Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/nEpaDOg34ycPzUg5wraCtK9cHEs.roa
File: nEpaDOg34ycPzUg5wraCtK9cHEs.roa (raw, json)
Hash identifier: EJ6EyIsS9W4aO0CA3dXaGMZKXhc5O0Oy3QtXYaX9drA=
Subject key identifier: 9C:4A:5A:0C:E8:37:E3:27:0F:CD:48:39:C2:B6:82:B4:AF:5C:1C:4B
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018DF9E62EF2645844B2E8204DFFED9E4D1A
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/nEpaDOg34ycPzUg5wraCtK9cHEs.roa
Signing time: Fri 01 Mar 2024 12:03:48 +0000
ROA not before: Fri 01 Mar 2024 12:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 11:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:e6:2e:f2:64:58:44:b2:e8:20:4d:ff:ed:9e:4d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Mar 1 12:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c4a5a0ce837e3270fcd4839c2b682b4af5c1c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:04:1f:fd:bf:0c:50:97:22:6f:d2:2e:96:9a:
0f:20:06:fd:0b:11:5b:77:cc:c0:b4:19:f9:a1:1e:
2d:fe:3e:2d:9e:ac:2a:34:2e:30:7e:6f:c6:63:8b:
b7:36:fc:3d:21:12:b1:cf:66:2d:7b:0a:a2:b1:26:
66:97:33:19:43:dc:42:ca:46:98:0f:b5:07:d9:78:
63:c8:ab:f2:2f:f6:4d:4c:a6:3a:a4:25:a7:aa:5a:
69:e5:1a:cb:ab:22:84:6e:73:8e:55:d8:83:de:97:
96:31:31:61:ea:7f:f1:c8:ed:07:55:30:c5:45:1c:
c0:b4:43:60:bb:1e:3d:c0:26:95:98:15:37:af:d8:
54:45:7e:4b:fe:db:a9:53:e7:a2:4a:c6:d0:df:dd:
68:e6:b9:7d:c3:86:ba:cf:45:3f:2d:57:70:43:51:
89:76:06:3d:cd:28:66:b2:60:f2:7d:46:c2:7d:ce:
7f:0b:56:41:6a:10:ae:2a:f5:20:7e:19:d7:25:ea:
b9:e9:0e:19:9e:36:66:bb:fa:ca:75:71:5d:a2:ce:
af:5c:1a:88:a0:30:a2:1f:00:87:e8:78:2e:52:2e:
5e:dd:5a:ed:e2:08:6a:7c:cd:6e:e1:a7:c6:ab:b1:
f2:7b:27:92:ba:93:86:9c:30:6a:ba:d9:9e:04:63:
22:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4A:5A:0C:E8:37:E3:27:0F:CD:48:39:C2:B6:82:B4:AF:5C:1C:4B
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/nEpaDOg34ycPzUg5wraCtK9cHEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.235.0/24
91.92.47.0/24
93.152.206.0/24
93.152.209.0-93.152.211.255
93.152.213.0-93.152.216.255
93.152.220.0/23
93.152.223.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:80:09:c5:c5:85:3a:ec:1c:06:d6:ad:d5:3d:08:38:5b:ee:
75:60:6f:a8:f0:df:dc:1d:f1:88:44:af:f1:ed:dd:fa:c9:b2:
40:9f:4d:45:24:13:a2:57:56:28:0e:b8:c0:a5:b4:01:c0:75:
cd:25:cf:bc:9e:bb:c0:20:d5:8e:24:9d:96:a8:fe:df:bd:08:
f2:73:81:8c:03:4b:c7:fc:a2:2b:66:bc:4b:a9:60:f4:04:80:
03:39:e9:64:57:33:87:00:9d:52:df:b6:3e:fa:3f:78:0b:09:
8a:2c:e7:d7:93:9e:ed:02:d4:50:f3:a0:68:49:40:32:fe:f7:
62:c8:0f:21:ae:c5:3f:c3:db:67:1a:ba:d7:89:c1:ec:07:ce:
a2:50:17:f2:36:d2:cd:64:dc:9d:96:b8:7b:7e:d8:da:5a:bd:
7a:7c:7b:e7:cd:a8:32:e8:f4:f5:d2:2d:67:75:3c:5d:66:ed:
22:3d:8b:12:bb:e4:a4:99:66:a7:44:58:b0:01:47:da:12:82:
2d:fa:67:8c:b0:65:7a:00:8d:97:63:72:59:3d:f3:8f:ec:91:
f4:04:c0:e4:47:9b:62:21:4d:0a:8a:38:00:c9:07:41:bf:fb:
7f:a6:79:30:ab:93:6f:be:b5:35:a8:cb:b8:a0:34:fa:0f:75:
2c:46:05:e9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY355i7yZFhEsuggTf/tnk0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMzAxMTIwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRhNWEwY2U4MzdlMzI3MGZjZDQ4MzljMmI2ODJiNGFmNWMxYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgQf/b8MUJcib9IulpoPIAb9CxFb
d8zAtBn5oR4t/j4tnqwqNC4wfm/GY4u3Nvw9IRKxz2YtewqisSZmlzMZQ9xCykaY
D7UH2XhjyKvyL/ZNTKY6pCWnqlpp5RrLqyKEbnOOVdiD3peWMTFh6n/xyO0HVTDF
RRzAtENgux49wCaVmBU3r9hURX5L/tupU+eiSsbQ391o5rl9w4a6z0U/LVdwQ1GJ
dgY9zShmsmDyfUbCfc5/C1ZBahCuKvUgfhnXJeq56Q4ZnjZmu/rKdXFdos6vXBqI
oDCiHwCH6HguUi5e3Vrt4ghqfM1u4afGq7HyeyeSupOGnDBqutmeBGMiFQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJxKWgzoN+MnD81IOcK2grSvXBxLMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvbkVwYURPZzM0eWNQelVnNXdyYUN0SzljSEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQALY3oAwQA
LY3rAwQAW1wvAwQAXZjOMAwDBABdmNEDBAJdmNAwDAMEAF2Y1QMEAF2Y2AMEAV2Y
3AMEAF2Y3zANBgkqhkiG9w0BAQsFAAOCAQEAb4AJxcWFOuwcBtat1T0IOFvudWBv
qPDf3B3xiESv8e3d+smyQJ9NRSQToldWKA64wKW0AcB1zSXPvJ67wCDVjiSdlqj+
370I8nOBjANLx/yiK2a8S6lg9ASAAznpZFczhwCdUt+2Pvo/eAsJiizn15Oe7QLU
UPOgaElAMv73YsgPIa7FP8PbZxq614nB7AfOolAX8jbSzWTcnZa4e37Y2lq9enx7
582oMuj09dItZ3U8XWbtIj2LErvkpJlmp0RYsAFH2hKCLfpnjLBlegCNl2NyWT3z
j+yR9ATA5EebYiFNCoo4AMkHQb/7f6Z5MKuTb761NajLuKA0+g91LEYF6Q==
-----END CERTIFICATE-----
Generated at Mon Apr 15 13:25:29 2024 by rpki-client on console-fra.rpki-client.org