Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/e68X0CA5BMDsFimVLQVzMWhGdfQ.roa
File: e68X0CA5BMDsFimVLQVzMWhGdfQ.roa (raw, json)
Hash identifier: tbF3xpG4kwvQbE1snIM5yur+vtoagU842Il/5w+sTKY=
Subject key identifier: 7B:AF:17:D0:20:39:04:C0:EC:16:29:95:2D:05:73:31:68:46:75:F4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422204C577B3C74BAB21D0895E41E500C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/e68X0CA5BMDsFimVLQVzMWhGdfQ.roa
Signing time: Wed 01 Jan 2025 13:48:49 +0000
ROA not before: Wed 01 Jan 2025 13:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212017
IP address blocks: 45.90.236.0/24 maxlen: 24
45.90.237.0/24 maxlen: 24
185.106.124.0/22 maxlen: 24
185.128.52.0/22 maxlen: 22
185.227.172.0/22 maxlen: 22
185.232.8.0/22 maxlen: 24
193.17.180.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
194.48.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 31 Jan 2025 08:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:4c:57:7b:3c:74:ba:b2:1d:08:95:e4:1e:50:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7baf17d0203904c0ec1629952d057331684675f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:16:83:15:06:04:db:b7:b6:aa:67:ee:45:f0:
1a:cb:97:87:38:3a:b8:ad:38:b0:ea:00:0c:32:95:
53:b8:79:ae:07:a5:f7:c0:ec:e2:a5:97:5c:8e:f9:
f5:00:ff:75:09:2b:67:86:83:83:74:7b:bd:25:48:
25:08:85:0c:af:8e:22:d5:f1:5b:2b:22:22:bc:01:
9c:92:4c:53:65:8f:ed:35:f2:e6:69:b8:b4:34:e8:
fa:80:11:29:d2:8c:16:d1:81:a7:07:1c:69:c9:1a:
e6:eb:93:af:25:55:3a:80:1c:8c:60:79:0b:9a:43:
47:48:a1:4b:4f:72:34:bb:eb:78:ee:38:33:da:02:
0e:ed:17:d4:8d:8d:7f:bc:0e:59:d8:3c:c2:b8:6f:
4d:81:a4:94:65:79:10:1d:75:ac:0e:06:2e:eb:f1:
fe:84:91:9d:5f:32:b6:b5:30:56:1c:46:83:3c:53:
94:77:38:a3:9a:13:3c:7b:0d:fa:f5:e5:9a:95:61:
44:49:5e:07:81:d8:d7:cc:16:41:45:1b:69:96:b7:
f4:bd:b3:7f:f6:78:54:d8:18:9f:3b:d0:f6:0f:93:
12:be:f3:58:a8:18:cf:1a:80:20:34:56:d2:58:9e:
d1:43:5c:18:5b:66:88:20:0c:e2:93:14:e0:35:39:
b6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:AF:17:D0:20:39:04:C0:EC:16:29:95:2D:05:73:31:68:46:75:F4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/e68X0CA5BMDsFimVLQVzMWhGdfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/23
185.106.124.0/22
185.128.52.0/22
185.227.172.0/22
185.232.8.0/22
193.17.180.0/24
193.17.182.0/24
194.48.140.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:1c:91:bd:92:4c:c3:8d:aa:95:63:39:08:96:84:8c:b0:02:
54:53:22:d0:92:11:50:50:09:10:c1:02:b1:7f:6d:e3:c5:8c:
fc:57:1b:3f:94:3a:4a:d4:5c:45:8e:b1:c3:dd:d9:77:04:bd:
ce:a3:76:61:34:21:82:15:bc:4c:43:43:e6:db:50:ba:5e:bb:
39:e5:8b:69:88:e1:6e:02:66:53:b0:a1:7e:e9:2c:40:50:08:
a3:12:10:cb:95:9c:d2:dc:2a:a5:8f:5f:fb:15:40:58:f1:2d:
3e:c4:cc:91:25:3e:ef:42:e7:8a:7f:28:39:8a:b5:ce:53:10:
ce:b0:4a:c5:2e:51:43:32:68:d0:62:be:8e:c4:82:c2:c3:0f:
24:ff:40:a4:1b:7d:e0:fc:2a:08:97:cb:6e:55:37:45:9e:5b:
30:70:ad:94:c8:fc:55:96:90:b4:a6:47:c1:d0:7e:2c:41:54:
c4:21:50:68:ec:d8:f1:81:b6:97:c4:52:29:68:51:0d:47:87:
62:a8:0e:0e:bf:ba:15:7c:c6:e3:df:bd:5c:a8:9e:5f:c0:20:
11:77:76:e7:81:c9:14:63:7c:d9:1c:4a:40:21:7f:fb:5e:3a:
0d:a5:ce:bc:96:7e:ae:62:c3:21:62:98:b5:86:ab:e9:a9:75:
1b:92:6b:7d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQiIExXezx0urIdCJXkHlAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmFmMTdkMDIwMzkwNGMwZWMxNjI5OTUyZDA1NzMzMTY4NDY3NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBaDFQYE27e2qmfuRfAay5eHODq4
rTiw6gAMMpVTuHmuB6X3wOzipZdcjvn1AP91CStnhoODdHu9JUglCIUMr44i1fFb
KyIivAGckkxTZY/tNfLmabi0NOj6gBEp0owW0YGnBxxpyRrm65OvJVU6gByMYHkL
mkNHSKFLT3I0u+t47jgz2gIO7RfUjY1/vA5Z2DzCuG9NgaSUZXkQHXWsDgYu6/H+
hJGdXzK2tTBWHEaDPFOUdzijmhM8ew369eWalWFESV4HgdjXzBZBRRtplrf0vbN/
9nhU2BifO9D2D5MSvvNYqBjPGoAgNFbSWJ7RQ1wYW2aIIAzikxTgNTm2LQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHuvF9AgOQTA7BYplS0FczFoRnX0MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZTY4WDBDQTVCTURzRmltVkxRVnpNV2hHZGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLVrsAwQC
uWp8AwQCuYA0AwQCueOsAwQCuegIAwQAwRG0AwQAwRG2AwQCwjCMMA0GCSqGSIb3
DQEBCwUAA4IBAQA6HJG9kkzDjaqVYzkIloSMsAJUUyLQkhFQUAkQwQKxf23jxYz8
Vxs/lDpK1FxFjrHD3dl3BL3Oo3ZhNCGCFbxMQ0Pm21C6Xrs55YtpiOFuAmZTsKF+
6SxAUAijEhDLlZzS3Cqlj1/7FUBY8S0+xMyRJT7vQueKfyg5irXOUxDOsErFLlFD
MmjQYr6OxILCww8k/0CkG33g/CoIl8tuVTdFnlswcK2UyPxVlpC0pkfB0H4sQVTE
IVBo7NjxgbaXxFIpaFENR4diqA4Ov7oVfMbj371cqJ5fwCARd3bngckUY3zZHEpA
IX/7XjoNpc68ln6uYsMhYpi1hqvpqXUbkmt9
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:15:15 2025 by rpki-client