Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/EphdXLO60xOlQmQwWyigX3uH1ww.roa
File: EphdXLO60xOlQmQwWyigX3uH1ww.roa (raw, json)
Hash identifier: vHzOdGSU/B6ICc04z8oJTvdTVlrTG7LbdDJfKlHedOs=
Subject key identifier: 12:98:5D:5C:B3:BA:D3:13:A5:42:64:30:5B:28:A0:5F:7B:87:D7:0C
Certificate issuer: /CN=7238fbfea5768479c86300906e74eb254dcb5c69
Certificate serial: 018CC348FCBFD2BEC912DBEE944AA2B38E93
Authority key identifier: 72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/EphdXLO60xOlQmQwWyigX3uH1ww.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210333
IP address blocks: 185.202.98.0/23 maxlen: 24
185.202.96.0/23 maxlen: 24
213.109.144.0/24 maxlen: 24
2a11:6a40:fff::/48 maxlen: 48
2a11:6a40::/40 maxlen: 48
2a11:6a40:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Jun 2024 08:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fc:bf:d2:be:c9:12:db:ee:94:4a:a2:b3:8e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7238fbfea5768479c86300906e74eb254dcb5c69
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12985d5cb3bad313a54264305b28a05f7b87d70c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ea:89:97:03:92:8e:96:16:b9:31:f3:8e:98:
57:0f:01:ef:02:3a:5e:63:05:60:00:23:f1:09:10:
68:df:14:6d:01:f4:cf:77:eb:02:2d:11:a9:25:74:
a0:18:d4:47:67:87:21:69:6c:38:7a:48:cb:a6:b9:
ec:29:b8:65:5c:8e:67:dd:fb:77:14:95:32:bc:2d:
bd:16:02:1a:b6:75:f1:a2:f6:0c:e6:10:1b:2f:90:
e8:dd:6e:31:9a:1a:fe:a3:ec:17:20:22:77:90:0a:
a9:f9:62:ae:d1:52:93:4b:8a:e4:2e:c4:10:59:92:
a7:63:6a:af:98:c6:5a:6e:e0:c2:6c:0a:e0:b4:c2:
e7:dc:cb:3f:61:f8:d1:40:12:84:97:08:a8:80:13:
65:8f:a6:fe:0e:63:5f:9d:b5:7c:9b:b1:7d:c2:55:
25:5e:13:77:2c:e7:43:dd:aa:84:55:70:0b:7f:cf:
c3:5d:0d:07:3a:18:56:79:e9:be:e5:36:df:ac:b4:
7b:38:57:fd:b6:5f:fa:b8:4d:ea:e4:89:ef:52:a7:
0a:52:16:0e:08:14:b9:03:b5:02:13:15:90:4c:3d:
95:a2:3c:64:84:b0:29:d9:f2:6b:b8:26:a8:ed:90:
b5:05:c1:c1:2c:4f:70:42:3a:36:b1:13:25:3a:dd:
c3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:98:5D:5C:B3:BA:D3:13:A5:42:64:30:5B:28:A0:5F:7B:87:D7:0C
X509v3 Authority Key Identifier:
keyid:72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/EphdXLO60xOlQmQwWyigX3uH1ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/cjj7_qV2hHnIYwCQbnTrJU3LXGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.96.0/22
213.109.144.0/24
IPv6:
2a11:6a40::/39
2a11:6a40:fff::/48
Signature Algorithm: sha256WithRSAEncryption
98:ff:5a:19:55:07:0e:d0:d4:06:c4:a3:58:a0:8a:5b:85:9b:
04:5b:78:11:b9:c6:42:63:ea:98:c5:47:48:16:d3:02:40:67:
6c:57:1e:ab:c7:dd:9e:54:8d:58:eb:88:81:4b:11:12:f8:ed:
19:d8:30:c5:e5:17:7f:a0:a9:f8:31:ad:ce:2c:af:45:a5:a7:
90:3e:fc:a2:ac:ac:02:4a:30:ce:99:19:8b:3d:32:2c:8d:2c:
86:65:de:57:0b:d5:f5:3c:7a:9f:1d:a9:02:ab:ae:49:1b:d3:
10:40:18:97:3e:f5:a1:56:88:33:56:07:3f:57:30:64:c6:8e:
87:19:3d:cb:9e:fe:e5:76:e5:6a:fc:28:b9:39:10:03:40:e2:
ea:67:7b:5a:f7:27:fe:3e:b9:ce:8e:cd:eb:39:2a:7d:c5:0b:
fc:35:c6:9a:28:9d:3d:67:51:8f:d8:d5:d4:b7:b2:29:23:07:
0c:2b:6d:c3:3e:c2:e8:77:aa:0f:55:1c:87:bb:dc:a3:52:46:
60:ff:25:46:84:6f:a9:f9:f6:45:78:26:d5:c1:a3:72:bd:9f:
26:06:70:df:e1:32:4b:ea:12:24:43:aa:aa:95:c7:a6:97:9a:
02:6c:11:d9:83:f8:ea:b9:5d:fc:55:a4:e1:16:89:cf:9c:45:
b8:d3:6a:58
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzDSPy/0r7JEtvulEqis46TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMzhmYmZlYTU3Njg0NzljODYzMDA5MDZlNzRlYjI1NGRj
YjVjNjkwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjk4NWQ1Y2IzYmFkMzEzYTU0MjY0MzA1YjI4YTA1ZjdiODdkNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeqJlwOSjpYWuTHzjphXDwHvAjpe
YwVgACPxCRBo3xRtAfTPd+sCLRGpJXSgGNRHZ4chaWw4ekjLprnsKbhlXI5n3ft3
FJUyvC29FgIatnXxovYM5hAbL5Do3W4xmhr+o+wXICJ3kAqp+WKu0VKTS4rkLsQQ
WZKnY2qvmMZabuDCbArgtMLn3Ms/YfjRQBKElwiogBNlj6b+DmNfnbV8m7F9wlUl
XhN3LOdD3aqEVXALf8/DXQ0HOhhWeem+5TbfrLR7OFf9tl/6uE3q5InvUqcKUhYO
CBS5A7UCExWQTD2VojxkhLAp2fJruCao7ZC1BcHBLE9wQjo2sRMlOt3DSwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFBKYXVyzutMTpUJkMFsooF97h9cMMB8GA1UdIwQY
MBaAFHI4+/6ldoR5yGMAkG506yVNy1xpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEt
YmUxMGU4YjRhMDBlLzEvRXBoZFhMTzYweE9sUW1Rd1d5aWdYM3VIMXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEtYmUxMGU4YjRhMDBl
LzEvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQCucpgAwQA
1W2QMBcEAgACMBEDBgEqEWpAAAMHACoRakAP/zANBgkqhkiG9w0BAQsFAAOCAQEA
mP9aGVUHDtDUBsSjWKCKW4WbBFt4EbnGQmPqmMVHSBbTAkBnbFceq8fdnlSNWOuI
gUsREvjtGdgwxeUXf6Cp+DGtziyvRaWnkD78oqysAkowzpkZiz0yLI0shmXeVwvV
9Tx6nx2pAquuSRvTEEAYlz71oVaIM1YHP1cwZMaOhxk9y57+5XblavwouTkQA0Di
6md7Wvcn/j65zo7N6zkqfcUL/DXGmiidPWdRj9jV1LeyKSMHDCttwz7C6HeqD1Uc
h7vco1JGYP8lRoRvqfn2RXgm1cGjcr2fJgZw3+EyS+oSJEOqqpXHppeaAmwR2YP4
6rld/FWk4RaJz5xFuNNqWA==
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:18:21 2025 by rpki-client