Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/EWCSxCZ2mscOl76Jo9fV68XkLBM.roa
File: EWCSxCZ2mscOl76Jo9fV68XkLBM.roa (raw, json)
Hash identifier: 6XOTku8VIABKnEoWauo5BxD0n/7QquM7N8gz9JQturM=
Subject key identifier: 11:60:92:C4:26:76:9A:C7:0E:97:BE:89:A3:D7:D5:EB:C5:E4:2C:13
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CF560D8186F76B0F4C8D15BC1E404B1B3
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/EWCSxCZ2mscOl76Jo9fV68XkLBM.roa
Signing time: Wed 10 Jan 2024 21:56:53 +0000
ROA not before: Wed 10 Jan 2024 21:56:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
45.154.196.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.119.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
185.242.224.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b86::/40 maxlen: 48
2a0b:b85::/32 maxlen: 32
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0d:77c0::/29 maxlen: 32
2a0b:b82::/44 maxlen: 44
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 16 Jan 2024 18:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:60:d8:18:6f:76:b0:f4:c8:d1:5b:c1:e4:04:b1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 10 21:56:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=116092c426769ac70e97be89a3d7d5ebc5e42c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e1:c5:2c:a8:98:28:60:55:a5:a0:9c:39:48:
1f:9c:8d:32:6a:b8:b6:4f:cc:82:fd:45:aa:01:3a:
ef:04:13:47:04:fc:59:80:90:15:1e:14:c7:38:2b:
95:b9:a5:10:0f:ce:98:22:84:8f:46:ec:a8:0b:51:
cc:0d:f0:cf:6d:23:0d:0a:61:7d:66:39:43:54:8d:
90:59:77:c0:fa:7c:5c:90:b3:4b:16:66:51:b1:f7:
e9:f6:68:d1:53:76:83:37:22:ed:ea:da:42:0b:50:
dc:ec:c4:de:7a:b8:26:75:ef:44:4e:17:a6:a4:8d:
46:b0:82:85:00:15:74:19:ef:86:d7:77:76:9b:f4:
4f:c2:ec:cd:e6:87:44:81:9c:69:de:7d:ac:8e:8b:
3c:39:44:b4:f0:7d:a9:af:18:d4:15:3a:23:33:36:
7a:fb:a8:63:54:24:9a:78:58:b3:7d:e2:92:30:83:
0d:9c:e0:2a:60:ed:f0:ca:53:fd:e1:fc:bb:ed:c1:
fc:40:ba:65:61:cb:76:f1:c2:4a:cf:54:c0:ba:de:
6e:de:d6:43:1c:a3:8e:b4:92:d6:d1:f8:b7:65:30:
87:20:27:95:ff:b9:4a:18:40:b9:78:4f:c1:6f:de:
98:d8:a6:47:5a:4a:47:3f:b5:dd:83:cd:c2:06:d8:
0b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:60:92:C4:26:76:9A:C7:0E:97:BE:89:A3:D7:D5:EB:C5:E4:2C:13
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/EWCSxCZ2mscOl76Jo9fV68XkLBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
d9:04:77:ba:6e:95:11:80:b0:33:7c:a9:80:32:30:71:7f:4e:
