Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/XmkwNmKau_r6QTHIr017nmmOBiU.roa
File: XmkwNmKau_r6QTHIr017nmmOBiU.roa (raw, json)
Hash identifier: 90LAiivwwemEsbt12zVzBa+BJcLU5V3iHW3kT+/8OAc=
Subject key identifier: 5E:69:30:36:62:9A:BB:FA:FA:41:31:C8:AF:4D:7B:9E:69:8E:06:25
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0191E6E230552B15C13DBC6DBADE26AD8B2F
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/XmkwNmKau_r6QTHIr017nmmOBiU.roa
Signing time: Thu 12 Sep 2024 15:37:48 +0000
ROA not before: Thu 12 Sep 2024 15:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 14.102.231.0/24 maxlen: 24
45.151.140.0/23 maxlen: 23
45.151.142.0/23 maxlen: 23
85.208.8.0/23 maxlen: 23
85.208.10.0/23 maxlen: 23
94.229.208.0/21 maxlen: 21
94.229.216.0/21 maxlen: 21
194.36.32.0/23 maxlen: 23
194.36.34.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 17 Sep 2024 17:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:e2:30:55:2b:15:c1:3d:bc:6d:ba:de:26:ad:8b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Sep 12 15:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e693036629abbfafa4131c8af4d7b9e698e0625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:af:6a:b9:ac:07:1f:c9:47:78:6f:2e:48:f9:
11:a7:d6:8f:bb:e6:26:98:85:f5:03:05:89:ee:01:
96:c8:7e:a5:9e:71:30:8c:f8:b9:bc:9a:44:f8:74:
f1:44:2c:c2:0b:90:61:e1:40:06:2e:af:b1:f4:b5:
d4:3e:aa:6e:f4:58:a8:ca:b7:bf:3b:da:9d:7e:76:
67:99:a0:13:b7:23:6a:13:a6:70:00:08:5d:0e:55:
76:d8:1b:00:10:56:06:90:ac:37:8c:1c:20:d0:50:
94:e3:b1:dd:c1:05:27:d6:d4:8a:43:87:57:41:64:
a0:03:ee:c8:68:7f:06:c6:48:a9:1e:16:f4:bf:eb:
60:9e:db:78:f7:bd:21:5b:f4:f9:72:40:cd:ef:17:
9d:97:0e:1c:c4:a9:b5:e1:e8:48:a0:48:9a:86:39:
68:29:d0:0d:ac:93:1e:be:88:5f:38:ba:7c:26:25:
ee:0e:dc:24:34:79:34:01:58:4d:2f:dc:65:85:16:
47:1b:53:09:d2:b6:5d:9a:81:ab:e6:40:78:97:21:
c1:13:8e:fe:8a:d3:b0:14:b7:ef:56:f5:dc:1f:61:
f3:74:b0:13:ca:dc:1e:5c:5d:db:84:2e:81:c6:24:
c0:63:a6:f7:dc:3c:84:02:07:b1:c4:ab:dd:fd:ab:
8b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:69:30:36:62:9A:BB:FA:FA:41:31:C8:AF:4D:7B:9E:69:8E:06:25
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/XmkwNmKau_r6QTHIr017nmmOBiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.231.0/24
45.151.140.0/22
85.208.8.0/22
94.229.208.0/20
194.36.32.0/22
Signature Algorithm: sha256WithRSAEncryption
90:4c:8d:0c:ce:c2:d6:80:38:b6:3b:fd:95:c4:6c:23:7f:aa:
f6:a4:7d:33:48:ee:d5:07:b3:49:10:8e:83:1e:16:b4:6f:20:
a5:1f:0a:7d:1d:ad:ff:31:1a:63:b8:11:e6:f1:c2:a9:70:2d:
4f:f1:6c:dc:c6:86:41:86:a1:a1:7d:8d:a2:31:c9:23:53:92:
3d:bd:02:f9:70:43:06:fc:ac:f1:8a:d2:6c:8c:80:03:b1:77:
b8:ac:1c:dd:52:70:a7:4e:92:e2:3e:ca:e6:3b:85:39:9c:cf:
50:4f:14:c0:3d:47:bf:b1:3a:46:49:e8:a9:e9:f5:42:24:a9:
5b:bf:7b:6a:e1:93:b8:ee:ae:2a:75:a6:2d:8f:87:27:74:20:
9b:f6:b5:48:fc:37:fd:4e:ec:40:d4:c4:c5:56:f6:37:7f:a1:
33:a9:cb:92:8d:62:18:5a:ed:06:85:5e:26:95:5d:26:83:89:
f1:aa:31:40:90:00:71:a8:4a:33:86:8f:db:de:b5:c2:35:ca:
bf:32:7e:45:66:54:6b:cb:cc:72:e0:ba:18:ab:48:ed:94:67:
90:8f:4f:8c:0f:3e:13:21:6d:74:03:ac:08:75:9d:ae:6b:0f:
f4:6d:54:25:f7:fd:be:0b:ce:1f:e9:d6:18:cd:8e:24:b0:24:
c8:1e:b9:95
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZHm4jBVKxXBPbxtut4mrYsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwOTEyMTUzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY5MzAzNjYyOWFiYmZhZmE0MTMxYzhhZjRkN2I5ZTY5OGUwNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA169quawHH8lHeG8uSPkRp9aPu+Ym
mIX1AwWJ7gGWyH6lnnEwjPi5vJpE+HTxRCzCC5Bh4UAGLq+x9LXUPqpu9Fioyre/
O9qdfnZnmaATtyNqE6ZwAAhdDlV22BsAEFYGkKw3jBwg0FCU47HdwQUn1tSKQ4dX
QWSgA+7IaH8GxkipHhb0v+tgntt4970hW/T5ckDN7xedlw4cxKm14ehIoEiahjlo
KdANrJMevohfOLp8JiXuDtwkNHk0AVhNL9xlhRZHG1MJ0rZdmoGr5kB4lyHBE47+
itOwFLfvVvXcH2HzdLATytweXF3bhC6BxiTAY6b33DyEAgexxKvd/auL4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF5pMDZimrv6+kExyK9Ne55pjgYlMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvWG1rd05tS2F1X3I2UVRISXIwMTdubW1PQmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQADmbnAwQC
LZeMAwQCVdAIAwQEXuXQAwQCwiQgMA0GCSqGSIb3DQEBCwUAA4IBAQCQTI0MzsLW
gDi2O/2VxGwjf6r2pH0zSO7VB7NJEI6DHha0byClHwp9Ha3/MRpjuBHm8cKpcC1P
8WzcxoZBhqGhfY2iMckjU5I9vQL5cEMG/KzxitJsjIADsXe4rBzdUnCnTpLiPsrm
O4U5nM9QTxTAPUe/sTpGSeip6fVCJKlbv3tq4ZO47q4qdaYtj4cndCCb9rVI/Df9
TuxA1MTFVvY3f6EzqcuSjWIYWu0GhV4mlV0mg4nxqjFAkABxqEozho/b3rXCNcq/
Mn5FZlRry8xy4LoYq0jtlGeQj0+MDz4TIW10A6wIdZ2uaw/0bVQl9/2+C84f6dYY
zY4ksCTIHrmV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:26 2025 by rpki-client