Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/EKAfPOP526NPWu1j-vwjHxwFNRo.roa
File: EKAfPOP526NPWu1j-vwjHxwFNRo.roa (raw, json)
Hash identifier: Qbj+y5CfnNMuOJsuUXRQERh73KDIbrEPh/22nPdePZ8=
Subject key identifier: 10:A0:1F:3C:E3:F9:DB:A3:4F:5A:ED:63:FA:FC:23:1F:1C:05:35:1A
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018DA6FA5C093CB83EB939C8DCB9AEF14919
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/EKAfPOP526NPWu1j-vwjHxwFNRo.roa
Signing time: Wed 14 Feb 2024 09:37:21 +0000
ROA not before: Wed 14 Feb 2024 09:37:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34471
IP address blocks: 2.59.108.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
37.122.219.0/24 maxlen: 24
46.28.160.0/21 maxlen: 24
89.40.84.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
185.4.32.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
185.83.132.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
185.228.124.0/22 maxlen: 24
185.239.160.0/22 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
194.156.72.0/22 maxlen: 24
2a02:5dc0::/32 maxlen: 32
2a02:5fc0::/32 maxlen: 48
2a03:440::/32 maxlen: 32
2a05:9b00::/29 maxlen: 29
2a05:a800::/29 maxlen: 29
2a06:3c00::/29 maxlen: 29
2a09:eac0::/29 maxlen: 29
2a0a:1280::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 01 Mar 2024 11:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:fa:5c:09:3c:b8:3e:b9:39:c8:dc:b9:ae:f1:49:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Feb 14 09:37:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10a01f3ce3f9dba34f5aed63fafc231f1c05351a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:33:51:3d:b1:05:09:cc:8b:5c:61:46:b6:e5:
6a:68:09:0a:22:12:d5:6e:33:c4:9f:c2:41:86:65:
0d:36:0b:fc:59:3e:23:13:0a:b8:aa:60:3a:3b:33:
bb:e2:f3:92:db:8b:24:ab:86:c3:7c:66:38:91:db:
c5:0c:e6:6a:5c:eb:87:03:f8:fd:a2:08:51:52:a4:
df:f1:62:2b:4a:6e:68:9b:d0:48:c6:66:73:b0:25:
bb:ce:39:ed:6e:9b:93:48:2c:bc:2b:35:60:9d:82:
41:fc:df:3a:d0:88:0a:13:c6:8c:4d:81:90:b0:c3:
3d:ca:02:da:a2:12:7d:8d:01:27:d3:ae:33:49:bb:
82:a8:e4:30:49:de:82:56:44:a4:6b:cd:ae:96:68:
70:62:9a:70:96:41:b2:6e:49:48:00:4c:7d:a0:9d:
87:ed:25:02:39:b0:4d:b8:dc:ea:c6:c4:13:0a:0e:
88:19:c0:13:c8:d5:a9:c7:38:b2:97:10:9a:0f:1b:
40:db:aa:6d:f7:0c:72:1f:3a:cd:bd:24:b0:14:66:
8e:cd:ea:61:8b:83:96:bd:ad:a6:a9:c9:18:78:d6:
f4:64:3c:d5:ea:64:e2:20:c5:a6:fb:d9:ee:30:99:
d6:0e:f9:46:ac:02:b0:19:6e:76:77:87:1c:ea:68:
7a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A0:1F:3C:E3:F9:DB:A3:4F:5A:ED:63:FA:FC:23:1F:1C:05:35:1A
