Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ej1YTTLQ7wKTH0RfKYaSMyZreHQ.roa
File: ej1YTTLQ7wKTH0RfKYaSMyZreHQ.roa (raw, json)
Hash identifier: vhGppodplUnkyf1X9iFHN6ZWztNHgAmfz+Q1INvYg1M=
Subject key identifier: 7A:3D:58:4D:32:D0:EF:02:93:1F:44:5F:29:86:92:33:26:6B:78:74
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019302AFE3A8B163DE13948825859B3DA056
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ej1YTTLQ7wKTH0RfKYaSMyZreHQ.roa
Signing time: Wed 06 Nov 2024 18:15:01 +0000
ROA not before: Wed 06 Nov 2024 18:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.152.198.0/24 maxlen: 24
103.114.40.0/24 maxlen: 24
2a0a:2d07:44::/48 maxlen: 48
2a0e:1a84::/32 maxlen: 32
2a0e:c781::/32 maxlen: 32
2a0e:f600:5f::/48 maxlen: 48
2a0f:1e80:100::/48 maxlen: 48
2a0f:3d80:bac::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e6c6:5532::/48 maxlen: 48
2a12:ac46:99::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Nov 2024 08:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:af:e3:a8:b1:63:de:13:94:88:25:85:9b:3d:a0:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 6 18:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a3d584d32d0ef02931f445f29869233266b7874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:be:4a:9d:6e:e1:f3:b3:a6:4b:8a:d0:7a:b6:
62:fa:e8:56:27:01:d3:b3:d0:a9:73:bf:97:31:7d:
57:ae:fa:2f:cd:09:53:b3:9e:99:00:12:2c:82:5e:
fa:6f:25:37:2f:77:ab:bd:74:c7:90:56:e8:ba:00:
b3:fa:0d:27:5a:89:b5:ef:62:51:78:50:b0:1c:b6:
34:93:ad:f1:ce:b7:f9:35:af:14:88:3e:0d:59:74:
d2:31:47:07:2f:ba:22:2f:b8:9d:31:4f:96:18:a1:
23:4a:18:61:26:f7:21:7e:78:a4:19:06:dc:92:f6:
3d:e1:bc:21:1a:97:a5:1a:32:8d:6c:ce:16:18:18:
ed:d8:d8:60:e4:01:42:fc:c3:65:79:94:13:8d:c9:
38:fa:e5:9f:4f:57:32:16:0d:ec:dc:5a:cf:24:b4:
40:dd:d2:0f:e9:82:fd:f3:3a:38:83:bb:eb:4d:1f:
1d:3d:68:35:3d:42:28:0b:88:17:15:24:cb:0c:c9:
be:7b:ca:93:a4:23:82:9f:53:59:00:2e:e3:d3:d0:
80:e9:a3:73:a3:53:f8:90:a8:6d:7f:bd:86:22:ec:
32:74:18:20:39:0a:32:95:3a:91:e6:a3:19:59:eb:
f3:5f:40:9c:60:bf:dd:9c:f8:c6:bf:ab:23:b7:b6:
fc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:3D:58:4D:32:D0:EF:02:93:1F:44:5F:29:86:92:33:26:6B:78:74
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ej1YTTLQ7wKTH0RfKYaSMyZreHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.198.0/24
103.114.40.0/24
IPv6:
2a0a:2d07:44::/48
2a0e:1a84::/32
2a0e:c781::/32
2a0e:f600:5f::/48
2a0f:1e80:100::/48
