Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/MqCQnaA_Ps2naWxv3_G1-Elv4Ao.roa
File: MqCQnaA_Ps2naWxv3_G1-Elv4Ao.roa (raw, json)
Hash identifier: L4x2AzwzCAtKv8Xcxv3Y4S3514Jg/p2uYXWGzUwBKj8=
Subject key identifier: 32:A0:90:9D:A0:3F:3E:CD:A7:69:6C:6F:DF:F1:B5:F8:49:6F:E0:0A
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01934F9206D220BF63DD811ED8834C4540E6
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/MqCQnaA_Ps2naWxv3_G1-Elv4Ao.roa
Signing time: Thu 21 Nov 2024 16:33:10 +0000
ROA not before: Thu 21 Nov 2024 16:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21840
IP address blocks: 85.208.8.0/24 maxlen: 24
94.229.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4f:92:06:d2:20:bf:63:dd:81:1e:d8:83:4c:45:40:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Nov 21 16:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32a0909da03f3ecda7696c6fdff1b5f8496fe00a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ff:44:a2:cc:97:b6:b8:ec:29:42:48:47:d9:
06:7b:51:38:f8:75:8c:e8:0e:3e:e8:9f:c9:bb:a8:
94:9f:d8:5d:a6:97:ed:2d:af:1c:85:f4:26:b2:b9:
ac:26:9c:eb:a5:73:65:bb:49:8a:fa:e5:b0:54:1c:
07:c2:ad:ee:ec:1e:ca:2b:c8:bc:a0:e8:e1:ac:01:
17:c5:4d:c0:75:93:05:62:00:04:8f:81:e8:43:48:
46:44:83:8b:be:d5:d5:b1:46:1d:27:e7:b0:27:7c:
3f:7b:e8:c1:28:de:75:22:70:eb:a1:d5:f5:b4:7f:
dd:82:14:82:0f:ba:2f:5b:b4:5e:28:33:5a:a2:8c:
f2:48:75:68:5a:bf:a0:c7:c6:1e:48:11:a1:7e:e2:
f3:45:f7:22:87:f0:a3:41:15:81:c5:d8:13:05:b5:
8e:fc:62:1c:6a:fe:ae:88:29:d7:2a:6f:99:ca:50:
5f:f7:a8:43:d4:2a:ce:a7:6e:ac:d5:c8:76:cd:2c:
0a:e3:2f:bc:14:84:37:8f:f8:61:2f:c9:1f:ba:6b:
b8:ba:ef:fa:cf:c5:3e:d4:33:22:b3:16:40:c6:48:
fd:ff:e9:4c:96:ec:0f:40:a5:e2:26:8a:9c:5d:d2:
05:9d:42:18:2d:d9:e9:9a:b8:4d:58:cf:4d:5c:98:
ef:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A0:90:9D:A0:3F:3E:CD:A7:69:6C:6F:DF:F1:B5:F8:49:6F:E0:0A
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/MqCQnaA_Ps2naWxv3_G1-Elv4Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.8.0/24
94.229.221.0/24
Signature Algorithm: sha256WithRSAEncryption
25:05:bb:e4:fe:02:94:28:75:68:bf:fa:a4:01:d7:7a:15:18:
fa:6c:32:c7:ae:81:54:e4:37:f4:e6:96:42:07:1a:90:a7:17:
b0:9c:6b:9a:2b:d0:e3:5b:69:51:2f:c4:ff:81:9e:55:4d:dc:
6f:db:51:e7:59:b7:fa:14:ef:12:8d:04:f3:fe:df:aa:a7:a1:
94:1f:89:2c:52:8b:c2:6d:58:fe:96:5c:71:3e:34:9d:e8:04:
89:66:99:96:74:15:a7:e7:a0:59:3b:8d:4a:dc:d5:46:36:b6:
b3:3c:ba:58:f1:06:ac:9e:34:75:04:de:81:5c:e7:62:51:e0:
b7:50:2a:fd:fb:54:a8:b4:c2:72:4c:eb:7d:08:fb:67:0f:74:
f1:4e:93:7f:98:3e:91:a2:40:6e:f9:c2:a1:6c:29:ae:56:b4:
2e:f8:14:35:9f:3f:c1:a9:55:05:0a:d9:cc:e6:a9:62:9e:aa:
78:bb:8c:89:ac:be:85:f4:d1:22:5d:65:87:a0:19:77:6d:e0:
c4:76:84:bf:c6:31:5a:6b:84:c9:a2:41:43:cc:16:da:c7:bc:
53:07:82:4a:5e:57:c5:5d:60:de:f3:fb:94:4f:39:95:95:a4:
f2:45:0f:15:89:91:62:12:36:2f:b8:81:b3:56:14:85:eb:b4:
5d:81:de:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNPkgbSIL9j3YEe2INMRUDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMTIxMTYzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmEwOTA5ZGEwM2YzZWNkYTc2OTZjNmZkZmYxYjVmODQ5NmZlMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/9EosyXtrjsKUJIR9kGe1E4+HWM
6A4+6J/Ju6iUn9hdppftLa8chfQmsrmsJpzrpXNlu0mK+uWwVBwHwq3u7B7KK8i8
oOjhrAEXxU3AdZMFYgAEj4HoQ0hGRIOLvtXVsUYdJ+ewJ3w/e+jBKN51InDrodX1
tH/dghSCD7ovW7ReKDNaoozySHVoWr+gx8YeSBGhfuLzRfcih/CjQRWBxdgTBbWO
/GIcav6uiCnXKm+ZylBf96hD1CrOp26s1ch2zSwK4y+8FIQ3j/hhL8kfumu4uu/6
z8U+1DMisxZAxkj9/+lMluwPQKXiJoqcXdIFnUIYLdnpmrhNWM9NXJjvPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDKgkJ2gPz7Np2lsb9/xtfhJb+AKMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvTXFDUW5hQV9QczJuYVd4djNfRzEtRWx2NEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVdAIAwQA
XuXdMA0GCSqGSIb3DQEBCwUAA4IBAQAlBbvk/gKUKHVov/qkAdd6FRj6bDLHroFU
5Df05pZCBxqQpxewnGuaK9DjW2lRL8T/gZ5VTdxv21HnWbf6FO8SjQTz/t+qp6GU
H4ksUovCbVj+llxxPjSd6ASJZpmWdBWn56BZO41K3NVGNrazPLpY8QasnjR1BN6B
XOdiUeC3UCr9+1SotMJyTOt9CPtnD3TxTpN/mD6RokBu+cKhbCmuVrQu+BQ1nz/B
qVUFCtnM5qlinqp4u4yJrL6F9NEiXWWHoBl3beDEdoS/xjFaa4TJokFDzBbax7xT
B4JKXlfFXWDe8/uUTzmVlaTyRQ8ViZFiEjYvuIGzVhSF67Rdgd7Z
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:55 2025 by rpki-client