Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/eDx-dgjXPR3rGkEIwGx7bBAl4cU.roa
File: eDx-dgjXPR3rGkEIwGx7bBAl4cU.roa (raw, json)
Hash identifier: VdHPgTqJb3LITgzEhNDjXm3ATWvOVUsDsyMu6ophrpw=
Subject key identifier: 78:3C:7E:76:08:D7:3D:1D:EB:1A:41:08:C0:6C:7B:6C:10:25:E1:C5
Certificate issuer: /CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Certificate serial: 018C958F2FA0227DD9F727ED19BF3BF13E8D
Authority key identifier: FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/eDx-dgjXPR3rGkEIwGx7bBAl4cU.roa
Signing time: Sat 23 Dec 2023 07:23:58 +0000
ROA not before: Sat 23 Dec 2023 07:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59943
IP address blocks: 91.208.211.0/24 maxlen: 24
193.104.8.0/24 maxlen: 24
185.3.216.0/22 maxlen: 24
194.32.152.0/24 maxlen: 24
194.32.152.0/22 maxlen: 22
194.32.155.0/24 maxlen: 24
91.223.195.0/24 maxlen: 24
194.32.154.0/24 maxlen: 24
194.32.153.0/24 maxlen: 24
2a02:5b41::/32 maxlen: 32
2a02:5b40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:8f:2f:a0:22:7d:d9:f7:27:ed:19:bf:3b:f1:3e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffb4f40f3211561c29f1bbc320bd87cfa2ddd029
Validity
Not Before: Dec 23 07:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=783c7e7608d73d1deb1a4108c06c7b6c1025e1c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b6:a8:95:f6:ea:88:74:17:f3:10:13:63:2d:
be:b0:a4:ff:08:09:9a:1d:0f:4e:e1:a2:7d:2c:17:
18:61:48:ef:79:6b:40:81:e4:9f:53:17:9f:8b:07:
fc:ab:35:f8:9d:24:3a:e4:9a:c6:3a:84:51:12:33:
71:75:58:01:32:87:b3:b2:68:c6:f9:dd:21:9e:15:
09:9d:37:8a:bb:9c:df:5c:71:bb:69:db:6b:fc:a4:
0a:7b:82:98:76:47:b8:01:d0:79:21:5f:e6:18:c6:
67:ef:30:ee:9a:82:fe:a0:8f:6d:48:82:1f:0b:3b:
6e:d2:0d:57:d7:0f:02:61:ab:49:40:57:cd:10:3a:
8b:d0:03:3e:1a:0f:bb:01:3d:4c:9f:82:60:72:ac:
9b:fb:c5:e2:3d:23:95:61:5b:fd:a4:8f:d5:33:29:
df:1b:19:37:f6:56:4d:c9:73:4a:bc:f9:06:4c:6f:
bb:99:d3:9b:f7:a5:82:79:1b:49:e8:c1:76:f7:3a:
c8:aa:5e:cd:47:24:9a:f2:1c:1b:6f:4c:ee:a3:56:
89:eb:cc:c0:22:44:06:f3:7d:38:de:28:5d:59:75:
b5:8d:5d:2b:bd:ba:35:a6:58:eb:0e:70:88:ad:6c:
7c:86:77:6b:68:6c:74:48:76:c2:3e:5b:53:5e:bb:
77:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3C:7E:76:08:D7:3D:1D:EB:1A:41:08:C0:6C:7B:6C:10:25:E1:C5
X509v3 Authority Key Identifier:
keyid:FF:B4:F4:0F:32:11:56:1C:29:F1:BB:C3:20:BD:87:CF:A2:DD:D0:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/eDx-dgjXPR3rGkEIwGx7bBAl4cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/148d88-6136-4374-994b-d53f94e207a9/1/_7T0DzIRVhwp8bvDIL2Hz6Ld0Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.211.0/24
91.223.195.0/24
185.3.216.0/22
193.104.8.0/24
194.32.152.0/22
