Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c15ddb-e1ef-4308-988d-aefa757e0c38/1/eoMFvp-OpzWs-bDGF4jzH7uUniE.roa
File: eoMFvp-OpzWs-bDGF4jzH7uUniE.roa (raw, json)
Hash identifier: YKQQ6jTxo9+V1EEqWDtT3+ETA7rLJR2wyCUBub02qGk=
Subject key identifier: 7A:83:05:BE:9F:8E:A7:35:AC:F9:B0:C6:17:88:F3:1F:BB:94:9E:21
Certificate issuer: /CN=9821e37eab6ef6326933e5fa3748d07d83026db0
Certificate serial: 0185718C3EB43151EDF00F4C712C7A4264B2
Authority key identifier: 98:21:E3:7E:AB:6E:F6:32:69:33:E5:FA:37:48:D0:7D:83:02:6D:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCHjfqtu9jJpM-X6N0jQfYMCbbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c15ddb-e1ef-4308-988d-aefa757e0c38/1/eoMFvp-OpzWs-bDGF4jzH7uUniE.roa
Signing time: Mon 02 Jan 2023 08:14:54 +0000
ROA not before: Mon 02 Jan 2023 08:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35370
IP address blocks: 87.243.150.0/23 maxlen: 23
87.243.152.0/22 maxlen: 22
87.243.148.0/23 maxlen: 23
87.243.146.0/23 maxlen: 23
87.243.157.0/24 maxlen: 24
87.243.158.0/24 maxlen: 24
87.243.158.0/23 maxlen: 23
87.243.156.0/23 maxlen: 23
87.243.156.0/24 maxlen: 24
87.243.154.0/24 maxlen: 24
87.243.164.0/22 maxlen: 22
87.243.160.0/22 maxlen: 22
87.243.160.0/23 maxlen: 23
87.243.171.0/24 maxlen: 24
87.243.172.0/22 maxlen: 22
87.243.168.0/23 maxlen: 23
87.243.178.0/24 maxlen: 24
87.243.177.0/24 maxlen: 24
87.243.180.0/22 maxlen: 22
87.243.184.0/24 maxlen: 24
87.243.184.0/21 maxlen: 21
87.243.132.0/22 maxlen: 22
87.243.128.0/18 maxlen: 18
87.243.128.0/22 maxlen: 22
87.243.136.0/22 maxlen: 22
87.243.145.0/24 maxlen: 24
87.243.144.0/23 maxlen: 23
87.243.144.0/24 maxlen: 24
87.243.140.0/22 maxlen: 22
78.152.64.0/19 maxlen: 24
78.152.64.0/21 maxlen: 21
78.152.68.0/24 maxlen: 24
78.152.72.0/21 maxlen: 21
78.152.80.0/21 maxlen: 21
78.152.88.0/21 maxlen: 24
78.152.95.0/24 maxlen: 24
78.152.92.0/22 maxlen: 22
2a0b:9e03::/32 maxlen: 32
2a0b:9e00::/29 maxlen: 29
2a0b:9e01::/32 maxlen: 32
2a0b:9e04::/32 maxlen: 32
2a0b:9e07::/32 maxlen: 32
2a0b:9e00::/32 maxlen: 32
2a0b:9e06::/32 maxlen: 32
2a0b:9e05::/32 maxlen: 32
2a0b:9e02::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:3e:b4:31:51:ed:f0:0f:4c:71:2c:7a:42:64:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9821e37eab6ef6326933e5fa3748d07d83026db0
Validity
Not Before: Jan 2 08:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a8305be9f8ea735acf9b0c61788f31fbb949e21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:54:99:90:9f:02:d5:f9:8d:92:24:f6:43:87:
c1:80:94:e7:50:ce:36:e4:58:2f:b2:29:d2:76:32:
b1:43:35:dd:90:12:d8:ab:11:a3:da:eb:4e:02:82:
5b:6d:b1:4f:93:44:1b:e7:87:b3:1a:45:a1:c8:ad:
d6:1a:37:93:47:e9:00:98:49:05:c5:79:c7:89:e8:
76:ba:0e:c7:64:c1:b0:7f:e5:ff:5a:11:62:8c:b3:
43:9f:7b:14:49:cb:b8:36:08:46:6a:91:de:15:c8:
08:39:46:f6:99:ac:57:06:9a:b6:cb:ad:ca:e2:6c:
c5:eb:e8:55:88:78:ed:de:61:0f:38:7e:3b:34:f4:
fa:40:af:86:3b:78:16:19:cd:eb:a7:7d:a1:63:ac:
ef:3b:9d:f3:2c:99:f9:fb:3b:b7:97:35:d9:32:57:
59:a9:e2:2e:dd:7c:c8:d1:3d:9b:ab:86:f1:f8:fa:
b7:1e:12:09:4f:1c:e1:0c:3d:10:33:ed:aa:f5:b6:
59:b0:7c:97:cf:51:eb:ad:b6:a6:e8:32:24:e9:01:
f8:ed:bb:e5:ff:8b:22:40:4b:75:d1:b3:38:26:7f:
28:69:04:01:a1:64:42:53:60:99:88:3b:cc:05:30:
a5:8a:cb:9f:c9:b4:ad:10:ee:e5:92:66:a3:a7:7c:
45:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:83:05:BE:9F:8E:A7:35:AC:F9:B0:C6:17:88:F3:1F:BB:94:9E:21
X509v3 Authority Key Identifier:
keyid:98:21:E3:7E:AB:6E:F6:32:69:33:E5:FA:37:48:D0:7D:83:02:6D:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCHjfqtu9jJpM-X6N0jQfYMCbbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c15ddb-e1ef-4308-988d-aefa757e0c38/1/eoMFvp-OpzWs-bDGF4jzH7uUniE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c15ddb-e1ef-4308-988d-aefa757e0c38/1/mCHjfqtu9jJpM-X6N0jQfYMCbbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.152.64.0/19
87.243.128.0/18
IPv6:
2a0b:9e00::/29
Signature Algorithm: sha256WithRSAEncryption
3f:20:4f:4c:e2:17:08:c2:a2:79:4b:4d:ab:46:9a:1f:8f:e9:
ca:0b:1e:ab:2f:80:a0:ee:f9:10:55:9c:b9:d5:19:fe:9a:b3:
c8:37:d9:57:38:e3:7e:12:14:e9:26:ed:aa:b9:46:33:a9:db:
ab:b1:9c:a9:bf:5f:5c:a0:cf:a2:86:98:11:99:b2:50:34:1c:
75:11:be:d7:94:48:a6:90:33:6e:b7:41:41:fb:dc:29:29:de:
5c:58:c1:4b:39:ec:4e:47:20:46:b5:b7:6b:02:0d:ab:f9:4c:
59:4e:02:d8:b3:d9:d8:62:fa:97:50:80:e0:7e:a6:1b:47:4d:
58:58:35:cd:74:e3:b8:fe:67:02:b2:7c:c5:07:01:6c:a8:56:
07:05:5b:84:df:d8:fa:47:6e:e3:a6:31:c1:ba:d1:4e:5a:5b:
2c:79:92:eb:a0:63:41:0a:cd:84:60:09:fe:59:41:cb:eb:2b:
de:ff:c0:5d:0e:4d:2c:dc:54:7e:5a:bb:2c:88:90:af:0e:f4:
68:01:e0:13:26:e8:a0:ed:d8:24:1a:02:a4:b1:cc:b1:54:fa:
32:92:30:d0:a2:44:0d:c7:b9:92:99:0c:c0:6d:ad:90:71:5c:
83:07:5a:27:a0:8c:60:4a:17:1d:40:35:03:68:42:53:c1:94:
ac:1b:f2:5f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxjD60MVHt8A9McSx6QmSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MjFlMzdlYWI2ZWY2MzI2OTMzZTVmYTM3NDhkMDdkODMw
MjZkYjAwHhcNMjMwMTAyMDgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTgzMDViZTlmOGVhNzM1YWNmOWIwYzYxNzg4ZjMxZmJiOTQ5ZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlSZkJ8C1fmNkiT2Q4fBgJTnUM42
5FgvsinSdjKxQzXdkBLYqxGj2utOAoJbbbFPk0Qb54ezGkWhyK3WGjeTR+kAmEkF
xXnHieh2ug7HZMGwf+X/WhFijLNDn3sUScu4NghGapHeFcgIOUb2maxXBpq2y63K
4mzF6+hViHjt3mEPOH47NPT6QK+GO3gWGc3rp32hY6zvO53zLJn5+zu3lzXZMldZ
qeIu3XzI0T2bq4bx+Pq3HhIJTxzhDD0QM+2q9bZZsHyXz1Hrrbam6DIk6QH47bvl
/4siQEt10bM4Jn8oaQQBoWRCU2CZiDvMBTClisufybStEO7lkmajp3xFYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHqDBb6fjqc1rPmwxheI8x+7lJ4hMB8GA1UdIwQY
MBaAFJgh436rbvYyaTPl+jdI0H2DAm2wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUNIamZxdHU5akpwTS1YNk4walFmWU1DYmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jMTVkZGItZTFlZi00MzA4LTk4OGQt
YWVmYTc1N2UwYzM4LzEvZW9NRnZwLU9weldzLWJER0Y0anpIN3VVbmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jMTVkZGItZTFlZi00MzA4LTk4OGQtYWVmYTc1N2UwYzM4
LzEvbUNIamZxdHU5akpwTS1YNk4walFmWU1DYmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFTphAAwQG
V/OAMA0EAgACMAcDBQMqC54AMA0GCSqGSIb3DQEBCwUAA4IBAQA/IE9M4hcIwqJ5
S02rRpofj+nKCx6rL4Cg7vkQVZy51Rn+mrPIN9lXOON+EhTpJu2quUYzqdursZyp
v19coM+ihpgRmbJQNBx1Eb7XlEimkDNut0FB+9wpKd5cWMFLOexORyBGtbdrAg2r
+UxZTgLYs9nYYvqXUIDgfqYbR01YWDXNdOO4/mcCsnzFBwFsqFYHBVuE39j6R27j
pjHButFOWlsseZLroGNBCs2EYAn+WUHL6yve/8BdDk0s3FR+WrssiJCvDvRoAeAT
Juig7dgkGgKkscyxVPoykjDQokQNx7mSmQzAba2QcVyDB1onoIxgShcdQDUDaEJT
wZSsG/Jf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:24 2024 by rpki-client on console-ams.rpki-client.org