Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/EkbSMh1IaZ0dfkN5Bx9gpR2L-3o.roa
File: EkbSMh1IaZ0dfkN5Bx9gpR2L-3o.roa (raw, json)
Hash identifier: paqt2qhNJh2QxhAy5wUUu0c07yeljicRc7VjC3kLNZc=
Subject key identifier: 12:46:D2:32:1D:48:69:9D:1D:7E:43:79:07:1F:60:A5:1D:8B:FB:7A
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01928F89967F7DD9933666675CF383F8F63D
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/EkbSMh1IaZ0dfkN5Bx9gpR2L-3o.roa
Signing time: Tue 15 Oct 2024 09:36:51 +0000
ROA not before: Tue 15 Oct 2024 09:36:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 14.102.60.0/24 maxlen: 24
14.102.61.0/24 maxlen: 24
92.51.234.0/24 maxlen: 24
92.51.235.0/24 maxlen: 24
103.210.196.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
203.188.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 16:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:89:96:7f:7d:d9:93:36:66:67:5c:f3:83:f8:f6:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Oct 15 09:36:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1246d2321d48699d1d7e4379071f60a51d8bfb7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bc:33:46:5c:bc:00:e0:3d:5d:ef:0e:84:2c:
d6:38:cd:8a:bc:0a:9a:1c:e3:db:21:19:ed:5c:6a:
1d:19:cd:b3:62:2b:de:5c:f2:a4:fc:41:bc:19:0c:
94:9a:a7:45:30:78:3d:e0:b9:cd:aa:4d:7a:ad:83:
b5:aa:d3:fc:f7:84:03:68:3e:ea:8e:22:a8:77:7c:
ed:da:bb:99:e0:1b:f4:19:84:52:22:6d:9c:bc:db:
2d:8a:73:6b:0f:e5:9d:ba:f4:87:d4:ad:8b:0c:98:
fd:1f:39:94:5f:d0:65:32:17:e1:9a:b2:ec:c7:97:
3c:5e:63:87:41:96:9c:47:8f:78:66:f1:6f:21:78:
c3:2e:b1:70:a8:43:c3:fd:31:8e:e4:98:27:c7:6b:
ea:bd:e8:5c:ff:ba:32:dd:e8:fe:4d:08:aa:c1:d9:
ca:66:35:5f:37:8a:84:a9:4c:a8:76:3e:ee:40:90:
9f:ba:13:4e:ca:46:33:df:dc:14:30:67:cc:94:82:
c9:b5:08:3f:0f:ed:54:4a:68:6d:be:fd:b5:e2:3a:
97:53:ed:09:93:13:41:7e:16:2a:27:27:29:c8:99:
fe:ed:08:15:8f:49:19:1e:3c:47:b2:22:b3:5d:70:
db:c8:2a:83:a1:b1:22:6b:46:32:dd:e8:9b:19:89:
41:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:46:D2:32:1D:48:69:9D:1D:7E:43:79:07:1F:60:A5:1D:8B:FB:7A
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/EkbSMh1IaZ0dfkN5Bx9gpR2L-3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.60.0/23
92.51.234.0/23
103.210.196.0/24
107.150.166.0/24
185.161.111.0/24
203.188.165.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:1f:0a:30:d1:3e:e7:ad:10:07:54:e0:e0:bf:50:48:48:73:
34:b9:7e:4f:b3:27:eb:71:f7:73:46:ff:9f:b6:ff:60:46:32:
26:6e:52:0b:ab:5d:fb:e1:f1:be:28:91:90:24:2b:bf:6f:2b:
7b:02:8f:b7:93:f2:5a:3c:23:4e:2b:13:f4:05:17:4e:91:7c:
2e:f6:69:fb:60:6d:b1:d1:23:a1:61:e5:12:57:eb:3a:79:74:
cf:d8:2d:5f:06:ff:c3:cc:9d:c3:e8:0a:bd:1d:38:24:70:08:
5f:ec:fb:86:e5:23:76:9f:fa:63:fd:02:72:92:c5:56:3f:e9:
11:92:be:01:83:89:79:7e:ef:a0:37:2d:e5:a8:f0:33:fa:db:
a8:1e:24:73:95:99:5d:c0:32:d1:d6:14:60:3e:22:02:bc:42:
48:29:67:6b:4b:b1:0e:ee:2c:3b:69:62:bd:0d:5c:87:86:b1:
d2:09:5f:0a:a2:3e:2f:14:aa:f1:4b:17:b6:21:b2:ba:93:2b:
6a:15:fb:40:8c:dd:cd:71:f9:f1:fe:7c:bd:3a:80:38:9a:4e:
bc:8e:c5:35:bc:c8:82:56:e6:7f:2b:9f:cc:72:1d:4d:70:6f:
95:55:3a:43:92:d0:37:9e:ec:a4:41:35:b5:e4:54:f2:c4:07:
c2:3a:fd:79
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZKPiZZ/fdmTNmZnXPOD+PY9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQxMDE1MDkzNjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQ2ZDIzMjFkNDg2OTlkMWQ3ZTQzNzkwNzFmNjBhNTFkOGJmYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbwzRly8AOA9Xe8OhCzWOM2KvAqa
HOPbIRntXGodGc2zYiveXPKk/EG8GQyUmqdFMHg94LnNqk16rYO1qtP894QDaD7q
jiKod3zt2ruZ4Bv0GYRSIm2cvNstinNrD+WduvSH1K2LDJj9HzmUX9BlMhfhmrLs
x5c8XmOHQZacR494ZvFvIXjDLrFwqEPD/TGO5Jgnx2vqvehc/7oy3ej+TQiqwdnK
ZjVfN4qEqUyodj7uQJCfuhNOykYz39wUMGfMlILJtQg/D+1USmhtvv214jqXU+0J
kxNBfhYqJycpyJn+7QgVj0kZHjxHsiKzXXDbyCqDobEia0Yy3eibGYlBrQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBJG0jIdSGmdHX5DeQcfYKUdi/t6MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvRWtiU01oMUlhWjBkZmtONUJ4OWdwUjJMLTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBDmY8AwQB
XDPqAwQAZ9LEAwQAa5amAwQAuaFvAwQAy7ylMA0GCSqGSIb3DQEBCwUAA4IBAQDD
Hwow0T7nrRAHVODgv1BISHM0uX5PsyfrcfdzRv+ftv9gRjImblILq1374fG+KJGQ
JCu/byt7Ao+3k/JaPCNOKxP0BRdOkXwu9mn7YG2x0SOhYeUSV+s6eXTP2C1fBv/D
zJ3D6Aq9HTgkcAhf7PuG5SN2n/pj/QJyksVWP+kRkr4Bg4l5fu+gNy3lqPAz+tuo
HiRzlZldwDLR1hRgPiICvEJIKWdrS7EO7iw7aWK9DVyHhrHSCV8Koj4vFKrxSxe2
IbK6kytqFftAjN3Ncfnx/ny9OoA4mk68jsU1vMiCVuZ/K5/Mch1NcG+VVTpDktA3
nuykQTW15FTyxAfCOv15
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:06:45 2024 by rpki-client on console-fra.rpki-client.org