Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/eihqHacY_igziRZKt23mJABijsM.roa
File: eihqHacY_igziRZKt23mJABijsM.roa (raw, json)
Hash identifier: rVtVAI3Fl5WKvTNzXwsy0KXQM69MCTZFGwdpTQivrJU=
Subject key identifier: 7A:28:6A:1D:A7:18:FE:28:33:89:16:4A:B7:6D:E6:24:00:62:8E:C3
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 01928BF17B9E8CF294E03D971971E27DCAA2
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/eihqHacY_igziRZKt23mJABijsM.roa
Signing time: Mon 14 Oct 2024 16:51:51 +0000
ROA not before: Mon 14 Oct 2024 16:51:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8903
IP address blocks: 176.98.220.0/22 maxlen: 24
185.145.224.0/22 maxlen: 24
185.155.64.0/22 maxlen: 24
185.173.44.0/22 maxlen: 24
185.187.180.0/22 maxlen: 24
185.224.76.0/22 maxlen: 24
193.34.240.0/22 maxlen: 24
2a0d:59c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Oct 2024 11:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:f1:7b:9e:8c:f2:94:e0:3d:97:19:71:e2:7d:ca:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Oct 14 16:51:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a286a1da718fe283389164ab76de62400628ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8b:74:8c:74:5d:cc:51:4b:ac:cd:28:ce:cb:
eb:e0:de:a4:42:97:8f:0d:af:a5:44:6a:43:96:a5:
74:78:22:da:6e:b0:29:f4:84:14:df:34:fb:ca:dc:
9f:71:45:41:e1:5b:b3:2a:f9:2b:7e:09:4d:e1:d8:
5a:32:7b:4f:60:85:fb:b7:c1:d0:4d:e7:f4:5b:4a:
06:49:ba:50:d1:95:50:cd:35:bf:97:d5:5a:54:ba:
2a:9d:6c:64:7f:2d:04:77:dc:e8:81:5c:70:9f:d5:
c5:1e:35:86:bf:fd:9b:67:fd:eb:3e:8d:ff:bd:f1:
10:fc:4e:43:65:bf:ff:9b:d5:b1:bf:61:df:f7:1d:
d7:41:39:c7:8f:ef:16:4e:f4:3c:2f:f5:04:30:d4:
56:1c:87:a8:88:03:64:47:e2:97:ed:1e:66:04:bf:
eb:96:e9:6e:1a:c9:15:b7:7b:27:22:62:7f:95:fd:
11:06:f6:2a:f3:70:fd:d7:bd:4e:64:17:f5:e6:7b:
57:b0:29:4a:a1:41:f3:2c:79:2b:5e:22:56:b3:65:
ad:36:92:60:57:d1:10:3b:d3:58:07:5f:dc:08:18:
98:f7:f8:f4:32:f3:f0:4d:c2:36:d4:8c:48:b0:66:
7b:b8:44:bd:27:ee:57:93:00:e7:7a:35:b7:5f:07:
1b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:28:6A:1D:A7:18:FE:28:33:89:16:4A:B7:6D:E6:24:00:62:8E:C3
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/eihqHacY_igziRZKt23mJABijsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.220.0/22
185.145.224.0/22
185.155.64.0/22
185.173.44.0/22
185.187.180.0/22
185.224.76.0/22
193.34.240.0/22
IPv6:
2a0d:59c0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:22:ec:35:53:94:68:38:ca:2e:3b:3a:a6:43:85:fa:52:9d:
e0:ac:34:10:5e:a4:63:e0:61:59:e1:8e:0b:04:79:7a:ff:eb:
e0:1c:4d:05:55:71:0d:99:29:a4:34:01:16:46:39:25:cd:9c:
0d:9a:48:c4:51:8b:9a:13:9d:53:a2:99:db:62:0a:e4:89:36:
2b:57:43:aa:1c:65:9d:eb:23:5e:71:4e:32:2b:d4:70:68:e1:
dd:4f:bf:1b:fa:d3:61:fc:8d:f2:15:fe:f1:f5:9e:51:d2:63:
75:c8:54:5c:25:31:96:a5:74:18:42:79:05:30:09:43:47:6f:
5a:65:78:a5:d3:7e:18:5c:69:2b:a2:34:91:ec:44:c2:b6:ac:
8b:ad:b3:37:47:c0:7e:1e:3f:a5:ef:ba:1c:85:94:06:65:72:
98:82:3b:14:20:bf:33:1b:1d:99:1e:51:50:a0:bb:2e:7e:21:
f4:f1:f1:21:37:b0:6d:c9:68:96:2f:a3:37:08:b9:14:fd:a4:
05:76:9d:fd:c1:61:41:91:bd:81:2c:17:13:1e:db:4f:34:2e:
b8:89:79:6b:7a:cc:58:da:78:f8:72:8e:8d:d3:0c:e2:0d:b7:
a5:1d:9a:d6:97:a2:34:bb:f2:a5:4a:97:c6:b6:34:71:1f:79:
ae:7a:00:a5
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZKL8XuejPKU4D2XGXHifcqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjQxMDE0MTY1MTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTI4NmExZGE3MThmZTI4MzM4OTE2NGFiNzZkZTYyNDAwNjI4ZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYt0jHRdzFFLrM0ozsvr4N6kQpeP
Da+lRGpDlqV0eCLabrAp9IQU3zT7ytyfcUVB4VuzKvkrfglN4dhaMntPYIX7t8HQ
Tef0W0oGSbpQ0ZVQzTW/l9VaVLoqnWxkfy0Ed9zogVxwn9XFHjWGv/2bZ/3rPo3/
vfEQ/E5DZb//m9Wxv2Hf9x3XQTnHj+8WTvQ8L/UEMNRWHIeoiANkR+KX7R5mBL/r
luluGskVt3snImJ/lf0RBvYq83D9171OZBf15ntXsClKoUHzLHkrXiJWs2WtNpJg
V9EQO9NYB1/cCBiY9/j0MvPwTcI21IxIsGZ7uES9J+5XkwDnejW3XwcbVQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHooah2nGP4oM4kWSrdt5iQAYo7DMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvZWlocUhhY1lfaWd6aVJaS3QyM21KQUJpanNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCsGLcAwQC
uZHgAwQCuZtAAwQCua0sAwQCubu0AwQCueBMAwQCwSLwMA0EAgACMAcDBQMqDVnA
MA0GCSqGSIb3DQEBCwUAA4IBAQArIuw1U5RoOMouOzqmQ4X6Up3grDQQXqRj4GFZ
4Y4LBHl6/+vgHE0FVXENmSmkNAEWRjklzZwNmkjEUYuaE51TopnbYgrkiTYrV0Oq
HGWd6yNecU4yK9RwaOHdT78b+tNh/I3yFf7x9Z5R0mN1yFRcJTGWpXQYQnkFMAlD
R29aZXil034YXGkrojSR7ETCtqyLrbM3R8B+Hj+l77ochZQGZXKYgjsUIL8zGx2Z
HlFQoLsufiH08fEhN7BtyWiWL6M3CLkU/aQFdp39wWFBkb2BLBcTHttPNC64iXlr
esxY2nj4co6N0wziDbelHZrWl6I0u/KlSpfGtjRxH3muegCl
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:26:14 2024 by rpki-client on console-fra.rpki-client.org