IPv6:
2a02:5b40::/31
Signature Algorithm: sha256WithRSAEncryption
18:90:b7:af:7c:6e:98:4f:e5:8c:92:2a:4e:e9:6d:ee:2a:04:
7a:4c:83:85:9b:5b:1f:76:34:c7:9f:cd:68:e4:ba:b1:95:cb:
ed:18:f8:a1:9b:a9:14:25:cb:17:19:d8:90:f1:ee:cb:8e:74:
0f:f2:9e:a0:43:68:af:01:a2:e4:ef:de:0e:5d:6f:b6:df:88:
b5:a7:41:24:01:26:21:45:f3:4a:d9:57:37:bb:ab:a5:c6:18:
b9:48:41:13:54:79:07:34:06:96:b6:28:c0:77:06:8e:fb:f9:
2e:a3:53:e5:e8:3d:93:f6:5a:cd:44:1c:b9:44:17:1b:31:7f:
11:f9:11:92:b6:71:88:ad:f9:4e:35:38:73:c7:41:ca:ca:37:
c4:55:b8:86:95:33:51:52:c9:da:8f:7f:7d:eb:38:25:db:50:
2c:20:ae:e7:dd:1e:e7:d9:50:c6:66:bb:ee:66:f1:92:79:b8:
cf:a5:0b:89:33:d3:90:ba:1e:9d:35:7f:0b:ab:1e:5c:ac:eb:
31:ab:0e:d5:fa:63:29:24:0f:f8:af:e8:9c:2c:c5:02:8f:dd:
64:21:45:9e:88:c7:d6:e0:eb:eb:4a:dc:bf:7e:71:75:0c:7a:
21:de:9f:18:06:c0:c3:58:7f:4f:f9:ac:af:06:c7:0c:75:5c:
2a:7d:62:ad
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYyVjy+gIn3Z9yftGb878T6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYjRmNDBmMzIxMTU2MWMyOWYxYmJjMzIwYmQ4N2NmYTJk
ZGQwMjkwHhcNMjMxMjIzMDcyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODNjN2U3NjA4ZDczZDFkZWIxYTQxMDhjMDZjN2I2YzEwMjVlMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsraolfbqiHQX8xATYy2+sKT/CAma
HQ9O4aJ9LBcYYUjveWtAgeSfUxefiwf8qzX4nSQ65JrGOoRREjNxdVgBMoezsmjG
+d0hnhUJnTeKu5zfXHG7adtr/KQKe4KYdke4AdB5IV/mGMZn7zDumoL+oI9tSIIf
Cztu0g1X1w8CYatJQFfNEDqL0AM+Gg+7AT1Mn4Jgcqyb+8XiPSOVYVv9pI/VMynf
Gxk39lZNyXNKvPkGTG+7mdOb96WCeRtJ6MF29zrIql7NRySa8hwbb0zuo1aJ68zA
IkQG83043ihdWXW1jV0rvbo1pljrDnCIrWx8hndraGx0SHbCPltTXrt3DwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHg8fnYI1z0d6xpBCMBse2wQJeHFMB8GA1UdIwQY
MBaAFP+09A8yEVYcKfG7wyC9h8+i3dApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzdUMER6SVJWaHdwOGJ2RElMMkh6NkxkMENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNDhkODgtNjEzNi00Mzc0LTk5NGIt
ZDUzZjk0ZTIwN2E5LzEvZUR4LWRnalhQUjNyR2tFSXdHeDdiQkFsNGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xNDhkODgtNjEzNi00Mzc0LTk5NGItZDUzZjk0ZTIwN2E5
LzEvXzdUMER6SVJWaHdwOGJ2RElMMkh6NkxkMENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW9DTAwQA
W9/DAwQCuQPYAwQAwWgIAwQCwiCYMA0EAgACMAcDBQEqAltAMA0GCSqGSIb3DQEB
CwUAA4IBAQAYkLevfG6YT+WMkipO6W3uKgR6TIOFm1sfdjTHn81o5LqxlcvtGPih
m6kUJcsXGdiQ8e7LjnQP8p6gQ2ivAaLk794OXW+234i1p0EkASYhRfNK2Vc3u6ul
xhi5SEETVHkHNAaWtijAdwaO+/kuo1Pl6D2T9lrNRBy5RBcbMX8R+RGStnGIrflO
NThzx0HKyjfEVbiGlTNRUsnaj3996zgl21AsIK7n3R7n2VDGZrvuZvGSebjPpQuJ
M9OQuh6dNX8Lqx5crOsxqw7V+mMpJA/4r+icLMUCj91kIUWeiMfW4OvrSty/fnF1
DHoh3p8YBsDDWH9P+ayvBscMdVwqfWKt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:21 2024 by rpki-client on console-fra.rpki-client.org