Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/EQ_VcNtb7IaotWVVTv42GYjuNdc.roa
File: EQ_VcNtb7IaotWVVTv42GYjuNdc.roa (raw, json)
Hash identifier: zFa/LmUHjOf5abfQefNMPlx7ecqj/ZHclNHt5zfsB60=
Subject key identifier: 11:0F:D5:70:DB:5B:EC:86:A8:B5:65:55:4E:FE:36:19:88:EE:35:D7
Certificate issuer: /CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Certificate serial: 018E814CE9C552765E4E8ECFA172EDF64D4A
Authority key identifier: 3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/EQ_VcNtb7IaotWVVTv42GYjuNdc.roa
Signing time: Wed 27 Mar 2024 19:04:45 +0000
ROA not before: Wed 27 Mar 2024 19:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51264
IP address blocks: 91.228.218.0/24 maxlen: 24
194.0.206.0/24 maxlen: 24
194.143.146.0/24 maxlen: 24
195.14.123.0/24 maxlen: 24
195.93.173.0/24 maxlen: 24
2001:678:cfc::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Apr 2024 12:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:81:4c:e9:c5:52:76:5e:4e:8e:cf:a1:72:ed:f6:4d:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Validity
Not Before: Mar 27 19:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=110fd570db5bec86a8b565554efe361988ee35d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:da:6b:e3:ec:e8:c8:aa:00:48:56:26:9e:a2:
83:90:3e:20:37:65:01:3d:39:02:d4:d2:f0:25:5f:
24:12:00:e9:7c:93:d3:9a:2c:e7:b5:d9:27:65:71:
7c:69:cc:44:a0:5b:bf:3f:12:3e:d4:b6:62:8a:30:
3d:6c:39:56:2b:10:3a:03:18:42:80:47:2e:9b:94:
4c:98:33:52:e4:35:a0:ca:e9:d0:c8:9e:cf:c7:9d:
46:4a:80:1f:89:59:e8:b0:20:82:4e:14:9d:af:dc:
8e:1b:e0:c6:01:9e:28:78:ab:4d:56:55:8f:ed:9f:
46:42:29:1a:02:f3:31:96:cc:aa:0a:b4:bc:65:ec:
72:90:cd:a3:c4:07:eb:53:51:ed:05:c7:e1:99:c8:
46:35:a3:06:9e:ab:83:00:7e:35:9e:e9:d5:f6:2a:
b9:37:a2:bc:6e:8d:14:15:b9:78:e8:cf:6c:f3:56:
7a:6f:61:5c:d0:8e:a6:0e:55:66:83:77:c1:4a:f9:
7e:3c:09:16:9d:92:51:dd:f4:7d:a4:3c:ba:71:e7:
2e:cb:31:36:58:14:bd:6e:e9:66:00:63:fe:d9:34:
00:fe:4d:f4:4b:60:7b:dd:a0:cd:d2:39:21:a0:c6:
ee:7f:36:a5:fa:75:55:43:13:d3:8e:62:de:e2:92:
e0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:0F:D5:70:DB:5B:EC:86:A8:B5:65:55:4E:FE:36:19:88:EE:35:D7
X509v3 Authority Key Identifier:
keyid:3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/EQ_VcNtb7IaotWVVTv42GYjuNdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.218.0/24
194.0.206.0/24
194.143.146.0/24
195.14.123.0/24
195.93.173.0/24
IPv6:
2001:678:cfc::/48