2a0f:3d80:bac::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a0f:e6c6:5532::/48
2a12:ac46:99::/48
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
27:30:f3:3e:18:c8:04:71:97:9b:29:0b:f8:15:67:4e:f9:d3:
11:0b:65:23:04:89:d1:c4:bd:a1:34:51:b4:d8:f1:00:f3:9c:
15:c6:92:22:7b:f8:34:cd:7d:25:3f:6a:c9:7b:d8:f6:af:fd:
1e:75:14:d4:72:c1:7d:02:4c:63:7a:94:6c:d6:9a:d3:5e:24:
41:8a:9c:d8:f1:6d:21:e5:c8:1a:06:ff:90:05:2e:3b:ef:ff:
d0:6c:bc:e4:44:1a:c9:75:6c:e9:96:3f:1a:2d:bc:09:5a:ae:
42:ee:c4:08:28:a9:39:b8:46:e8:20:a6:fd:59:f4:00:91:aa:
1a:36:fc:6a:26:1e:46:31:dc:59:e1:f6:bb:f6:a2:27:2e:9c:
87:34:87:8f:10:a1:b1:8e:64:20:09:7a:19:92:92:97:d6:67:
4e:26:c7:30:a0:e0:1b:f9:91:3b:75:e7:69:56:75:d9:0f:ce:
f2:bf:3f:c6:56:30:c2:32:0f:de:84:41:a0:f8:e5:ee:7f:4a:
37:96:b3:ac:35:d2:cb:7b:11:f8:53:54:a4:28:42:f8:44:09:
c1:27:b6:8e:08:9f:6e:5a:95:35:35:61:9a:bc:aa:f1:93:ec:
9e:ff:d7:a6:d1:cc:31:91:b8:3e:4e:b8:92:17:8f:d8:fa:07:
a7:02:52:90
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZMCr+OosWPeE5SIJYWbPaBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTA2MTgxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTNkNTg0ZDMyZDBlZjAyOTMxZjQ0NWYyOTg2OTIzMzI2NmI3ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL5KnW7h87OmS4rQerZi+uhWJwHT
s9Cpc7+XMX1XrvovzQlTs56ZABIsgl76byU3L3ervXTHkFbougCz+g0nWom172JR
eFCwHLY0k63xzrf5Na8UiD4NWXTSMUcHL7oiL7idMU+WGKEjShhhJvchfnikGQbc
kvY94bwhGpelGjKNbM4WGBjt2Nhg5AFC/MNleZQTjck4+uWfT1cyFg3s3FrPJLRA
3dIP6YL98zo4g7vrTR8dPWg1PUIoC4gXFSTLDMm+e8qTpCOCn1NZAC7j09CA6aNz
o1P4kKhtf72GIuwydBggOQoylTqR5qMZWevzX0CcYL/dnPjGv6sjt7b8lwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFHo9WE0y0O8Ckx9EXymGkjMma3h0MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZWoxWVRUTFE3d0tUSDBSZktZYVNNeVpyZUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwEgQCAAEwDAMEAC2YxgME
AGdyKDBjBAIAAjBdAwcAKgotBwBEAwUAKg4ahAMFACoOx4EDBwAqDvYAAF8DBwAq
Dx6AAQADBwAqDz2AC6wDBwAqD30AAAEDBwAqD7wAocQDBwAqD+bGVTIDBwAqEqxG
AJkDBQMqEytAMA0GCSqGSIb3DQEBCwUAA4IBAQAnMPM+GMgEcZebKQv4FWdO+dMR
C2UjBInRxL2hNFG02PEA85wVxpIie/g0zX0lP2rJe9j2r/0edRTUcsF9AkxjepRs
1prTXiRBipzY8W0h5cgaBv+QBS477//QbLzkRBrJdWzplj8aLbwJWq5C7sQIKKk5
uEboIKb9WfQAkaoaNvxqJh5GMdxZ4fa79qInLpyHNIePEKGxjmQgCXoZkpKX1mdO
JscwoOAb+ZE7dedpVnXZD87yvz/GVjDCMg/ehEGg+OXuf0o3lrOsNdLLexH4U1Sk
KEL4RAnBJ7aOCJ9uWpU1NWGavKrxk+ye/9em0cwxkbg+TriSF4/Y+genAlKQ
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:01 2025 by rpki-client