Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/EUmm4hTrpLvESlpQKvyUt0E0kl8.roa
File: EUmm4hTrpLvESlpQKvyUt0E0kl8.roa (raw, json)
Hash identifier: nwsVzGx1sRPU94tgRY400mYwi7GVtJT16LTivbDyoCA=
Subject key identifier: 11:49:A6:E2:14:EB:A4:BB:C4:4A:5A:50:2A:FC:94:B7:41:34:92:5F
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018E326A367F86AEF1960D51AB1D8E1A8EC6
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/EUmm4hTrpLvESlpQKvyUt0E0kl8.roa
Signing time: Tue 12 Mar 2024 11:26:45 +0000
ROA not before: Tue 12 Mar 2024 11:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
85.8.156.0/22 maxlen: 22
85.8.160.0/23 maxlen: 23
85.8.162.0/23 maxlen: 23
185.231.224.0/22 maxlen: 22
193.187.108.0/22 maxlen: 22
213.139.224.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 12 Mar 2024 14:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:6a:36:7f:86:ae:f1:96:0d:51:ab:1d:8e:1a:8e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Mar 12 11:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1149a6e214eba4bbc44a5a502afc94b74134925f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:27:58:66:ce:4b:af:04:5a:ca:16:1c:42:73:
a7:2e:d4:06:0e:6c:89:b7:4f:db:53:83:5c:e9:3b:
7b:b9:91:46:70:a9:88:e8:13:75:d7:d2:55:8e:70:
65:31:20:16:8a:10:ef:23:86:50:e8:4b:92:ea:f6:
5d:d7:30:ea:ed:09:db:19:af:55:73:44:28:7a:f7:
df:3f:f3:8f:cd:00:ff:c6:74:2f:c8:cd:f8:80:1e:
e7:82:05:94:d7:be:87:8c:ae:1d:cc:6d:e7:aa:b7:
fc:bb:65:a2:a4:33:ed:75:bb:ae:57:3d:b1:dd:b5:
67:b3:4a:35:bc:5f:48:3d:06:66:17:57:cd:b5:96:
d2:4d:46:30:f5:eb:98:e7:b6:5c:7b:42:f8:55:87:
e8:7b:21:f6:31:0c:9c:a8:a7:23:13:50:83:2e:44:
ad:0d:bb:e6:77:b1:b9:6f:24:ad:7b:d4:38:83:a1:
c3:6e:f6:9b:71:a1:29:b7:30:8e:14:b8:c0:e6:28:
44:1a:bc:f1:12:6e:aa:89:12:e3:41:01:89:22:40:
32:0a:89:77:2d:19:97:ff:49:8f:39:ad:b1:40:de:
e4:58:50:fb:b4:7a:27:a1:bf:c2:1a:db:22:ea:66:
b0:35:2b:49:c0:08:cd:ff:e4:d2:7e:1c:8c:7e:da:
83:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:49:A6:E2:14:EB:A4:BB:C4:4A:5A:50:2A:FC:94:B7:41:34:92:5F
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/EUmm4hTrpLvESlpQKvyUt0E0kl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.0.0/22
85.8.144.0/22
85.8.156.0-85.8.163.255
185.231.224.0/22
193.187.108.0/22
213.139.224.0/22
Signature Algorithm: sha256WithRSAEncryption
81:77:07:69:ab:b8:4d:4d:a8:4f:0a:26:e1:87:db:13:ae:fb:
98:b4:69:f9:36:e1:00:c0:4f:cb:bb:4f:80:80:66:d7:15:42:
ee:2f:4b:da:d5:c1:d1:51:3b:51:99:de:81:2d:6a:70:c1:0f:
0d:e8:67:21:8c:9e:b6:ac:58:6d:95:89:08:5b:2f:57:36:89:
0d:d1:16:e1:20:76:ad:db:f6:bd:ef:94:42:58:8f:6e:ed:1f:
4a:1e:e2:4b:49:92:3d:88:1b:d9:14:92:dc:7f:2c:8a:d2:b9:
e4:58:2f:37:fb:23:88:ed:82:f9:76:b8:02:68:86:01:66:c5:
8c:79:44:a5:aa:d8:e5:58:72:fb:8b:e6:5f:ae:72:06:dc:b5:
63:6c:62:c9:97:02:99:b8:01:6c:1d:28:c4:68:76:22:dc:2c:
65:c9:fb:58:49:a6:2e:21:4d:49:97:f5:93:4b:e6:f5:23:ae:
55:89:b3:2e:b6:d3:2b:10:33:08:0f:b6:59:20:77:3f:0b:3e:
87:c5:60:7d:24:a6:7b:5e:1f:bc:f4:ad:c2:52:47:99:4d:65:
e0:90:22:cd:a3:b5:15:0e:c7:fe:02:d3:dc:ec:ec:1c:77:26:
de:bc:74:50:de:d6:3f:54:05:5e:e7:62:71:af:b6:37:4e:2d:
c7:1e:65:03
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY4yajZ/hq7xlg1Rqx2OGo7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwMzEyMTEyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTQ5YTZlMjE0ZWJhNGJiYzQ0YTVhNTAyYWZjOTRiNzQxMzQ5MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkydYZs5LrwRayhYcQnOnLtQGDmyJ
t0/bU4Nc6Tt7uZFGcKmI6BN119JVjnBlMSAWihDvI4ZQ6EuS6vZd1zDq7QnbGa9V
c0QoevffP/OPzQD/xnQvyM34gB7nggWU176HjK4dzG3nqrf8u2WipDPtdbuuVz2x
3bVns0o1vF9IPQZmF1fNtZbSTUYw9euY57Zce0L4VYfoeyH2MQycqKcjE1CDLkSt
Dbvmd7G5bySte9Q4g6HDbvabcaEptzCOFLjA5ihEGrzxEm6qiRLjQQGJIkAyCol3
LRmX/0mPOa2xQN7kWFD7tHonob/CGtsi6mawNStJwAjN/+TSfhyMftqDwwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBFJpuIU66S7xEpaUCr8lLdBNJJfMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvRVVtbTRoVHJwTHZFU2xwUUt2eVV0MEUwa2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCVDYAAwQC
VQiQMAwDBAJVCJwDBAJVCKADBAK55+ADBALBu2wDBALVi+AwDQYJKoZIhvcNAQEL
BQADggEBAIF3B2mruE1NqE8KJuGH2xOu+5i0afk24QDAT8u7T4CAZtcVQu4vS9rV
wdFRO1GZ3oEtanDBDw3oZyGMnrasWG2ViQhbL1c2iQ3RFuEgdq3b9r3vlEJYj27t
H0oe4ktJkj2IG9kUktx/LIrSueRYLzf7I4jtgvl2uAJohgFmxYx5RKWq2OVYcvuL
5l+ucgbctWNsYsmXApm4AWwdKMRodiLcLGXJ+1hJpi4hTUmX9ZNL5vUjrlWJsy62
0ysQMwgPtlkgdz8LPofFYH0kpnteH7z0rcJSR5lNZeCQIs2jtRUOx/4C09zs7Bx3
Jt68dFDe1j9UBV7nYnGvtjdOLcceZQM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org