Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ECH8ih0v8-xhhGNNU5ts0msXSpY.roa
File: ECH8ih0v8-xhhGNNU5ts0msXSpY.roa (raw, json)
Hash identifier: b5BvjaLsnTZlyJ7qYk6lfIS2MWEgvkmwNJktsC3oZlc=
Subject key identifier: 10:21:FC:8A:1D:2F:F3:EC:61:84:63:4D:53:9B:6C:D2:6B:17:4A:96
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01914FB26F6A55BF193CADAE0F4D90CE5138
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ECH8ih0v8-xhhGNNU5ts0msXSpY.roa
Signing time: Wed 14 Aug 2024 07:02:59 +0000
ROA not before: Wed 14 Aug 2024 07:02:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
103.139.50.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a06:1184:33::/48 maxlen: 48
2a0a:2d06:33::/48 maxlen: 48
2a0a:2d06:55::/48 maxlen: 48
2a0c:7886:33::/48 maxlen: 48
2a0e:1a80:2541::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0e:f600:6c::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2e80::/29 maxlen: 29
2a0f:3d87::/32 maxlen: 32
2a0f:7d02:1::/48 maxlen: 48
2a0f:7d04:1::/48 maxlen: 48
2a0f:e1c6::/32 maxlen: 32
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a13:e101:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Aug 2024 06:59:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4f:b2:6f:6a:55:bf:19:3c:ad:ae:0f:4d:90:ce:51:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 14 07:02:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1021fc8a1d2ff3ec6184634d539b6cd26b174a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:64:e5:2d:06:b8:00:28:bd:e4:da:2d:f7:1f:
bc:13:3d:91:fb:42:06:c9:70:0a:d2:d9:55:b5:a5:
0a:78:d8:a4:8b:52:49:97:9b:1a:d3:80:e7:f8:37:
0d:e5:20:4a:2f:59:e4:93:49:59:c1:e4:bc:99:a1:
25:0f:e5:75:7f:e7:26:c2:1e:c4:95:6d:c9:50:56:
86:81:d3:fd:d8:4b:00:aa:b6:67:fd:8c:19:26:b4:
07:a4:73:84:69:94:95:46:cb:7f:bb:51:ed:19:df:
b8:95:da:8a:90:14:58:45:81:a7:71:61:54:ef:c1:
fe:d6:5e:fa:10:e7:ce:5d:93:e4:24:fd:46:dd:e9:
a7:10:8f:af:ee:c7:66:a3:88:74:15:fa:c5:ff:a6:
06:a3:77:d7:58:2b:90:7c:dd:97:0e:7b:9f:63:2c:
bf:89:71:e6:8c:c9:c6:5b:cb:02:27:80:08:c5:01:
8e:50:05:5d:85:25:4e:6c:5b:af:4a:da:85:b1:8d:
4d:e8:08:a3:7d:62:21:7d:73:0a:c4:fe:af:d5:bd:
cc:1a:0a:9f:35:04:73:9a:88:0c:bc:82:90:2f:2b:
0c:fe:0d:cd:33:3c:70:42:f3:ff:34:5c:91:00:30:
2a:72:94:84:6e:ac:88:0c:56:e4:51:58:b6:e4:5b:
ff:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:21:FC:8A:1D:2F:F3:EC:61:84:63:4D:53:9B:6C:D2:6B:17:4A:96
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ECH8ih0v8-xhhGNNU5ts0msXSpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
103.139.50.0/24
193.164.199.0/24
IPv6:
2a06:1184:33::/48
2a0a:2d06:33::/48
2a0a:2d06:55::/48
2a0c:7886:33::/48
2a0e:1a80:2541::/48
2a0e:c780::/32
2a0e:f201:1::/48
2a0e:f600:6c::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2e80::/29
