Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/8szZ0iOOqL0EfDJFpm0HemjngpE.roa
File: 8szZ0iOOqL0EfDJFpm0HemjngpE.roa (raw, json)
Hash identifier: RlrZPzCTykpTj+3aGwItHV6HDj3pyBNsgY20XxBV0X4=
Subject key identifier: F2:CC:D9:D2:23:8E:A8:BD:04:7C:32:45:A6:6D:07:7A:68:E7:82:91
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018DA635876BB2E10CF4FB8E0A32618E4500
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/8szZ0iOOqL0EfDJFpm0HemjngpE.roa
Signing time: Wed 14 Feb 2024 06:02:22 +0000
ROA not before: Wed 14 Feb 2024 06:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.110.0/24 maxlen: 24
62.217.129.0/24 maxlen: 24
62.217.131.0/24 maxlen: 24
62.217.134.0/24 maxlen: 24
62.217.138.0/24 maxlen: 24
62.217.141.0/24 maxlen: 24
62.217.142.0/24 maxlen: 24
62.217.146.0/24 maxlen: 24
62.217.147.0/24 maxlen: 24
62.217.148.0/24 maxlen: 24
62.217.149.0/24 maxlen: 24
62.217.151.0/24 maxlen: 24
62.217.156.0/24 maxlen: 24
62.217.157.0/24 maxlen: 24
62.217.158.0/24 maxlen: 24
62.217.159.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
188.64.8.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 04 Mar 2024 10:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:35:87:6b:b2:e1:0c:f4:fb:8e:0a:32:61:8e:45:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 14 06:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2ccd9d2238ea8bd047c3245a66d077a68e78291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:45:71:0a:a6:41:ae:56:0e:8d:46:18:5f:43:
f1:b2:81:d6:9a:d7:24:6d:94:25:42:09:6b:1f:b5:
16:a5:f4:51:57:9c:b5:78:d7:1f:1b:4a:8c:37:ca:
d0:07:0a:65:f9:67:3f:8c:3c:5e:0e:84:c7:02:dc:
03:46:cf:0b:51:c3:68:50:7c:40:82:41:49:9d:e2:
6f:32:86:e0:f5:f3:3f:c7:05:b2:4f:d7:ca:e2:15:
fd:cd:d3:fb:52:06:d3:81:97:47:c9:ae:d3:9d:09:
ef:96:fe:07:ae:b5:99:32:2e:35:19:5b:1f:6d:c9:
b3:a2:4c:54:93:55:49:f5:fe:cf:dd:0f:ae:57:2b:
f6:de:de:97:ac:6e:8d:f6:fd:44:2c:3a:f6:a1:f2:
b8:c5:62:87:24:4a:68:71:b4:45:b0:17:58:5b:7c:
c7:16:e5:69:96:d4:f8:b1:25:e0:ee:39:9d:ae:46:
f6:ee:3c:49:3d:01:60:0e:85:2d:dd:b1:ad:9f:25:
60:77:44:93:a3:68:f6:e3:3e:35:3f:e7:89:0a:59:
3c:78:a0:bd:37:76:ec:48:d7:5e:af:34:ca:0e:c4:
c0:79:9f:ae:1d:16:a1:38:cc:b7:62:3f:b8:d4:f4:
2c:79:b8:c5:22:7b:6d:27:ae:59:70:21:09:b5:f0:
13:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CC:D9:D2:23:8E:A8:BD:04:7C:32:45:A6:6D:07:7A:68:E7:82:91
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/8szZ0iOOqL0EfDJFpm0HemjngpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.110.0/24
