Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/eqwxzUq5p3_a1jgENWSO0vWBSqw.roa
File: eqwxzUq5p3_a1jgENWSO0vWBSqw.roa (raw, json)
Hash identifier: eIp58uvHDJbwNWDeAHb1QNFkK0qPzvOVG+qihhXpoFQ=
Subject key identifier: 7A:AC:31:CD:4A:B9:A7:7F:DA:D6:38:04:35:64:8E:D2:F5:81:4A:AC
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E61BFD693D1AE1AA1624616AD35759A1C
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/eqwxzUq5p3_a1jgENWSO0vWBSqw.roa
Signing time: Thu 21 Mar 2024 16:02:26 +0000
ROA not before: Thu 21 Mar 2024 16:02:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
95.100.128.0/22 maxlen: 22
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
2a02:26f0:9700::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Mar 2024 10:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:bf:d6:93:d1:ae:1a:a1:62:46:16:ad:35:75:9a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 21 16:02:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7aac31cd4ab9a77fdad6380435648ed2f5814aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:87:46:89:1f:7b:82:a6:5a:55:93:58:54:d5:
7d:71:f0:b2:92:d8:b1:15:53:7f:de:68:da:a3:6c:
f3:9d:8f:a0:d6:30:f6:07:ec:5d:79:d6:a3:b6:35:
7d:48:4d:07:61:2f:24:65:93:fb:fc:8a:94:f9:be:
93:06:4e:4f:81:f2:5f:03:f0:fd:5d:ec:94:4a:60:
39:c4:b0:69:19:f9:44:22:5f:3e:65:ae:0b:49:d8:
ce:3b:b6:3c:1a:3f:51:d5:53:e9:20:d7:22:97:b8:
94:cd:b0:ea:9f:64:5d:f3:be:aa:2e:78:52:11:2a:
c5:08:1c:d9:6a:b1:44:ce:0c:ee:9d:b4:e9:59:e0:
45:da:eb:8f:44:69:c0:38:6c:e0:27:80:71:bb:20:
62:10:55:1d:75:9f:d8:04:dd:7b:db:51:8e:a9:3d:
d3:32:33:3c:df:b5:49:5f:4f:3a:88:fe:91:6e:01:
50:89:98:bd:58:fb:51:52:4d:b8:84:fe:34:1e:45:
aa:f7:c4:5a:d5:f6:e4:46:f9:e0:7b:33:d6:e0:d3:
3d:26:78:67:3e:0e:93:17:c8:dc:91:fd:fa:49:92:
97:b1:f7:4f:e8:cf:32:95:f3:19:33:68:c3:36:b5:
34:41:71:a2:6e:d8:57:09:0b:58:3f:d0:35:b8:2f:
9d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:AC:31:CD:4A:B9:A7:7F:DA:D6:38:04:35:64:8E:D2:F5:81:4A:AC
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/eqwxzUq5p3_a1jgENWSO0vWBSqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.221.28.0/22
88.221.100.0/22
95.100.128.0/22
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
IPv6:
2a02:26f0:9700::/48
Signature Algorithm: sha256WithRSAEncryption
5b:06:1b:8d:52:2e:d0:4a:99:a8:ff:93:35:df:c7:84:3e:10:
13:6e:54:90:de:32:96:6e:0c:a5:9e:6d:bd:a1:b6:15:7e:0a:
02:6b:11:bf:d1:68:9e:0d:a0:f8:ee:3f:46:07:c6:75:c1:92:
89:61:d6:db:81:74:7f:55:3b:78:5d:76:58:06:69:1c:81:98:
20:f3:5d:42:59:b3:4b:4e:1f:ea:24:46:3a:fe:08:15:19:fa:
7b:79:28:3c:a8:bd:6e:99:d6:be:92:49:67:b1:19:03:94:eb:
71:0b:76:18:9f:c0:cf:ce:73:43:d3:df:34:b2:bb:71:2d:4d:
c9:92:48:b9:6f:f2:ed:8b:58:d7:1d:6b:5a:03:9e:79:83:8e:
7e:a2:b2:79:4b:b0:0b:0e:13:5b:22:e5:44:fe:14:12:62:d2:
07:47:61:55:be:8a:95:26:18:6c:4d:df:c0:2c:17:ed:87:99:
2e:36:15:70:85:2e:c5:93:ea:22:dd:d0:30:e8:9a:f3:34:1f:
ac:16:6c:d4:32:9e:8d:bd:25:b8:06:b9:a0:5f:0c:73:8c:96:
ee:8c:24:3a:a4:fb:33:16:b6:40:e1:bf:5c:fc:4d:a6:7b:6e:
5d:60:f2:d7:f0:4c:2e:f3:44:d7:84:f0:14:ea:df:8e:0d:9d:
d8:d9:7c:55
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY5hv9aT0a4aoWJGFq01dZocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzIxMTYwMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWFjMzFjZDRhYjlhNzdmZGFkNjM4MDQzNTY0OGVkMmY1ODE0YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIdGiR97gqZaVZNYVNV9cfCyktix
FVN/3mjao2zznY+g1jD2B+xdedajtjV9SE0HYS8kZZP7/IqU+b6TBk5PgfJfA/D9
XeyUSmA5xLBpGflEIl8+Za4LSdjOO7Y8Gj9R1VPpINcil7iUzbDqn2Rd876qLnhS
ESrFCBzZarFEzgzunbTpWeBF2uuPRGnAOGzgJ4BxuyBiEFUddZ/YBN1721GOqT3T
MjM837VJX086iP6RbgFQiZi9WPtRUk24hP40HkWq98Ra1fbkRvngezPW4NM9Jnhn
Pg6TF8jckf36SZKXsfdP6M8ylfMZM2jDNrU0QXGibthXCQtYP9A1uC+dGwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHqsMc1Kuad/2tY4BDVkjtL1gUqsMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvZXF3eHpVcTVwM19hMWpnRU5XU08wdldCU3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQCWN0cAwQC
WN1kAwQCX2SAAwQCX2VEAwQAX2VyAwQCX2WcMA8EAgACMAkDBwAqAibwlwAwDQYJ
KoZIhvcNAQELBQADggEBAFsGG41SLtBKmaj/kzXfx4Q+EBNuVJDeMpZuDKWebb2h
thV+CgJrEb/RaJ4NoPjuP0YHxnXBkolh1tuBdH9VO3hddlgGaRyBmCDzXUJZs0tO
H+okRjr+CBUZ+nt5KDyovW6Z1r6SSWexGQOU63ELdhifwM/Oc0PT3zSyu3EtTcmS
SLlv8u2LWNcda1oDnnmDjn6isnlLsAsOE1si5UT+FBJi0gdHYVW+ipUmGGxN38As
F+2HmS42FXCFLsWT6iLd0DDomvM0H6wWbNQyno29JbgGuaBfDHOMlu6MJDqk+zMW
tkDhv1z8TaZ7bl1g8tfwTC7zRNeE8BTq344NndjZfFU=
-----END CERTIFICATE-----
Generated at Tue Mar 26 14:31:42 2024 by rpki-client on console-ams.rpki-client.org