Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/EtO73E83-Ma5blcp4HahL17_VMw.roa
File: EtO73E83-Ma5blcp4HahL17_VMw.roa (raw, json)
Hash identifier: hxpSjdZNHVCHTrfG5OyxSgT6nUcIpyJJETmt0VT5oYA=
Subject key identifier: 12:D3:BB:DC:4F:37:F8:C6:B9:6E:57:29:E0:76:A1:2F:5E:FF:54:CC
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 01912C5B45B6A6E414CBD571E13498968C79
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/EtO73E83-Ma5blcp4HahL17_VMw.roa
Signing time: Wed 07 Aug 2024 10:21:04 +0000
ROA not before: Wed 07 Aug 2024 10:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42130
IP address blocks: 93.88.20.0/22 maxlen: 22
93.88.20.0/23 maxlen: 23
93.88.22.0/23 maxlen: 23
185.207.174.0/24 maxlen: 24
195.245.72.0/24 maxlen: 24
195.245.88.0/24 maxlen: 24
2a13:b2c0::/32 maxlen: 32
2a13:b2c1:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:5b:45:b6:a6:e4:14:cb:d5:71:e1:34:98:96:8c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Aug 7 10:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12d3bbdc4f37f8c6b96e5729e076a12f5eff54cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:56:d2:21:45:1f:34:ca:69:66:2c:17:02:6c:
6e:a9:92:b1:af:11:47:4d:ce:34:bf:bd:7a:c2:85:
bb:b4:76:35:41:d1:d9:29:f3:4d:33:40:bb:e0:93:
77:4d:6f:9a:47:f6:0b:57:d9:e7:a0:7d:fa:26:c5:
c7:82:05:b7:1e:c2:6a:8c:37:0d:09:90:2e:e4:c4:
71:c7:f0:32:9a:de:89:e7:ef:c1:2b:6c:7c:dd:ba:
26:af:ce:5d:49:5e:ff:ea:62:cb:a3:6c:da:ba:a0:
ae:ee:be:39:ba:f2:03:5b:09:ee:76:cf:ec:07:e7:
c9:9b:d7:c8:51:7f:c6:37:ff:13:90:e8:24:e8:1a:
4e:d5:4b:69:9b:f9:ef:3f:57:48:74:5a:d3:6f:b4:
e2:5e:e2:db:03:62:60:fa:74:75:98:fb:ed:8e:26:
7f:bb:cf:80:b1:1e:d0:ce:15:fc:c8:d4:95:25:d7:
13:cc:ab:2e:b9:2f:d1:89:d9:1a:bf:20:d4:ec:38:
94:c0:70:e7:f1:3b:4a:d2:a8:2e:08:0f:07:9c:8e:
3f:57:d7:8a:f9:11:23:a4:82:0a:67:b7:fb:07:09:
70:8b:95:25:ec:30:96:b3:9b:a5:3b:8c:78:28:c9:
ee:c9:8e:93:83:8e:1b:15:4b:b1:b3:a3:13:b8:34:
82:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D3:BB:DC:4F:37:F8:C6:B9:6E:57:29:E0:76:A1:2F:5E:FF:54:CC
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/EtO73E83-Ma5blcp4HahL17_VMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.20.0/22
185.207.174.0/24
195.245.72.0/24
195.245.88.0/24
IPv6:
2a13:b2c0::/32
2a13:b2c1:1::/48
Signature Algorithm: sha256WithRSAEncryption
82:8a:38:c6:2f:ce:0a:66:21:2b:05:7f:73:e3:94:cb:72:a7:
36:4d:96:d5:43:0c:20:f4:d8:14:ba:cb:5b:01:1e:94:80:8d:
bc:e8:3c:01:9a:f0:f4:23:7b:82:86:73:54:b8:c2:97:e0:a0:
93:aa:9b:51:27:48:d2:dc:79:8f:c0:74:ee:77:00:ce:7a:f0:
50:8d:fd:c4:50:8b:eb:36:3b:3f:23:82:3e:28:8f:dc:c0:14:
df:eb:a2:c5:97:c8:a4:5b:96:74:94:f8:06:7d:2d:41:09:ec:
52:1a:86:14:08:4f:fb:8b:39:8c:a8:98:43:e2:78:12:a2:ca:
64:0d:2a:98:f7:a6:a4:ab:fe:36:53:eb:1f:e1:2d:0b:08:6a:
e1:b7:b9:03:34:38:e4:0f:67:46:9b:4a:6c:48:01:15:a1:63:
6a:cb:c8:21:2e:cb:2c:92:65:8d:b6:a3:73:b6:b6:9b:52:aa:
d4:16:c0:e5:7e:5a:37:6d:dc:22:e1:7f:6e:82:10:d3:7c:55:
55:ea:ec:76:a8:fa:e4:8b:5a:12:86:d3:70:b6:ee:02:56:4e:
3e:4d:6f:00:96:dc:be:20:d9:16:fd:f2:0e:53:74:2e:b8:9d:
a0:ef:54:66:43:23:54:1f:d3:ac:06:be:f6:8f:2e:0e:3b:3d:
17:11:5c:a3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZEsW0W2puQUy9Vx4TSYlox5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjQwODA3MTAyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmQzYmJkYzRmMzdmOGM2Yjk2ZTU3MjllMDc2YTEyZjVlZmY1NGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1bSIUUfNMppZiwXAmxuqZKxrxFH
Tc40v716woW7tHY1QdHZKfNNM0C74JN3TW+aR/YLV9nnoH36JsXHggW3HsJqjDcN
CZAu5MRxx/Aymt6J5+/BK2x83bomr85dSV7/6mLLo2zauqCu7r45uvIDWwnuds/s
B+fJm9fIUX/GN/8TkOgk6BpO1Utpm/nvP1dIdFrTb7TiXuLbA2Jg+nR1mPvtjiZ/
u8+AsR7QzhX8yNSVJdcTzKsuuS/RidkavyDU7DiUwHDn8TtK0qguCA8HnI4/V9eK
+REjpIIKZ7f7Bwlwi5Ul7DCWs5ulO4x4KMnuyY6Tg44bFUuxs6MTuDSCJQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBLTu9xPN/jGuW5XKeB2oS9e/1TMMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvRXRPNzNFODMtTWE1YmxjcDRIYWhMMTdfVk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCXVgUAwQA
uc+uAwQAw/VIAwQAw/VYMBYEAgACMBADBQAqE7LAAwcAKhOywQABMA0GCSqGSIb3
DQEBCwUAA4IBAQCCijjGL84KZiErBX9z45TLcqc2TZbVQwwg9NgUustbAR6UgI28
6DwBmvD0I3uChnNUuMKX4KCTqptRJ0jS3HmPwHTudwDOevBQjf3EUIvrNjs/I4I+
KI/cwBTf66LFl8ikW5Z0lPgGfS1BCexSGoYUCE/7izmMqJhD4ngSospkDSqY96ak
q/42U+sf4S0LCGrht7kDNDjkD2dGm0psSAEVoWNqy8ghLssskmWNtqNztrabUqrU
FsDlflo3bdwi4X9ughDTfFVV6ux2qPrki1oShtNwtu4CVk4+TW8Alty+INkW/fIO
U3QuuJ2g71RmQyNUH9OsBr72jy4OOz0XEVyj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:37 2025 by rpki-client