Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/ECGLwjhDQEe1x4C9pCHVFk3a-WM.roa
File: ECGLwjhDQEe1x4C9pCHVFk3a-WM.roa (raw, json)
Hash identifier: yONmw8QDqe8xkE/9Pie1Knr4gIZCTwrVqvXjx6ls6mE=
Subject key identifier: 10:21:8B:C2:38:43:40:47:B5:C7:80:BD:A4:21:D5:16:4D:DA:F9:63
Certificate issuer: /CN=8ab6bd65fe2a86fd42f9c4f504e1eed58570f93d
Certificate serial: 018D5F1C3139F799D0519D8C654C3872788C
Authority key identifier: 8A:B6:BD:65:FE:2A:86:FD:42:F9:C4:F5:04:E1:EE:D5:85:70:F9:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ira9Zf4qhv1C-cT1BOHu1YVw-T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/ECGLwjhDQEe1x4C9pCHVFk3a-WM.roa
Signing time: Wed 31 Jan 2024 10:41:39 +0000
ROA not before: Wed 31 Jan 2024 10:41:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 91.235.145.0/24 maxlen: 24
91.235.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 18:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:1c:31:39:f7:99:d0:51:9d:8c:65:4c:38:72:78:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab6bd65fe2a86fd42f9c4f504e1eed58570f93d
Validity
Not Before: Jan 31 10:41:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10218bc238434047b5c780bda421d5164ddaf963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:be:66:f9:2e:96:0e:2e:63:5a:37:71:6d:ca:
2d:5f:ab:7b:89:65:38:cf:f7:53:74:e6:de:00:b5:
a0:3b:06:fd:8a:00:1e:43:21:ab:5a:ec:63:d6:39:
e1:02:69:d8:f7:13:8c:86:b6:65:50:b9:09:f5:ee:
f6:48:b6:12:8c:17:88:57:36:a8:72:78:ae:ec:01:
f3:7f:bf:3a:17:d4:d2:8b:5a:d7:e2:d9:4c:56:36:
ac:00:08:d6:5e:1b:d3:56:9e:18:7f:ab:58:5a:b6:
d4:3b:cb:2e:16:1e:2c:c8:97:f7:49:7b:65:52:f3:
6c:1c:c0:89:7d:9d:16:18:95:d3:47:06:bd:69:2e:
47:a7:dc:a8:8d:e5:29:ef:14:a2:40:ad:c1:33:a1:
2c:cc:90:f4:7f:32:3a:e9:d5:15:fe:16:d6:15:89:
74:27:17:cd:cf:fe:b1:7e:2b:0e:39:8e:97:0c:d8:
c6:da:d7:78:2c:7e:95:42:d7:df:b9:e7:71:64:3f:
12:9d:80:f2:b4:14:b4:fe:16:79:20:7e:f6:8c:25:
be:09:00:67:df:71:24:bc:49:2f:27:d4:f3:0b:f5:
b1:ba:40:8e:0b:c3:0c:8c:48:42:77:e4:5f:5c:54:
9d:f0:20:0c:2b:ed:65:28:13:a1:c1:b7:e7:2f:ff:
10:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:21:8B:C2:38:43:40:47:B5:C7:80:BD:A4:21:D5:16:4D:DA:F9:63
X509v3 Authority Key Identifier:
keyid:8A:B6:BD:65:FE:2A:86:FD:42:F9:C4:F5:04:E1:EE:D5:85:70:F9:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ira9Zf4qhv1C-cT1BOHu1YVw-T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/ECGLwjhDQEe1x4C9pCHVFk3a-WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/45a9c5-2cc1-4f45-ba80-ad58189de754/1/ira9Zf4qhv1C-cT1BOHu1YVw-T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.145.0/24
