Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/eljGCl_Ewr1dKRU5CX_mKKYYWAI.roa
File: eljGCl_Ewr1dKRU5CX_mKKYYWAI.roa (raw, json)
Hash identifier: ohcL+WUPHX/WfoadmknZuufNDov6azrAlTMPqxYJbeM=
Subject key identifier: 7A:58:C6:0A:5F:C4:C2:BD:5D:29:15:39:09:7F:E6:28:A6:18:58:02
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0196AA262C2A712CB57B4179A327ECB66464
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/eljGCl_Ewr1dKRU5CX_mKKYYWAI.roa
Signing time: Wed 07 May 2025 09:49:10 +0000
ROA not before: Wed 07 May 2025 09:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 109.236.49.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 May 2025 14:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:26:2c:2a:71:2c:b5:7b:41:79:a3:27:ec:b6:64:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 7 09:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a58c60a5fc4c2bd5d291539097fe628a6185802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:79:10:dc:07:ad:f0:80:26:46:33:12:8f:88:
2d:12:2d:40:d2:31:19:15:7e:d9:81:10:04:e2:c0:
33:9f:6a:6b:28:57:77:f7:f1:b6:9a:e9:9f:39:48:
6d:c5:03:77:7a:cc:7c:a9:4e:55:e1:bf:f6:56:b9:
75:f0:61:ab:af:65:73:02:2f:18:b6:76:13:01:ad:
1b:6e:be:78:46:43:f9:32:08:0b:eb:f5:c8:e7:f4:
ae:93:a9:97:24:ad:19:2b:19:de:cc:8e:a9:f9:38:
f2:e2:5b:53:ca:90:c1:3d:26:58:0b:01:ec:50:fd:
4a:5b:f4:f5:70:2a:c4:0f:8a:4c:87:6f:ce:11:24:
42:60:77:75:8f:ae:ce:2e:90:8d:01:b5:49:13:5e:
84:b4:05:ea:62:10:d2:42:30:f6:7c:38:fc:b0:3e:
76:5c:15:0a:67:58:10:06:82:db:ee:bc:db:49:f5:
c1:e5:77:29:63:2c:25:ac:2a:ef:6a:70:90:34:c3:
a1:3b:ba:44:cf:c3:b2:c7:76:ee:52:55:7b:af:88:
d9:6c:8b:51:d7:0d:9f:99:7f:31:6a:70:f2:bf:8c:
91:c2:30:7f:a8:97:84:ec:1c:83:32:cc:33:93:04:
af:91:8e:a8:95:55:40:a6:0e:d2:73:e8:38:76:19:
8a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:58:C6:0A:5F:C4:C2:BD:5D:29:15:39:09:7F:E6:28:A6:18:58:02
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/eljGCl_Ewr1dKRU5CX_mKKYYWAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0/24
109.236.51.0/24
185.254.28.0/23
193.35.152.0/24
Signature Algorithm: sha256WithRSAEncryption
54:5f:a8:f0:d4:10:53:36:c4:37:af:9c:de:00:5e:9d:d0:b6:
3e:e3:a6:c5:7c:58:ac:01:f1:41:92:3d:c5:f7:e1:de:b9:24:
b5:f5:e6:b2:61:16:f7:e9:9f:cd:67:8e:ef:85:bd:47:59:e7:
70:ca:7c:b9:52:f3:df:b1:52:d3:e6:59:5f:f0:52:fb:04:7b:
a3:a7:f7:a1:50:83:dc:a5:88:62:c0:aa:a8:12:69:73:9d:cc:
a7:16:6b:1d:15:7a:ab:c0:51:71:ee:b6:46:db:e6:36:eb:c3:
4c:3a:dc:fd:b2:e3:07:e2:d7:a6:b9:7e:66:fc:45:c2:ef:e9:
7e:3a:37:f7:fe:53:7d:49:06:c2:4e:e2:5a:19:a6:b3:cf:01:
5e:76:63:99:37:ba:a7:b9:8d:3e:d0:c1:9f:e9:f6:a2:e1:e2:
3f:1f:1f:1f:06:41:e3:9b:81:04:8d:24:59:d5:4a:42:20:c0:
a2:38:53:0c:39:3f:13:6d:fe:71:1f:f3:12:60:23:44:6a:4e:
81:9a:c2:c7:9b:a2:44:db:07:63:c4:d0:1e:86:fa:5d:b2:20:
f9:b9:40:c7:da:e1:78:69:e9:00:6f:3d:3a:af:cd:7f:f0:4c:
f9:e3:12:dc:b7:29:3f:8b:d7:b4:94:be:0b:a5:65:7a:bf:32:
58:8c:36:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaqJiwqcSy1e0F5oyfstmRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwNTA3MDk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTU4YzYwYTVmYzRjMmJkNWQyOTE1MzkwOTdmZTYyOGE2MTg1ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynkQ3Aet8IAmRjMSj4gtEi1A0jEZ
FX7ZgRAE4sAzn2prKFd39/G2mumfOUhtxQN3esx8qU5V4b/2Vrl18GGrr2VzAi8Y
tnYTAa0bbr54RkP5MggL6/XI5/Suk6mXJK0ZKxnezI6p+Tjy4ltTypDBPSZYCwHs
UP1KW/T1cCrED4pMh2/OESRCYHd1j67OLpCNAbVJE16EtAXqYhDSQjD2fDj8sD52
XBUKZ1gQBoLb7rzbSfXB5XcpYywlrCrvanCQNMOhO7pEz8Oyx3buUlV7r4jZbItR
1w2fmX8xanDyv4yRwjB/qJeE7ByDMswzkwSvkY6olVVApg7Sc+g4dhmK2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHpYxgpfxMK9XSkVOQl/5iimGFgCMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZWxqR0NsX0V3cjFkS1JVNUNYX21LS1lZV0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbewxAwQA
bewzAwQBuf4cAwQAwSOYMA0GCSqGSIb3DQEBCwUAA4IBAQBUX6jw1BBTNsQ3r5ze
AF6d0LY+46bFfFisAfFBkj3F9+HeuSS19eayYRb36Z/NZ47vhb1HWedwyny5UvPf
sVLT5llf8FL7BHujp/ehUIPcpYhiwKqoEmlzncynFmsdFXqrwFFx7rZG2+Y268NM
Otz9suMH4temuX5m/EXC7+l+Ojf3/lN9SQbCTuJaGaazzwFedmOZN7qnuY0+0MGf
6fai4eI/Hx8fBkHjm4EEjSRZ1UpCIMCiOFMMOT8Tbf5xH/MSYCNEak6BmsLHm6JE
2wdjxNAehvpdsiD5uUDH2uF4aekAbz06r81/8Ez54xLctyk/i9e0lL4LpWV6vzJY
jDaI
-----END CERTIFICATE-----
Generated at Sat May 10 17:55:24 2025 by rpki-client