Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/583a2c-946d-4517-8083-26985ce45978/1/EQKgfAIfnMO2tteIpbBqR1eCeP0.roa
File: EQKgfAIfnMO2tteIpbBqR1eCeP0.roa (raw, json)
Hash identifier: HVYPujvME661GA7/MjQHwp2MxwSErXWxsyctg4tPffc=
Subject key identifier: 11:02:A0:7C:02:1F:9C:C3:B6:B6:D7:88:A5:B0:6A:47:57:82:78:FD
Certificate issuer: /CN=6052e1592b12ad2cd39f5be57c058535edb12b9c
Certificate serial: 018570028412728AEFAA7FC66DC060369726
Authority key identifier: 60:52:E1:59:2B:12:AD:2C:D3:9F:5B:E5:7C:05:85:35:ED:B1:2B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFLhWSsSrSzTn1vlfAWFNe2xK5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/583a2c-946d-4517-8083-26985ce45978/1/EQKgfAIfnMO2tteIpbBqR1eCeP0.roa
Signing time: Mon 02 Jan 2023 01:04:51 +0000
ROA not before: Mon 02 Jan 2023 01:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203982
IP address blocks: 185.118.8.0/22 maxlen: 22
185.118.11.0/24 maxlen: 24
185.118.8.0/24 maxlen: 24
185.118.10.0/24 maxlen: 24
185.118.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:84:12:72:8a:ef:aa:7f:c6:6d:c0:60:36:97:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6052e1592b12ad2cd39f5be57c058535edb12b9c
Validity
Not Before: Jan 2 01:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1102a07c021f9cc3b6b6d788a5b06a47578278fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f0:09:27:05:ef:40:1b:2e:79:e9:15:b8:d8:
8d:82:7b:e3:2d:0c:d3:a6:41:be:c8:4b:72:bc:98:
12:0c:c0:6c:ec:d5:70:89:37:be:84:84:18:c9:6e:
3d:58:70:1d:aa:42:c4:d5:1b:85:28:b6:68:2d:48:
07:44:0e:8f:a0:03:98:fe:27:ba:a9:49:60:48:86:
01:6a:14:c2:34:a3:bf:00:00:b3:11:a4:88:9a:35:
8a:2b:66:41:04:7a:e4:90:ad:7e:ca:60:b3:07:09:
3e:f8:88:c8:7e:54:f3:15:ad:33:ef:cc:43:de:0c:
1e:80:52:9e:7c:1f:b7:b0:af:70:7e:15:db:d4:8a:
cc:97:74:94:bb:dc:53:06:0b:39:b1:f4:ea:58:02:
e6:26:33:9b:46:d2:01:97:5e:e9:58:f9:38:88:4c:
1c:74:c6:ff:62:33:8e:e3:73:31:5c:ad:17:65:fa:
e9:0b:a2:c9:3c:63:5e:7b:26:ba:a0:fe:d8:89:c9:
1f:d8:a9:2a:17:86:fe:df:de:15:2f:eb:3e:8c:c0:
4a:12:b3:30:a5:c3:0d:66:c4:b8:93:4d:a6:ff:5e:
e0:23:54:bc:01:5b:55:f1:12:e0:db:34:cb:97:6d:
e6:32:bb:9e:26:4f:b8:29:ff:a4:e8:5a:87:82:ee:
74:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:02:A0:7C:02:1F:9C:C3:B6:B6:D7:88:A5:B0:6A:47:57:82:78:FD
X509v3 Authority Key Identifier:
keyid:60:52:E1:59:2B:12:AD:2C:D3:9F:5B:E5:7C:05:85:35:ED:B1:2B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFLhWSsSrSzTn1vlfAWFNe2xK5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/583a2c-946d-4517-8083-26985ce45978/1/EQKgfAIfnMO2tteIpbBqR1eCeP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/583a2c-946d-4517-8083-26985ce45978/1/YFLhWSsSrSzTn1vlfAWFNe2xK5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.8.0/22
