Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/EM8yIVooSuttuzD_M0FohUzzPzM.roa
File: EM8yIVooSuttuzD_M0FohUzzPzM.roa (raw, json)
Hash identifier: 5btapvQhGp3Gw+AXgTsLj6vWD+hYjuYBJR3YAeZUlsI=
Subject key identifier: 10:CF:32:21:5A:28:4A:EB:6D:BB:30:FF:33:41:68:85:4C:F3:3F:33
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0187224A70A02946E334F916672F0AC6BDD7
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/EM8yIVooSuttuzD_M0FohUzzPzM.roa
Signing time: Mon 27 Mar 2023 08:58:36 +0000
ROA not before: Mon 27 Mar 2023 08:58:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 178.20.28.0/22 maxlen: 24
193.31.126.0/24 maxlen: 24
45.159.21.0/24 maxlen: 24
45.159.22.0/24 maxlen: 24
88.218.45.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
194.99.26.0/24 maxlen: 24
193.151.190.0/23 maxlen: 24
193.151.189.0/24 maxlen: 24
83.97.116.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:4a:70:a0:29:46:e3:34:f9:16:67:2f:0a:c6:bd:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 27 08:58:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10cf32215a284aeb6dbb30ff334168854cf33f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:11:0f:a6:ca:a7:56:8e:6f:f9:ba:8a:f9:e3:
af:85:a4:07:4c:c3:e2:55:d2:25:be:9b:da:67:9d:
54:01:73:8a:ad:6d:c8:ed:d7:50:5f:f9:d2:05:7f:
88:7c:0e:f6:95:0b:a2:16:c2:7b:87:a6:48:a0:bf:
f9:00:ce:ba:3c:a1:56:c1:f1:39:dc:4d:46:69:55:
09:0a:4d:00:bc:5d:e3:f6:39:f4:a9:a2:4b:92:df:
79:be:3f:f7:7a:6b:64:f5:df:36:e5:06:0f:45:59:
52:8b:e0:49:05:52:d9:1e:5e:ab:3c:57:4b:2d:d0:
e5:ec:c0:f5:84:cf:9a:74:8e:b8:64:90:63:7d:71:
07:51:a3:4c:5a:3d:c5:19:b7:5a:f5:d0:39:cf:a7:
48:ff:74:e0:af:b7:84:34:1b:15:ee:d8:05:92:0a:
2a:28:39:9a:fe:ab:10:57:62:5a:33:00:df:96:dd:
c3:3c:5c:c8:e9:ba:6c:b4:c6:3f:44:29:0f:05:8b:
6a:51:55:38:34:20:61:7b:2e:d3:81:04:77:3e:82:
e8:b0:39:d7:9b:2d:65:8c:da:27:b8:b7:40:3a:8e:
09:0e:28:7e:3b:9e:44:e6:07:7a:d2:08:51:01:54:
46:1a:92:8a:3b:e4:e2:2a:a4:b7:6a:97:97:2f:ff:
3f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CF:32:21:5A:28:4A:EB:6D:BB:30:FF:33:41:68:85:4C:F3:3F:33
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/EM8yIVooSuttuzD_M0FohUzzPzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.21.0-45.159.22.255
77.83.24.0/22
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
178.20.28.0/22
193.31.126.0/24
193.151.189.0-193.151.191.255
194.99.24.0/24
194.99.26.0/24
Signature Algorithm: sha256WithRSAEncryption
31:8b:57:3a:5f:fa:37:99:29:38:9a:99:85:66:4d:79:b9:10:
25:5c:61:85:44:bf:7f:f7:a2:f1:2e:aa:1b:0a:61:06:19:99:
e6:d1:ba:28:46:9e:66:2c:29:a9:a7:61:22:bd:99:c9:e8:d3:
26:ab:db:d6:20:0d:c3:c6:06:20:0d:45:c8:30:c4:4e:82:0a:
83:dd:cb:7c:4e:70:d2:f1:6d:af:92:7e:4f:db:81:d0:ac:82:
45:26:27:8a:03:5f:87:4d:bd:c3:a8:d3:48:ce:10:32:db:8e:
3c:bd:fa:d6:bd:17:ed:96:ca:93:b1:a1:e3:dd:55:f1:63:42:
e0:73:a5:27:28:df:90:5d:48:12:59:06:e5:eb:d8:9c:fa:63:
7e:83:b0:da:c1:7f:4a:9b:16:d2:68:76:66:2f:9b:fc:2c:ef:
55:8d:03:75:78:63:7c:17:98:a5:5a:a2:c7:45:56:20:76:d8:
43:77:8e:c3:5d:25:0b:72:79:38:bc:0b:e0:ca:a5:6a:49:f9:
be:92:97:ad:84:b9:57:87:c5:10:81:31:c7:29:b7:7b:65:7c:
67:99:d3:55:ff:89:21:d2:32:0b:d6:35:4e:13:bc:01:d0:a5:
a7:16:bf:8b:36:19:02:3d:64:b5:07:2d:05:60:20:8a:c2:6f:
ce:13:4e:69
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYciSnCgKUbjNPkWZy8Kxr3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI3MDg1ODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNmMzIyMTVhMjg0YWViNmRiYjMwZmYzMzQxNjg4NTRjZjMzZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixEPpsqnVo5v+bqK+eOvhaQHTMPi
VdIlvpvaZ51UAXOKrW3I7ddQX/nSBX+IfA72lQuiFsJ7h6ZIoL/5AM66PKFWwfE5
3E1GaVUJCk0AvF3j9jn0qaJLkt95vj/3emtk9d825QYPRVlSi+BJBVLZHl6rPFdL
LdDl7MD1hM+adI64ZJBjfXEHUaNMWj3FGbda9dA5z6dI/3Tgr7eENBsV7tgFkgoq
KDma/qsQV2JaMwDflt3DPFzI6bpstMY/RCkPBYtqUVU4NCBhey7TgQR3PoLosDnX
my1ljNonuLdAOo4JDih+O55E5gd60ghRAVRGGpKKO+TiKqS3apeXL/8/XQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFBDPMiFaKErrbbsw/zNBaIVM8z8zMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvRU04eUlWb29TdXR0dXpEX00wRm9oVXp6UHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAAtnxUD
BAAtnxYDBAJNUxgDBAJTYXQDBABY2i0DBABY2i8DBAKyFBwDBADBH34wDAMEAMGX
vQMEBsGXgAMEAMJjGAMEAMJjGjANBgkqhkiG9w0BAQsFAAOCAQEAMYtXOl/6N5kp
OJqZhWZNebkQJVxhhUS/f/ei8S6qGwphBhmZ5tG6KEaeZiwpqadhIr2ZyejTJqvb
1iANw8YGIA1FyDDEToIKg93LfE5w0vFtr5J+T9uB0KyCRSYnigNfh029w6jTSM4Q
MtuOPL361r0X7ZbKk7Gh491V8WNC4HOlJyjfkF1IElkG5evYnPpjfoOw2sF/SpsW
0mh2Zi+b/CzvVY0DdXhjfBeYpVqix0VWIHbYQ3eOw10lC3J5OLwL4Mqlakn5vpKX
rYS5V4fFEIExxym3e2V8Z5nTVf+JIdIyC9Y1ThO8AdClpxa/izYZAj1ktQctBWAg
isJvzhNOaQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-fra.rpki-client.org