Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/gEcUMYKbCk0W5grku5PSrVprTmA.roa
File: gEcUMYKbCk0W5grku5PSrVprTmA.roa (raw, json)
Hash identifier: O4ckzG+Q/v4Xk/Xe22iyT1H77/QrMhIN2xTarCiPyoY=
Subject key identifier: 80:47:14:31:82:9B:0A:4D:16:E6:0A:E4:BB:93:D2:AD:5A:6B:4E:60
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018E6B01842C85BCCFDFDB04DCC95E3A9C5B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/gEcUMYKbCk0W5grku5PSrVprTmA.roa
Signing time: Sat 23 Mar 2024 11:10:45 +0000
ROA not before: Sat 23 Mar 2024 11:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 45.128.26.0/24 maxlen: 24
45.129.127.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
2a12:d6c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 27 Mar 2024 09:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6b:01:84:2c:85:bc:cf:df:db:04:dc:c9:5e:3a:9c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 23 11:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80471431829b0a4d16e60ae4bb93d2ad5a6b4e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6a:71:e2:6e:60:5e:13:56:9c:81:19:f3:d6:
a3:a4:ef:d1:bf:d8:bb:55:5a:73:76:33:14:11:41:
f3:8a:2f:92:a1:c9:27:4a:8f:9c:ed:49:15:ce:20:
58:e2:16:dd:9a:88:22:50:a5:a9:1f:0d:fe:e1:0e:
9a:bd:44:50:c0:69:59:a7:f8:b6:df:81:0e:f5:da:
5d:17:af:6a:7c:95:ae:54:c4:09:e7:c5:d8:f2:70:
cb:41:97:bd:19:1e:65:bd:8a:10:db:60:85:d2:43:
73:e4:a5:c6:ce:7d:a1:75:55:e4:0a:67:39:22:b9:
49:fa:6f:b3:db:b8:21:0f:15:16:e5:c4:0a:99:c3:
4d:b4:f3:d9:d7:2e:d9:a3:ca:74:fb:af:25:a4:6c:
65:29:bd:60:d9:aa:42:78:54:18:e7:e1:96:54:32:
a8:35:7f:73:03:59:3a:52:da:14:00:1f:f9:ee:d6:
1e:51:a3:6d:15:30:34:40:8d:0a:6a:5a:3c:66:8a:
b1:ff:8e:30:3c:16:59:be:14:16:22:f8:13:5d:0e:
2b:b7:fa:06:3c:4d:de:16:8c:da:62:80:88:19:fc:
c1:2a:3e:e3:f4:c6:e0:c8:2f:fe:4e:bd:53:58:51:
8a:5a:a9:0c:aa:a2:99:c9:73:bc:17:12:8d:29:86:
49:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:47:14:31:82:9B:0A:4D:16:E6:0A:E4:BB:93:D2:AD:5A:6B:4E:60
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/gEcUMYKbCk0W5grku5PSrVprTmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
c2:ec:a1:0f:e3:b8:e5:7a:b7:60:8c:96:75:f9:4b:0e:ca:89:
57:96:01:9f:b9:1e:d9:16:f0:d1:56:c9:7f:66:38:ee:db:ca:
dc:ff:d4:3f:d7:91:40:ed:7e:94:95:3a:c4:24:b0:e9:77:fe:
9c:bf:0b:42:da:94:8a:49:27:e7:5c:9e:98:ce:19:34:a7:43:
48:29:66:06:38:7d:58:d1:57:97:11:b5:0e:4c:de:88:72:09:
99:56:6a:28:de:9e:30:1c:cd:9c:ec:ce:90:98:df:42:ad:78:
79:e9:c6:9b:f5:53:0f:fd:ef:c6:98:1a:05:d1:42:76:62:02:
ce:78:3c:73:77:d4:51:89:9b:6a:c2:1c:37:26:5b:e0:70:35:
f3:49:ca:1e:c5:5e:b6:f3:87:fa:45:f6:b3:7e:57:5d:8c:bf:
2f:e4:68:8d:db:93:8a:73:f0:b5:1f:d5:a1:b5:27:57:f0:47:
82:fc:d8:ed:5e:25:97:80:2d:92:13:42:2e:04:26:1a:47:86:
fc:f2:5d:e0:4f:8c:2b:60:27:43:e5:f0:ae:d9:3c:cf:54:08:
64:2b:0e:ff:91:e8:c1:27:1c:66:13:cf:81:c0:40:44:c4:a7:
4a:eb:4a:40:68:f7:8d:7f:2c:81:fa:34:9d:52:7b:c6:63:69:
a6:65:be:cd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY5rAYQshbzP39sE3MleOpxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMzIzMTExMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDQ3MTQzMTgyOWIwYTRkMTZlNjBhZTRiYjkzZDJhZDVhNmI0ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWpx4m5gXhNWnIEZ89ajpO/Rv9i7
VVpzdjMUEUHzii+SocknSo+c7UkVziBY4hbdmogiUKWpHw3+4Q6avURQwGlZp/i2
34EO9dpdF69qfJWuVMQJ58XY8nDLQZe9GR5lvYoQ22CF0kNz5KXGzn2hdVXkCmc5
IrlJ+m+z27ghDxUW5cQKmcNNtPPZ1y7Zo8p0+68lpGxlKb1g2apCeFQY5+GWVDKo
NX9zA1k6UtoUAB/57tYeUaNtFTA0QI0Kalo8Zoqx/44wPBZZvhQWIvgTXQ4rt/oG
PE3eFozaYoCIGfzBKj7j9MbgyC/+Tr1TWFGKWqkMqqKZyXO8FxKNKYZJuwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIBHFDGCmwpNFuYK5LuT0q1aa05gMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZ0VjVU1ZS2JDazBXNWdya3U1UFNyVnByVG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MA0EAgACMAcDBQMqEtbAMA0GCSqGSIb3DQEBCwUAA4IBAQDC7KEP
47jlerdgjJZ1+UsOyolXlgGfuR7ZFvDRVsl/Zjju28rc/9Q/15FA7X6UlTrEJLDp
d/6cvwtC2pSKSSfnXJ6Yzhk0p0NIKWYGOH1Y0VeXEbUOTN6IcgmZVmoo3p4wHM2c
7M6QmN9CrXh56cab9VMP/e/GmBoF0UJ2YgLOeDxzd9RRiZtqwhw3JlvgcDXzScoe
xV6284f6RfazflddjL8v5GiN25OKc/C1H9WhtSdX8EeC/NjtXiWXgC2SE0IuBCYa
R4b88l3gT4wrYCdD5fCu2TzPVAhkKw7/kejBJxxmE8+BwEBExKdK60pAaPeNfyyB
+jSdUnvGY2mmZb7N
-----END CERTIFICATE-----
Generated at Thu May 8 11:21:03 2025 by rpki-client