91.235.147.0/24
Signature Algorithm: sha256WithRSAEncryption
83:bf:ac:87:e7:be:1b:1b:12:4d:07:eb:49:df:65:d0:be:de:
98:40:e2:61:e9:91:90:92:2b:ce:16:ca:c3:1c:ae:1e:78:a5:
b5:1b:22:07:52:e0:5b:8a:25:a6:29:9b:3e:b5:f0:01:50:f3:
72:d0:1e:c9:9f:c3:9d:79:7b:63:2a:9d:62:a7:ef:97:d6:97:
56:ea:ef:c0:8b:fc:3d:0a:7e:59:30:a4:80:4d:fb:ff:da:a9:
ea:5f:b9:ec:26:0b:9a:a1:59:27:85:91:6e:b7:ae:4b:3d:43:
cc:14:c5:5e:66:7c:41:0f:44:0f:ce:38:8e:a2:84:61:4e:26:
04:c4:6d:0f:71:d0:0b:04:55:e1:24:44:06:ce:94:cc:a6:19:
fb:e1:3d:a0:62:46:45:26:40:04:03:84:e1:00:c1:67:8f:50:
56:5d:c5:f4:32:da:60:7f:07:a6:f7:64:66:fb:71:1c:cd:a5:
76:3f:ee:3c:05:c8:7b:c3:b4:d6:9e:28:0b:6c:73:8f:3e:aa:
84:e1:70:53:2a:94:2f:76:6a:fd:cc:f8:e7:3a:81:13:d7:c4:
5f:b3:88:45:a8:93:95:35:e0:59:3a:84:9f:47:86:1c:5b:94:
58:63:0c:a2:77:77:95:78:32:18:8d:cb:ca:ee:4d:7c:ab:cc:
22:05:20:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1fHDE595nQUZ2MZUw4cniMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjZiZDY1ZmUyYTg2ZmQ0MmY5YzRmNTA0ZTFlZWQ1ODU3
MGY5M2QwHhcNMjQwMTMxMTA0MTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDIxOGJjMjM4NDM0MDQ3YjVjNzgwYmRhNDIxZDUxNjRkZGFmOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr5m+S6WDi5jWjdxbcotX6t7iWU4
z/dTdObeALWgOwb9igAeQyGrWuxj1jnhAmnY9xOMhrZlULkJ9e72SLYSjBeIVzao
cniu7AHzf786F9TSi1rX4tlMVjasAAjWXhvTVp4Yf6tYWrbUO8suFh4syJf3SXtl
UvNsHMCJfZ0WGJXTRwa9aS5Hp9yojeUp7xSiQK3BM6EszJD0fzI66dUV/hbWFYl0
JxfNz/6xfisOOY6XDNjG2td4LH6VQtffuedxZD8SnYDytBS0/hZ5IH72jCW+CQBn
33EkvEkvJ9TzC/WxukCOC8MMjEhCd+RfXFSd8CAMK+1lKBOhwbfnL/8QKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBAhi8I4Q0BHtceAvaQh1RZN2vljMB8GA1UdIwQY
MBaAFIq2vWX+Kob9QvnE9QTh7tWFcPk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJhOVpmNHFodjFDLWNUMUJPSHUxWVZ3LVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80NWE5YzUtMmNjMS00ZjQ1LWJhODAt
YWQ1ODE4OWRlNzU0LzEvRUNHTHdqaERRRWUxeDRDOXBDSFZGazNhLVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80NWE5YzUtMmNjMS00ZjQ1LWJhODAtYWQ1ODE4OWRlNzU0
LzEvaXJhOVpmNHFodjFDLWNUMUJPSHUxWVZ3LVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+uRAwQA
W+uTMA0GCSqGSIb3DQEBCwUAA4IBAQCDv6yH574bGxJNB+tJ32XQvt6YQOJh6ZGQ
kivOFsrDHK4eeKW1GyIHUuBbiiWmKZs+tfABUPNy0B7Jn8OdeXtjKp1ip++X1pdW
6u/Ai/w9Cn5ZMKSATfv/2qnqX7nsJguaoVknhZFut65LPUPMFMVeZnxBD0QPzjiO
ooRhTiYExG0PcdALBFXhJEQGzpTMphn74T2gYkZFJkAEA4ThAMFnj1BWXcX0Mtpg
fwem92Rm+3EczaV2P+48Bch7w7TWnigLbHOPPqqE4XBTKpQvdmr9zPjnOoET18Rf
s4hFqJOVNeBZOoSfR4YcW5RYYwyid3eVeDIYjcvK7k18q8wiBSDu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:04 2024 by rpki-client on console-ams.rpki-client.org