Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/e2qS716Wezok1sq5OVUDHCw_eCI.roa
File: e2qS716Wezok1sq5OVUDHCw_eCI.roa (raw, json)
Hash identifier: 3k2/UvOJz/WmNjJeMzVEY66ldDwjNrDZNsvfaIxGSZw=
Subject key identifier: 7B:6A:92:EF:5E:96:7B:3A:24:D6:CA:B9:39:55:03:1C:2C:3F:78:22
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A36792119B25D58DEF205DD608A74
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/e2qS716Wezok1sq5OVUDHCw_eCI.roa
Signing time: Mon 02 Jan 2023 12:34:49 +0000
ROA not before: Mon 02 Jan 2023 12:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51089
IP address blocks: 185.218.6.0/24 maxlen: 24
185.218.7.0/24 maxlen: 24
185.218.6.0/23 maxlen: 23
31.25.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Nov 2023 11:36:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:36:79:21:19:b2:5d:58:de:f2:05:dd:60:8a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b6a92ef5e967b3a24d6cab93955031c2c3f7822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:de:cb:f1:ef:12:5d:b7:0f:a4:20:57:92:1a:
98:06:24:25:6f:59:cb:b9:61:4c:ae:e0:5c:d7:e5:
5c:f7:5e:d2:a4:79:7a:e3:47:cb:99:18:34:3b:1b:
f3:c2:e3:f3:ce:c8:1b:61:d2:bf:5a:f8:f1:be:65:
dc:d6:2b:72:59:99:2f:5e:5a:8d:ae:79:5a:6a:48:
03:be:80:7d:8b:68:87:ee:cf:87:aa:81:64:1b:00:
96:e2:f5:7c:c3:c2:34:90:f4:f6:8b:4b:0c:0a:a7:
92:42:28:c8:f2:9b:82:35:82:a8:c5:a0:1d:5a:34:
98:63:04:61:94:a0:fb:72:34:86:22:d2:08:84:c8:
09:a8:6e:bc:73:57:17:da:f9:8d:34:c3:d2:24:16:
ce:05:86:5b:ac:ec:74:75:0f:de:4d:fb:fc:b2:28:
3c:ba:5a:74:73:ed:32:76:e2:1e:c9:ca:f8:ac:b3:
57:10:77:bf:98:31:49:0d:6c:6e:90:fd:e1:bb:e7:
1c:99:cc:1f:74:56:e5:41:d6:ea:e6:8b:d7:0d:be:
38:4f:a1:53:cb:39:e2:6a:07:6f:82:8f:33:fb:c0:
e1:ef:30:70:62:5b:f4:4c:b1:e7:c7:e4:9c:b1:be:
3a:5e:94:6d:5a:15:92:64:e5:a1:13:f3:64:07:cb:
3d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:6A:92:EF:5E:96:7B:3A:24:D6:CA:B9:39:55:03:1C:2C:3F:78:22
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/e2qS716Wezok1sq5OVUDHCw_eCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.88.0/24
185.218.6.0/23
Signature Algorithm: sha256WithRSAEncryption
59:7a:d0:5a:e1:ae:e2:e9:87:c2:76:cd:5a:b9:5d:0d:5a:aa:
c5:21:a7:92:36:91:f6:19:4e:8c:e7:b9:bc:8f:e7:f8:4a:83:
e8:21:b2:1a:4e:19:16:9b:46:e0:e6:36:89:ff:4c:63:d5:08:
34:08:9f:9b:3f:f7:8f:30:25:16:a9:d7:1f:0a:c3:dc:41:6c:
ed:5a:63:38:99:7e:9c:d8:55:ad:1a:b3:9f:fd:cd:1c:d5:80:
26:13:f7:d9:5c:77:e9:81:eb:69:c0:71:49:e6:d2:15:48:d6:
dc:b7:dc:9d:64:82:ae:24:7d:ef:66:76:c1:6d:7b:95:b8:32:
95:25:2f:b3:31:a2:4e:6d:eb:c5:04:b4:92:5e:57:7e:4f:1c:
2a:fb:af:46:a0:bb:a1:b7:a7:19:37:6b:82:0b:65:b3:34:a5:
4e:a6:0d:cd:e9:fe:ef:66:67:42:b5:23:39:34:11:d5:12:cf:
bc:9c:f4:95:5a:78:7d:53:1f:2b:87:68:2c:8e:e1:38:af:66:
be:2b:97:1f:45:d6:20:97:67:a8:6b:bf:3d:f9:83:25:58:43:
2f:53:4f:28:71:8b:54:d0:e2:7c:59:3f:c0:c6:3b:2b:de:0a:
2d:f2:f4:4a:41:7f:06:00:76:0e:85:6a:b3:3a:c2:e8:ba:24:
fb:83:e1:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyejZ5IRmyXVje8gXdYIp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjZhOTJlZjVlOTY3YjNhMjRkNmNhYjkzOTU1MDMxYzJjM2Y3ODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt7L8e8SXbcPpCBXkhqYBiQlb1nL
uWFMruBc1+Vc917SpHl640fLmRg0OxvzwuPzzsgbYdK/WvjxvmXc1ityWZkvXlqN
rnlaakgDvoB9i2iH7s+HqoFkGwCW4vV8w8I0kPT2i0sMCqeSQijI8puCNYKoxaAd
WjSYYwRhlKD7cjSGItIIhMgJqG68c1cX2vmNNMPSJBbOBYZbrOx0dQ/eTfv8sig8
ulp0c+0yduIeycr4rLNXEHe/mDFJDWxukP3hu+ccmcwfdFblQdbq5ovXDb44T6FT
yzniagdvgo8z+8Dh7zBwYlv0TLHnx+Scsb46XpRtWhWSZOWhE/NkB8s9WQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHtqku9elns6JNbKuTlVAxwsP3giMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZTJxUzcxNldlem9rMXNxNU9WVURIQ3dfZUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHxlYAwQB
udoGMA0GCSqGSIb3DQEBCwUAA4IBAQBZetBa4a7i6YfCds1auV0NWqrFIaeSNpH2
GU6M57m8j+f4SoPoIbIaThkWm0bg5jaJ/0xj1Qg0CJ+bP/ePMCUWqdcfCsPcQWzt
WmM4mX6c2FWtGrOf/c0c1YAmE/fZXHfpgetpwHFJ5tIVSNbct9ydZIKuJH3vZnbB
bXuVuDKVJS+zMaJObevFBLSSXld+Txwq+69GoLuht6cZN2uCC2WzNKVOpg3N6f7v
ZmdCtSM5NBHVEs+8nPSVWnh9Ux8rh2gsjuE4r2a+K5cfRdYgl2eoa789+YMlWEMv
U08ocYtU0OJ8WT/Axjsr3got8vRKQX8GAHYOhWqzOsLouiT7g+Hh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org