Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/Ejr7UZ9f7-8FMI44eCEIdsXpJa8.roa
File: Ejr7UZ9f7-8FMI44eCEIdsXpJa8.roa (raw, json)
Hash identifier: mBta9dFMtduLDbogRc4WcN5QxnXCnnl2yk1xoj+5VZM=
Subject key identifier: 12:3A:FB:51:9F:5F:EF:EF:05:30:8E:38:78:21:08:76:C5:E9:25:AF
Certificate issuer: /CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Certificate serial: 01936E3E8162BEE8250AE99A5BE4C2A9810D
Authority key identifier: 34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/Ejr7UZ9f7-8FMI44eCEIdsXpJa8.roa
Signing time: Wed 27 Nov 2024 15:30:10 +0000
ROA not before: Wed 27 Nov 2024 15:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 88.84.64.0/19 maxlen: 24
95.142.0.0/20 maxlen: 24
185.117.176.0/22 maxlen: 24
217.15.32.0/20 maxlen: 24
217.149.144.0/20 maxlen: 24
2a02:2068::/29 maxlen: 48
2a02:206a::/32 maxlen: 32
2a02:206b::/32 maxlen: 32
2a02:206d::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Nov 2024 15:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:3e:81:62:be:e8:25:0a:e9:9a:5b:e4:c2:a9:81:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Validity
Not Before: Nov 27 15:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=123afb519f5fefef05308e3878210876c5e925af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:76:dd:4a:9e:88:8d:e8:0e:06:c6:d3:f0:55:
64:6f:e5:8d:af:8d:03:50:2e:4f:dc:66:05:d3:6a:
f6:e6:8a:57:5e:97:d1:03:66:1a:f7:a9:99:6f:11:
f8:9b:75:00:71:9e:09:ee:f2:8d:db:9a:ac:c0:be:
74:38:d3:b4:32:25:2f:56:26:0d:25:f4:9c:67:52:
fa:94:2c:80:3c:3a:53:5a:11:f7:20:28:b4:fa:4e:
14:93:52:22:d3:e8:bb:6d:16:0c:fc:04:f8:e4:ad:
5c:4f:a0:47:fa:c1:40:61:1d:5e:7a:db:4c:6b:8a:
41:42:50:76:4b:1d:ac:0c:3c:4e:8c:d2:a1:71:42:
29:af:e5:ed:0e:e5:19:c9:52:bf:da:16:8e:1b:fb:
24:8a:7c:ac:99:b1:e6:83:c2:4a:99:14:98:cf:70:
d0:5b:0f:3d:84:ac:a6:26:6d:47:5a:9f:00:09:97:
48:70:f2:22:a2:dd:66:4b:bf:62:9a:04:b1:e1:42:
79:ab:73:6a:7a:d3:8b:27:ef:a0:b4:1d:9d:10:86:
a1:7f:e3:5f:1c:88:44:48:1b:b7:5b:d3:37:3a:f0:
f7:d3:0f:f6:fc:18:69:76:13:08:ce:2a:5a:2c:9d:
89:ac:56:36:8f:4b:69:85:e8:ee:97:f8:32:28:cc:
8e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:3A:FB:51:9F:5F:EF:EF:05:30:8E:38:78:21:08:76:C5:E9:25:AF
X509v3 Authority Key Identifier:
keyid:34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/Ejr7UZ9f7-8FMI44eCEIdsXpJa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.64.0/19
95.142.0.0/20
185.117.176.0/22
217.15.32.0/20
217.149.144.0/20
IPv6:
