Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/Ey2zk-DicZRGGW2XoHBrBg6dgOs.roa
File: Ey2zk-DicZRGGW2XoHBrBg6dgOs.roa (raw, json)
Hash identifier: Qb3YkD9HkfX/PrE88i/UyRvxDCmQn/s8qNMZ9OgnjXU=
Subject key identifier: 13:2D:B3:93:E0:E2:71:94:46:19:6D:97:A0:70:6B:06:0E:9D:80:EB
Certificate issuer: /CN=a8cface114d8cdea6dc5e7a49943f322346cb35d
Certificate serial: 01903B663CE878AF4544FF08FB7676230325
Authority key identifier: A8:CF:AC:E1:14:D8:CD:EA:6D:C5:E7:A4:99:43:F3:22:34:6C:B3:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qM-s4RTYzeptxeekmUPzIjRss10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/Ey2zk-DicZRGGW2XoHBrBg6dgOs.roa
Signing time: Fri 21 Jun 2024 15:24:34 +0000
ROA not before: Fri 21 Jun 2024 15:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 37.157.60.0/22 maxlen: 24
62.244.70.0/23 maxlen: 24
62.244.72.0/22 maxlen: 24
62.244.90.0/23 maxlen: 24
62.244.92.0/23 maxlen: 24
103.73.172.0/22 maxlen: 24
185.247.248.0/22 maxlen: 24
193.47.139.0/24 maxlen: 24
193.222.142.0/23 maxlen: 24
193.222.188.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 08:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:66:3c:e8:78:af:45:44:ff:08:fb:76:76:23:03:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8cface114d8cdea6dc5e7a49943f322346cb35d
Validity
Not Before: Jun 21 15:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=132db393e0e2719446196d97a0706b060e9d80eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ff:de:74:b1:dc:1d:7d:0c:34:e8:94:23:85:
b2:bd:b2:0a:2a:bd:a9:5e:48:06:18:97:be:1b:ee:
68:b9:62:0c:1a:28:2f:b6:7c:cd:5a:f4:72:23:6c:
c8:89:9f:4a:cb:e6:d7:92:3f:93:9d:d7:35:7d:12:
bc:c5:97:6c:7b:a3:20:ac:6d:9c:b7:ac:2f:45:d4:
23:50:e8:e0:89:43:52:fd:37:b5:ec:ff:62:e6:8c:
0c:ea:7b:e1:f2:19:f8:00:67:2c:8f:cd:01:3d:5c:
b2:60:66:10:bc:a9:e4:58:8f:5e:5e:e8:e8:7e:3f:
6c:24:9c:7d:64:35:74:d0:a5:12:d6:4b:99:7a:1d:
88:31:59:be:57:4c:69:b9:34:76:00:66:d6:9c:db:
42:23:b3:73:29:a2:51:f9:ec:39:58:19:4c:f1:e3:
bb:0b:56:2e:ba:7f:36:0d:6c:93:85:71:a0:bb:5d:
98:57:42:a0:87:3c:81:80:c9:9a:40:c4:3d:28:3d:
40:e6:bc:79:81:0f:db:73:1d:9b:1a:8d:e9:95:ed:
ae:8f:95:a9:4f:2d:63:83:dd:b7:cc:28:da:7e:32:
c5:a4:02:7b:48:5c:84:a7:d6:32:58:09:ac:85:8d:
ab:ed:6c:ac:77:2d:24:97:ca:1f:64:bf:c3:6d:2e:
85:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:2D:B3:93:E0:E2:71:94:46:19:6D:97:A0:70:6B:06:0E:9D:80:EB
X509v3 Authority Key Identifier:
keyid:A8:CF:AC:E1:14:D8:CD:EA:6D:C5:E7:A4:99:43:F3:22:34:6C:B3:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qM-s4RTYzeptxeekmUPzIjRss10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/Ey2zk-DicZRGGW2XoHBrBg6dgOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/qM-s4RTYzeptxeekmUPzIjRss10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.60.0/22
