Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/En05bqFhTKWWrXP7VKU0BPhTY40.roa
File: En05bqFhTKWWrXP7VKU0BPhTY40.roa (raw, json)
Hash identifier: 4OTgTJJVFdjj5WnoZ9LcC+sN9Ede9NKy2EaRkJ64itM=
Subject key identifier: 12:7D:39:6E:A1:61:4C:A5:96:AD:73:FB:54:A5:34:04:F8:53:63:8D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193F431CF6EA72000E0F824134DB216453A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/En05bqFhTKWWrXP7VKU0BPhTY40.roa
Signing time: Mon 23 Dec 2024 15:45:25 +0000
ROA not before: Mon 23 Dec 2024 15:45:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214927
IP address blocks: 45.118.248.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f4:31:cf:6e:a7:20:00:e0:f8:24:13:4d:b2:16:45:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 23 15:45:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=127d396ea1614ca596ad73fb54a53404f853638d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5d:69:9c:fc:a9:ca:61:0f:54:cf:aa:f6:f7:
d5:89:00:66:ba:82:0e:69:53:2e:72:18:ef:f3:1c:
01:2b:1a:f8:76:9e:61:67:06:a4:67:72:40:34:9f:
27:e0:fa:0e:5d:5c:3a:f1:ce:05:15:65:dc:a9:37:
11:3b:9e:1a:78:51:38:cc:13:b5:57:44:e3:5b:a3:
02:e6:9c:97:87:9d:e9:21:47:5d:f7:49:a0:82:cf:
1a:00:3e:e8:e3:64:60:94:3b:19:b8:3f:80:84:6e:
5e:f7:00:a8:57:f7:32:3f:a8:bb:5e:e2:ee:27:57:
74:f3:ba:a9:84:52:01:18:44:3b:2b:8b:70:85:b6:
f7:3d:b4:10:f0:68:cf:b1:7e:8f:58:28:65:42:fe:
f9:b7:4a:95:6f:4c:c2:ee:82:96:59:06:89:83:dc:
ac:a6:c6:e5:2f:5f:bc:48:ea:73:11:81:15:50:88:
d7:d7:94:ce:5f:22:49:81:ea:ea:2c:0d:f5:29:b0:
7e:52:0e:d9:0f:85:9c:52:5c:a3:98:39:43:b3:3d:
38:ed:e1:c5:fe:3e:d8:cf:d1:5a:ae:ae:68:06:13:
02:c0:17:54:58:84:46:ff:21:1a:a2:9d:ec:39:93:
d6:1b:c8:d5:dd:cb:c5:a4:e1:bd:90:1e:28:11:53:
eb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:7D:39:6E:A1:61:4C:A5:96:AD:73:FB:54:A5:34:04:F8:53:63:8D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/En05bqFhTKWWrXP7VKU0BPhTY40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.118.248.0/24
45.131.215.0/24
45.137.81.0/24
45.141.177.0/24
85.209.128.0/24
103.114.43.0/24
Signature Algorithm: sha256WithRSAEncryption
18:bd:e9:83:a1:a7:e0:8e:86:62:19:24:86:9c:51:57:b7:9b:
55:a2:86:c7:bb:f0:08:a4:ba:f5:9f:15:36:f4:47:90:e5:6e:
82:21:e1:b4:00:e4:2d:bc:99:42:51:50:1f:53:0b:c3:5b:cf:
1a:38:dc:13:17:a0:c7:d1:fc:06:e0:a0:26:99:50:65:bb:3d:
21:d4:e2:3e:ce:4c:91:a8:7f:13:e6:bb:ac:38:ef:c3:7e:9b:
2b:84:8d:07:b6:55:f0:f2:c4:36:6c:10:78:4e:08:ce:e6:3a:
1d:81:a0:b9:c2:0f:21:9a:6a:5f:33:7f:4e:d2:50:c7:80:09:
78:39:71:7b:bb:4a:25:71:59:a3:dc:91:b8:28:ee:4c:d4:22:
77:d6:7e:1c:ac:88:49:10:14:6f:3e:d3:cf:be:96:a9:f3:c4:
5b:37:20:c5:cc:16:0b:1c:67:72:c4:ec:4d:ab:b7:b9:6a:70:
7b:81:f4:7d:9b:4c:a6:da:64:75:44:fa:d8:c1:83:00:03:5d:
5e:e8:26:2d:6e:ab:34:d7:c1:5b:22:cd:b5:19:92:77:5e:9d:
1c:be:f5:aa:3d:20:de:71:04:80:a6:b4:53:7b:44:59:32:a1:
ba:65:80:5f:b3:40:a7:92:13:ba:56:8e:a1:6e:62:55:0f:fa:
9a:72:53:5f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZP0Mc9upyAA4PgkE02yFkU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjIzMTU0NTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjdkMzk2ZWExNjE0Y2E1OTZhZDczZmI1NGE1MzQwNGY4NTM2MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA111pnPypymEPVM+q9vfViQBmuoIO
aVMuchjv8xwBKxr4dp5hZwakZ3JANJ8n4PoOXVw68c4FFWXcqTcRO54aeFE4zBO1
V0TjW6MC5pyXh53pIUdd90mggs8aAD7o42RglDsZuD+AhG5e9wCoV/cyP6i7XuLu
J1d087qphFIBGEQ7K4twhbb3PbQQ8GjPsX6PWChlQv75t0qVb0zC7oKWWQaJg9ys
psblL1+8SOpzEYEVUIjX15TOXyJJgerqLA31KbB+Ug7ZD4WcUlyjmDlDsz047eHF
/j7Yz9Farq5oBhMCwBdUWIRG/yEaop3sOZPWG8jV3cvFpOG9kB4oEVPrEwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBJ9OW6hYUyllq1z+1SlNAT4U2ONMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRW4wNWJxRmhUS1dXclhQN1ZLVTBCUGhUWTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALXb4AwQA
LYPXAwQALYlRAwQALY2xAwQAVdGAAwQAZ3IrMA0GCSqGSIb3DQEBCwUAA4IBAQAY
vemDoafgjoZiGSSGnFFXt5tVoobHu/AIpLr1nxU29EeQ5W6CIeG0AOQtvJlCUVAf
UwvDW88aONwTF6DH0fwG4KAmmVBluz0h1OI+zkyRqH8T5rusOO/DfpsrhI0HtlXw
8sQ2bBB4TgjO5jodgaC5wg8hmmpfM39O0lDHgAl4OXF7u0olcVmj3JG4KO5M1CJ3
1n4crIhJEBRvPtPPvpap88RbNyDFzBYLHGdyxOxNq7e5anB7gfR9m0ym2mR1RPrY
wYMAA11e6CYtbqs018FbIs21GZJ3Xp0cvvWqPSDecQSAprRTe0RZMqG6ZYBfs0Cn
khO6Vo6hbmJVD/qaclNf
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:51:57 2025 by rpki-client