Signature Algorithm: sha256WithRSAEncryption
80:b1:d5:86:3c:4b:e9:14:ee:85:5e:76:21:7d:da:81:d9:af:
7b:f6:87:d7:6b:9c:f7:7e:73:ff:27:52:ff:a4:b8:24:f1:78:
2e:57:7c:5a:26:f4:d6:16:e9:c4:fd:33:6d:bd:f5:08:e0:2f:
c1:03:56:50:91:ca:dc:5e:4f:0c:54:d1:fe:d0:86:1f:38:a0:
4f:ed:37:91:b6:88:72:00:0c:5f:b7:cd:db:48:92:51:12:fc:
69:54:13:ca:a0:04:45:43:8b:4c:43:42:67:38:43:69:cd:17:
a9:7c:ae:cd:9e:52:d6:6c:e0:6d:a8:55:32:88:07:c8:6a:7b:
8f:cd:2a:6d:7c:60:05:d3:30:a6:92:95:2c:68:0e:70:17:58:
7b:e6:65:fe:cc:40:95:ed:27:32:20:71:a2:6b:0d:cf:c2:5e:
53:12:d5:57:83:24:f4:2f:fd:ff:c3:ae:ca:f0:58:07:b7:08:
16:4f:9c:65:11:da:b8:8e:49:5c:f7:3b:40:6c:3a:91:1b:7d:
e6:9d:aa:11:b4:6f:c0:67:14:c0:01:85:d3:de:35:5f:a9:23:
dc:66:a0:f9:04:b0:64:d7:fe:e4:5c:f9:36:c6:da:e9:ed:92:
2a:24:86:94:42:61:99:70:7f:01:07:88:38:bc:9d:55:18:ea:
6c:71:bc:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAoQScorvqn/GbcBgNpcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTJlMTU5MmIxMmFkMmNkMzlmNWJlNTdjMDU4NTM1ZWRi
MTJiOWMwHhcNMjMwMTAyMDEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTAyYTA3YzAyMWY5Y2MzYjZiNmQ3ODhhNWIwNmE0NzU3ODI3OGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvAJJwXvQBsueekVuNiNgnvjLQzT
pkG+yEtyvJgSDMBs7NVwiTe+hIQYyW49WHAdqkLE1RuFKLZoLUgHRA6PoAOY/ie6
qUlgSIYBahTCNKO/AACzEaSImjWKK2ZBBHrkkK1+ymCzBwk++IjIflTzFa0z78xD
3gwegFKefB+3sK9wfhXb1IrMl3SUu9xTBgs5sfTqWALmJjObRtIBl17pWPk4iEwc
dMb/YjOO43MxXK0XZfrpC6LJPGNeeya6oP7Yickf2KkqF4b+394VL+s+jMBKErMw
pcMNZsS4k02m/17gI1S8AVtV8RLg2zTLl23mMrueJk+4Kf+k6FqHgu50vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBECoHwCH5zDtrbXiKWwakdXgnj9MB8GA1UdIwQY
MBaAFGBS4VkrEq0s059b5XwFhTXtsSucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZMaFdTc1NyU3pUbjF2bGZBV0ZOZTJ4SzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81ODNhMmMtOTQ2ZC00NTE3LTgwODMt
MjY5ODVjZTQ1OTc4LzEvRVFLZ2ZBSWZuTU8ydHRlSXBiQnFSMWVDZVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81ODNhMmMtOTQ2ZC00NTE3LTgwODMtMjY5ODVjZTQ1OTc4
LzEvWUZMaFdTc1NyU3pUbjF2bGZBV0ZOZTJ4SzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXYIMA0G
CSqGSIb3DQEBCwUAA4IBAQCAsdWGPEvpFO6FXnYhfdqB2a979ofXa5z3fnP/J1L/
pLgk8XguV3xaJvTWFunE/TNtvfUI4C/BA1ZQkcrcXk8MVNH+0IYfOKBP7TeRtohy
AAxft83bSJJREvxpVBPKoARFQ4tMQ0JnOENpzRepfK7NnlLWbOBtqFUyiAfIanuP
zSptfGAF0zCmkpUsaA5wF1h75mX+zECV7ScyIHGiaw3Pwl5TEtVXgyT0L/3/w67K
8FgHtwgWT5xlEdq4jklc9ztAbDqRG33mnaoRtG/AZxTAAYXT3jVfqSPcZqD5BLBk
1/7kXPk2xtrp7ZIqJIaUQmGZcH8BB4g4vJ1VGOpscbxz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org