Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/eqbOfXBlXlax3HfDmUvPDO6qZSQ.roa
File: eqbOfXBlXlax3HfDmUvPDO6qZSQ.roa (raw, json)
Hash identifier: YdSqWk0f7e0kwMH010TF/C5pzCuGYWs5ORHZJuWqS7s=
Subject key identifier: 7A:A6:CE:7D:70:65:5E:56:B1:DC:77:C3:99:4B:CF:0C:EE:AA:65:24
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 018CC7934D8B71B9AB75D35E4205D1A56074
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/eqbOfXBlXlax3HfDmUvPDO6qZSQ.roa
Signing time: Tue 02 Jan 2024 00:29:28 +0000
ROA not before: Tue 02 Jan 2024 00:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.85.14.0/24 maxlen: 24
45.85.15.0/24 maxlen: 24
193.43.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 11:46:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:4d:8b:71:b9:ab:75:d3:5e:42:05:d1:a5:60:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Jan 2 00:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7aa6ce7d70655e56b1dc77c3994bcf0ceeaa6524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:76:27:2a:c3:96:41:eb:d6:e6:b7:24:bc:f7:
6a:57:a6:75:75:0a:c5:f7:f6:31:72:5c:2f:2e:3b:
b5:4e:ec:56:6a:78:7e:0d:42:33:87:78:68:7a:69:
bb:3d:fd:fa:4a:71:ee:bd:6d:2b:86:57:72:a6:4c:
fd:c3:58:03:bb:1d:2d:75:bb:b3:cc:0b:be:79:5b:
6b:64:dd:6f:ea:a3:90:2f:58:33:e0:fb:4f:51:bc:
47:53:6a:06:a1:d6:06:1e:9f:8e:b7:50:0a:d9:6d:
44:b8:15:7b:00:59:2d:67:e9:b1:43:65:c6:99:fa:
5b:d3:8f:32:79:17:53:f5:53:55:53:8d:9a:6a:ee:
dc:e4:da:d4:e3:9d:57:b2:18:aa:97:da:fd:ae:81:
8e:07:9a:cb:74:ad:37:89:77:be:c9:14:d4:d1:82:
b1:83:01:fd:8f:5f:87:2a:85:80:d2:b5:cc:81:09:
f4:76:5a:a4:e2:63:8e:b8:f9:08:40:0f:28:c7:a4:
81:b5:7d:e5:40:f0:63:fc:21:6e:63:c2:4a:15:2c:
ce:58:01:1d:ac:96:b2:1e:c7:6a:3c:15:f6:8d:43:
75:42:65:c4:98:f1:e1:02:46:30:58:75:3c:09:58:
be:20:5d:2c:de:95:48:8c:87:ba:50:7a:19:a8:f9:
35:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A6:CE:7D:70:65:5E:56:B1:DC:77:C3:99:4B:CF:0C:EE:AA:65:24
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/eqbOfXBlXlax3HfDmUvPDO6qZSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.14.0/23
193.43.138.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ab:df:82:29:43:44:f8:49:28:ed:a5:1e:45:14:fb:b6:44:
05:ff:b2:3d:79:09:0d:51:14:97:00:56:69:85:bc:0b:b2:33:
9d:58:9a:ef:79:05:d3:c1:0e:a2:58:6a:65:74:40:6c:3d:5e:
50:9c:f0:c6:a1:6e:ed:00:30:61:ee:07:d2:55:1e:aa:a8:44:
70:54:ae:af:d7:53:da:50:f3:8e:14:f1:09:b4:16:33:82:d7:
d4:41:c5:0e:f3:bd:25:26:85:59:72:dc:3e:3f:41:88:3d:78:
6a:e1:7b:78:d9:f2:01:f7:b3:23:bc:15:e9:ec:f1:3d:d9:5c:
c5:ee:b1:3c:58:02:d1:ee:00:13:f3:ca:cb:43:6b:92:af:f3:
a0:48:e9:01:37:74:51:77:cc:3f:b7:c7:10:0c:cb:68:9e:48:
38:98:5a:46:98:87:ca:2a:de:aa:e5:20:5b:fa:f1:23:3c:49:
8a:57:8e:56:a2:ed:17:a8:fd:be:df:3f:91:b0:c2:1c:fa:d1:
21:83:a1:44:7d:e1:15:07:f8:21:89:af:c7:b1:7f:fc:e8:31:
50:99:a4:42:8a:79:c0:a7:ec:c5:20:0a:c0:25:52:38:13:e2:
61:27:b0:7e:9c:01:62:a0:02:18:d6:9a:08:24:86:7a:3e:2b:
8c:42:69:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHk02LcbmrddNeQgXRpWB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjQwMTAyMDAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWE2Y2U3ZDcwNjU1ZTU2YjFkYzc3YzM5OTRiY2YwY2VlYWE2NTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonYnKsOWQevW5rckvPdqV6Z1dQrF
9/YxclwvLju1TuxWanh+DUIzh3hoemm7Pf36SnHuvW0rhldypkz9w1gDux0tdbuz
zAu+eVtrZN1v6qOQL1gz4PtPUbxHU2oGodYGHp+Ot1AK2W1EuBV7AFktZ+mxQ2XG
mfpb048yeRdT9VNVU42aau7c5NrU451Xshiql9r9roGOB5rLdK03iXe+yRTU0YKx
gwH9j1+HKoWA0rXMgQn0dlqk4mOOuPkIQA8ox6SBtX3lQPBj/CFuY8JKFSzOWAEd
rJayHsdqPBX2jUN1QmXEmPHhAkYwWHU8CVi+IF0s3pVIjIe6UHoZqPk19wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHqmzn1wZV5Wsdx3w5lLzwzuqmUkMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvZXFiT2ZYQmxYbGF4M0hmRG1VdlBETzZxWlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVUOAwQA
wSuKMA0GCSqGSIb3DQEBCwUAA4IBAQAJq9+CKUNE+Eko7aUeRRT7tkQF/7I9eQkN
URSXAFZphbwLsjOdWJrveQXTwQ6iWGpldEBsPV5QnPDGoW7tADBh7gfSVR6qqERw
VK6v11PaUPOOFPEJtBYzgtfUQcUO870lJoVZctw+P0GIPXhq4Xt42fIB97MjvBXp
7PE92VzF7rE8WALR7gAT88rLQ2uSr/OgSOkBN3RRd8w/t8cQDMtonkg4mFpGmIfK
Kt6q5SBb+vEjPEmKV45Wou0XqP2+3z+RsMIc+tEhg6FEfeEVB/ghia/HsX/86DFQ
maRCinnAp+zFIArAJVI4E+JhJ7B+nAFioAIY1poIJIZ6PiuMQmlp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:41 2025 by rpki-client