Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/efD47n2gRjS9a5AWnbCdzDMTmQs.roa
File: efD47n2gRjS9a5AWnbCdzDMTmQs.roa (raw, json)
Hash identifier: MitHNnWMaxVv3e+v9kTdU79K9ktZ6TIGDjwlD3LnxWU=
Subject key identifier: 79:F0:F8:EE:7D:A0:46:34:BD:6B:90:16:9D:B0:9D:CC:33:13:99:0B
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 018CC3B7287B093A2362ABEA764BEFC1D24B
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/efD47n2gRjS9a5AWnbCdzDMTmQs.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208414
IP address blocks: 45.138.104.0/24 maxlen: 29
45.138.105.0/24 maxlen: 29
45.138.107.0/24 maxlen: 24
45.138.106.0/24 maxlen: 24
185.8.236.0/22 maxlen: 24
2a0e:acc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:28:7b:09:3a:23:62:ab:ea:76:4b:ef:c1:d2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79f0f8ee7da04634bd6b90169db09dcc3313990b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c0:64:ae:fa:92:bb:a6:c8:0b:d7:83:b7:6e:
5d:0c:20:9e:b0:7b:22:51:2f:c7:bd:5d:1e:47:63:
1f:54:e5:d8:6a:9b:e6:9c:35:ba:ff:b1:15:2e:e8:
dc:a0:57:92:3b:9f:16:65:4c:53:76:a6:16:3a:b6:
2f:73:26:93:75:21:d2:a8:85:db:dc:ae:f1:93:28:
fc:a3:c5:d2:98:52:c8:b4:48:e7:c1:3c:69:1f:3f:
c8:43:bf:9c:7d:22:de:62:79:38:51:6d:00:16:f6:
fb:36:70:e7:58:fe:d3:c0:60:20:99:78:70:3c:8b:
03:35:a4:dc:aa:95:0a:43:b2:fb:0e:19:96:66:e6:
9f:fb:e4:1a:e3:09:f4:66:d4:a2:fc:0b:d3:fd:f4:
60:bc:f2:b8:94:55:5f:90:c6:f4:8e:ad:02:57:e1:
1b:dd:76:bb:da:93:ec:64:59:95:a2:8c:17:e0:bf:
5a:a2:03:e6:75:76:c3:b7:37:31:92:67:13:25:4f:
19:99:ef:18:ef:f0:86:f3:01:4e:19:ef:5e:48:a4:
a7:59:51:fe:1d:68:89:89:bd:cd:21:50:85:ab:32:
0f:dd:9a:88:38:b8:df:1e:39:90:bf:af:65:6f:44:
02:7a:28:15:b5:15:4b:d1:65:79:a5:e4:03:3e:30:
d9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F0:F8:EE:7D:A0:46:34:BD:6B:90:16:9D:B0:9D:CC:33:13:99:0B
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/efD47n2gRjS9a5AWnbCdzDMTmQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.104.0/22
185.8.236.0/22
IPv6:
2a0e:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
08:11:b5:4f:84:e6:78:95:56:2d:3d:20:e8:96:69:04:05:7d:
05:74:f7:e8:94:0c:4f:40:95:80:86:6f:9e:bf:b1:93:f5:ae:
7e:74:d4:83:78:9e:13:c8:e1:27:27:d7:12:73:a8:92:f4:c9:
04:28:cb:fe:5f:45:4a:77:5e:65:c5:af:7a:31:32:ac:9f:80:
db:05:04:96:11:58:79:96:c9:f4:15:f1:49:8d:bf:fb:09:22:
d2:a0:90:06:78:e7:22:a4:c3:dc:fe:a7:b8:8e:a4:c5:be:32:
f2:db:88:ec:93:f5:d8:7c:5d:db:8d:ff:63:38:ec:66:7e:ed:
68:40:83:bd:34:fd:c5:d7:4f:14:25:f3:5c:33:58:6c:f5:64:
3c:cd:a2:d9:ac:35:1c:83:ab:52:35:45:c4:9a:50:99:ee:01:
20:07:0c:a6:e7:4d:5b:e1:f1:a3:f8:5c:24:ae:c6:f0:8f:4c:
97:fc:cf:f9:60:61:bf:c9:08:bd:8f:0e:53:6e:ae:c9:07:32:
45:44:fc:05:63:49:16:ec:bb:b9:2f:25:14:f4:2d:ba:35:18:
e7:d9:c6:7f:ac:a6:63:b3:e2:12:cb:e3:29:1d:d2:78:f2:31:
b4:f7:39:5d:e9:7a:5f:4f:fb:71:2b:63:04:cc:46:49:20:68:
af:30:47:fa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtyh7CTojYqvqdkvvwdJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4
MjgwMjEwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWYwZjhlZTdkYTA0NjM0YmQ2YjkwMTY5ZGIwOWRjYzMzMTM5OTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMBkrvqSu6bIC9eDt25dDCCesHsi
US/HvV0eR2MfVOXYapvmnDW6/7EVLujcoFeSO58WZUxTdqYWOrYvcyaTdSHSqIXb
3K7xkyj8o8XSmFLItEjnwTxpHz/IQ7+cfSLeYnk4UW0AFvb7NnDnWP7TwGAgmXhw
PIsDNaTcqpUKQ7L7DhmWZuaf++Qa4wn0ZtSi/AvT/fRgvPK4lFVfkMb0jq0CV+Eb
3Xa72pPsZFmVoowX4L9aogPmdXbDtzcxkmcTJU8Zme8Y7/CG8wFOGe9eSKSnWVH+
HWiJib3NIVCFqzIP3ZqIOLjfHjmQv69lb0QCeigVtRVL0WV5peQDPjDZCQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHnw+O59oEY0vWuQFp2wncwzE5kLMB8GA1UdIwQY
MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt
MGFjN2I3ZWRlNDJiLzEvZWZENDduMmdSalM5YTVBV25iQ2R6RE1UbVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi
LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYpoAwQC
uQjsMA0EAgACMAcDBQMqDqzAMA0GCSqGSIb3DQEBCwUAA4IBAQAIEbVPhOZ4lVYt
PSDolmkEBX0FdPfolAxPQJWAhm+ev7GT9a5+dNSDeJ4TyOEnJ9cSc6iS9MkEKMv+
X0VKd15lxa96MTKsn4DbBQSWEVh5lsn0FfFJjb/7CSLSoJAGeOcipMPc/qe4jqTF
vjLy24jsk/XYfF3bjf9jOOxmfu1oQIO9NP3F108UJfNcM1hs9WQ8zaLZrDUcg6tS
NUXEmlCZ7gEgBwym501b4fGj+Fwkrsbwj0yX/M/5YGG/yQi9jw5Tbq7JBzJFRPwF
Y0kW7Lu5LyUU9C26NRjn2cZ/rKZjs+ISy+MpHdJ48jG09zld6XpfT/txK2MEzEZJ
IGivMEf6
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:14:50 2025 by rpki-client