Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/001b9f-e4d8-4dac-bf08-7240c36000d7/1/Em51ez_8vnxmvxv0KMwKynWt3o8.roa
File: Em51ez_8vnxmvxv0KMwKynWt3o8.roa (raw, json)
Hash identifier: cN7ABO81pMfWwiecSNYEtdxTg+miUvDQSzwmnwQ3avE=
Subject key identifier: 12:6E:75:7B:3F:FC:BE:7C:66:BF:1B:F4:28:CC:0A:CA:75:AD:DE:8F
Certificate issuer: /CN=979586035abe23569c2135e320dbd1a255b84034
Certificate serial: 01856E2FC1FF10261B37E0BE234884B2BFE4
Authority key identifier: 97:95:86:03:5A:BE:23:56:9C:21:35:E3:20:DB:D1:A2:55:B8:40:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5WGA1q-I1acITXjINvRolW4QDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/001b9f-e4d8-4dac-bf08-7240c36000d7/1/Em51ez_8vnxmvxv0KMwKynWt3o8.roa
Signing time: Sun 01 Jan 2023 16:35:01 +0000
ROA not before: Sun 01 Jan 2023 16:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197470
IP address blocks: 91.220.221.0/24 maxlen: 24
46.151.232.0/21 maxlen: 21
91.221.170.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:c1:ff:10:26:1b:37:e0:be:23:48:84:b2:bf:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979586035abe23569c2135e320dbd1a255b84034
Validity
Not Before: Jan 1 16:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=126e757b3ffcbe7c66bf1bf428cc0aca75adde8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0b:f1:8e:97:34:58:83:e7:fd:ea:12:ad:66:
81:9f:f6:7e:4e:73:75:ab:ea:30:8c:54:5e:7a:b8:
6c:36:72:bc:63:9d:10:95:bc:2a:46:ad:df:cf:89:
4f:90:72:ef:ef:b0:ed:12:ab:aa:c5:58:db:c6:9a:
60:1c:86:f1:a9:bd:40:02:ed:6a:5d:cf:d4:90:9c:
01:7d:18:36:74:24:46:e6:79:d5:1d:34:dd:e6:c3:
e1:d0:8a:54:68:b2:ec:d5:e2:0c:e0:e3:a5:63:1b:
2c:d0:ff:7b:73:3a:dd:51:56:32:96:b3:8f:1c:53:
cc:0b:16:f0:bf:82:7a:aa:d9:fc:61:3f:ea:26:a3:
84:a1:53:d9:b1:fa:97:e5:c3:51:d2:5b:0d:dd:4b:
c0:4f:6e:b9:b8:11:4d:0e:df:ab:c1:66:3d:f6:56:
c2:b4:8a:1c:ba:7e:ce:14:de:6a:70:44:9c:1f:f2:
7e:d2:f0:78:38:17:19:1f:83:e9:e2:52:15:47:0f:
54:0e:9a:86:20:7c:8c:e9:23:a8:17:b8:e6:26:59:
12:a2:86:a7:08:c0:ef:19:8f:5b:78:3e:bc:35:48:
9e:95:48:30:8d:c8:bb:a8:51:cf:5a:0e:6e:7a:92:
87:1c:a3:f4:ea:32:be:69:1a:89:62:56:2b:ef:6a:
25:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:6E:75:7B:3F:FC:BE:7C:66:BF:1B:F4:28:CC:0A:CA:75:AD:DE:8F
X509v3 Authority Key Identifier:
keyid:97:95:86:03:5A:BE:23:56:9C:21:35:E3:20:DB:D1:A2:55:B8:40:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5WGA1q-I1acITXjINvRolW4QDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/001b9f-e4d8-4dac-bf08-7240c36000d7/1/Em51ez_8vnxmvxv0KMwKynWt3o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/001b9f-e4d8-4dac-bf08-7240c36000d7/1/l5WGA1q-I1acITXjINvRolW4QDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.232.0/21