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/EKAfPOP526NPWu1j-vwjHxwFNRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.108.0/22
31.25.176.0/21
37.122.219.0/24
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
b8:f7:6e:7e:48:1b:78:cd:29:c2:ad:75:7c:fd:5c:35:a9:d8:
cb:70:a6:17:e8:bf:54:9c:e7:ad:01:75:18:4a:07:e8:1c:03:
fc:54:84:b7:8c:c7:4e:f3:78:ee:44:f0:d5:58:6c:c5:16:82:
86:2e:52:ac:f7:1f:79:47:80:dc:d2:b1:2a:6b:65:9f:10:56:
17:1e:28:0f:13:4e:ea:51:d2:04:a0:19:82:ac:b1:04:fa:a0:
8f:e4:d4:f3:03:f3:dd:6a:3a:60:a6:b1:b9:86:76:85:e4:4f:
74:8f:75:9e:d3:12:f9:17:f6:c1:26:49:57:56:c8:6d:e6:aa:
6f:8f:ba:5e:fe:46:cf:ba:18:a8:3e:f4:83:a5:e2:b2:dc:24:
fc:9d:c9:ee:41:3f:d0:3d:f4:bf:0a:64:c1:2c:2c:a4:4e:0a:
96:7b:0c:e4:68:d8:10:d2:fa:aa:69:33:aa:04:4f:92:53:07:
a9:e0:a7:c4:76:8d:8d:42:f0:97:f8:dd:f2:3f:97:60:92:2f:
cd:f4:b8:07:9d:a5:31:b9:c4:4c:92:68:7a:00:43:5b:8a:eb:
10:40:be:14:9c:7f:30:65:8b:a2:eb:e3:1c:57:72:12:6f:92:
86:ab:69:5f:fb:00:57:28:b5:26:ab:f8:ee:e2:03:15:e3:fe:
14:74:86:d4
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISAY2m+lwJPLg+uTnI3Lmu8UkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjQwMjE0MDkzNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGEwMWYzY2UzZjlkYmEzNGY1YWVkNjNmYWZjMjMxZjFjMDUzNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjNRPbEFCcyLXGFGtuVqaAkKIhLV
bjPEn8JBhmUNNgv8WT4jEwq4qmA6OzO74vOS24skq4bDfGY4kdvFDOZqXOuHA/j9
oghRUqTf8WIrSm5om9BIxmZzsCW7zjntbpuTSCy8KzVgnYJB/N860IgKE8aMTYGQ
sMM9ygLaohJ9jQEn064zSbuCqOQwSd6CVkSka82ulmhwYppwlkGybklIAEx9oJ2H
7SUCObBNuNzqxsQTCg6IGcATyNWpxziylxCaDxtA26pt9wxyHzrNvSSwFGaOzeph
i4OWva2mqckYeNb0ZDzV6mTiIMWm+9nuMJnWDvlGrAKwGW52d4cc6mh6rwIDAQAB
o4IC1zCCAtMwHQYDVR0OBBYEFBCgHzzj+dujT1rtY/r8Ix8cBTUaMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvRUtBZlBPUDUyNk5QV3Uxai12d2pIeHdGTlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TCBjwQCAAEwgYgDBAIC
O2wDBAMfGbADBAAletsDBAMuHKADBAJZKFQDBAJb8pQDBANt6xADBAWwOEADBAK5
BCADBAK5BVQDBAK5CvgDBAK5RpgDBAK5U4QDBAK5mRADBAK5sGgwDAMEALnN/QME
ALnN/gMEArnkfAMEArnvoDAMAwQBwfaaAwQBwfacAwQCwpxIMEUEAgACMD8DBQAq
Al3AAwUAKgJfwAMFACoDBEADBQMqBZsAAwUDKgWoAAMFAyoGPAADBQMqCerAAwUD
KgoSgAMFAyoLDEAwDQYJKoZIhvcNAQELBQADggEBALj3bn5IG3jNKcKtdXz9XDWp
2Mtwphfov1Sc560BdRhKB+gcA/xUhLeMx07zeO5E8NVYbMUWgoYuUqz3H3lHgNzS
sSprZZ8QVhceKA8TTupR0gSgGYKssQT6oI/k1PMD891qOmCmsbmGdoXkT3SPdZ7T
EvkX9sEmSVdWyG3mqm+Pul7+Rs+6GKg+9IOl4rLcJPydye5BP9A99L8KZMEsLKRO
CpZ7DORo2BDS+qppM6oET5JTB6ngp8R2jY1C8Jf43fI/l2CSL830uAedpTG5xEyS
aHoAQ1uK6xBAvhScfzBli6Lr4xxXchJvkoaraV/7AFcotSar+O7iAxXj/hR0htQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:47 2024 by rpki-client on console-ams.rpki-client.org