Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/Eqbxay_Ls4nwnTGuC8UsmhB8F74.roa
File: Eqbxay_Ls4nwnTGuC8UsmhB8F74.roa (raw, json)
Hash identifier: mPWEl1B4UjjcJbxXYGnRIM/D70i/DcVlI7q2NsKWZvg=
Subject key identifier: 12:A6:F1:6B:2F:CB:B3:89:F0:9D:31:AE:0B:C5:2C:9A:10:7C:17:BE
Certificate issuer: /CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Certificate serial: 018F106AD7B8878CBD4739EAB1631C76CADD
Authority key identifier: 0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/Eqbxay_Ls4nwnTGuC8UsmhB8F74.roa
Signing time: Wed 24 Apr 2024 14:03:08 +0000
ROA not before: Wed 24 Apr 2024 14:03:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200739
IP address blocks: 185.97.224.0/22 maxlen: 22
185.97.227.0/24 maxlen: 24
2a06:8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 06 May 2024 13:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:6a:d7:b8:87:8c:bd:47:39:ea:b1:63:1c:76:ca:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Validity
Not Before: Apr 24 14:03:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12a6f16b2fcbb389f09d31ae0bc52c9a107c17be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fa:18:30:7e:e5:33:bd:93:3b:4b:b6:e7:bd:
65:3b:dd:fe:57:97:46:8f:5f:7b:5a:c3:03:53:25:
cd:3a:9b:5c:a9:45:0c:cd:4b:a2:b7:92:85:2e:a8:
03:a0:bc:fb:1f:bc:39:b7:79:9c:01:de:58:45:87:
25:74:c2:f4:43:01:78:bd:35:3c:0e:e6:d6:a6:58:
84:75:31:c9:09:5a:42:64:61:f1:85:8c:d7:33:db:
f8:12:ac:cd:34:59:58:27:b9:87:17:ea:85:e3:2e:
3c:65:f1:7c:04:e6:5a:32:bf:5e:89:60:8e:37:e6:
2b:75:34:b9:48:fb:19:4e:b2:84:b6:68:57:80:7b:
a0:b5:5a:35:b1:44:27:91:48:41:b9:d4:af:df:f0:
fb:51:df:42:3b:9b:5e:4e:74:52:28:52:43:14:4c:
86:d3:30:8c:77:1f:fc:ad:fd:47:9c:b3:8d:73:2c:
82:d6:9e:3c:7c:0f:2b:1b:4d:2c:7e:16:2d:fc:20:
13:2d:a6:61:18:12:1a:40:85:51:57:20:b8:e4:f7:
5d:b5:1b:16:23:37:8c:31:1c:79:5e:43:ff:b7:96:
66:e5:01:e4:6d:ea:cc:5c:79:c6:94:47:a3:21:80:
09:9b:e0:e4:d2:ba:b2:29:cd:9c:c4:f2:4e:e4:41:
87:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A6:F1:6B:2F:CB:B3:89:F0:9D:31:AE:0B:C5:2C:9A:10:7C:17:BE
X509v3 Authority Key Identifier:
keyid:0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/Eqbxay_Ls4nwnTGuC8UsmhB8F74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/DZMC1UbgaML9dnfZ1SAK3TbIvNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.224.0/22
IPv6:
2a06:8c0::/29
Signature Algorithm: sha256WithRSAEncryption
a5:87:7f:91:c0:65:18:98:c3:d4:92:09:66:36:62:ca:57:1b:
ef:cf:81:62:83:9e:f4:72:65:25:67:a0:bb:c3:58:c9:88:c9:
95:7b:ab:b0:2a:0c:75:dc:7f:8e:1a:53:a7:a7:c0:02:b2:a7:
8a:64:95:d8:66:56:1b:31:63:f8:ad:57:9a:6e:9d:9b:58:86:
51:81:d8:e2:ee:f3:d0:76:1c:56:99:a0:0f:f3:06:bf:e3:1c:
6c:30:1f:7c:b0:5a:17:42:11:dd:a5:58:45:3b:e1:8a:6e:74:
00:09:4b:3c:bb:d4:db:7f:87:0f:e0:b5:7b:66:01:b7:08:59:
dc:02:4b:73:0f:ec:b2:62:68:73:0f:a1:47:b4:02:1b:23:10:
77:4a:ef:69:3a:d3:b7:ad:12:c7:09:00:3e:63:d9:7d:16:2f:
5b:e4:66:1b:58:e2:6d:2a:85:e4:a0:e6:45:5e:b8:12:75:0b:
89:82:a1:24:e8:ac:42:4c:1a:e1:8c:c1:13:79:2c:c1:9d:3a:
4a:6d:7e:5b:5d:fb:c4:2d:62:c1:6f:2f:6a:35:a6:64:8c:db:
50:15:98:2e:df:4f:9a:7c:7d:b0:b6:93:eb:5d:ce:eb:54:48:
85:9b:3f:3a:e5:9e:32:af:8b:ad:96:fd:bd:cb:e3:f3:19:48:
75:fc:73:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8Qate4h4y9RznqsWMcdsrdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTMwMmQ1NDZlMDY4YzJmZDc2NzdkOWQ1MjAwYWRkMzZj
OGJjZDUwHhcNMjQwNDI0MTQwMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmE2ZjE2YjJmY2JiMzg5ZjA5ZDMxYWUwYmM1MmM5YTEwN2MxN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfoYMH7lM72TO0u2571lO93+V5dG
j197WsMDUyXNOptcqUUMzUuit5KFLqgDoLz7H7w5t3mcAd5YRYcldML0QwF4vTU8
DubWpliEdTHJCVpCZGHxhYzXM9v4EqzNNFlYJ7mHF+qF4y48ZfF8BOZaMr9eiWCO
N+YrdTS5SPsZTrKEtmhXgHugtVo1sUQnkUhBudSv3/D7Ud9CO5teTnRSKFJDFEyG
0zCMdx/8rf1HnLONcyyC1p48fA8rG00sfhYt/CATLaZhGBIaQIVRVyC45PddtRsW
IzeMMRx5XkP/t5Zm5QHkberMXHnGlEejIYAJm+Dk0rqyKc2cxPJO5EGHuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBKm8Wsvy7OJ8J0xrgvFLJoQfBe+MB8GA1UdIwQY
MBaAFA2TAtVG4GjC/XZ32dUgCt02yLzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUt
NGJlZjQzZDNmYjE3LzEvRXFieGF5X0xzNG53blRHdUM4VXNtaEI4Rjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUtNGJlZjQzZDNmYjE3
LzEvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWHgMA0E
AgACMAcDBQMqBgjAMA0GCSqGSIb3DQEBCwUAA4IBAQClh3+RwGUYmMPUkglmNmLK
Vxvvz4Fig570cmUlZ6C7w1jJiMmVe6uwKgx13H+OGlOnp8ACsqeKZJXYZlYbMWP4
rVeabp2bWIZRgdji7vPQdhxWmaAP8wa/4xxsMB98sFoXQhHdpVhFO+GKbnQACUs8
u9Tbf4cP4LV7ZgG3CFncAktzD+yyYmhzD6FHtAIbIxB3Su9pOtO3rRLHCQA+Y9l9
Fi9b5GYbWOJtKoXkoOZFXrgSdQuJgqEk6KxCTBrhjMETeSzBnTpKbX5bXfvELWLB
by9qNaZkjNtQFZgu30+afH2wtpPrXc7rVEiFmz865Z4yr4utlv29y+PzGUh1/HN3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:03 2025 by rpki-client