Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/EkvYdnbyOTK5DM_tjqvtaLcVqSY.roa
File: EkvYdnbyOTK5DM_tjqvtaLcVqSY.roa (raw, json)
Hash identifier: KCIaPs5I0g+VlNEbzEe4ptFGVPc9SSfoe7zFnHckudU=
Subject key identifier: 12:4B:D8:76:76:F2:39:32:B9:0C:CF:ED:8E:AB:ED:68:B7:15:A9:26
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 018CC64AFE42CA5A6487BF30170C7B599A44
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/EkvYdnbyOTK5DM_tjqvtaLcVqSY.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60032
IP address blocks: 193.56.168.0/22 maxlen: 22
45.152.184.0/22 maxlen: 22
194.36.137.0/24 maxlen: 24
45.129.48.0/22 maxlen: 22
185.107.84.0/22 maxlen: 24
185.61.144.0/22 maxlen: 22
109.70.16.0/21 maxlen: 22
45.85.176.0/22 maxlen: 22
45.11.148.0/22 maxlen: 22
194.36.221.0/24 maxlen: 24
80.240.176.0/21 maxlen: 21
185.163.60.0/22 maxlen: 22
80.240.188.0/22 maxlen: 22
45.90.224.0/22 maxlen: 22
185.203.180.0/22 maxlen: 22
194.36.169.0/24 maxlen: 24
5.252.60.0/22 maxlen: 22
194.36.167.0/24 maxlen: 24
188.92.64.0/21 maxlen: 22
5.252.88.0/22 maxlen: 22
185.13.180.0/22 maxlen: 22
95.214.44.0/22 maxlen: 22
2.59.68.0/22 maxlen: 22
2.59.72.0/22 maxlen: 22
193.8.116.0/22 maxlen: 22
185.229.176.0/22 maxlen: 22
128.127.16.0/21 maxlen: 22
185.253.36.0/22 maxlen: 22
212.104.240.0/20 maxlen: 20
185.128.140.0/22 maxlen: 23
194.182.112.0/20 maxlen: 22
2a06:4280::/29 maxlen: 32
2a02:cfc0::/29 maxlen: 32
2a02:79e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 01 Mar 2024 15:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fe:42:ca:5a:64:87:bf:30:17:0c:7b:59:9a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=124bd87676f23932b90ccfed8eabed68b715a926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0b:21:38:81:33:37:cb:5a:08:5c:28:c9:ad:
cf:4a:b0:a7:75:72:4d:9b:4e:ce:fa:41:b4:d8:13:
cd:f3:6c:88:c3:b4:bd:a6:5d:08:3f:3d:ac:7c:84:
d6:02:c3:0d:c0:e5:e2:1a:23:b8:29:90:cc:0d:41:
a2:b1:f0:b8:dd:45:58:60:cc:83:d9:e5:bf:60:ce:
75:5f:5f:bd:80:c9:21:4a:07:63:5e:79:6a:ce:ca:
9d:b4:26:c8:c8:42:58:e9:1f:6c:ae:70:5b:74:5c:
aa:f3:17:b4:0e:fc:9a:99:b5:34:59:da:f7:13:9b:
56:8d:b5:34:61:57:e0:1f:9a:7c:ed:7e:0b:85:b8:
40:a5:5c:1d:a9:17:71:aa:77:60:67:85:fa:02:24:
8c:61:2f:5e:53:d8:fb:fe:3e:99:0c:e2:2f:75:0a:
18:96:0f:fe:48:27:91:cb:58:05:74:8d:dd:d9:16:
de:ad:f0:26:6b:4c:a4:85:59:f1:74:69:26:09:13:
04:53:57:04:13:ec:b6:bd:91:05:56:7f:e3:ee:83:
02:72:9e:d4:33:64:1a:84:59:05:7b:74:9d:b7:d1:
8d:64:57:1d:a1:2a:55:a0:00:3a:a1:69:33:d0:5d:
1a:c7:25:12:e9:3c:05:af:c7:f0:df:e4:27:26:26:
1d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4B:D8:76:76:F2:39:32:B9:0C:CF:ED:8E:AB:ED:68:B7:15:A9:26
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/EkvYdnbyOTK5DM_tjqvtaLcVqSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.68.0-2.59.75.255
5.252.60.0/22
5.252.88.0/22
45.11.148.0/22
45.85.176.0/22
45.90.224.0/22
