Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/EAcPDMq008nu1kTzTlJh2-utfOk.roa
File: EAcPDMq008nu1kTzTlJh2-utfOk.roa (raw, json)
Hash identifier: tz4BCYuErM6uv6kCZknOBjHYcrvB+gasX22Dj6xB4cw=
Subject key identifier: 10:07:0F:0C:CA:B4:D3:C9:EE:D6:44:F3:4E:52:61:DB:EB:AD:7C:E9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CF2424E67F6FEB27901133778E47A4613
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/EAcPDMq008nu1kTzTlJh2-utfOk.roa
Signing time: Wed 10 Jan 2024 07:24:40 +0000
ROA not before: Wed 10 Jan 2024 07:24:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 93.190.246.0/23 maxlen: 23
45.129.127.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
2a0f:e840::/32 maxlen: 32
2a13:fd00::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 17 Jan 2024 09:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:42:4e:67:f6:fe:b2:79:01:13:37:78:e4:7a:46:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 10 07:24:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10070f0ccab4d3c9eed644f34e5261dbebad7ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:44:52:e3:d8:65:fd:92:cc:ae:26:9e:5e:cf:
13:9b:2a:ba:94:36:ae:8f:5f:27:6d:e6:0c:81:73:
38:a7:07:69:a2:70:0d:47:7a:02:42:80:53:e9:f9:
64:04:4f:cc:e2:76:c7:90:d0:1e:93:38:63:b9:41:
bf:5e:81:e0:01:1c:d5:f5:e7:d4:e2:ff:aa:bf:55:
d8:ee:4e:ca:07:5c:51:9c:8f:7c:ea:4a:fc:98:4d:
cc:bb:d6:ef:3c:c3:d7:e4:cd:47:df:c4:6f:22:cf:
f7:56:af:7b:a4:6a:94:01:5f:71:f2:0b:fc:e0:ca:
68:fd:f7:50:92:52:70:94:80:cc:1c:67:8f:ee:05:
19:92:1c:b4:d5:7b:82:f5:0d:8e:3f:30:a7:c5:99:
19:18:06:ae:47:c7:7f:9e:c1:08:a9:b8:7a:55:04:
3c:15:27:13:63:76:3a:77:ee:ed:13:bd:15:78:85:
6e:c7:fb:b7:56:bd:49:0b:1b:5f:fd:c4:43:fe:d2:
80:53:08:5b:a9:9e:b6:68:33:c8:f8:bc:1a:d8:86:
44:55:29:c8:78:23:38:97:0c:2e:66:2f:e6:ba:35:
a4:63:db:70:a2:14:e7:23:6d:80:30:a0:27:14:67:
65:76:a4:18:62:69:84:98:0c:44:b7:db:17:ac:cd:
5c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:07:0F:0C:CA:B4:D3:C9:EE:D6:44:F3:4E:52:61:DB:EB:AD:7C:E9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/EAcPDMq008nu1kTzTlJh2-utfOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a0f:2f80::/29
2a0f:e840::/32
2a13:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
ae:3f:ce:af:f2:a3:1e:c7:35:d0:13:27:04:c9:bf:ea:84:a7:
c5:88:9e:61:1d:80:dc:ca:3b:7c:08:f3:ab:70:34:fa:65:bb:
92:e0:a6:9a:e2:e4:e0:77:c8:f0:e1:40:74:7b:e4:ca:e8:72:
88:42:ab:25:96:fa:99:0d:eb:35:a1:39:6e:26:39:d4:c6:f8:
6f:97:43:ef:b7:df:6e:72:b8:f7:89:a8:05:72:17:48:94:a8:
d5:69:ed:ad:41:42:5c:18:a8:89:e9:60:63:3d:0a:c8:39:3b:
2f:2f:5c:10:fa:59:7a:58:94:1b:1e:8d:7d:ab:e9:fc:51:11:
5a:15:d9:89:42:02:1b:4d:08:b6:cc:41:dc:ac:bb:e1:5f:80:
fd:f9:f5:c7:0d:34:bb:a3:ef:14:cb:88:6a:96:ff:87:42:c9:
b9:6a:a7:d1:37:75:af:c8:f7:6d:51:f1:3c:01:60:b5:e7:89:
e1:da:58:2b:29:83:95:40:0e:56:91:43:01:75:45:28:be:69:
42:7c:13:89:86:60:97:2e:e3:2f:29:55:95:4b:13:d7:b8:4e:
74:d6:34:45:04:1b:55:91:cc:b8:68:b7:24:c6:ec:53:e2:14:
94:1f:12:d0:53:8d:d4:12:5f:7b:2c:3d:3e:e1:9e:45:7c:f4:
dc:b8:3d:33
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzyQk5n9v6yeQETN3jkekYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTEwMDcyNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDA3MGYwY2NhYjRkM2M5ZWVkNjQ0ZjM0ZTUyNjFkYmViYWQ3Y2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ERS49hl/ZLMriaeXs8Tmyq6lDau
j18nbeYMgXM4pwdponANR3oCQoBT6flkBE/M4nbHkNAekzhjuUG/XoHgARzV9efU
4v+qv1XY7k7KB1xRnI986kr8mE3Mu9bvPMPX5M1H38RvIs/3Vq97pGqUAV9x8gv8
4Mpo/fdQklJwlIDMHGeP7gUZkhy01XuC9Q2OPzCnxZkZGAauR8d/nsEIqbh6VQQ8
FScTY3Y6d+7tE70VeIVux/u3Vr1JCxtf/cRD/tKAUwhbqZ62aDPI+Lwa2IZEVSnI
eCM4lwwuZi/mujWkY9twohTnI22AMKAnFGdldqQYYmmEmAxEt9sXrM1ccwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBAHDwzKtNPJ7tZE805SYdvrrXzpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRUFjUERNcTAwOG51MWtUelRsSmgyLXV0Zk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MBsEAgACMBUDBQMqDy+AAwUAKg/oQAMFAyoT/QAwDQYJKoZIhvcN
AQELBQADggEBAK4/zq/yox7HNdATJwTJv+qEp8WInmEdgNzKO3wI86twNPplu5Lg
ppri5OB3yPDhQHR75MrocohCqyWW+pkN6zWhOW4mOdTG+G+XQ++3325yuPeJqAVy
F0iUqNVp7a1BQlwYqInpYGM9Csg5Oy8vXBD6WXpYlBsejX2r6fxREVoV2YlCAhtN
CLbMQdysu+FfgP359ccNNLuj7xTLiGqW/4dCyblqp9E3da/I921R8TwBYLXnieHa
WCspg5VADlaRQwF1RSi+aUJ8E4mGYJcu4y8pVZVLE9e4TnTWNEUEG1WRzLhotyTG
7FPiFJQfEtBTjdQSX3ssPT7hnkV89Ny4PTM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:28 2025 by rpki-client