Signature Algorithm: sha256WithRSAEncryption
51:d8:60:58:44:e6:5b:4a:97:e7:fc:0b:a5:08:10:51:09:16:
61:cc:99:ae:19:84:f3:ef:69:5e:71:64:ed:1e:49:d1:3e:78:
bb:d1:e5:4f:7e:b2:3a:c5:a6:e4:02:14:e6:cd:db:2c:43:15:
f2:a0:9d:73:49:4a:9e:29:2f:38:6a:60:16:3f:6b:8f:16:b6:
6f:5f:d3:a8:bb:9b:f3:48:4b:7e:b7:e4:19:1b:a0:b9:34:a3:
7d:42:fe:c5:ed:81:7a:21:a3:c9:24:ec:f2:42:9e:8c:40:57:
01:27:64:b5:77:cd:3b:29:47:c3:05:de:46:41:ae:ce:c3:0c:
5c:dd:ba:f7:16:f6:87:ec:9c:46:cf:13:99:95:24:64:bd:d7:
27:44:81:2e:7f:d3:4d:af:e3:23:52:9e:ad:6f:a6:f4:69:a5:
70:e5:64:1a:06:a9:02:43:b2:ed:93:3a:a8:9e:16:34:07:da:
a8:a6:f8:b1:14:2e:c6:6a:e0:c1:27:61:9b:e0:4b:90:b8:a4:
51:bd:f2:10:dc:41:b8:e5:35:c6:dc:6f:02:5a:46:2b:02:81:
cd:dd:4e:0b:1a:45:78:14:0c:df:a0:99:b6:86:06:51:2f:f8:
b6:0a:5f:10:4a:e7:e5:fc:7a:a4:5f:e1:20:21:13:e8:5a:06:
d3:e8:20:06
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY6BTOnFUnZeTo7PoXLt9k1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDMyNzdiN2NhNzlkMGU5ZTA3ZmM0YTRiMzE4MDQxZGY0
MTVjYjMwHhcNMjQwMzI3MTkwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTBmZDU3MGRiNWJlYzg2YThiNTY1NTU0ZWZlMzYxOTg4ZWUzNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Npr4+zoyKoASFYmnqKDkD4gN2UB
PTkC1NLwJV8kEgDpfJPTmizntdknZXF8acxEoFu/PxI+1LZiijA9bDlWKxA6AxhC
gEcum5RMmDNS5DWgyunQyJ7Px51GSoAfiVnosCCCThSdr9yOG+DGAZ4oeKtNVlWP
7Z9GQikaAvMxlsyqCrS8ZexykM2jxAfrU1HtBcfhmchGNaMGnquDAH41nunV9iq5
N6K8bo0UFbl46M9s81Z6b2Fc0I6mDlVmg3fBSvl+PAkWnZJR3fR9pDy6cecuyzE2
WBS9bulmAGP+2TQA/k30S2B73aDN0jkhoMbufzal+nVVQxPTjmLe4pLgfQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBEP1XDbW+yGqLVlVU7+NhmI7jXXMB8GA1UdIwQY
MBaAFD5DJ3t8p50Ongf8SksxgEHfQVyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUt
M2NmMmE0NjIyZmJjLzEvRVFfVmNOdGI3SWFvdFdWVlR2NDJHWWp1TmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUtM2NmMmE0NjIyZmJj
LzEvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW+TaAwQA
wgDOAwQAwo+SAwQAww57AwQAw12tMA8EAgACMAkDBwAgAQZ4DPwwDQYJKoZIhvcN
AQELBQADggEBAFHYYFhE5ltKl+f8C6UIEFEJFmHMma4ZhPPvaV5xZO0eSdE+eLvR
5U9+sjrFpuQCFObN2yxDFfKgnXNJSp4pLzhqYBY/a48Wtm9f06i7m/NIS3635Bkb
oLk0o31C/sXtgXoho8kk7PJCnoxAVwEnZLV3zTspR8MF3kZBrs7DDFzduvcW9ofs
nEbPE5mVJGS91ydEgS5/002v4yNSnq1vpvRppXDlZBoGqQJDsu2TOqieFjQH2qim
+LEULsZq4MEnYZvgS5C4pFG98hDcQbjlNcbcbwJaRisCgc3dTgsaRXgUDN+gmbaG
BlEv+LYKXxBK5+X8eqRf4SAhE+haBtPoIAY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:43 2024 by rpki-client on console-fra.rpki-client.org