Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ahq7XSirB66PMsmHiPYkhiKXQ6Q.roa
File: ahq7XSirB66PMsmHiPYkhiKXQ6Q.roa (raw, json)
Hash identifier: /SFXUUK2z3+cU5qAgbQBJXih1A2cgyCivNKX/zTyeko=
Subject key identifier: 6A:1A:BB:5D:28:AB:07:AE:8F:32:C9:87:88:F6:24:86:22:97:43:A4
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019139CFA20DA241B762C4EAD9E3175EAC0C
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ahq7XSirB66PMsmHiPYkhiKXQ6Q.roa
Signing time: Sat 10 Aug 2024 01:03:14 +0000
ROA not before: Sat 10 Aug 2024 01:03:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21769
IP address blocks: 45.127.248.0/22 maxlen: 22
45.151.140.0/22 maxlen: 22
85.208.8.0/22 maxlen: 22
94.229.208.0/20 maxlen: 24
103.41.44.0/22 maxlen: 22
103.63.28.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
185.195.212.0/22 maxlen: 22
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
185.199.116.0/22 maxlen: 22
194.36.32.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
2a09:1e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 14 Aug 2024 18:08:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:39:cf:a2:0d:a2:41:b7:62:c4:ea:d9:e3:17:5e:ac:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Aug 10 01:03:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a1abb5d28ab07ae8f32c98788f62486229743a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8d:aa:ff:b5:76:fe:ce:23:53:34:ac:01:24:
1d:4e:f4:5b:3c:d5:6b:8c:fb:51:03:ae:53:38:53:
43:9d:ef:df:1b:6d:00:50:33:77:94:a5:2e:be:d6:
a7:a5:ed:df:72:3a:d0:95:c3:9d:51:39:33:07:d8:
35:2a:b7:4f:09:a2:d6:7f:56:45:39:84:14:72:86:
ad:2a:71:6f:03:45:01:a8:ba:fe:6b:bc:82:12:1b:
64:02:16:46:f3:19:d9:de:5c:af:85:78:38:70:89:
17:9e:15:97:3f:5c:8f:72:c8:a4:96:6a:fe:2a:bf:
61:02:5f:cd:36:4d:d7:80:01:2c:8b:2c:87:6a:47:
36:27:37:02:f4:13:a7:45:ea:67:41:44:55:26:60:
58:46:2d:dd:b7:4e:70:23:ac:19:f0:4d:fa:59:46:
37:0f:9b:3f:b9:1b:47:18:de:be:1b:59:5c:eb:6a:
d1:71:36:c5:88:3a:00:08:e8:3b:f1:a6:bb:b1:52:
c9:5f:a8:31:5b:43:ba:60:85:e7:96:5a:89:86:7a:
48:d1:55:6b:e9:84:2e:5f:0c:4a:6b:1f:b1:2c:6a:
7c:15:1f:35:c9:2e:7a:11:f6:7e:22:51:08:cb:2f:
c0:80:a7:30:64:ad:bc:32:69:4c:f4:e0:69:06:71:
9c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1A:BB:5D:28:AB:07:AE:8F:32:C9:87:88:F6:24:86:22:97:43:A4
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ahq7XSirB66PMsmHiPYkhiKXQ6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.127.248.0/22
45.151.140.0/22
85.208.8.0/22
94.229.208.0/20
103.41.44.0/22
103.63.28.0/22
103.71.61.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.36.32.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
c7:d9:b3:71:b1:bd:0d:52:10:ce:8c:07:9b:1c:55:9c:a2:ce:
88:ec:51:e3:50:5d:89:d5:53:12:6e:97:97:c8:5d:d9:64:b0:
bb:71:36:ed:55:48:82:fc:45:92:92:eb:5a:9d:f1:94:f3:07:
71:7c:0d:56:b7:45:68:4f:22:8c:50:14:e0:e6:82:d3:9b:10:
d5:e8:21:90:24:60:78:99:49:b7:15:ce:3c:fb:45:46:b5:cf:
76:60:e6:92:1e:24:e9:fb:65:59:dd:ee:74:ea:0a:93:3e:5f:
e3:cc:c7:74:cc:01:c6:11:ef:90:7a:d1:06:f3:7f:67:5f:68:
3b:3c:d6:12:ab:57:64:92:c9:0c:7e:74:9d:d4:a7:4e:12:98:
50:b2:a0:24:2a:61:96:c6:1c:7d:c2:da:f9:bd:cb:f4:ad:ab:
6a:b3:13:cf:72:05:2d:60:09:ff:73:39:a3:02:12:6d:50:a9:
8c:e2:2f:ad:af:4a:69:67:f2:95:a7:dc:4a:61:c1:55:5a:f9:
cb:4e:52:e5:70:f9:3b:b5:f9:d9:7a:7c:9a:9d:96:98:25:68:
0b:df:5c:91:34:72:42:8a:5d:9c:f9:dc:7e:f3:39:42:19:0f:
7d:1c:32:63:10:f6:65:2e:85:29:c3:6e:09:af:97:a3:ab:50:
34:9f:6a:5d
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZE5z6INokG3YsTq2eMXXqwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwODEwMDEwMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTFhYmI1ZDI4YWIwN2FlOGYzMmM5ODc4OGY2MjQ4NjIyOTc0M2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo2q/7V2/s4jUzSsASQdTvRbPNVr
jPtRA65TOFNDne/fG20AUDN3lKUuvtanpe3fcjrQlcOdUTkzB9g1KrdPCaLWf1ZF
OYQUcoatKnFvA0UBqLr+a7yCEhtkAhZG8xnZ3lyvhXg4cIkXnhWXP1yPcsiklmr+
Kr9hAl/NNk3XgAEsiyyHakc2JzcC9BOnRepnQURVJmBYRi3dt05wI6wZ8E36WUY3
D5s/uRtHGN6+G1lc62rRcTbFiDoACOg78aa7sVLJX6gxW0O6YIXnllqJhnpI0VVr
6YQuXwxKax+xLGp8FR81yS56EfZ+IlEIyy/AgKcwZK28MmlM9OBpBnGcaQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFGoau10oqweujzLJh4j2JIYil0OkMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvYWhxN1hTaXJCNjZQTXNtSGlQWWtoaUtYUTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQCLX/4AwQC
LZeMAwQCVdAIAwQEXuXQAwQCZyksAwQCZz8cAwQAZ0c9AwQCucPUAwQCucPcAwQC
ucS8AwQCucd0AwQCwiQgAwQCwl0EMA0EAgACMAcDBQMqCR6AMA0GCSqGSIb3DQEB
CwUAA4IBAQDH2bNxsb0NUhDOjAebHFWcos6I7FHjUF2J1VMSbpeXyF3ZZLC7cTbt
VUiC/EWSkutanfGU8wdxfA1Wt0VoTyKMUBTg5oLTmxDV6CGQJGB4mUm3Fc48+0VG
tc92YOaSHiTp+2VZ3e506gqTPl/jzMd0zAHGEe+QetEG839nX2g7PNYSq1dkkskM
fnSd1KdOEphQsqAkKmGWxhx9wtr5vcv0ratqsxPPcgUtYAn/czmjAhJtUKmM4i+t
r0ppZ/KVp9xKYcFVWvnLTlLlcPk7tfnZenyanZaYJWgL31yRNHJCil2c+dx+8zlC
GQ99HDJjEPZlLoUpw24Jr5ejq1A0n2pd
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:09 2025 by rpki-client