45.129.48.0/22
45.152.184.0/22
80.240.176.0/21
80.240.188.0/22
95.214.44.0/22
109.70.16.0/21
128.127.16.0/21
185.13.180.0/22
185.61.144.0/22
185.107.84.0/22
185.128.140.0/22
185.163.60.0/22
185.203.180.0/22
185.229.176.0/22
185.253.36.0/22
188.92.64.0/21
193.8.116.0/22
193.56.168.0/22
194.36.137.0/24
194.36.167.0/24
194.36.169.0/24
194.36.221.0/24
194.182.112.0/20
212.104.240.0/20
IPv6:
2a02:79e0::/32
2a02:cfc0::/29
2a06:4280::/29
Signature Algorithm: sha256WithRSAEncryption
8c:fe:57:5a:15:ca:ff:ea:cf:08:e0:18:72:0b:7b:b6:7e:0b:
f4:dc:7e:85:9c:45:b1:9a:1a:6a:20:f9:8f:b8:c4:ae:40:24:
21:cb:50:4f:ee:4b:b3:f2:b7:54:d7:57:14:e4:58:94:b7:3d:
30:95:02:fd:e3:6a:84:09:1d:d8:12:51:a3:88:39:ee:22:2a:
6e:50:a0:39:a8:c4:69:23:82:e9:b6:98:54:8d:5e:bf:bb:b6:
fa:b0:f6:ff:be:9e:6d:c0:16:c9:16:15:f8:29:67:e9:89:72:
d2:5b:3e:e9:b4:e3:84:50:36:0e:8d:05:80:87:09:fa:f8:8e:
ad:ae:7d:6d:88:c5:50:8b:15:da:b2:3b:cf:be:33:41:da:ed:
2a:40:70:13:e1:6f:45:15:63:b4:e3:0a:e6:d2:43:b3:0b:69:
88:57:f6:ad:1d:e7:ee:42:36:f9:f0:c5:d3:0b:50:8a:88:8e:
43:1b:1f:e6:1b:be:7c:82:1e:d2:ea:c7:66:bb:05:85:77:b5:
f5:4a:68:d4:cd:ab:37:84:ac:97:25:00:c3:23:25:8d:5d:9d:
cf:07:7b:9e:3c:af:e5:b7:fa:94:89:06:ea:52:06:46:78:1a:
ba:57:87:10:37:c7:38:76:6b:b1:ae:7c:59:7a:1c:7b:44:ee:
99:35:37:5c
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAYzGSv5Cylpkh78wFwx7WZpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjRiZDg3Njc2ZjIzOTMyYjkwY2NmZWQ4ZWFiZWQ2OGI3MTVhOTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgshOIEzN8taCFwoya3PSrCndXJN
m07O+kG02BPN82yIw7S9pl0IPz2sfITWAsMNwOXiGiO4KZDMDUGisfC43UVYYMyD
2eW/YM51X1+9gMkhSgdjXnlqzsqdtCbIyEJY6R9srnBbdFyq8xe0DvyambU0Wdr3
E5tWjbU0YVfgH5p87X4LhbhApVwdqRdxqndgZ4X6AiSMYS9eU9j7/j6ZDOIvdQoY
lg/+SCeRy1gFdI3d2RberfAma0ykhVnxdGkmCRMEU1cEE+y2vZEFVn/j7oMCcp7U
M2QahFkFe3Sdt9GNZFcdoSpVoAA6oWkz0F0axyUS6TwFr8fw3+QnJiYdMwIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFBJL2HZ28jkyuQzP7Y6r7Wi3FakmMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvRWt2WWRuYnlPVEs1RE1fdGpxdnRhTGNWcVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCBwwQCAAEwgbwwDAME
AgI7RAMEAgI7SAMEAgX8PAMEAgX8WAMEAi0LlAMEAi1VsAMEAi1a4AMEAi2BMAME
Ai2YuAMEA1DwsAMEAlDwvAMEAl/WLAMEA21GEAMEA4B/EAMEArkNtAMEArk9kAME
ArlrVAMEArmAjAMEArmjPAMEArnLtAMEArnlsAMEArn9JAMEA7xcQAMEAsEIdAME
AsE4qAMEAMIkiQMEAMIkpwMEAMIkqQMEAMIk3QMEBMK2cAMEBNRo8DAbBAIAAjAV
AwUAKgJ54AMFAyoCz8ADBQMqBkKAMA0GCSqGSIb3DQEBCwUAA4IBAQCM/ldaFcr/
6s8I4BhyC3u2fgv03H6FnEWxmhpqIPmPuMSuQCQhy1BP7kuz8rdU11cU5FiUtz0w
lQL942qECR3YElGjiDnuIipuUKA5qMRpI4LptphUjV6/u7b6sPb/vp5twBbJFhX4
KWfpiXLSWz7ptOOEUDYOjQWAhwn6+I6trn1tiMVQixXasjvPvjNB2u0qQHAT4W9F
FWO04wrm0kOzC2mIV/atHefuQjb58MXTC1CKiI5DGx/mG758gh7S6sdmuwWFd7X1
SmjUzas3hKyXJQDDIyWNXZ3PB3uePK/lt/qUiQbqUgZGeBq6V4cQN8c4dmuxrnxZ
ehx7RO6ZNTdc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:56 2024 by rpki-client on console-fra.rpki-client.org