Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/0lU_WG-fJnXo9cVzOfLcaBoaNW8.roa
File: 0lU_WG-fJnXo9cVzOfLcaBoaNW8.roa (raw, json)
Hash identifier: ErpTKNIUBpISjhoLXmAFpNvkk0q5gqkvHW4rFOwNc9I=
Subject key identifier: D2:55:3F:58:6F:9F:26:75:E8:F5:C5:73:39:F2:DC:68:1A:1A:35:6F
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0191C7F539C5A5B7A03D6CCF84EDD6F7444E
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/0lU_WG-fJnXo9cVzOfLcaBoaNW8.roa
Signing time: Fri 06 Sep 2024 15:30:22 +0000
ROA not before: Fri 06 Sep 2024 15:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21769
IP address blocks: 45.127.248.0/22 maxlen: 22
77.111.96.0/20 maxlen: 20
85.208.8.0/22 maxlen: 22
94.229.208.0/20 maxlen: 20
103.41.44.0/22 maxlen: 22
103.63.28.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
185.195.212.0/22 maxlen: 22
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
185.199.116.0/22 maxlen: 22
194.36.32.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
2a09:1e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 06 Sep 2024 16:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:f5:39:c5:a5:b7:a0:3d:6c:cf:84:ed:d6:f7:44:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Sep 6 15:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2553f586f9f2675e8f5c57339f2dc681a1a356f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:02:3d:d6:f6:0d:ae:89:0b:fd:22:83:6d:d4:
69:a1:29:ce:aa:d8:23:3f:f6:9a:c3:4a:66:13:96:
d6:3e:67:5b:36:78:d7:53:5a:0e:9f:c2:5c:c7:19:
bf:22:1d:a0:43:f9:59:5d:a6:e1:17:cf:38:48:af:
9d:59:44:83:95:b0:4e:b7:9a:bf:6d:ae:88:ca:a2:
41:16:61:31:1e:5d:0a:b3:2c:12:45:84:8a:0a:83:
bc:76:68:b0:00:fb:e5:e0:51:88:82:98:81:c1:7a:
d3:d3:a9:e0:8b:45:14:c8:21:a4:3b:01:20:8e:42:
a7:5d:cd:3f:4a:91:53:2b:a8:7c:a0:c8:6d:79:72:
0c:bd:6d:12:73:73:55:e2:ee:60:80:d5:be:a7:fb:
19:71:c5:3b:aa:d8:7e:cd:fc:79:7d:6f:a1:b0:cd:
e7:79:24:bc:a1:2b:e1:26:5a:18:6c:4e:f0:4b:98:
75:ab:76:4f:bd:49:cc:35:11:13:b9:cf:ec:34:9d:
8a:6a:45:26:30:67:d7:d9:ab:b0:3e:23:ee:d6:15:
4a:e2:d9:4b:a9:b3:70:f2:b4:68:2e:49:84:b1:5d:
0c:11:96:5f:51:f8:24:b9:12:56:6b:66:67:3a:c9:
5c:ee:29:da:a6:9a:55:e8:fe:a4:d4:96:ff:a9:18:
64:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:55:3F:58:6F:9F:26:75:E8:F5:C5:73:39:F2:DC:68:1A:1A:35:6F
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/0lU_WG-fJnXo9cVzOfLcaBoaNW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.127.248.0/22
77.111.96.0/20
85.208.8.0/22
94.229.208.0/20
103.41.44.0/22
103.63.28.0/22
103.71.61.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.36.32.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
7c:56:ad:ad:7c:22:2e:1f:1d:27:fb:03:e2:6d:3f:3c:02:00:
0d:8a:b5:25:4a:9a:bd:e6:5d:77:0e:5f:24:e8:61:b4:bf:52:
00:61:6d:51:ca:68:14:5f:4f:01:f6:0e:26:ed:0d:c9:20:1d:
cb:f4:67:30:74:a1:f8:8c:e8:e9:cc:88:69:cd:88:5e:2d:01:
6d:29:0e:34:07:81:00:c4:e2:4a:2a:34:ad:22:31:fb:43:d7:
a1:c0:73:07:5a:93:80:0d:d0:5a:ac:02:93:45:b6:5e:c3:30:
fe:85:c0:81:3e:fd:6c:ce:7c:6d:20:b0:0a:dd:cf:d3:17:02:
5b:16:61:d6:a9:e7:a4:6d:29:73:c7:cc:f8:1a:1f:aa:a6:15:
27:62:3d:64:3c:e2:8c:3a:79:a2:47:21:08:28:a7:9b:1c:1d:
ff:61:15:52:c6:a6:d1:ae:04:ab:a1:d0:73:58:85:4a:e0:75:
09:39:7f:6f:e6:64:1e:8d:fe:dc:33:49:c3:1b:63:65:f8:da:
76:1d:6d:ff:6d:72:93:40:b8:19:b0:a8:a7:a8:43:b9:ef:03:
ad:07:40:7a:41:d7:96:9d:b4:ca:ea:17:3d:1f:f4:7d:e7:46:
b7:ea:9b:a7:65:38:7f:65:21:1b:a8:6b:b9:93:5d:6b:36:5e:
c0:06:6b:ee
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZHH9TnFpbegPWzPhO3W90ROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwOTA2MTUzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU1M2Y1ODZmOWYyNjc1ZThmNWM1NzMzOWYyZGM2ODFhMWEzNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wI91vYNrokL/SKDbdRpoSnOqtgj
P/aaw0pmE5bWPmdbNnjXU1oOn8Jcxxm/Ih2gQ/lZXabhF884SK+dWUSDlbBOt5q/
ba6IyqJBFmExHl0KsywSRYSKCoO8dmiwAPvl4FGIgpiBwXrT06ngi0UUyCGkOwEg
jkKnXc0/SpFTK6h8oMhteXIMvW0Sc3NV4u5ggNW+p/sZccU7qth+zfx5fW+hsM3n
eSS8oSvhJloYbE7wS5h1q3ZPvUnMNRETuc/sNJ2KakUmMGfX2auwPiPu1hVK4tlL
qbNw8rRoLkmEsV0MEZZfUfgkuRJWa2ZnOslc7inapppV6P6k1Jb/qRhkfQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFNJVP1hvnyZ16PXFczny3GgaGjVvMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvMGxVX1dHLWZKblhvOWNWek9mTGNhQm9hTlc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQCLX/4AwQE
TW9gAwQCVdAIAwQEXuXQAwQCZyksAwQCZz8cAwQAZ0c9AwQCucPUAwQCucPcAwQC
ucS8AwQCucd0AwQCwiQgAwQCwl0EMA0EAgACMAcDBQMqCR6AMA0GCSqGSIb3DQEB
CwUAA4IBAQB8Vq2tfCIuHx0n+wPibT88AgANirUlSpq95l13Dl8k6GG0v1IAYW1R
ymgUX08B9g4m7Q3JIB3L9GcwdKH4jOjpzIhpzYheLQFtKQ40B4EAxOJKKjStIjH7
Q9ehwHMHWpOADdBarAKTRbZewzD+hcCBPv1sznxtILAK3c/TFwJbFmHWqeekbSlz
x8z4Gh+qphUnYj1kPOKMOnmiRyEIKKebHB3/YRVSxqbRrgSrodBzWIVK4HUJOX9v
5mQejf7cM0nDG2Nl+Np2HW3/bXKTQLgZsKinqEO57wOtB0B6QdeWnbTK6hc9H/R9
50a36punZTh/ZSEbqGu5k11rNl7ABmvu
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:43 2025 by rpki-client