Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ZeqNUAxMHGAJdOOCJCY9vXFmXvI.roa
File: ZeqNUAxMHGAJdOOCJCY9vXFmXvI.roa (raw, json)
Hash identifier: AD4V3oItiam6o8l1iARxQF0s7vxNBl96oZ1EVoMWn/0=
Subject key identifier: 65:EA:8D:50:0C:4C:1C:60:09:74:E3:82:24:26:3D:BD:71:66:5E:F2
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0192C1E1D9BD708D05D241C57B525D89429D
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ZeqNUAxMHGAJdOOCJCY9vXFmXvI.roa
Signing time: Fri 25 Oct 2024 04:14:16 +0000
ROA not before: Fri 25 Oct 2024 04:14:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 45.151.143.0/24 maxlen: 24
85.208.11.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
94.229.214.0/24 maxlen: 24
94.229.215.0/24 maxlen: 24
94.229.216.0/24 maxlen: 24
94.229.217.0/24 maxlen: 24
94.229.218.0/24 maxlen: 24
94.229.219.0/24 maxlen: 24
194.36.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c1:e1:d9:bd:70:8d:05:d2:41:c5:7b:52:5d:89:42:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Oct 25 04:14:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65ea8d500c4c1c600974e38224263dbd71665ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b9:8f:fa:f7:af:ac:7d:2a:4e:e7:c3:e0:52:
b2:7a:3f:ff:0f:3a:cb:4d:2b:01:bf:6d:2b:e6:02:
f1:f6:9f:ad:7a:43:b1:77:99:be:a8:9f:3b:64:fc:
63:8f:5e:16:2b:f1:7e:e4:0a:79:f9:a9:57:e1:f0:
8c:83:f9:99:8f:26:4b:f9:35:bd:c9:ee:5f:f5:37:
a8:d1:3c:fd:ee:a7:93:da:3a:3c:26:bc:48:95:07:
f6:97:fe:c5:ab:bc:d6:01:1d:22:5c:63:6f:29:c0:
67:f0:34:3d:aa:56:22:bf:42:b6:1a:aa:20:09:9e:
76:1f:56:c1:14:67:15:c3:4d:c2:a6:b3:d3:c4:68:
44:58:bb:c9:be:36:34:28:54:53:e4:7f:2f:7a:f3:
93:b0:32:49:24:18:08:b5:27:07:91:08:28:b9:58:
f7:7d:c8:fc:a5:0a:d6:c3:49:c8:b0:4b:4d:7b:ff:
6a:5d:f4:bb:d2:09:f2:b5:f6:c2:2a:9b:cd:32:70:
f4:36:91:3e:cb:a9:61:01:c2:00:85:6a:3d:14:02:
92:ab:b4:40:37:f1:df:ea:e3:d2:cb:dd:21:6a:cf:
f3:72:0b:01:53:62:8d:49:63:dc:2d:50:63:99:ab:
d4:5f:86:8f:36:ee:83:9f:8c:15:e6:e1:3f:12:9c:
d9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EA:8D:50:0C:4C:1C:60:09:74:E3:82:24:26:3D:BD:71:66:5E:F2
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ZeqNUAxMHGAJdOOCJCY9vXFmXvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.143.0/24
85.208.11.0/24
94.229.212.0/24
94.229.214.0-94.229.219.255
194.36.35.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:5c:c1:6a:d6:f8:20:9d:8b:86:68:0d:f0:e6:ea:51:5b:a6:
09:5d:f9:12:d1:02:8a:85:d4:18:93:9f:5c:2f:f3:f2:df:b9:
e1:8f:85:65:bd:80:3e:74:eb:59:50:30:99:6e:7e:78:bd:6d:
98:03:b7:03:8a:e7:33:67:cb:d3:19:78:b0:31:af:43:77:7b:
23:a0:00:5f:e7:a7:30:ec:48:17:3f:81:fe:96:a9:c5:3c:7e:
48:f1:23:b0:10:d7:dc:81:bd:93:ac:20:1e:5c:c8:90:97:c4:
7a:ee:a1:b0:64:ad:d8:d7:e6:51:f4:51:4b:d2:c8:47:af:da:
a4:e8:a2:42:76:0d:ff:97:8c:3d:8b:29:ee:f2:6c:2e:2d:db:
23:c3:67:ea:cd:3c:73:72:93:ad:7f:df:a7:c7:48:52:30:58:
e3:08:56:2c:ae:13:5a:e0:ee:29:ea:19:be:90:f1:34:4a:2d:
75:ec:f0:49:c8:7e:ef:5e:d9:7d:93:d3:7e:23:36:7e:cd:7b:
e6:7d:24:cd:51:0b:7f:aa:01:c0:57:5d:e7:40:15:5f:e4:8f:
75:a0:2e:f1:ab:e3:17:96:9b:38:71:f4:27:5a:f2:25:35:da:
c0:4d:3e:23:df:21:94:77:cc:34:79:39:8d:a9:b7:1e:0e:f6:
c8:20:ac:4a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZLB4dm9cI0F0kHFe1JdiUKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMDI1MDQxNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWVhOGQ1MDBjNGMxYzYwMDk3NGUzODIyNDI2M2RiZDcxNjY1ZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbmP+vevrH0qTufD4FKyej//DzrL
TSsBv20r5gLx9p+tekOxd5m+qJ87ZPxjj14WK/F+5Ap5+alX4fCMg/mZjyZL+TW9
ye5f9Teo0Tz97qeT2jo8JrxIlQf2l/7Fq7zWAR0iXGNvKcBn8DQ9qlYiv0K2Gqog
CZ52H1bBFGcVw03CprPTxGhEWLvJvjY0KFRT5H8vevOTsDJJJBgItScHkQgouVj3
fcj8pQrWw0nIsEtNe/9qXfS70gnytfbCKpvNMnD0NpE+y6lhAcIAhWo9FAKSq7RA
N/Hf6uPSy90has/zcgsBU2KNSWPcLVBjmavUX4aPNu6Dn4wV5uE/EpzZuwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGXqjVAMTBxgCXTjgiQmPb1xZl7yMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvWmVxTlVBeE1IR0FKZE9PQ0pDWTl2WEZtWHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALZePAwQA
VdALAwQAXuXUMAwDBAFe5dYDBAJe5dgDBADCJCMwDQYJKoZIhvcNAQELBQADggEB
AExcwWrW+CCdi4ZoDfDm6lFbpgld+RLRAoqF1BiTn1wv8/LfueGPhWW9gD5061lQ
MJlufni9bZgDtwOK5zNny9MZeLAxr0N3eyOgAF/npzDsSBc/gf6WqcU8fkjxI7AQ
19yBvZOsIB5cyJCXxHruobBkrdjX5lH0UUvSyEev2qTookJ2Df+XjD2LKe7ybC4t
2yPDZ+rNPHNyk61/36fHSFIwWOMIViyuE1rg7inqGb6Q8TRKLXXs8EnIfu9e2X2T
034jNn7Ne+Z9JM1RC3+qAcBXXedAFV/kj3WgLvGr4xeWmzhx9Cda8iU12sBNPiPf
IZR3zDR5OY2ptx4O9sggrEo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:29 2025 by rpki-client