2a0f:3d87::/32
2a0f:7d02:1::/48
2a0f:7d04:1::/48
2a0f:e1c6::/32
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:f540::/29
2a13:18c0:1::/48
2a13:e101:2::/48
Signature Algorithm: sha256WithRSAEncryption
04:16:f7:aa:73:42:b4:84:b6:06:28:b6:b5:fc:91:86:7e:56:
3d:24:f6:0b:72:c8:4d:e3:bf:75:e0:72:69:2c:6f:ff:81:a8:
13:11:13:2e:81:6a:33:e0:ba:e6:31:3a:55:1d:9e:ac:7e:29:
78:df:d8:32:f4:51:12:e2:8b:86:7d:c5:2f:b8:b8:57:65:a9:
16:68:3b:ec:6a:34:2c:6f:6a:e9:83:c5:5e:bc:42:78:43:dc:
3e:c1:fe:c7:ef:00:ad:b6:53:24:7e:bd:9d:41:4a:dd:86:63:
b1:05:97:d2:ed:63:61:a8:b6:9a:5c:a3:5c:d6:5b:51:76:10:
34:1b:2d:fc:3e:aa:b6:af:af:67:28:9b:10:cc:ae:7a:5c:75:
0f:dd:03:a8:cb:44:4e:60:7f:f9:1b:7c:91:1e:50:c0:7e:dd:
d6:f8:b6:07:46:45:24:fa:a8:c9:8b:b5:35:a5:b3:54:d4:fa:
97:8a:c3:42:86:83:02:ef:a1:b5:ed:ad:d8:e6:fd:2f:51:16:
de:4b:0c:47:5c:80:ba:cf:49:f9:36:13:00:f4:a5:e4:a3:ba:
a6:92:73:ac:75:ac:08:eb:c3:a8:84:17:b0:45:e5:e4:92:9a:
2f:bf:bf:d7:88:ed:a2:ad:e7:12:f2:a6:03:7f:4a:d7:10:f3:
24:2c:df:3d
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgISAZFPsm9qVb8ZPK2uD02QzlE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODE0MDcwMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDIxZmM4YTFkMmZmM2VjNjE4NDYzNGQ1MzliNmNkMjZiMTc0YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWTlLQa4ACi95Not9x+8Ez2R+0IG
yXAK0tlVtaUKeNiki1JJl5sa04Dn+DcN5SBKL1nkk0lZweS8maElD+V1f+cmwh7E
lW3JUFaGgdP92EsAqrZn/YwZJrQHpHOEaZSVRst/u1HtGd+4ldqKkBRYRYGncWFU
78H+1l76EOfOXZPkJP1G3emnEI+v7sdmo4h0FfrF/6YGo3fXWCuQfN2XDnufYyy/
iXHmjMnGW8sCJ4AIxQGOUAVdhSVObFuvStqFsY1N6AijfWIhfXMKxP6v1b3MGgqf
NQRzmogMvIKQLysM/g3NMzxwQvP/NFyRADAqcpSEbqyIDFbkUVi25Fv/4QIDAQAB
o4IDNDCCAzAwHQYDVR0OBBYEFBAh/IodL/PsYYRjTVObbNJrF0qWMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRUNIOGloMHY4LXhoaEdOTlU1dHMwbXNYU3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSAYIKwYBBQUHAQcBAf8EggE3MIIBMzAeBAIAATAYAwQA
LYF/AwQALYclAwQAZ4syAwQAwaTHMIIBDwQCAAIwggEHAwcAKgYRhAAzAwcAKgot
BgAzAwcAKgotBgBVAwcAKgx4hgAzAwcAKg4agCVBAwUAKg7HgAMHACoO8gEAAQMH
ACoO9gAAbAMHACoPHgABIwMHACoPHgAEVgMHACoPHgAJhwMHACoPHgAKvAMHACoP
HgDe+QMHACoPHgEAAQMHACoPHoEAAgMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS
6AMHACoPHoGj0AMHACoPHoHNrgMFAyoPLoADBQAqDz2HAwcAKg99AgABAwcAKg99
BAABAwUAKg/hxgMFAyoQbUADBQMqEf2AAwUBKhKsQAMFAyoS9UADBwAqExjAAAED
BwAqE+EBAAIwDQYJKoZIhvcNAQELBQADggEBAAQW96pzQrSEtgYotrX8kYZ+Vj0k
9gtyyE3jv3Xgcmksb/+BqBMREy6BajPguuYxOlUdnqx+KXjf2DL0URLii4Z9xS+4
uFdlqRZoO+xqNCxvaumDxV68QnhD3D7B/sfvAK22UyR+vZ1BSt2GY7EFl9LtY2Go
tppco1zWW1F2EDQbLfw+qravr2comxDMrnpcdQ/dA6jLRE5gf/kbfJEeUMB+3db4
tgdGRST6qMmLtTWls1TU+peKw0KGgwLvobXtrdjm/S9RFt5LDEdcgLrPSfk2EwD0
peSjuqaSc6x1rAjrw6iEF7BF5eSSmi+/v9eI7aKt5xLypgN/StcQ8yQs3z0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:25 2025 by rpki-client