Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/epnmwCvxPb7I8-SeuGloAh9nVKM.roa
File: epnmwCvxPb7I8-SeuGloAh9nVKM.roa (raw, json)
Hash identifier: c2Zvf3NFI/O96EJGYHo7MXajcZG82wqxqDjGMVDZ98g=
Subject key identifier: 7A:99:E6:C0:2B:F1:3D:BE:C8:F3:E4:9E:B8:69:68:02:1F:67:54:A3
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018DE8894D8BB8E6A36F5E964FDC6305B6CA
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/epnmwCvxPb7I8-SeuGloAh9nVKM.roa
Signing time: Tue 27 Feb 2024 03:08:48 +0000
ROA not before: Tue 27 Feb 2024 03:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 89.23.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Mar 2024 03:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e8:89:4d:8b:b8:e6:a3:6f:5e:96:4f:dc:63:05:b6:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 27 03:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a99e6c02bf13dbec8f3e49eb86968021f6754a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bb:10:19:1c:a0:69:e8:de:45:11:69:35:74:
16:c1:9b:d7:6a:20:4e:d0:96:f0:ca:ac:1b:4e:a5:
8a:90:2f:c8:8f:b9:d0:19:01:43:91:ab:84:d4:81:
cf:68:99:5a:43:db:14:d8:27:d9:3e:16:04:7b:37:
10:62:1b:1a:e5:3e:1c:13:c0:6f:26:b9:57:ce:d5:
8d:91:84:aa:29:4e:73:6d:38:b5:8f:3b:a2:f2:d5:
55:60:06:ef:87:65:8e:9e:be:58:e9:e7:40:fe:9f:
4f:e1:c8:3c:2d:65:2e:cf:3c:53:41:1d:4e:a2:eb:
89:ae:da:09:fd:a1:be:cd:b3:e5:e1:cd:b6:15:e0:
5a:7f:0f:3c:94:19:d3:72:32:b0:51:03:22:4c:c4:
b8:8b:9f:a8:cf:59:56:72:5c:de:41:5e:03:75:3a:
e7:01:23:54:3b:b5:1a:ea:45:5d:54:36:5d:92:69:
5e:57:90:c1:2c:59:74:ae:ba:08:89:90:dc:7c:eb:
2e:6a:10:64:9b:8e:79:2d:bf:16:1f:9c:be:da:28:
bc:78:27:93:a9:85:9e:7a:ac:b8:a0:3b:64:ab:46:
73:c3:fd:75:9d:d4:38:58:87:19:8d:1f:37:44:0b:
af:43:f7:f4:da:66:d2:8b:ae:db:0b:20:f1:cc:39:
2a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:99:E6:C0:2B:F1:3D:BE:C8:F3:E4:9E:B8:69:68:02:1F:67:54:A3
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/epnmwCvxPb7I8-SeuGloAh9nVKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:68:a4:fe:fc:39:b8:aa:2c:54:cb:e4:50:ae:f5:5d:73:35:
08:3f:46:d5:d0:0b:67:e1:f4:f8:6e:bb:ec:7a:cb:81:51:57:
85:28:dd:e7:26:5e:24:80:ff:08:e6:68:d9:ad:de:16:52:a5:
75:d7:f9:4f:a8:95:e7:d4:be:a9:be:d1:10:42:5f:a9:d8:83:
b3:61:fd:89:e5:c9:95:a8:6f:97:69:63:68:7b:ea:02:5d:42:
21:05:86:78:7e:9a:78:b3:75:e7:ac:27:06:bb:37:7d:c4:56:
73:b6:2e:e2:d7:7e:8f:bf:2a:57:a1:13:71:60:1d:54:02:3e:
0d:0a:96:c0:8a:10:ff:e7:f4:5a:de:48:9d:70:74:5c:09:05:
ae:7f:95:07:05:25:19:28:0a:46:83:03:ea:c9:12:01:3f:2c:
9d:94:f3:20:c0:67:95:1e:54:e2:84:cd:d6:35:d3:89:40:9c:
1f:bd:06:4c:b7:99:77:22:7d:b3:75:67:02:91:55:e9:35:ac:
f5:be:4e:aa:da:aa:54:7d:6e:04:65:51:9c:4a:8e:b7:0d:4e:
5c:cd:90:df:cf:49:44:d8:38:4f:53:e5:b5:6a:dd:78:1c:e0:
3b:08:93:49:98:31:32:1b:d6:32:4b:6f:3a:89:69:95:ad:e8:
c1:50:4a:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3oiU2LuOajb16WT9xjBbbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMjI3MDMwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk5ZTZjMDJiZjEzZGJlYzhmM2U0OWViODY5NjgwMjFmNjc1NGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7sQGRygaejeRRFpNXQWwZvXaiBO
0JbwyqwbTqWKkC/Ij7nQGQFDkauE1IHPaJlaQ9sU2CfZPhYEezcQYhsa5T4cE8Bv
JrlXztWNkYSqKU5zbTi1jzui8tVVYAbvh2WOnr5Y6edA/p9P4cg8LWUuzzxTQR1O
ouuJrtoJ/aG+zbPl4c22FeBafw88lBnTcjKwUQMiTMS4i5+oz1lWclzeQV4DdTrn
ASNUO7Ua6kVdVDZdkmleV5DBLFl0rroIiZDcfOsuahBkm455Lb8WH5y+2ii8eCeT
qYWeeqy4oDtkq0Zzw/11ndQ4WIcZjR83RAuvQ/f02mbSi67bCyDxzDkqrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHqZ5sAr8T2+yPPknrhpaAIfZ1SjMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvZXBubXdDdnhQYjdJOC1TZXVHbG9BaDluVktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdnMA0G
CSqGSIb3DQEBCwUAA4IBAQA8aKT+/Dm4qixUy+RQrvVdczUIP0bV0Atn4fT4brvs
esuBUVeFKN3nJl4kgP8I5mjZrd4WUqV11/lPqJXn1L6pvtEQQl+p2IOzYf2J5cmV
qG+XaWNoe+oCXUIhBYZ4fpp4s3XnrCcGuzd9xFZzti7i136PvypXoRNxYB1UAj4N
CpbAihD/5/Ra3kidcHRcCQWuf5UHBSUZKApGgwPqyRIBPyydlPMgwGeVHlTihM3W
NdOJQJwfvQZMt5l3In2zdWcCkVXpNaz1vk6q2qpUfW4EZVGcSo63DU5czZDfz0lE
2DhPU+W1at14HOA7CJNJmDEyG9YyS286iWmVrejBUEoB
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:35 2025 by rpki-client