Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/euKzTddOB1h-EGohD-xr5uYfo3I.roa
File: euKzTddOB1h-EGohD-xr5uYfo3I.roa (raw, json)
Hash identifier: WCxoFseQzdkuuvyak4v/Ak1jsGGykSYWJYVqP/SV1gc=
Subject key identifier: 7A:E2:B3:4D:D7:4E:07:58:7E:10:6A:21:0F:EC:6B:E6:E6:1F:A3:72
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E88797717F04B737BD2EDFEC27D3F9823
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/euKzTddOB1h-EGohD-xr5uYfo3I.roa
Signing time: Fri 29 Mar 2024 04:30:45 +0000
ROA not before: Fri 29 Mar 2024 04:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8570
IP address blocks: 109.172.32.0/22 maxlen: 22
109.172.40.0/22 maxlen: 22
178.234.0.0/16 maxlen: 18
Validation: Failed, certificate revoked on Fri 29 Mar 2024 12:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:88:79:77:17:f0:4b:73:7b:d2:ed:fe:c2:7d:3f:98:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 29 04:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ae2b34dd74e07587e106a210fec6be6e61fa372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e0:aa:60:f0:ae:6a:ea:13:5b:a2:e8:56:ec:
80:b0:02:42:8b:92:d3:31:bc:18:2c:60:a9:c9:7c:
e5:c8:a0:bb:01:7d:18:61:9d:08:7e:a2:9b:93:cc:
0d:9f:1e:ca:5a:54:3c:bc:47:71:df:45:b2:a1:86:
6c:39:72:76:92:dc:64:c0:38:8a:02:3d:eb:17:7a:
e7:1d:c5:5f:b2:f9:d6:9f:ff:70:58:db:b3:f7:73:
67:b3:98:87:41:78:8c:d7:76:36:5e:96:50:3c:8d:
f7:b4:68:99:de:56:99:4e:84:44:c6:a7:6d:ec:cf:
ed:26:47:9e:25:0a:5c:89:eb:2b:e0:0c:50:96:00:
b9:4e:e4:f0:f4:95:72:13:82:b9:5d:08:d6:9f:40:
bc:16:ad:9d:83:b4:dc:72:00:ab:dc:ce:83:14:b5:
ca:58:f0:4f:14:d0:c3:b0:2f:09:21:62:32:05:7e:
4d:98:af:bc:cf:a2:d3:e5:75:e4:a3:d1:b2:25:e8:
c3:2a:f4:dd:70:ac:73:f7:77:bf:47:b1:f5:2f:ea:
47:6b:5c:f6:7c:0f:5a:18:ef:ca:a4:0d:b0:14:16:
7a:61:3c:07:a2:a8:4b:d4:68:a7:5f:27:aa:45:e6:
99:6f:13:a2:ac:81:5e:ca:38:29:d0:5c:eb:c9:1b:
5a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E2:B3:4D:D7:4E:07:58:7E:10:6A:21:0F:EC:6B:E6:E6:1F:A3:72
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/euKzTddOB1h-EGohD-xr5uYfo3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.32.0/22
109.172.40.0/22
178.234.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:fe:e2:8a:3e:90:82:24:dd:ed:73:5e:0d:cf:4b:b5:61:1c:
cf:a8:f6:fe:7c:64:85:bc:66:b3:8a:4b:5a:81:1f:0a:a9:8e:
da:8a:d3:f8:b0:a8:e9:e7:4e:71:88:60:3d:6b:fa:0d:21:c2:
b8:91:b6:e0:ff:18:e7:9f:01:9d:23:23:cb:d9:28:21:37:4c:
03:70:da:f6:f9:d1:d5:b9:37:fb:74:1f:d5:35:74:6a:e5:79:
c1:98:8f:6b:37:21:eb:de:6b:f2:0a:e8:9b:33:79:3c:df:47:
8a:d7:25:35:db:6b:02:d3:1c:e4:c3:b6:d5:61:a3:fe:cb:51:
d8:d1:a9:09:88:71:a6:bd:d2:fe:57:4d:42:8e:03:6e:e1:7f:
8f:2f:49:ee:24:58:dc:43:4a:50:34:7c:64:49:38:54:6a:40:
25:df:eb:65:fa:c4:28:86:43:c9:3b:a2:b0:23:58:d7:d6:ef:
1c:f7:f5:87:9e:4d:ff:a1:98:63:61:e5:85:57:6a:bb:d0:4c:
ad:5f:88:31:25:80:07:2d:3c:b0:c0:fa:00:ee:4e:f9:fb:70:
67:a4:ce:36:ff:25:af:a3:e6:68:69:34:1d:78:46:18:4f:9b:
b4:a2:04:cf:50:9e:6d:5d:13:0b:aa:a7:f9:4d:16:f0:bf:7e:
30:49:c2:dd
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY6IeXcX8Etze9Lt/sJ9P5gjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzI5MDQzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWUyYjM0ZGQ3NGUwNzU4N2UxMDZhMjEwZmVjNmJlNmU2MWZhMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeCqYPCuauoTW6LoVuyAsAJCi5LT
MbwYLGCpyXzlyKC7AX0YYZ0IfqKbk8wNnx7KWlQ8vEdx30WyoYZsOXJ2ktxkwDiK
Aj3rF3rnHcVfsvnWn/9wWNuz93Nns5iHQXiM13Y2XpZQPI33tGiZ3laZToRExqdt
7M/tJkeeJQpciesr4AxQlgC5TuTw9JVyE4K5XQjWn0C8Fq2dg7TccgCr3M6DFLXK
WPBPFNDDsC8JIWIyBX5NmK+8z6LT5XXko9GyJejDKvTdcKxz93e/R7H1L+pHa1z2
fA9aGO/KpA2wFBZ6YTwHoqhL1GinXyeqReaZbxOirIFeyjgp0FzryRtaFwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFHris03XTgdYfhBqIQ/sa+bmH6NyMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZXVLelRkZE9CMWgtRUdvaEQteHI1dVlmbzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQCbawgAwQC
bawoAwMAsuowDQYJKoZIhvcNAQELBQADggEBAH/+4oo+kIIk3e1zXg3PS7VhHM+o
9v58ZIW8ZrOKS1qBHwqpjtqK0/iwqOnnTnGIYD1r+g0hwriRtuD/GOefAZ0jI8vZ
KCE3TANw2vb50dW5N/t0H9U1dGrlecGYj2s3Ievea/IK6JszeTzfR4rXJTXbawLT
HOTDttVho/7LUdjRqQmIcaa90v5XTUKOA27hf48vSe4kWNxDSlA0fGRJOFRqQCXf
62X6xCiGQ8k7orAjWNfW7xz39YeeTf+hmGNh5YVXarvQTK1fiDElgActPLDA+gDu
Tvn7cGekzjb/Ja+j5mhpNB14RhhPm7SiBM9Qnm1dEwuqp/lNFvC/fjBJwt0=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:08:45 2025 by rpki-client