Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JeKgzDRl5OfNsaba4QrHkDcT1Hc.roa
File: JeKgzDRl5OfNsaba4QrHkDcT1Hc.roa (raw, json)
Hash identifier: LfJJvNPqhvA2fERz1/oxRTQAm1wKFjuiE1ZCNQz6Jig=
Subject key identifier: 25:E2:A0:CC:34:65:E4:E7:CD:B1:A6:DA:E1:0A:C7:90:37:13:D4:77
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0193E362C34F052A89ABC8EF4CDD0EC019D7
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JeKgzDRl5OfNsaba4QrHkDcT1Hc.roa
Signing time: Fri 20 Dec 2024 09:25:20 +0000
ROA not before: Fri 20 Dec 2024 09:25:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Dec 2024 19:16:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:62:c3:4f:05:2a:89:ab:c8:ef:4c:dd:0e:c0:19:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 20 09:25:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25e2a0cc3465e4e7cdb1a6dae10ac7903713d477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:02:d7:48:65:5b:a8:ce:3f:fb:96:23:62:30:
13:fd:eb:55:ab:a6:7e:e2:64:a4:14:55:33:c2:45:
dc:8c:15:f3:38:df:77:8a:31:82:0e:43:a3:94:02:
7b:69:8b:4a:f9:fa:fc:e4:52:97:64:e7:95:04:c2:
5a:7e:10:cc:51:b9:88:00:c6:6c:15:6e:f2:c3:56:
95:71:1a:fd:0f:19:93:b3:26:5f:26:34:31:22:18:
bf:f7:04:fd:f1:18:d8:7c:4e:3f:b0:47:42:5f:22:
73:c7:9d:77:32:6a:f4:6a:f1:b4:0b:79:a2:fe:83:
26:29:ed:d5:26:7c:6e:71:76:c6:c0:0d:77:74:a3:
44:27:c5:04:4e:e9:77:97:4c:45:7b:36:35:52:c2:
83:dc:4f:25:4c:3d:33:ed:52:42:44:19:f2:85:ed:
19:c9:75:92:1c:f1:b3:ae:df:a5:e7:36:7d:96:13:
d4:e5:02:2b:2a:48:f8:62:ce:8a:b2:c1:57:3a:23:
7d:a4:7c:00:87:14:95:fb:e0:bd:32:02:0d:c1:fc:
7d:fd:33:87:8c:44:eb:bb:c4:8f:d6:ac:ca:1e:47:
08:71:82:95:e1:ce:8e:c3:03:5b:7d:7e:c2:27:4e:
04:06:b3:bc:18:d0:7c:16:1e:b8:b7:0d:6f:89:e1:
0c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E2:A0:CC:34:65:E4:E7:CD:B1:A6:DA:E1:0A:C7:90:37:13:D4:77
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JeKgzDRl5OfNsaba4QrHkDcT1Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
27:8a:60:9a:e5:77:39:e5:d8:ce:93:14:d0:82:be:61:be:38:
a4:5b:e2:27:fc:8b:c3:c3:48:50:ba:2a:f6:e0:bc:79:d4:97:
ac:73:69:d9:ea:85:0d:fd:c8:d8:2e:a1:cb:0e:6b:7d:b5:96:
d3:1a:cd:cf:d7:5c:7f:40:e9:df:81:b4:75:ec:b7:67:b4:38:
5d:3d:a7:6d:c3:0a:64:6a:4f:66:92:76:d4:6e:23:de:97:a6:
9d:88:46:1e:92:50:0c:a8:8d:b1:f1:c8:19:fd:05:0b:07:19:
f3:ad:58:da:1a:04:4f:1c:e2:f7:2a:46:46:58:9f:75:96:12:
14:7e:6a:5d:3e:73:c2:51:b5:ad:fb:29:de:fa:bd:d9:93:57:
fd:6b:ec:ba:45:85:14:09:7b:8c:fe:6e:ec:bf:0a:6c:ac:27:
d7:1b:dd:67:ad:01:2f:69:90:db:5b:d2:64:4d:ac:20:5b:2c:
7b:a6:cb:94:af:34:6c:9c:c4:9b:6b:e3:c2:36:c9:28:3a:0d:
74:96:90:97:cf:51:c0:66:32:65:51:48:50:53:18:95:5e:36:
7f:0a:08:4b:d4:21:2a:d9:4c:8a:ed:95:c9:13:3d:51:31:b6:
93:ce:db:32:cd:23:06:c1:d6:f5:4c:12:cd:2c:d1:4f:78:df:
df:1f:d7:a5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZPjYsNPBSqJq8jvTN0OwBnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjIwMDkyNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWUyYTBjYzM0NjVlNGU3Y2RiMWE2ZGFlMTBhYzc5MDM3MTNkNDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuALXSGVbqM4/+5YjYjAT/etVq6Z+
4mSkFFUzwkXcjBXzON93ijGCDkOjlAJ7aYtK+fr85FKXZOeVBMJafhDMUbmIAMZs
FW7yw1aVcRr9DxmTsyZfJjQxIhi/9wT98RjYfE4/sEdCXyJzx513Mmr0avG0C3mi
/oMmKe3VJnxucXbGwA13dKNEJ8UETul3l0xFezY1UsKD3E8lTD0z7VJCRBnyhe0Z
yXWSHPGzrt+l5zZ9lhPU5QIrKkj4Ys6KssFXOiN9pHwAhxSV++C9MgINwfx9/TOH
jETru8SP1qzKHkcIcYKV4c6OwwNbfX7CJ04EBrO8GNB8Fh64tw1vieEMtwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCXioMw0ZeTnzbGm2uEKx5A3E9R3MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSmVLZ3pEUmw1T2ZOc2FiYTRRckhrRGNUMUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQBueOSAwQBwQhwAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQAnimCa5Xc55djOkxTQgr5hvjikW+In/IvDw0hQuir24Lx51Jesc2nZ6oUN
/cjYLqHLDmt9tZbTGs3P11x/QOnfgbR17LdntDhdPadtwwpkak9mknbUbiPel6ad
iEYeklAMqI2x8cgZ/QULBxnzrVjaGgRPHOL3KkZGWJ91lhIUfmpdPnPCUbWt+yne
+r3Zk1f9a+y6RYUUCXuM/m7svwpsrCfXG91nrQEvaZDbW9JkTawgWyx7psuUrzRs
nMSba+PCNskoOg10lpCXz1HAZjJlUUhQUxiVXjZ/CghL1CEq2UyK7ZXJEz1RMbaT
ztsyzSMGwdb1TBLNLNFPeN/fH9el
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:15:22 2025 by rpki-client