Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/eRjutMkCW00okE1TX0XlXIw4sCA.roa
File: eRjutMkCW00okE1TX0XlXIw4sCA.roa (raw, json)
Hash identifier: kJPjxLobEHRom3nSEII71AS/TqvTImlH/tvhx6iiQ3U=
Subject key identifier: 79:18:EE:B4:C9:02:5B:4D:28:90:4D:53:5F:45:E5:5C:8C:38:B0:20
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01917FC46407226BCE8DE949E15831AB4D3C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/eRjutMkCW00okE1TX0XlXIw4sCA.roa
Signing time: Fri 23 Aug 2024 15:04:22 +0000
ROA not before: Fri 23 Aug 2024 15:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.12.0/24 maxlen: 24
45.152.198.0/24 maxlen: 24
103.114.40.0/24 maxlen: 24
2a0e:1a84::/32 maxlen: 32
2a0f:3d80:bac::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e6c6:5532::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 28 Aug 2024 16:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7f:c4:64:07:22:6b:ce:8d:e9:49:e1:58:31:ab:4d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 23 15:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7918eeb4c9025b4d28904d535f45e55c8c38b020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9a:15:61:5a:a4:0b:2e:e3:2e:fb:93:2f:42:
36:14:3f:3a:b8:aa:ce:1f:ba:ca:af:ce:31:f2:30:
1d:07:4c:12:f5:f6:39:6b:d7:2b:94:e3:49:ee:68:
40:98:b2:47:54:e5:4c:58:f6:ac:13:a7:06:26:ed:
71:c3:63:64:20:a1:15:f8:89:34:99:38:d1:72:04:
ea:08:c0:27:3e:14:87:09:f6:97:4b:34:49:f3:0c:
2e:b3:c1:f2:59:7e:f9:1b:c3:26:75:2a:ab:2c:9c:
8e:ec:f3:13:4e:98:e8:79:2a:cf:ff:fa:e7:40:db:
dd:c9:22:85:67:e1:b8:d5:a0:26:19:62:97:0a:17:
7f:4b:e1:11:ce:b6:01:18:5c:dc:b7:ae:f1:43:aa:
ec:16:5f:79:41:9c:59:f6:f3:ff:e6:44:99:d5:9b:
08:4f:96:3c:a0:3f:c4:b7:da:e9:f7:bc:27:07:7a:
76:9d:a5:d4:15:1c:55:3e:bb:fb:a9:52:fd:99:6c:
f6:96:de:8a:93:f1:7f:e7:90:d2:c8:63:41:50:60:
ab:12:ba:66:f5:b9:e9:6e:ab:f0:fa:d1:a7:39:35:
60:db:d1:7e:4a:2d:06:9d:49:f9:4d:d2:de:f0:b1:
78:a2:6d:22:a9:ce:61:1f:4b:b3:cc:90:38:c6:ea:
25:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:18:EE:B4:C9:02:5B:4D:28:90:4D:53:5F:45:E5:5C:8C:38:B0:20
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/eRjutMkCW00okE1TX0XlXIw4sCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.12.0/24
45.152.198.0/24
103.114.40.0/24
IPv6:
2a0e:1a84::/32
2a0f:3d80:bac::/48
2a0f:3d82::/32
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a0f:e6c6:5532::/48
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
73:a9:68:48:2e:2f:71:fc:7d:2a:d8:54:70:57:4d:1b:31:10:
cb:31:26:f4:0d:64:ca:06:88:ea:c4:71:ff:36:b7:a2:e1:5a:
da:cb:07:f6:61:38:6b:f4:49:b0:b1:91:30:db:53:1b:9e:75:
9c:85:e2:e0:2f:37:db:a5:b4:b9:0a:de:bc:f9:a3:36:83:46:
89:c0:f4:28:03:4a:0a:5c:b4:bb:02:fe:b3:49:c8:19:f3:b9:
ca:50:fc:25:29:38:82:9f:14:d2:80:5c:79:a4:10:52:2c:b5:
74:d5:5b:71:e6:b2:69:6e:34:25:26:33:0a:a2:ba:0f:42:a7:
36:b7:2f:7e:44:ea:04:c6:ea:41:d0:46:e2:7e:19:98:06:f9:
d3:0a:80:48:e1:c9:2d:f3:60:3c:13:0c:6c:7b:df:74:39:74:
c0:13:9f:9d:8c:e7:5a:27:80:54:c7:23:89:17:7f:ab:e2:dd:
f6:ea:28:eb:8a:72:d7:ba:19:0b:cf:92:72:c0:29:c9:d8:f7:
b9:f2:eb:2d:0b:26:01:36:55:45:38:19:8f:73:56:78:58:d8:
39:f3:80:34:68:bd:b1:b2:bd:f7:1b:10:90:cb:cd:b4:84:9b:
12:02:14:97:70:e7:1a:77:e9:cf:b3:a6:23:a2:95:13:4f:d2:
d6:19:54:35
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZF/xGQHImvOjelJ4Vgxq008MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODIzMTUwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTE4ZWViNGM5MDI1YjRkMjg5MDRkNTM1ZjQ1ZTU1YzhjMzhiMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZoVYVqkCy7jLvuTL0I2FD86uKrO
H7rKr84x8jAdB0wS9fY5a9crlONJ7mhAmLJHVOVMWPasE6cGJu1xw2NkIKEV+Ik0
mTjRcgTqCMAnPhSHCfaXSzRJ8wwus8HyWX75G8MmdSqrLJyO7PMTTpjoeSrP//rn
QNvdySKFZ+G41aAmGWKXChd/S+ERzrYBGFzct67xQ6rsFl95QZxZ9vP/5kSZ1ZsI
T5Y8oD/Et9rp97wnB3p2naXUFRxVPrv7qVL9mWz2lt6Kk/F/55DSyGNBUGCrErpm
9bnpbqvw+tGnOTVg29F+Si0GnUn5TdLe8LF4om0iqc5hH0uzzJA4xuol4QIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFHkY7rTJAltNKJBNU19F5VyMOLAgMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZVJqdXRNa0NXMDBva0UxVFgwWGxYSXc0c0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzAYBAIAATASAwQALVYMAwQA
LZjGAwQAZ3IoMD8EAgACMDkDBQAqDhqEAwcAKg89gAusAwUAKg89ggMHACoPfQAA
AQMHACoPvAChxAMHACoP5sZVMgMFAyoTK0AwDQYJKoZIhvcNAQELBQADggEBAHOp
aEguL3H8fSrYVHBXTRsxEMsxJvQNZMoGiOrEcf82t6LhWtrLB/ZhOGv0SbCxkTDb
UxuedZyF4uAvN9ultLkK3rz5ozaDRonA9CgDSgpctLsC/rNJyBnzucpQ/CUpOIKf
FNKAXHmkEFIstXTVW3HmsmluNCUmMwqiug9Cpza3L35E6gTG6kHQRuJ+GZgG+dMK
gEjhyS3zYDwTDGx733Q5dMATn52M51ongFTHI4kXf6vi3fbqKOuKcte6GQvPknLA
KcnY97ny6y0LJgE2VUU4GY9zVnhY2DnzgDRovbGyvfcbEJDLzbSEmxICFJdw5xp3
6c+zpiOilRNP0tYZVDU=
-----END CERTIFICATE-----
Generated at Mon May 12 16:08:26 2025 by rpki-client