Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/ceoni7HliUPHDRNB2Pd0U30Cnuk.roa
File: ceoni7HliUPHDRNB2Pd0U30Cnuk.roa (raw, json)
Hash identifier: 7wjUW+Vgr44vl1bOzutghulHwBOv6drSDO/v83HAe6U=
Subject key identifier: 71:EA:27:8B:B1:E5:89:43:C7:0D:13:41:D8:F7:74:53:7D:02:9E:E9
Certificate issuer: /CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Certificate serial: 018ED21E55A234010524C276CC987D95C69B
Authority key identifier: 41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/ceoni7HliUPHDRNB2Pd0U30Cnuk.roa
Signing time: Fri 12 Apr 2024 11:43:07 +0000
ROA not before: Fri 12 Apr 2024 11:43:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29014
IP address blocks: 45.139.156.0/22 maxlen: 24
85.158.0.0/22 maxlen: 24
85.158.0.0/24 maxlen: 24
85.158.4.0/23 maxlen: 23
85.158.6.0/24 maxlen: 24
85.158.7.0/24 maxlen: 24
93.92.128.0/21 maxlen: 24
93.92.128.0/23 maxlen: 23
93.92.130.0/23 maxlen: 23
93.92.132.0/24 maxlen: 24
93.92.133.0/24 maxlen: 24
93.92.134.0/23 maxlen: 23
185.8.8.0/22 maxlen: 24
185.8.8.0/24 maxlen: 24
192.42.65.0/24 maxlen: 24
193.41.116.0/23 maxlen: 24
194.126.239.0/24 maxlen: 24
195.177.232.0/23 maxlen: 24
195.177.233.0/24 maxlen: 24
2a00:12e8::/32 maxlen: 40
2a00:12e8::/40 maxlen: 40
2a00:12e8:100::/40 maxlen: 40
2a00:12e8:200::/40 maxlen: 40
2a00:12e8:300::/40 maxlen: 40
2a00:12e8:400::/40 maxlen: 40
2a00:12e8:500::/40 maxlen: 40
2a00:12e8:600::/40 maxlen: 40
2a00:12e8:800::/40 maxlen: 40
2a00:12e8:f111::/48 maxlen: 48
2a00:12e8:f123::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Apr 2024 09:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:1e:55:a2:34:01:05:24:c2:76:cc:98:7d:95:c6:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Validity
Not Before: Apr 12 11:43:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71ea278bb1e58943c70d1341d8f774537d029ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ee:49:3a:c0:a1:4d:72:4b:5e:dc:84:2e:29:
ac:0a:12:95:e7:e2:f9:8a:74:cf:e4:21:63:5c:62:
13:4f:18:06:72:f1:c5:cb:00:b2:54:c7:ec:55:a0:
1d:89:1b:25:8f:ba:93:6e:09:6c:d5:ca:db:0f:37:
16:93:15:0e:fa:e7:c5:02:f8:e7:31:d0:a7:aa:80:
73:dd:65:88:f3:95:81:51:dd:bb:16:33:d9:d0:fa:
64:40:91:11:af:e2:42:68:dd:02:ab:59:f5:4f:92:
25:ef:2e:75:b3:f6:f1:29:b8:0a:0f:99:f0:89:30:
c4:5e:fe:d8:e6:17:b5:c2:bc:cc:aa:1b:4f:eb:8a:
2c:f3:f7:bd:2c:33:33:12:a8:23:79:9d:ae:99:d0:
e5:04:01:75:19:88:65:85:5c:d6:42:8e:63:b4:7a:
16:85:01:45:8d:3c:1e:7e:a1:85:1d:9e:3b:9e:a1:
95:f1:69:bc:c2:6c:1c:f5:09:b3:e8:d7:08:eb:ec:
e0:64:8b:22:06:eb:42:d2:be:b1:bb:db:4e:bc:a5:
ad:3f:26:8a:7b:3d:14:71:75:9f:8a:c9:2a:d4:7d:
a0:5a:ec:14:a6:26:92:cf:cf:bf:b1:b4:ec:48:01:
f8:21:d3:a3:ae:3d:5c:4b:49:37:9b:4e:04:23:e6:
9b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:EA:27:8B:B1:E5:89:43:C7:0D:13:41:D8:F7:74:53:7D:02:9E:E9
X509v3 Authority Key Identifier:
