmOdz/K1EQ4dko1cQCOCDEIAFRMdFXDZKbCU4L5iDKFP3Rf2
49J3XROMnp/WOCm/9tUbS7FQSNemNFqbde/zpGkQuFcGf4wxt6Q5MftBCVs+5mSp
yArVvmZbb+kD59VKjbRZC2uQzB9iXFmXFs+mNL1/0fai+vP8tz8OjkH3ur+iU5sw
2Y6fWLaId1StD1WAXOY5Mp5gAhM2uVW/UxG0RwDZQH/kzvVuB9Di/ttD31fPGQkw
ZNPtT9hQNk0NsYy3
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:16:06 2025 by rpki-client