Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/EYDrNzfSgWxe0N6yka28XX-6fbE.roa
File: EYDrNzfSgWxe0N6yka28XX-6fbE.roa (raw, json)
Hash identifier: qZ0WV8c9CwYPtFKs9yF/SCMOl5xQa9oLG4Pg610Afyo=
Subject key identifier: 11:80:EB:37:37:D2:81:6C:5E:D0:DE:B2:91:AD:BC:5D:7F:BA:7D:B1
Certificate issuer: /CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Certificate serial: 0185C42A3FE21FB7CB0264237B4EF8063C4D
Authority key identifier: AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/EYDrNzfSgWxe0N6yka28XX-6fbE.roa
Signing time: Wed 18 Jan 2023 09:16:21 +0000
ROA not before: Wed 18 Jan 2023 09:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39790
IP address blocks: 81.91.80.0/20 maxlen: 20
185.14.224.0/22 maxlen: 22
2001:1568::/32 maxlen: 33
Validation: Failed, certificate revoked on Wed 22 Mar 2023 09:51:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c4:2a:3f:e2:1f:b7:cb:02:64:23:7b:4e:f8:06:3c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Validity
Not Before: Jan 18 09:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1180eb3737d2816c5ed0deb291adbc5d7fba7db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:34:4d:7c:9d:48:6d:9b:40:a7:95:34:81:dc:
87:3c:0d:e2:aa:7e:8f:99:87:4a:89:32:1e:80:f5:
02:6c:d0:67:48:4d:bf:47:57:24:2c:bb:38:0d:41:
a1:a0:69:19:c0:2b:c3:ae:b1:e5:b0:54:02:d2:45:
45:b0:3d:90:d2:7b:24:a7:6f:cb:26:b2:64:6e:9b:
06:f8:58:98:44:eb:d9:e1:5e:61:7d:26:38:eb:ae:
d1:14:03:f7:41:9b:4d:55:38:3a:02:f7:de:a3:dc:
89:de:c3:87:dc:19:2b:3a:69:ee:b2:01:a2:76:79:
ac:14:af:4f:23:7b:2a:1f:78:1c:84:5c:9d:bc:5b:
af:12:a1:a5:cd:8b:7b:61:44:96:1a:f1:ba:4e:99:
2a:d2:f2:11:2c:eb:9d:c3:12:fd:ae:ff:08:94:e0:
cd:6c:0e:73:f0:3c:7c:3b:7a:ee:4b:01:6e:6d:1d:
36:41:c8:09:8b:0e:e9:15:a0:ce:c2:28:be:18:d7:
86:68:f5:2a:51:1c:41:b1:a7:1e:d5:35:c9:81:01:
fc:6b:e8:4a:78:ef:eb:dd:fe:86:94:6d:18:e0:73:
71:96:6c:9f:41:b8:71:fb:7c:0e:c3:f4:35:07:9b:
6d:72:c4:84:f5:ec:f5:77:84:ea:e1:3e:34:41:4f:
fb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:80:EB:37:37:D2:81:6C:5E:D0:DE:B2:91:AD:BC:5D:7F:BA:7D:B1
X509v3 Authority Key Identifier:
keyid:AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/EYDrNzfSgWxe0N6yka28XX-6fbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.80.0/20
185.14.224.0/22
IPv6:
2001:1568::/32
Signature Algorithm: sha256WithRSAEncryption
23:35:d9:a6:b0:4c:5b:d7:ce:a3:38:9e:96:cb:eb:1f:68:cb:
7f:96:18:96:79:d5:f2:2e:07:63:0d:8f:83:37:b4:9a:4d:84:
be:33:8c:a1:7e:41:de:c9:e7:a2:c5:ed:98:91:e0:54:9c:a5:
9e:d1:0b:c5:2f:f4:c4:00:20:8d:56:6b:74:d1:24:09:ac:8d:
d9:a3:0d:bf:b7:2d:e4:be:73:e4:a7:d4:c5:4f:11:3e:6f:73:
fb:9a:76:3c:42:c0:f0:21:2f:03:5e:1e:6c:27:0a:89:f9:31:
c4:47:70:32:0c:0b:85:f5:74:7a:77:52:fd:83:f7:5b:73:19:
d3:84:85:57:9b:fb:cd:6b:56:4f:d8:ed:ec:53:cc:9d:fb:f7:
8e:3a:63:55:93:dd:fd:5c:e0:14:47:d7:da:43:68:18:eb:4c:
3d:c1:90:33:d7:ca:c2:5b:b1:e0:bb:85:85:37:ab:b2:d3:6f:
b6:0b:9d:c5:5c:bc:3c:53:b8:de:7e:8c:ad:a3:1a:df:5c:82:
af:28:6b:e6:7b:1f:78:a0:f1:f0:5a:97:a6:0f:f1:81:47:91:
18:11:f4:17:6a:b3:20:c4:d3:5e:d9:f5:c8:93:20:3b:b3:30:
09:b0:dc:8b:f5:11:e1:bb:34:9a:4e:dd:15:63:e3:66:dd:c0:
4a:a2:b6:78
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXEKj/iH7fLAmQje074BjxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjExOTE3OGJmZDkyM2E0YjVlYzQwNmQ5ZmUxNDUyYjI3
NzZlZmEwHhcNMjMwMTE4MDkxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTgwZWIzNzM3ZDI4MTZjNWVkMGRlYjI5MWFkYmM1ZDdmYmE3ZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DRNfJ1IbZtAp5U0gdyHPA3iqn6P
mYdKiTIegPUCbNBnSE2/R1ckLLs4DUGhoGkZwCvDrrHlsFQC0kVFsD2Q0nskp2/L
JrJkbpsG+FiYROvZ4V5hfSY4667RFAP3QZtNVTg6Avfeo9yJ3sOH3BkrOmnusgGi
dnmsFK9PI3sqH3gchFydvFuvEqGlzYt7YUSWGvG6Tpkq0vIRLOudwxL9rv8IlODN
bA5z8Dx8O3ruSwFubR02QcgJiw7pFaDOwii+GNeGaPUqURxBsace1TXJgQH8a+hK
eO/r3f6GlG0Y4HNxlmyfQbhx+3wOw/Q1B5ttcsSE9ez1d4Tq4T40QU/7qQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBGA6zc30oFsXtDespGtvF1/un2xMB8GA1UdIwQY
MBaAFKwhGReL/ZI6S17EBtn+FFKyd276MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgt
ZjYwMGQwZmQwM2NlLzEvRVlEck56ZlNnV3hlME42eWthMjhYWC02ZmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgtZjYwMGQwZmQwM2Nl
LzEvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVtQAwQC
uQ7gMA0EAgACMAcDBQAgARVoMA0GCSqGSIb3DQEBCwUAA4IBAQAjNdmmsExb186j
OJ6Wy+sfaMt/lhiWedXyLgdjDY+DN7SaTYS+M4yhfkHeyeeixe2YkeBUnKWe0QvF
L/TEACCNVmt00SQJrI3Zow2/ty3kvnPkp9TFTxE+b3P7mnY8QsDwIS8DXh5sJwqJ
+THER3AyDAuF9XR6d1L9g/dbcxnThIVXm/vNa1ZP2O3sU8yd+/eOOmNVk939XOAU
R9faQ2gY60w9wZAz18rCW7Hgu4WFN6uy02+2C53FXLw8U7jefoytoxrfXIKvKGvm
ex94oPHwWpemD/GBR5EYEfQXarMgxNNe2fXIkyA7szAJsNyL9RHhuzSaTt0VY+Nm
3cBKorZ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:21 2024 by rpki-client on console-ams.rpki-client.org