keyid:41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/ceoni7HliUPHDRNB2Pd0U30Cnuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/QbjC83vY1-BOdphaTO1FWddlHEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.156.0/22
85.158.0.0/21
93.92.128.0/21
185.8.8.0/22
192.42.65.0/24
193.41.116.0/23
194.126.239.0/24
195.177.232.0/23
IPv6:
2a00:12e8::/32
Signature Algorithm: sha256WithRSAEncryption
81:a3:bc:33:1b:ff:40:33:9a:29:44:c9:cc:3b:48:d8:b1:6f:
fc:b4:30:bc:1c:b5:0f:8f:f4:da:e4:8d:f1:94:e2:52:78:2d:
3e:72:d0:7e:7a:55:9c:8c:f1:f6:c2:c6:c9:70:05:9a:50:f9:
d3:a7:cd:5f:e7:e6:bc:e6:a5:50:c8:ec:66:1f:9b:a9:96:4d:
b7:3e:6d:a6:62:ee:d1:d5:e4:1f:1c:19:5b:be:66:0f:24:4f:
f4:d0:e5:02:5c:d6:d8:57:0f:60:3b:09:ac:7e:3e:c5:d8:6b:
9f:37:f4:ea:02:75:10:da:62:6e:28:fe:17:90:18:34:12:4e:
0e:07:7e:d2:d4:fa:5e:14:dd:8c:76:e5:fc:f0:db:3b:7f:22:
b9:db:da:52:b8:02:8c:8e:8a:fb:c5:e7:fc:cc:6f:76:a8:bb:
7f:b2:99:20:52:77:07:ba:fe:a5:ad:e5:ac:b9:dd:4a:bc:38:
4a:74:7a:d2:be:72:81:b2:aa:86:ed:a6:08:a8:8e:f3:3e:41:
ab:bd:0f:65:ab:9b:95:64:c6:5d:e6:08:9c:4d:8e:19:06:a2:
46:28:4e:37:7b:ed:97:a8:57:68:5e:73:b9:6d:7a:d2:42:43:
b9:3f:36:48:be:52:56:66:b1:6c:dd:aa:e1:11:c0:3e:51:f5:
5a:2e:02:b4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY7SHlWiNAEFJMJ2zJh9lcabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYjhjMmYzN2JkOGQ3ZTA0ZTc2OTg1YTRjZWQ0NTU5ZDc2
NTFjNDMwHhcNMjQwNDEyMTE0MzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWVhMjc4YmIxZTU4OTQzYzcwZDEzNDFkOGY3NzQ1MzdkMDI5ZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+5JOsChTXJLXtyELimsChKV5+L5
inTP5CFjXGITTxgGcvHFywCyVMfsVaAdiRslj7qTbgls1crbDzcWkxUO+ufFAvjn
MdCnqoBz3WWI85WBUd27FjPZ0PpkQJERr+JCaN0Cq1n1T5Il7y51s/bxKbgKD5nw
iTDEXv7Y5he1wrzMqhtP64os8/e9LDMzEqgjeZ2umdDlBAF1GYhlhVzWQo5jtHoW
hQFFjTwefqGFHZ47nqGV8Wm8wmwc9Qmz6NcI6+zgZIsiButC0r6xu9tOvKWtPyaK
ez0UcXWfiskq1H2gWuwUpiaSz8+/sbTsSAH4IdOjrj1cS0k3m04EI+ab9wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHHqJ4ux5YlDxw0TQdj3dFN9Ap7pMB8GA1UdIwQY
MBaAFEG4wvN72NfgTnaYWkztRVnXZRxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjIt
MjgxOGY2NTc4ZDFiLzEvY2Vvbmk3SGxpVVBIRFJOQjJQZDBVMzBDbnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjItMjgxOGY2NTc4ZDFi
LzEvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCLYucAwQD
VZ4AAwQDXVyAAwQCuQgIAwQAwCpBAwQBwSl0AwQAwn7vAwQBw7HoMA0EAgACMAcD
BQAqABLoMA0GCSqGSIb3DQEBCwUAA4IBAQCBo7wzG/9AM5opRMnMO0jYsW/8tDC8
HLUPj/Ta5I3xlOJSeC0+ctB+elWcjPH2wsbJcAWaUPnTp81f5+a85qVQyOxmH5up
lk23Pm2mYu7R1eQfHBlbvmYPJE/00OUCXNbYVw9gOwmsfj7F2GufN/TqAnUQ2mJu
KP4XkBg0Ek4OB37S1PpeFN2MduX88Ns7fyK529pSuAKMjor7xef8zG92qLt/spkg
UncHuv6lreWsud1KvDhKdHrSvnKBsqqG7aYIqI7zPkGrvQ9lq5uVZMZd5gicTY4Z
BqJGKE43e+2XqFdoXnO5bXrSQkO5PzZIvlJWZrFs3arhEcA+UfVaLgK0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:44 2025 by rpki-client