62.217.129.0/24
62.217.131.0/24
62.217.134.0/24
62.217.138.0/24
62.217.141.0-62.217.142.255
62.217.146.0-62.217.149.255
62.217.151.0/24
62.217.156.0/22
164.215.97.0/24
185.81.217.0/24
188.64.8.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:f4:6b:b0:4e:46:81:6c:a7:2a:75:8c:34:1f:ce:05:1e:49:
5e:7f:75:81:21:a9:c1:38:fd:aa:60:8d:b7:cf:c5:7b:a6:fa:
9f:38:2d:87:d7:4a:ed:e2:d8:c1:11:a8:ab:98:aa:6c:88:f0:
49:46:25:79:6c:e0:ba:ce:e5:4e:2b:16:e8:cc:c0:27:30:5f:
78:36:a2:ea:3d:cf:78:71:a4:8f:55:4b:70:c7:88:77:0e:6d:
9d:2f:0d:db:31:ec:35:52:a2:7b:b5:33:12:aa:ce:f2:3d:d6:
1c:be:9a:79:45:56:c7:01:22:88:b1:13:f1:27:38:6f:78:d8:
8d:3d:09:20:cf:bc:4b:a2:e0:c3:0a:80:4b:3d:a5:e2:3b:0b:
47:e7:44:04:3d:ef:0a:9e:3d:31:47:7c:cf:5f:63:37:00:0e:
72:42:00:77:c6:cb:6e:f7:fe:4a:5f:83:21:6b:d7:ec:39:49:
91:8e:b2:01:7a:7b:1c:ba:2d:4e:08:22:a4:4d:c4:69:8a:fc:
da:e3:b0:ce:9f:09:0d:8b:26:02:1e:6e:21:01:6f:46:77:5d:
c8:cc:31:96:02:86:f2:a8:3f:a2:3a:77:18:4c:5a:45:2d:99:
63:a6:53:84:f3:ab:01:0e:ae:12:c2:5b:d6:c9:74:b8:12:14:
89:b2:e0:77
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY2mNYdrsuEM9PuOCjJhjkUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMjE0MDYwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmNjZDlkMjIzOGVhOGJkMDQ3YzMyNDVhNjZkMDc3YTY4ZTc4MjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUVxCqZBrlYOjUYYX0PxsoHWmtck
bZQlQglrH7UWpfRRV5y1eNcfG0qMN8rQBwpl+Wc/jDxeDoTHAtwDRs8LUcNoUHxA
gkFJneJvMobg9fM/xwWyT9fK4hX9zdP7UgbTgZdHya7TnQnvlv4HrrWZMi41GVsf
bcmzokxUk1VJ9f7P3Q+uVyv23t6XrG6N9v1ELDr2ofK4xWKHJEpocbRFsBdYW3zH
FuVpltT4sSXg7jmdrkb27jxJPQFgDoUt3bGtnyVgd0STo2j24z41P+eJClk8eKC9
N3bsSNderzTKDsTAeZ+uHRahOMy3Yj+41PQsebjFInttJ65ZcCEJtfATzwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFPLM2dIjjqi9BHwyRaZtB3po54KRMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvOHN6WjBpT09xTDBFZkRKRnBtMEhlbWpuZ3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQALhduAwQA
PtmBAwQAPtmDAwQAPtmGAwQAPtmKMAwDBAA+2Y0DBAA+2Y4wDAMEAT7ZkgMEAT7Z
lAMEAD7ZlwMEAj7ZnAMEAKTXYQMEALlR2QMEArxACDANBgkqhkiG9w0BAQsFAAOC
AQEAtvRrsE5GgWynKnWMNB/OBR5JXn91gSGpwTj9qmCNt8/Fe6b6nzgth9dK7eLY
wRGoq5iqbIjwSUYleWzgus7lTisW6MzAJzBfeDai6j3PeHGkj1VLcMeIdw5tnS8N
2zHsNVKie7UzEqrO8j3WHL6aeUVWxwEiiLET8Sc4b3jYjT0JIM+8S6LgwwqASz2l
4jsLR+dEBD3vCp49MUd8z19jNwAOckIAd8bLbvf+Sl+DIWvX7DlJkY6yAXp7HLot
TggipE3EaYr82uOwzp8JDYsmAh5uIQFvRnddyMwxlgKG8qg/ojp3GExaRS2ZY6ZT
hPOrAQ6uEsJb1sl0uBIUibLgdw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:24 2025 by rpki-client