75:3c:93:6d:d3:4b:53:a5:5f:f2:20:77:e7:0b:c9:75:8b:41:
f3:bf:01:b9:4b:f3:12:4e:67:9d:5b:15:65:ad:b9:2f:6c:14:
70:28:a9:07:f5:80:6e:2c:91:22:72:c8:02:95:74:4b:ef:f2:
25:91:d9:f9:0b:59:c5:56:1c:75:45:56:46:a0:e9:06:a2:0b:
29:cf:ae:fa:17:08:e0:84:60:c6:95:84:1f:a8:cd:5e:72:34:
6a:b1:f6:cf:76:46:4b:89:18:6f:68:51:13:ca:4b:8d:32:33:
1e:2e:a4:3b:27:5a:a4:59:3a:d7:50:68:24:b5:d4:53:ec:06:
ad:9f:52:9b:fa:1f:cb:1b:fa:88:5e:7a:69:c3:00:66:48:37:
a0:17:88:70:d3:aa:6b:0d:ec:ad:a7:86:ea:75:0e:38:93:d7:
95:82:91:35:ff:bf:e0:2e:70:27:93:f5:10:c9:fe:78:9b:72:
7a:bc:e9:ef:00:d9:b8:7e:95:e1:fb:76:ac:92:cb:47:96:14:
60:59:1b:d6:86:db:45:32:85:bc:33:b6:75:1a:21:73:92:51:
ef:d4:4c:1a:ee:6e:7a:83:82:ac:e0:36:e2:80:9b:cb:db:1a:
f6:6f:20:e2
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAYz1YNgYb3aw9MjRW8HkBLGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTEwMjE1NjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTYwOTJjNDI2NzY5YWM3MGU5N2JlODlhM2Q3ZDVlYmM1ZTQyYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+HFLKiYKGBVpaCcOUgfnI0yari2
T8yC/UWqATrvBBNHBPxZgJAVHhTHOCuVuaUQD86YIoSPRuyoC1HMDfDPbSMNCmF9
ZjlDVI2QWXfA+nxckLNLFmZRsffp9mjRU3aDNyLt6tpCC1Dc7MTeergmde9EThem
pI1GsIKFABV0Ge+G13d2m/RPwuzN5odEgZxp3n2sjos8OUS08H2prxjUFTojMzZ6
+6hjVCSaeFizfeKSMIMNnOAqYO3wylP94fy77cH8QLplYct28cJKz1TAut5u3tZD
HKOOtJLW0fi3ZTCHICeV/7lKGEC5eE/Bb96Y2KZHWkpHP7Xdg83CBtgLlwIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFBFgksQmdprHDpe+iaPX1evF5CwTMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvRVdDU3hDWjJtc2NPbDc2Sm85ZlY2OFhrTEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIGRBAIAATCBigME
AgI4pAMEAi1RFAMEAi1akAMEAi2M3AMEAi2axAMEAk1T8AMEAk5s2AMEAlOPdAME
AlXKoAMEAlm+nAMEArLakAMEArm5KAMEArm6QAMEArnjRAMEArnqSAMEArny4AME
AsEfHAMEAsEiTAMEAMFpuAMEAsHdwAMEAsIyEAMEAsI44AMEAtRrDDBoBAIAAjBi
AwcEKgsLggAAMA8DBQIqCwuEAwYAKgsLhgADBwAqCwuH/xIDBwAqCwuH/7QDBwAq
CwuH/9oDBwAqCwuH/+wDBwQqCwuH//AwEgMHBCoLcIAAEAMHBioLcIAAAAMFAyoN
d8AwDQYJKoZIhvcNAQELBQADggEBANkEd7pulRGAsDN8qYAyMHF/TnU8k23TS1Ol
X/Igd+cLyXWLQfO/AblL8xJOZ51bFWWtuS9sFHAoqQf1gG4skSJyyAKVdEvv8iWR
2fkLWcVWHHVFVkag6QaiCynPrvoXCOCEYMaVhB+ozV5yNGqx9s92RkuJGG9oURPK
S40yMx4upDsnWqRZOtdQaCS11FPsBq2fUpv6H8sb+oheemnDAGZIN6AXiHDTqmsN
7K2nhup1DjiT15WCkTX/v+AucCeT9RDJ/nibcnq86e8A2bh+leH7dqySy0eWFGBZ
G9aG20UyhbwztnUaIXOSUe/UTBrubnqDgqzgNuKAm8vbGvZvIOI=
-----END CERTIFICATE-----
Generated at Tue Jan 16 22:12:51 2024 by rpki-client on console-fra.rpki-client.org