Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/DtYBqWX4ex5z_qoRe2v31Gpstas.roa
File: DtYBqWX4ex5z_qoRe2v31Gpstas.roa (raw, json)
Hash identifier: wG1kWk95IdkxwgIT2YX1BKnJk5LRgDpnnxl2l6gL+j4=
Subject key identifier: 0E:D6:01:A9:65:F8:7B:1E:73:FE:AA:11:7B:6B:F7:D4:6A:6C:B5:AB
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0190CC45683E3FD3D61F432B038FA50A64B2
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/DtYBqWX4ex5z_qoRe2v31Gpstas.roa
Signing time: Fri 19 Jul 2024 18:33:39 +0000
ROA not before: Fri 19 Jul 2024 18:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21769
IP address blocks: 45.127.248.0/22 maxlen: 22
94.229.208.0/20 maxlen: 24
103.41.44.0/22 maxlen: 22
103.63.28.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
185.195.212.0/22 maxlen: 22
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
185.199.116.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
2a09:1e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 10 Aug 2024 00:26:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cc:45:68:3e:3f:d3:d6:1f:43:2b:03:8f:a5:0a:64:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jul 19 18:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ed601a965f87b1e73feaa117b6bf7d46a6cb5ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fa:a0:aa:f8:0a:c1:95:d4:a9:51:48:05:32:
db:22:2e:72:d0:4e:3f:b5:35:fc:04:76:d5:55:ff:
d0:f6:01:94:f1:41:b7:6f:86:d8:f0:9e:8a:e0:ca:
2b:4d:ae:da:45:c4:3e:a3:aa:ea:fa:a0:f3:5b:8e:
7d:d2:9b:96:e3:64:72:b4:d7:ea:be:57:1f:79:c1:
a0:90:53:1b:d5:e4:17:c2:e7:d3:a8:e3:6d:9e:7d:
46:50:60:94:d5:0a:0b:70:2b:1a:84:b1:91:53:e0:
3f:b8:ba:2f:4c:50:ec:13:3b:c9:9f:ce:1a:19:7a:
30:9d:38:c3:f6:33:f7:76:8b:8a:0d:8f:17:c8:7d:
ac:46:19:52:f9:1c:02:17:e6:5f:a9:7b:52:23:11:
aa:d1:37:ee:9b:c7:af:5a:a1:b5:34:d7:6a:2c:ec:
0e:a6:16:e9:f5:1c:04:74:a4:2f:5c:20:6d:b1:b2:
7f:f5:ba:5e:15:f4:0a:a3:98:ab:74:f3:98:b2:30:
bc:ca:8d:97:ab:14:bc:c1:fb:d1:2e:cf:53:2c:b0:
69:ae:46:66:1e:ea:64:99:d1:15:aa:02:3c:9d:2b:
44:5d:31:a5:bb:12:01:80:ef:cd:cc:a7:a1:6e:6a:
df:b6:43:2f:18:a0:24:3d:6f:2f:5c:14:d2:23:b1:
98:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D6:01:A9:65:F8:7B:1E:73:FE:AA:11:7B:6B:F7:D4:6A:6C:B5:AB
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/DtYBqWX4ex5z_qoRe2v31Gpstas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.127.248.0/22
94.229.208.0/20
103.41.44.0/22
103.63.28.0/22
103.71.61.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
3d:52:c0:6b:fa:d0:27:d1:0d:5f:40:0f:8f:0d:aa:69:a6:ee:
99:99:47:05:e0:e8:c3:41:71:3e:3d:2a:0e:a3:cc:2b:2c:0b:
75:5e:6f:3d:db:5e:f6:6e:59:6b:02:fa:69:3d:f5:74:92:fc:
da:1e:34:38:d7:d8:76:c0:94:13:14:3c:ed:27:68:bb:e8:81:
23:41:62:f2:6e:16:68:6c:a0:f9:5e:04:48:35:05:92:6d:f9:
71:21:33:42:7f:73:93:d1:28:90:f3:2a:17:58:37:1b:bf:54:
e5:65:09:fd:28:3e:c1:3b:c6:80:81:bf:98:a7:b6:f4:f0:f8:
75:19:c7:ad:67:36:b0:20:12:12:35:70:03:90:91:39:7e:95:
e9:95:71:ca:0a:7a:80:b1:a7:68:87:81:6d:9c:9e:02:d5:77:
4e:90:12:ba:8d:cb:71:b4:d2:5b:79:8a:0c:ad:7e:b9:d2:ce:
87:06:8b:4d:73:80:ee:14:e2:fb:7d:d5:83:85:d3:98:2d:57:
f7:1e:29:4c:be:cd:e0:af:11:c0:04:6d:6d:f4:b2:c2:df:16:
7e:0d:d3:e8:c9:ff:e8:8a:6c:a1:02:f9:50:0d:d0:6e:81:ff:
6e:2f:e3:a7:c8:a8:fa:ae:cd:6b:25:2a:33:c4:82:fb:df:45:
d8:09:eb:82
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZDMRWg+P9PWH0MrA4+lCmSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwNzE5MTgzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQ2MDFhOTY1Zjg3YjFlNzNmZWFhMTE3YjZiZjdkNDZhNmNiNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/qgqvgKwZXUqVFIBTLbIi5y0E4/
tTX8BHbVVf/Q9gGU8UG3b4bY8J6K4MorTa7aRcQ+o6rq+qDzW4590puW42RytNfq
vlcfecGgkFMb1eQXwufTqONtnn1GUGCU1QoLcCsahLGRU+A/uLovTFDsEzvJn84a
GXownTjD9jP3douKDY8XyH2sRhlS+RwCF+ZfqXtSIxGq0Tfum8evWqG1NNdqLOwO
phbp9RwEdKQvXCBtsbJ/9bpeFfQKo5irdPOYsjC8yo2XqxS8wfvRLs9TLLBprkZm
HupkmdEVqgI8nStEXTGluxIBgO/NzKehbmrftkMvGKAkPW8vXBTSI7GYEwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFA7WAall+Hsec/6qEXtr99RqbLWrMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvRHRZQnFXWDRleDV6X3FvUmUydjMxR3BzdGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLX/4AwQE
XuXQAwQCZyksAwQCZz8cAwQAZ0c9AwQCucPUAwQCucPcAwQCucS8AwQCucd0AwQC
wl0EMA0EAgACMAcDBQMqCR6AMA0GCSqGSIb3DQEBCwUAA4IBAQA9UsBr+tAn0Q1f
QA+PDapppu6ZmUcF4OjDQXE+PSoOo8wrLAt1Xm892172bllrAvppPfV0kvzaHjQ4
19h2wJQTFDztJ2i76IEjQWLybhZobKD5XgRINQWSbflxITNCf3OT0SiQ8yoXWDcb
v1TlZQn9KD7BO8aAgb+Yp7b08Ph1GcetZzawIBISNXADkJE5fpXplXHKCnqAsado
h4FtnJ4C1XdOkBK6jctxtNJbeYoMrX650s6HBotNc4DuFOL7fdWDhdOYLVf3HilM
vs3grxHABG1t9LLC3xZ+DdPoyf/oimyhAvlQDdBugf9uL+OnyKj6rs1rJSozxIL7
30XYCeuC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:52 2025 by rpki-client