Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/EHV86upTSrGKPGPVXu9cSA77kXs.roa
File: EHV86upTSrGKPGPVXu9cSA77kXs.roa (raw, json)
Hash identifier: MoZ/kXgMrnL+Qm+EiEmWA/s7FHDUJJsMoS4jFktRVuM=
Subject key identifier: 10:75:7C:EA:EA:53:4A:B1:8A:3C:63:D5:5E:EF:5C:48:0E:FB:91:7B
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 0191E5F9A5C8D267461B724DB0E03BC5A85C
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/EHV86upTSrGKPGPVXu9cSA77kXs.roa
Signing time: Thu 12 Sep 2024 11:23:48 +0000
ROA not before: Thu 12 Sep 2024 11:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 217.147.180.0/23 maxlen: 24
217.147.180.0/24 maxlen: 24
217.147.181.0/24 maxlen: 24
2a0b:2900:1100::/40 maxlen: 48
2a0b:2900:1f00::/40 maxlen: 40
2a0b:2900:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 12 Sep 2024 12:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:f9:a5:c8:d2:67:46:1b:72:4d:b0:e0:3b:c5:a8:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Sep 12 11:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10757ceaea534ab18a3c63d55eef5c480efb917b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b2:b7:90:f7:0e:40:e4:23:51:3e:7e:b7:47:
22:57:ee:63:4f:ed:66:be:b4:9f:dc:90:fc:f1:ea:
c2:4a:71:0f:00:94:78:28:51:66:65:5d:b3:b8:ee:
f9:1d:b3:37:90:2e:7b:02:56:95:30:a0:13:e3:56:
b2:d0:b5:7c:06:88:61:39:f4:91:ab:b0:90:49:b8:
d6:e3:af:1c:ec:f8:47:14:8d:15:91:da:94:ae:ba:
f1:02:5b:af:75:e0:e9:dc:85:25:f1:68:15:b3:e5:
6d:10:42:da:35:51:5a:75:c8:1f:3a:da:f5:f9:46:
18:81:1e:a4:ef:61:dc:36:2d:53:0b:55:3c:85:7c:
65:10:a1:0b:51:cf:9c:c9:05:9e:d8:75:86:ca:ca:
fb:0b:ce:e7:07:34:0a:f0:5b:c8:b6:e8:bb:fd:a4:
a5:40:34:f7:6f:bd:d7:1f:c6:3e:4d:aa:27:1c:10:
ba:71:aa:76:ae:1d:f3:59:e4:b7:06:68:5a:ad:a5:
15:bc:48:fd:c1:19:13:a4:c4:2d:e8:d0:ef:20:4c:
14:77:13:28:e7:18:59:1e:f6:0d:21:6e:26:b4:08:
03:9a:fe:4a:0d:d0:45:6c:b3:b2:48:c0:e3:95:4d:
ba:aa:37:af:96:44:d9:55:ef:01:29:de:23:10:f3:
80:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:75:7C:EA:EA:53:4A:B1:8A:3C:63:D5:5E:EF:5C:48:0E:FB:91:7B
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/EHV86upTSrGKPGPVXu9cSA77kXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.180.0/23
IPv6:
2a0b:2900:1100::/40
2a0b:2900:1f00::/40
2a0b:2900:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
14:c2:4c:34:f9:ee:a7:08:a9:eb:e0:89:ce:f8:10:d3:83:47:
ba:3a:78:80:09:79:63:c4:d7:03:14:06:93:67:e5:b1:c5:5a:
4f:27:34:00:b8:61:cc:c7:fe:e8:78:df:46:92:cf:4e:1e:27:
27:13:b0:6c:cf:64:42:f8:3a:73:ac:de:c5:7f:f0:38:a4:a4:
50:7e:f4:eb:0d:21:cc:68:bd:b0:a3:8d:97:87:2b:74:0b:cf:
3b:29:da:a8:c9:0a:aa:f7:b8:32:3d:73:62:d4:46:37:2a:7f:
c4:0c:bf:53:0c:f0:c7:e3:f9:fe:cd:c8:a0:7a:e6:63:91:a8:
53:32:f8:c4:97:b4:61:14:b8:6b:f2:56:fb:75:3b:bf:90:78:
da:05:4b:d8:3a:f7:39:dc:03:2e:17:23:68:8b:07:85:8b:18:
1d:e5:b8:ef:9b:69:6a:29:8f:85:6e:e4:20:a7:0d:2b:c1:02:
e6:a5:04:44:69:18:1c:58:42:89:b6:08:38:36:f7:10:6d:dd:
cb:b0:10:5b:1f:fc:bc:a1:40:7c:7e:e9:6f:88:47:de:91:89:
76:fa:72:61:7c:f8:5a:07:c4:b6:b7:65:23:d5:95:88:bb:21:
ae:82:1c:dc:8a:54:57:49:fe:c1:96:4b:3d:50:bc:42:c1:0f:
a5:de:ff:50
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHl+aXI0mdGG3JNsOA7xahcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjQwOTEyMTEyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc1N2NlYWVhNTM0YWIxOGEzYzYzZDU1ZWVmNWM0ODBlZmI5MTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrK3kPcOQOQjUT5+t0ciV+5jT+1m
vrSf3JD88erCSnEPAJR4KFFmZV2zuO75HbM3kC57AlaVMKAT41ay0LV8BohhOfSR
q7CQSbjW468c7PhHFI0VkdqUrrrxAluvdeDp3IUl8WgVs+VtEELaNVFadcgfOtr1
+UYYgR6k72HcNi1TC1U8hXxlEKELUc+cyQWe2HWGysr7C87nBzQK8FvItui7/aSl
QDT3b73XH8Y+TaonHBC6cap2rh3zWeS3BmharaUVvEj9wRkTpMQt6NDvIEwUdxMo
5xhZHvYNIW4mtAgDmv5KDdBFbLOySMDjlU26qjevlkTZVe8BKd4jEPOAgQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBB1fOrqU0qxijxj1V7vXEgO+5F7MB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvRUhWODZ1cFRTckdLUEdQVlh1OWNTQTc3a1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAMBAIAATAGAwQB2ZO0MB4E
AgACMBgDBgAqCykAEQMGACoLKQAfAwYAKgspAP8wDQYJKoZIhvcNAQELBQADggEB
ABTCTDT57qcIqevgic74ENODR7o6eIAJeWPE1wMUBpNn5bHFWk8nNAC4YczH/uh4
30aSz04eJycTsGzPZEL4OnOs3sV/8DikpFB+9OsNIcxovbCjjZeHK3QLzzsp2qjJ
Cqr3uDI9c2LURjcqf8QMv1MM8Mfj+f7NyKB65mORqFMy+MSXtGEUuGvyVvt1O7+Q
eNoFS9g69zncAy4XI2iLB4WLGB3luO+baWopj4Vu5CCnDSvBAualBERpGBxYQom2
CDg29xBt3cuwEFsf/LyhQHx+6W+IR96RiXb6cmF8+FoHxLa3ZSPVlYi7Ia6CHNyK
VFdJ/sGWSz1QvELBD6Xe/1A=
-----END CERTIFICATE-----
Generated at Sun May 11 18:02:42 2025 by rpki-client