Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/67DfK7IOIqSH7gUvUON4wEJSwe4.roa
File: 67DfK7IOIqSH7gUvUON4wEJSwe4.roa (raw, json)
Hash identifier: VojC6E6hyMJPf2QdMsVhgGLFdZZnDqnBqGGw9bE5KpQ=
Subject key identifier: EB:B0:DF:2B:B2:0E:22:A4:87:EE:05:2F:50:E3:78:C0:42:52:C1:EE
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0194FE2CE59E3A816AAF9A42F6551B94B0BF
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/67DfK7IOIqSH7gUvUON4wEJSwe4.roa
Signing time: Thu 13 Feb 2025 07:19:02 +0000
ROA not before: Thu 13 Feb 2025 07:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.209.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.3.0/24 maxlen: 24
213.220.19.0/24 maxlen: 24
213.220.58.0/24 maxlen: 24
213.220.59.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Feb 2025 21:10:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fe:2c:e5:9e:3a:81:6a:af:9a:42:f6:55:1b:94:b0:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Feb 13 07:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebb0df2bb20e22a487ee052f50e378c04252c1ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2f:bc:01:d2:48:b2:45:64:7f:b2:47:97:4b:
0a:30:dc:57:ab:1a:92:24:f6:55:5c:4c:a3:21:04:
e1:69:31:2f:4c:fe:53:08:16:cb:01:32:b0:d9:a1:
63:f8:32:a7:37:10:b4:45:bd:50:bf:53:e1:be:02:
05:4c:4a:b4:f1:f2:c2:df:bc:c7:80:83:c9:6c:b7:
45:f8:be:58:99:92:63:12:45:ab:54:23:4a:5d:b0:
09:4e:99:71:de:60:31:4c:c2:02:c5:2a:24:1b:48:
41:be:7d:42:6c:88:82:a2:d4:97:7f:98:ba:dd:f1:
d5:9a:7c:5a:b0:9d:5b:71:fb:8f:0b:ec:4b:0b:72:
b2:2f:70:cb:31:40:16:f2:d3:50:f3:f2:55:5d:81:
ad:53:47:fb:43:6e:6b:61:2d:dd:6a:c9:8d:14:01:
4d:72:6b:c9:e3:cc:e2:31:a7:5e:8a:30:80:11:6e:
f1:60:11:87:30:65:e2:9b:be:6d:07:b0:46:7c:ba:
2b:57:64:b5:9c:17:4b:be:22:b4:41:e3:7a:cc:73:
03:c6:4b:1c:cd:27:b0:60:60:4f:ad:2e:c7:21:22:
59:de:6b:5f:be:4e:fb:38:ed:59:01:5b:9c:6c:d4:
3a:6e:2e:ff:7e:8c:7c:1b:0d:1d:58:13:f4:ce:fe:
fb:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B0:DF:2B:B2:0E:22:A4:87:EE:05:2F:50:E3:78:C0:42:52:C1:EE
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/67DfK7IOIqSH7gUvUON4wEJSwe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0/24
45.155.242.0/24
194.143.205.0-194.143.207.255
194.143.209.0/24
194.143.217.0/24
194.143.221.0/24
195.114.192.0/24
195.114.197.0-195.114.198.255
213.220.3.0/24
213.220.19.0/24
213.220.58.0-213.220.60.255
Signature Algorithm: sha256WithRSAEncryption
ab:a9:b9:e5:26:a5:1d:e0:45:8e:b0:a2:32:ea:91:2e:be:52:
b7:23:d9:2a:2b:a8:8b:68:58:1f:85:7a:25:ba:d4:0f:d5:ee:
3d:4b:85:7b:34:64:63:f3:24:71:51:cf:d1:75:ec:05:76:d4:
42:ae:06:be:de:22:9d:3e:3c:5e:a7:31:7b:05:bc:43:ff:bf:
fb:50:0e:c7:0e:8b:15:c8:b6:3f:62:92:44:b9:a7:13:3e:1b:
76:c1:2b:e3:17:8f:0b:95:99:ea:31:7a:8d:64:e1:0c:92:9e:
f3:b5:a8:1f:6c:d2:cd:de:76:c2:66:02:8f:1e:22:7c:e6:7e:
48:23:43:6f:24:4a:da:e1:94:92:0d:04:7d:e8:f9:6c:4a:88:
e5:a1:41:49:ed:ee:25:14:e9:08:c7:66:48:71:33:92:42:c2:
af:05:53:2a:a0:12:f3:9a:96:5f:4d:8e:7d:95:5f:67:fd:c3:
51:3d:58:b8:b0:10:85:1c:27:a1:1a:f7:03:8f:d7:c3:2d:74:
b7:d6:10:9a:8b:c9:da:0c:6d:77:33:44:a1:09:79:0a:8e:50:
be:65:2e:b7:44:92:85:be:95:e5:2f:59:83:e2:41:77:67:d2:
49:1e:1d:a1:c1:2d:d5:16:47:19:0c:92:b9:d4:bf:74:cd:a1:
d7:97:d0:37
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZT+LOWeOoFqr5pC9lUblLC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMjEzMDcxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmIwZGYyYmIyMGUyMmE0ODdlZTA1MmY1MGUzNzhjMDQyNTJjMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti+8AdJIskVkf7JHl0sKMNxXqxqS
JPZVXEyjIQThaTEvTP5TCBbLATKw2aFj+DKnNxC0Rb1Qv1PhvgIFTEq08fLC37zH
gIPJbLdF+L5YmZJjEkWrVCNKXbAJTplx3mAxTMICxSokG0hBvn1CbIiCotSXf5i6
3fHVmnxasJ1bcfuPC+xLC3KyL3DLMUAW8tNQ8/JVXYGtU0f7Q25rYS3dasmNFAFN
cmvJ48ziMadeijCAEW7xYBGHMGXim75tB7BGfLorV2S1nBdLviK0QeN6zHMDxksc
zSewYGBPrS7HISJZ3mtfvk77OO1ZAVucbNQ6bi7/fox8Gw0dWBP0zv779QIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFOuw3yuyDiKkh+4FL1DjeMBCUsHuMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvNjdEZks3SU9JcVNIN2dVdlVPTjR3RUpTd2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALZvwAwQA
LZvyMAwDBADCj80DBATCj8ADBADCj9EDBADCj9kDBADCj90DBADDcsAwDAMEAMNy
xQMEAMNyxgMEANXcAwMEANXcEzAMAwQB1dw6AwQA1dw8MA0GCSqGSIb3DQEBCwUA
A4IBAQCrqbnlJqUd4EWOsKIy6pEuvlK3I9kqK6iLaFgfhXolutQP1e49S4V7NGRj
8yRxUc/RdewFdtRCrga+3iKdPjxepzF7BbxD/7/7UA7HDosVyLY/YpJEuacTPht2
wSvjF48LlZnqMXqNZOEMkp7ztagfbNLN3nbCZgKPHiJ85n5II0NvJEra4ZSSDQR9
6PlsSojloUFJ7e4lFOkIx2ZIcTOSQsKvBVMqoBLzmpZfTY59lV9n/cNRPVi4sBCF
HCehGvcDj9fDLXS31hCai8naDG13M0ShCXkKjlC+ZS63RJKFvpXlL1mD4kF3Z9JJ
Hh2hwS3VFkcZDJK51L90zaHXl9A3
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:06:31 2025 by rpki-client