Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/EklruHO5rnXIjvV5HxM3njz0dUA.roa
File: EklruHO5rnXIjvV5HxM3njz0dUA.roa (raw, json)
Hash identifier: 66ASZrpRHSFpUMHSsjrvNZW8ug4CvMr9RyqSyy6S3uA=
Subject key identifier: 12:49:6B:B8:73:B9:AE:75:C8:8E:F5:79:1F:13:37:9E:3C:F4:75:40
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018AFC17E12ADA2FAE9030ED61EC800D7FB9
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/EklruHO5rnXIjvV5HxM3njz0dUA.roa
Signing time: Wed 04 Oct 2023 19:08:57 +0000
ROA not before: Wed 04 Oct 2023 19:08:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 85.8.160.0/23 maxlen: 23
85.8.162.0/23 maxlen: 23
217.18.208.0/22 maxlen: 22
193.187.108.0/22 maxlen: 22
84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 22 Oct 2023 14:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:17:e1:2a:da:2f:ae:90:30:ed:61:ec:80:0d:7f:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Oct 4 19:08:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12496bb873b9ae75c88ef5791f13379e3cf47540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:11:47:ff:2a:94:49:d9:fa:dd:84:78:af:f6:
9c:76:ee:5c:16:d6:6a:41:f1:5e:09:9a:d2:d8:2a:
24:14:4d:7c:a6:b7:6d:f7:14:46:de:10:74:aa:9c:
72:1c:50:16:6d:c8:60:12:68:b3:a4:64:88:1b:1c:
04:29:52:fc:ad:f2:5e:8b:b0:b5:d3:48:a8:fa:da:
72:0f:54:81:61:3f:43:25:1e:d3:8e:83:ef:ef:12:
6e:b8:78:fc:c9:f5:cb:0e:6d:ea:29:05:c6:1e:f3:
28:9a:52:4f:79:33:85:84:1b:fb:50:a1:2f:d0:fc:
42:22:a9:c9:22:77:2a:9f:62:48:f1:49:0b:23:8b:
ef:3b:0b:b7:79:2b:12:59:0a:23:4d:1e:c0:7d:a8:
bf:14:ba:c7:07:fd:e9:71:f1:40:e4:c0:1a:d1:a5:
73:ca:e6:8f:a2:1d:7a:31:38:b9:00:ed:87:51:58:
74:b6:18:fe:3f:c0:ac:d3:02:10:07:cf:00:11:48:
27:8d:f1:cf:e0:58:b2:d8:af:fa:56:86:f6:11:5a:
23:67:e5:c3:aa:35:ef:0c:75:b9:8a:97:c9:73:1b:
b5:c1:1e:e0:ee:0c:b5:d7:8d:bd:4b:29:40:1e:d6:
bc:99:a2:69:24:41:99:13:e8:11:3d:85:58:3e:1e:
4a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:49:6B:B8:73:B9:AE:75:C8:8E:F5:79:1F:13:37:9E:3C:F4:75:40
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/EklruHO5rnXIjvV5HxM3njz0dUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.0.0/22
85.8.144.0/22
85.8.160.0/22
193.187.108.0/22
217.18.208.0/22
Signature Algorithm: sha256WithRSAEncryption
95:70:6b:91:46:ba:06:de:f0:fa:43:c3:26:42:01:87:78:80:
e3:8a:a5:25:5e:28:e6:ca:98:92:d5:d1:0f:ac:40:d3:d2:5a:
50:8e:79:62:27:f2:86:c9:59:dd:60:80:ea:19:41:70:f6:d7:
57:73:0d:93:4a:cc:3f:55:09:44:5e:8c:ba:46:1e:70:64:e7:
59:bb:eb:8d:d1:50:63:40:37:9c:fb:de:bc:cd:05:53:46:fb:
9e:18:50:13:ff:0c:29:ab:c1:9a:cf:99:2e:b5:ca:42:37:cd:
20:61:a5:ac:be:25:87:50:8e:e7:9d:e4:a0:b0:5f:a6:97:3a:
81:32:85:16:dd:f7:9a:15:a3:31:d5:41:17:ef:ef:1c:0b:14:
2f:b1:92:d8:07:c0:05:72:db:3b:2d:da:a2:75:d3:a7:4a:d8:
b3:c9:69:c7:18:a0:67:bb:d3:9e:b1:5f:f5:b9:51:ea:39:1a:
b0:6a:c5:01:9a:8e:36:33:45:ef:6b:5e:e5:f6:2f:7a:3c:7c:
12:27:3e:fa:78:6b:e7:cb:d6:c7:44:56:9d:7b:7a:82:78:1a:
44:81:d5:da:08:6e:19:0b:fe:57:9a:ee:70:cd:42:e5:b1:e1:
ba:d9:17:e6:1f:15:9b:13:a5:57:85:60:5b:cd:5e:9a:40:69:
cf:c0:24:cc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYr8F+Eq2i+ukDDtYeyADX+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMxMDA0MTkwODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQ5NmJiODczYjlhZTc1Yzg4ZWY1NzkxZjEzMzc5ZTNjZjQ3NTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BFH/yqUSdn63YR4r/acdu5cFtZq
QfFeCZrS2CokFE18prdt9xRG3hB0qpxyHFAWbchgEmizpGSIGxwEKVL8rfJei7C1
00io+tpyD1SBYT9DJR7TjoPv7xJuuHj8yfXLDm3qKQXGHvMomlJPeTOFhBv7UKEv
0PxCIqnJIncqn2JI8UkLI4vvOwu3eSsSWQojTR7Afai/FLrHB/3pcfFA5MAa0aVz
yuaPoh16MTi5AO2HUVh0thj+P8Cs0wIQB88AEUgnjfHP4Fiy2K/6Vob2EVojZ+XD
qjXvDHW5ipfJcxu1wR7g7gy11429SylAHta8maJpJEGZE+gRPYVYPh5KbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBJJa7hzua51yI71eR8TN5489HVAMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvRWtscnVITzVyblhJanZWNUh4TTNuanowZFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVDYAAwQC
VQiQAwQCVQigAwQCwbtsAwQC2RLQMA0GCSqGSIb3DQEBCwUAA4IBAQCVcGuRRroG
3vD6Q8MmQgGHeIDjiqUlXijmypiS1dEPrEDT0lpQjnliJ/KGyVndYIDqGUFw9tdX
cw2TSsw/VQlEXoy6Rh5wZOdZu+uN0VBjQDec+968zQVTRvueGFAT/wwpq8Gaz5ku
tcpCN80gYaWsviWHUI7nneSgsF+mlzqBMoUW3feaFaMx1UEX7+8cCxQvsZLYB8AF
cts7LdqiddOnStizyWnHGKBnu9OesV/1uVHqORqwasUBmo42M0Xva17l9i96PHwS
Jz76eGvny9bHRFade3qCeBpEgdXaCG4ZC/5Xmu5wzULlseG62RfmHxWbE6VXhWBb
zV6aQGnPwCTM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org