Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/_JtL3NyHK-d_TECYsjIbiBxg0X0.roa
File: _JtL3NyHK-d_TECYsjIbiBxg0X0.roa (raw, json)
Hash identifier: GeJD8bV8pCxgf6wqVM8ftFrMtyTTFMDUNHsyVHrj6qM=
Subject key identifier: FC:9B:4B:DC:DC:87:2B:E7:7F:4C:40:98:B2:32:1B:88:1C:60:D1:7D
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019139ADEA6646EDC7399A0BF8FA3EC85BF8
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/_JtL3NyHK-d_TECYsjIbiBxg0X0.roa
Signing time: Sat 10 Aug 2024 00:26:24 +0000
ROA not before: Sat 10 Aug 2024 00:26:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21769
IP address blocks: 45.127.248.0/22 maxlen: 22
85.208.8.0/22 maxlen: 22
94.229.208.0/20 maxlen: 24
103.41.44.0/22 maxlen: 22
103.63.28.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
185.195.212.0/22 maxlen: 22
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
185.199.116.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
2a09:1e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 10 Aug 2024 01:03:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:39:ad:ea:66:46:ed:c7:39:9a:0b:f8:fa:3e:c8:5b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Aug 10 00:26:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc9b4bdcdc872be77f4c4098b2321b881c60d17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:42:b5:0f:1e:cc:c7:83:8c:a8:43:f4:91:8d:
38:16:c0:35:cd:45:df:ef:83:9e:55:01:4f:5f:84:
70:f6:b9:13:f1:22:00:52:6c:c1:9c:2d:eb:ff:6c:
b1:a7:a3:b8:d6:1b:a7:2f:11:99:25:a9:d5:95:fc:
cd:22:7e:73:55:7d:df:93:b3:ac:78:d3:62:bd:77:
59:40:76:77:f2:61:7c:96:6e:c9:f5:4a:5a:e6:68:
72:cb:83:c2:5f:29:cd:23:83:e0:97:18:76:6f:1b:
39:cb:7f:a3:e7:47:3b:fb:43:fa:75:9f:d4:7b:03:
9b:58:e8:11:03:1f:a2:fd:6e:b0:62:a5:93:96:ee:
17:8f:70:4e:12:70:f9:fd:40:46:dc:9f:fe:28:3b:
a8:f2:98:ac:c7:a4:d5:b6:c3:2e:2a:f8:b0:ee:5b:
2c:20:60:59:4f:4a:25:ad:a5:99:f4:c4:a6:14:52:
f3:4f:06:4c:60:8a:54:33:2b:bb:7e:ee:d8:95:a2:
d6:6e:59:04:70:97:f5:6d:14:c1:96:c6:20:66:2b:
1e:81:22:6a:8f:22:3d:56:6c:f6:ce:84:1a:ce:2a:
2b:1f:75:32:5a:47:8e:96:02:8b:10:3d:49:ed:48:
eb:e7:98:22:f5:ca:0a:98:32:32:f7:a5:55:86:91:
12:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:9B:4B:DC:DC:87:2B:E7:7F:4C:40:98:B2:32:1B:88:1C:60:D1:7D
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/_JtL3NyHK-d_TECYsjIbiBxg0X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.127.248.0/22
85.208.8.0/22
94.229.208.0/20
103.41.44.0/22
103.63.28.0/22
103.71.61.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
64:62:58:7b:31:46:4e:ec:0e:96:86:05:39:8c:7c:19:07:8b:
23:7b:48:4a:a6:db:43:56:86:88:9b:68:fb:a4:e7:9d:3a:be:
22:05:c4:6d:16:d4:87:8a:81:e1:a7:25:f9:a7:a8:52:57:16:
3c:9c:8a:4a:c4:37:09:e9:4c:e3:1a:83:6d:44:0d:66:98:2c:
63:40:87:c2:8c:64:01:fb:b3:c5:3d:a8:cb:aa:c6:a2:bb:11:
f6:af:31:c1:17:e1:db:16:f1:0b:48:db:1b:f5:57:c2:be:96:
f2:77:97:73:8d:53:c7:db:3c:f2:57:14:12:77:4a:4d:9f:63:
a0:69:16:18:18:86:da:e9:1d:cf:21:88:18:99:ee:0a:61:96:
54:df:d8:a4:4a:17:52:1f:c4:0f:8c:73:0f:62:de:3f:23:82:
84:83:17:b5:2d:99:b8:d0:d5:c0:75:37:78:f3:18:7a:cf:c0:
36:a3:0d:8c:84:f8:e5:a4:0b:38:a3:96:7f:bc:91:54:bc:70:
3c:a4:86:83:92:e0:0a:2a:a9:02:98:21:d0:2c:03:92:48:07:
60:6e:b5:11:17:d1:58:af:8c:62:e5:b4:d9:f7:be:87:66:54:
75:68:2a:2b:a3:8e:c1:3e:79:cb:cd:d5:8b:a3:1e:ad:c7:8e:
47:19:40:51
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZE5repmRu3HOZoL+Po+yFv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwODEwMDAyNjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzliNGJkY2RjODcyYmU3N2Y0YzQwOThiMjMyMWI4ODFjNjBkMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkK1Dx7Mx4OMqEP0kY04FsA1zUXf
74OeVQFPX4Rw9rkT8SIAUmzBnC3r/2yxp6O41hunLxGZJanVlfzNIn5zVX3fk7Os
eNNivXdZQHZ38mF8lm7J9Upa5mhyy4PCXynNI4Pglxh2bxs5y3+j50c7+0P6dZ/U
ewObWOgRAx+i/W6wYqWTlu4Xj3BOEnD5/UBG3J/+KDuo8pisx6TVtsMuKviw7lss
IGBZT0olraWZ9MSmFFLzTwZMYIpUMyu7fu7YlaLWblkEcJf1bRTBlsYgZisegSJq
jyI9Vmz2zoQaziorH3UyWkeOlgKLED1J7Ujr55gi9coKmDIy96VVhpESsQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFPybS9zchyvnf0xAmLIyG4gcYNF9MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvX0p0TDNOeUhLLWRfVEVDWXNqSWJpQnhnMFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQCLX/4AwQC
VdAIAwQEXuXQAwQCZyksAwQCZz8cAwQAZ0c9AwQCucPUAwQCucPcAwQCucS8AwQC
ucd0AwQCwl0EMA0EAgACMAcDBQMqCR6AMA0GCSqGSIb3DQEBCwUAA4IBAQBkYlh7
MUZO7A6WhgU5jHwZB4sje0hKpttDVoaIm2j7pOedOr4iBcRtFtSHioHhpyX5p6hS
VxY8nIpKxDcJ6UzjGoNtRA1mmCxjQIfCjGQB+7PFPajLqsaiuxH2rzHBF+HbFvEL
SNsb9VfCvpbyd5dzjVPH2zzyVxQSd0pNn2OgaRYYGIba6R3PIYgYme4KYZZU39ik
ShdSH8QPjHMPYt4/I4KEgxe1LZm40NXAdTd48xh6z8A2ow2MhPjlpAs4o5Z/vJFU
vHA8pIaDkuAKKqkCmCHQLAOSSAdgbrURF9FYr4xi5bTZ976HZlR1aCoro47BPnnL
zdWLox6tx45HGUBR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:02 2025 by rpki-client