62.244.70.0-62.244.75.255
62.244.90.0-62.244.93.255
103.73.172.0/22
185.247.248.0/22
193.47.139.0/24
193.222.142.0/23
193.222.188.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:1e:e7:a3:3e:d8:0e:f7:d2:24:e8:e2:41:ca:66:93:8f:26:
e9:a1:4f:46:09:ab:b5:36:52:4c:ac:62:22:16:da:02:d3:0a:
8c:ee:96:2f:0c:0f:69:c6:cc:93:da:0f:a3:58:32:57:da:3e:
ff:b1:1c:4e:c1:69:83:68:93:a2:1b:67:cd:99:f4:37:8e:a7:
70:8c:64:59:47:0f:73:e0:74:d7:56:a2:74:92:22:9b:6c:4b:
6e:04:f6:d0:ea:3c:52:05:23:52:99:4a:7f:c8:24:17:48:9b:
b5:9d:cd:15:20:3b:f5:b2:44:96:cc:1d:6f:d5:81:95:d6:16:
5f:e2:c6:e8:11:44:f0:ab:13:90:6c:b3:10:f6:ae:35:c8:ef:
27:b1:c4:21:44:5c:75:0e:a0:cf:e0:80:28:0e:5a:b0:a9:e6:
4c:8a:a8:67:a4:6c:f3:b1:16:5e:cb:5e:6f:b1:c3:5e:13:cc:
2f:cd:85:8f:ee:fc:1b:eb:3b:59:0f:fa:b4:9f:3a:e5:a6:40:
4e:f7:66:eb:29:58:32:50:69:c7:59:45:4b:90:11:86:b2:b6:
d5:da:15:49:d2:2d:e9:aa:e3:96:cf:96:76:ff:21:2f:c3:fc:
5c:44:bb:72:fa:af:13:69:30:49:ac:e6:df:40:be:d4:55:fd:
75:44:96:58
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZA7ZjzoeK9FRP8I+3Z2IwMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4Y2ZhY2UxMTRkOGNkZWE2ZGM1ZTdhNDk5NDNmMzIyMzQ2
Y2IzNWQwHhcNMjQwNjIxMTUyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzJkYjM5M2UwZTI3MTk0NDYxOTZkOTdhMDcwNmIwNjBlOWQ4MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4P/edLHcHX0MNOiUI4WyvbIKKr2p
XkgGGJe+G+5ouWIMGigvtnzNWvRyI2zIiZ9Ky+bXkj+Tndc1fRK8xZdse6MgrG2c
t6wvRdQjUOjgiUNS/Te17P9i5owM6nvh8hn4AGcsj80BPVyyYGYQvKnkWI9eXujo
fj9sJJx9ZDV00KUS1kuZeh2IMVm+V0xpuTR2AGbWnNtCI7NzKaJR+ew5WBlM8eO7
C1Yuun82DWyThXGgu12YV0KghzyBgMmaQMQ9KD1A5rx5gQ/bcx2bGo3ple2uj5Wp
Ty1jg923zCjafjLFpAJ7SFyEp9YyWAmshY2r7Wysdy0kl8ofZL/DbS6FpwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFBMts5Pg4nGURhltl6BwawYOnYDrMB8GA1UdIwQY
MBaAFKjPrOEU2M3qbcXnpJlD8yI0bLNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU0tczRSVFl6ZXB0eGVla21VUHpJalJzczEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83ZGI4MDItMDRhZC00YzJkLWIxMWEt
NjQ5NjQ5NzZmN2IzLzEvRXkyemstRGljWlJHR1cyWG9IQnJCZzZkZ09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83ZGI4MDItMDRhZC00YzJkLWIxMWEtNjQ5NjQ5NzZmN2Iz
LzEvcU0tczRSVFl6ZXB0eGVla21VUHpJalJzczEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQCJZ08MAwD
BAE+9EYDBAI+9EgwDAMEAT70WgMEAT70XAMEAmdJrAMEArn3+AMEAMEviwMEAcHe
jgMEAcHevDANBgkqhkiG9w0BAQsFAAOCAQEAfB7noz7YDvfSJOjiQcpmk48m6aFP
RgmrtTZSTKxiIhbaAtMKjO6WLwwPacbMk9oPo1gyV9o+/7EcTsFpg2iTohtnzZn0
N46ncIxkWUcPc+B011aidJIim2xLbgT20Oo8UgUjUplKf8gkF0ibtZ3NFSA79bJE
lswdb9WBldYWX+LG6BFE8KsTkGyzEPauNcjvJ7HEIURcdQ6gz+CAKA5asKnmTIqo
Z6Rs87EWXsteb7HDXhPML82Fj+78G+s7WQ/6tJ865aZATvdm6ylYMlBpx1lFS5AR
hrK21doVSdIt6arjls+Wdv8hL8P8XES7cvqvE2kwSazm30C+1FX9dUSWWA==
-----END CERTIFICATE-----
Generated at Wed Jun 26 11:54:49 2024 by rpki-client on console-fra.rpki-client.org