Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/EaZ3zEXqwWrv2YAAFi94Xy5Q64I.roa
File: EaZ3zEXqwWrv2YAAFi94Xy5Q64I.roa (raw, json)
Hash identifier: /DnjhqjNh+JxwDubHu4wNzZlTHP9vh659siDmlF9V+o=
Subject key identifier: 11:A6:77:CC:45:EA:C1:6A:EF:D9:80:00:16:2F:78:5F:2E:50:EB:82
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7A28E7081015483979967519D7D75
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/EaZ3zEXqwWrv2YAAFi94Xy5Q64I.roa
Signing time: Mon 02 Jan 2023 08:44:49 +0000
ROA not before: Mon 02 Jan 2023 08:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43094
IP address blocks: 91.242.84.0/23 maxlen: 23
91.242.104.0/21 maxlen: 21
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
91.242.78.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a2:8e:70:81:01:54:83:97:99:67:51:9d:7d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11a677cc45eac16aefd98000162f785f2e50eb82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5b:d6:49:b3:79:9b:80:47:b9:8d:73:8d:bd:
3c:41:e0:1c:f3:d9:9c:e2:ca:b4:ca:16:f4:10:f2:
60:21:d9:53:6e:38:e5:11:f9:bf:b6:5e:a2:40:57:
cc:e5:d9:a3:40:ca:50:68:17:30:ac:3a:f2:de:b8:
ce:fb:ae:73:71:7a:e4:1c:2a:d2:0f:9c:15:d2:b9:
ee:d8:d8:9c:61:cf:65:60:38:0f:2d:0b:20:12:e9:
ca:3d:c5:f9:4f:48:89:fc:f7:f9:d3:83:b5:47:3d:
8f:c0:6b:71:6e:94:20:ab:c0:97:03:52:fd:8e:6e:
04:1b:c5:4f:fb:a6:6b:ca:02:52:7e:bd:40:e9:e1:
8a:3e:eb:68:b9:7b:52:f7:24:4f:dc:43:1d:a2:d1:
97:0e:54:be:b6:e2:03:ab:dc:d2:98:a9:24:0d:b8:
c1:7f:ab:65:d6:e2:aa:bf:de:fb:b2:fd:af:a3:f7:
88:73:96:e5:32:2f:49:f5:32:57:24:68:dc:c5:59:
f8:aa:8b:8c:69:df:c1:a8:37:80:a6:53:72:f8:a6:
db:d9:48:30:09:57:0f:f2:10:dd:26:da:a6:78:5b:
70:9b:ca:a8:ca:7d:39:b9:56:6a:57:b1:f6:23:c4:
09:96:7f:4f:c0:9d:01:d5:ea:60:a3:a8:7e:e1:01:
56:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A6:77:CC:45:EA:C1:6A:EF:D9:80:00:16:2F:78:5F:2E:50:EB:82
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/EaZ3zEXqwWrv2YAAFi94Xy5Q64I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.78.0/23
91.242.84.0/23
91.242.104.0-91.242.127.255
194.114.144.0/24
Signature Algorithm: sha256WithRSAEncryption
73:29:f3:87:82:a4:3d:0b:3c:0c:35:63:de:f4:4c:40:a0:64:
40:2f:2a:9b:2a:ca:b9:9e:4a:74:82:5d:ac:40:a0:4d:2c:b6:
6a:6a:91:15:b0:60:45:b1:5d:78:19:8a:b9:a7:96:8a:ee:43:
f2:21:87:d5:0d:41:5e:f8:2d:c8:0a:3d:70:24:78:36:9b:56:
ac:a9:96:cf:8d:6e:24:4c:36:1b:e6:fc:b7:c1:4d:7b:b9:ea:
bb:2b:55:5c:40:aa:4b:25:1c:f2:f8:d4:db:c0:b8:04:96:85:
98:5a:d8:a4:5d:1c:22:db:5e:91:33:ac:91:6c:19:a2:ff:82:
19:93:12:ba:20:57:85:ac:d0:fe:45:de:9a:6b:5f:a7:c8:ef:
2b:d8:dc:0c:9d:13:ff:37:97:2c:64:e4:21:1b:f7:dc:ec:91:
2d:2e:cf:b9:1e:28:54:54:a1:24:78:f3:be:4d:46:33:3b:a4:
5f:43:0c:15:90:ba:a0:03:24:55:20:39:83:bc:d6:99:ff:f3:
8c:9c:ce:3d:02:9f:91:81:93:f4:a3:e6:ea:03:c3:f3:85:70:
2a:55:d1:ec:e6:9f:3d:6c:39:51:9d:7d:12:09:e6:eb:45:35:
77:3a:a9:68:8e:98:a3:a8:10:eb:1d:84:d0:91:4a:7c:4d:52:
35:2e:c5:9a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVxp6KOcIEBVIOXmWdRnX11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWE2NzdjYzQ1ZWFjMTZhZWZkOTgwMDAxNjJmNzg1ZjJlNTBlYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolvWSbN5m4BHuY1zjb08QeAc89mc
4sq0yhb0EPJgIdlTbjjlEfm/tl6iQFfM5dmjQMpQaBcwrDry3rjO+65zcXrkHCrS
D5wV0rnu2NicYc9lYDgPLQsgEunKPcX5T0iJ/Pf504O1Rz2PwGtxbpQgq8CXA1L9
jm4EG8VP+6ZrygJSfr1A6eGKPutouXtS9yRP3EMdotGXDlS+tuIDq9zSmKkkDbjB
f6tl1uKqv977sv2vo/eIc5blMi9J9TJXJGjcxVn4qouMad/BqDeAplNy+Kbb2Ugw
CVcP8hDdJtqmeFtwm8qoyn05uVZqV7H2I8QJln9PwJ0B1epgo6h+4QFWNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBGmd8xF6sFq79mAABYveF8uUOuCMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRWFaM3pFWHF3V3J2MllBQUZpOTRYeTVRNjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBW/JOAwQB
W/JUMAwDBANb8mgDBAdb8gADBADCcpAwDQYJKoZIhvcNAQELBQADggEBAHMp84eC
pD0LPAw1Y970TECgZEAvKpsqyrmeSnSCXaxAoE0stmpqkRWwYEWxXXgZirmnloru
Q/Ihh9UNQV74LcgKPXAkeDabVqypls+NbiRMNhvm/LfBTXu56rsrVVxAqkslHPL4
1NvAuASWhZha2KRdHCLbXpEzrJFsGaL/ghmTErogV4Ws0P5F3pprX6fI7yvY3Ayd
E/83lyxk5CEb99zskS0uz7keKFRUoSR4875NRjM7pF9DDBWQuqADJFUgOYO81pn/
84yczj0Cn5GBk/Sj5uoDw/OFcCpV0ezmnz1sOVGdfRIJ5utFNXc6qWiOmKOoEOsd
hNCRSnxNUjUuxZo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-fra.rpki-client.org