91.220.221.0/24
91.221.170.0/23
Signature Algorithm: sha256WithRSAEncryption
06:86:41:50:93:72:06:48:f2:c7:f5:63:64:fa:7d:b0:cb:51:
50:56:6c:f5:72:2d:ed:c0:cf:21:8f:64:b4:2e:f8:c4:41:de:
3a:f5:f0:1f:fc:d5:74:7c:bf:4a:0c:23:d4:2d:de:4f:69:d4:
df:29:7c:bf:fa:52:96:7d:28:7d:5b:b0:93:a7:e3:8a:93:43:
14:62:79:c1:ba:b6:61:73:98:d5:15:08:5d:9a:ec:70:7f:1f:
d2:ce:b1:56:36:1f:03:36:04:94:85:f7:a9:89:98:41:1c:ca:
3c:ec:ef:ce:ab:99:36:28:64:ac:d1:ec:df:ae:16:1f:1d:70:
93:23:b5:53:f3:cd:f8:dc:43:5b:d3:0c:8c:4a:cc:73:3b:88:
3c:47:c3:ef:18:0a:db:85:f6:6b:65:85:98:84:d7:b8:74:b9:
12:f4:c6:94:69:e7:74:24:5e:f1:e3:cd:db:95:4b:73:8c:fa:
bb:c4:3b:96:c6:39:a6:19:6e:88:01:e4:66:d9:10:d5:80:82:
27:0d:fb:da:9d:be:51:9b:21:3f:95:03:1a:cc:49:52:8c:b1:
bc:8c:07:c6:d1:de:73:18:39:cf:6d:0b:70:dd:77:dd:78:8c:
5d:97:b9:7d:17:71:a4:65:37:54:e2:e5:74:8c:01:61:bf:5f:
5d:0e:73:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuL8H/ECYbN+C+I0iEsr/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTU4NjAzNWFiZTIzNTY5YzIxMzVlMzIwZGJkMWEyNTVi
ODQwMzQwHhcNMjMwMTAxMTYzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjZlNzU3YjNmZmNiZTdjNjZiZjFiZjQyOGNjMGFjYTc1YWRkZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAvxjpc0WIPn/eoSrWaBn/Z+TnN1
q+owjFReerhsNnK8Y50QlbwqRq3fz4lPkHLv77DtEquqxVjbxppgHIbxqb1AAu1q
Xc/UkJwBfRg2dCRG5nnVHTTd5sPh0IpUaLLs1eIM4OOlYxss0P97czrdUVYylrOP
HFPMCxbwv4J6qtn8YT/qJqOEoVPZsfqX5cNR0lsN3UvAT265uBFNDt+rwWY99lbC
tIocun7OFN5qcEScH/J+0vB4OBcZH4Pp4lIVRw9UDpqGIHyM6SOoF7jmJlkSooan
CMDvGY9beD68NUielUgwjci7qFHPWg5uepKHHKP06jK+aRqJYlYr72olwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBJudXs//L58Zr8b9CjMCsp1rd6PMB8GA1UdIwQY
MBaAFJeVhgNaviNWnCE14yDb0aJVuEA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVXR0ExcS1JMWFjSVRYaklOdlJvbFc0UURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wMDFiOWYtZTRkOC00ZGFjLWJmMDgt
NzI0MGMzNjAwMGQ3LzEvRW01MWV6Xzh2bnhtdnh2MEtNd0t5bld0M284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wMDFiOWYtZTRkOC00ZGFjLWJmMDgtNzI0MGMzNjAwMGQ3
LzEvbDVXR0ExcS1JMWFjSVRYaklOdlJvbFc0UURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLpfoAwQA
W9zdAwQBW92qMA0GCSqGSIb3DQEBCwUAA4IBAQAGhkFQk3IGSPLH9WNk+n2wy1FQ
Vmz1ci3twM8hj2S0LvjEQd469fAf/NV0fL9KDCPULd5PadTfKXy/+lKWfSh9W7CT
p+OKk0MUYnnBurZhc5jVFQhdmuxwfx/SzrFWNh8DNgSUhfepiZhBHMo87O/Oq5k2
KGSs0ezfrhYfHXCTI7VT88343ENb0wyMSsxzO4g8R8PvGArbhfZrZYWYhNe4dLkS
9MaUaed0JF7x483blUtzjPq7xDuWxjmmGW6IAeRm2RDVgIInDfvanb5RmyE/lQMa
zElSjLG8jAfG0d5zGDnPbQtw3XfdeIxdl7l9F3GkZTdU4uV0jAFhv19dDnMw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:48 2024 by rpki-client on console-fra.rpki-client.org