2a02:2068::/29
Signature Algorithm: sha256WithRSAEncryption
6d:d2:b1:d2:8d:38:1c:5b:ec:9d:13:15:ae:7a:56:c6:a3:21:
44:98:1d:4d:c6:f8:2a:da:3a:b0:6b:3a:5d:10:d4:ef:59:9d:
01:d4:8a:f1:a7:f9:8a:a7:42:42:a2:18:92:98:9b:13:a9:ff:
3d:8e:01:c5:87:40:a1:2e:49:6a:67:e5:7b:7e:e3:f6:1b:ec:
1f:86:11:5c:22:61:77:29:25:04:f1:34:f0:03:b2:2d:99:86:
a2:55:65:bd:a4:1e:0e:4f:06:22:80:17:4f:5b:39:43:9a:08:
06:de:33:a3:bc:d0:18:83:c6:7b:c7:7b:7d:31:c1:b3:66:f6:
f1:ba:4a:c8:cd:9e:85:82:f9:f8:b3:71:84:1c:48:3e:93:54:
e1:89:32:2e:08:da:0a:d2:b2:36:a7:18:76:b1:0a:a6:f3:7c:
31:37:45:e9:59:72:0d:97:51:cf:0a:cb:1d:88:1f:26:82:b2:
ff:6a:e1:00:ad:ac:40:35:a9:06:08:b4:7d:e5:0a:cf:92:fe:
83:e9:68:0f:b5:a2:d0:61:db:c8:66:10:9e:65:96:7f:0c:78:
46:42:7e:a6:58:f8:9c:ef:34:84:4b:ce:e6:fe:13:1d:f9:50:
02:2b:60:fe:38:3f:2d:b6:99:2e:3c:4a:2a:ba:70:3a:13:9a:
89:8b:ab:f0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZNuPoFivuglCumaW+TCqYENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjQ3YjczZWU4ZmJlZGQyNWY0MWIzYjE3YjJiZTA4ZjVi
ZjY1NjMwHhcNMjQxMTI3MTUzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjNhZmI1MTlmNWZlZmVmMDUzMDhlMzg3ODIxMDg3NmM1ZTkyNWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHbdSp6IjegOBsbT8FVkb+WNr40D
UC5P3GYF02r25opXXpfRA2Ya96mZbxH4m3UAcZ4J7vKN25qswL50ONO0MiUvViYN
JfScZ1L6lCyAPDpTWhH3ICi0+k4Uk1Ii0+i7bRYM/AT45K1cT6BH+sFAYR1eettM
a4pBQlB2Sx2sDDxOjNKhcUIpr+XtDuUZyVK/2haOG/skinysmbHmg8JKmRSYz3DQ
Ww89hKymJm1HWp8ACZdIcPIiot1mS79imgSx4UJ5q3NqetOLJ++gtB2dEIahf+Nf
HIhESBu3W9M3OvD30w/2/BhpdhMIzipaLJ2JrFY2j0tphejul/gyKMyOcwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBI6+1GfX+/vBTCOOHghCHbF6SWvMB8GA1UdIwQY
MBaAFDT0e3Puj77dJfQbOxeyvgj1v2VjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQt
ZDg3ZTQwNDdmODUzLzEvRWpyN1VaOWY3LThGTUk0NGVDRUlkc1hwSmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQtZDg3ZTQwNDdmODUz
LzEvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFWFRAAwQE
X44AAwQCuXWwAwQE2Q8gAwQE2ZWQMA0EAgACMAcDBQMqAiBoMA0GCSqGSIb3DQEB
CwUAA4IBAQBt0rHSjTgcW+ydExWuelbGoyFEmB1Nxvgq2jqwazpdENTvWZ0B1Irx
p/mKp0JCohiSmJsTqf89jgHFh0ChLklqZ+V7fuP2G+wfhhFcImF3KSUE8TTwA7It
mYaiVWW9pB4OTwYigBdPWzlDmggG3jOjvNAYg8Z7x3t9McGzZvbxukrIzZ6Fgvn4
s3GEHEg+k1ThiTIuCNoK0rI2pxh2sQqm83wxN0XpWXINl1HPCssdiB8mgrL/auEA
raxANakGCLR95QrPkv6D6WgPtaLQYdvIZhCeZZZ/DHhGQn6mWPic7zSES87m/hMd
+VACK2D+OD8ttpkuPEoqunA6E5qJi6vw
-----END CERTIFICATE-----
Generated at Sun Jun 15 17:04:24 2025 by rpki-client