Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/ErXzSzwK-EKU689bJBcSgSNLRGc.roa
File: ErXzSzwK-EKU689bJBcSgSNLRGc.roa (raw, json)
Hash identifier: EC8ZkVst2mVrygsjEPgQo/v9sV5DG2j7Z5tfct3GTzk=
Subject key identifier: 12:B5:F3:4B:3C:0A:F8:42:94:EB:CF:5B:24:17:12:81:23:4B:44:67
Certificate issuer: /CN=128f0960bf2fbf70c4c49ae101dff2ecc39875ed
Certificate serial: 01857030603BE21C6C6F258C1D79C6AA2AC5
Authority key identifier: 12:8F:09:60:BF:2F:BF:70:C4:C4:9A:E1:01:DF:F2:EC:C3:98:75:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eo8JYL8vv3DExJrhAd_y7MOYde0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/ErXzSzwK-EKU689bJBcSgSNLRGc.roa
Signing time: Mon 02 Jan 2023 01:54:56 +0000
ROA not before: Mon 02 Jan 2023 01:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50535
IP address blocks: 46.18.88.0/22 maxlen: 22
193.107.56.0/22 maxlen: 22
46.18.92.0/22 maxlen: 22
141.138.152.0/22 maxlen: 22
141.138.156.0/22 maxlen: 22
185.116.88.0/22 maxlen: 24
2a00:ce80::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:60:3b:e2:1c:6c:6f:25:8c:1d:79:c6:aa:2a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=128f0960bf2fbf70c4c49ae101dff2ecc39875ed
Validity
Not Before: Jan 2 01:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12b5f34b3c0af84294ebcf5b24171281234b4467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:91:24:cf:6b:75:8f:70:be:26:c6:28:9c:4e:
de:25:49:68:39:90:fe:a4:f2:b4:cf:a4:1b:78:0e:
70:88:1c:f1:b9:b0:84:48:9a:1f:95:47:30:40:95:
d1:e3:3f:2d:2c:b3:00:fd:93:3a:75:de:b5:b3:0b:
d1:bf:3b:20:c3:71:ac:10:79:76:b4:42:84:d6:81:
2e:7e:a9:d3:4c:fd:c0:9c:ae:c5:53:1f:4c:b9:44:
e2:d8:b2:c1:a1:20:6e:f6:4a:dd:ee:16:f6:60:8f:
df:40:f2:6b:44:0a:b8:f1:e0:47:0c:6d:1b:e0:68:
a2:78:8e:48:93:ba:0d:49:d7:dc:1e:f7:dd:0d:ae:
f8:22:91:8d:7a:ec:d8:5a:23:46:e6:26:1f:41:a0:
9a:ca:18:8c:d3:ea:aa:ed:a4:50:87:f5:4d:83:e7:
fa:56:3d:ee:03:13:51:2c:98:62:18:40:fc:99:18:
fa:4b:54:1f:2d:5f:e6:fa:f3:14:2e:70:7c:7f:04:
27:57:03:43:87:25:16:06:34:60:b2:ef:3b:35:49:
35:5e:31:0d:9b:e4:8b:de:c5:c6:fc:2e:62:6a:90:
de:d8:39:a6:6c:3c:31:ed:90:93:e0:3a:f7:d6:f7:
81:11:7f:1b:c8:b9:63:29:9c:98:9f:c7:36:d0:d0:
c6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B5:F3:4B:3C:0A:F8:42:94:EB:CF:5B:24:17:12:81:23:4B:44:67
X509v3 Authority Key Identifier:
keyid:12:8F:09:60:BF:2F:BF:70:C4:C4:9A:E1:01:DF:F2:EC:C3:98:75:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eo8JYL8vv3DExJrhAd_y7MOYde0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/ErXzSzwK-EKU689bJBcSgSNLRGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/Eo8JYL8vv3DExJrhAd_y7MOYde0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.88.0/21
141.138.152.0/21
185.116.88.0/22
193.107.56.0/22
IPv6:
2a00:ce80::/32
Signature Algorithm: sha256WithRSAEncryption
27:a8:96:95:ea:d3:af:98:0f:d1:37:14:45:45:65:73:74:5c:
db:54:40:c9:48:a9:0f:cc:65:a3:b9:86:50:3f:20:43:ff:6b:
dc:c6:cd:54:7f:22:e5:20:22:38:77:43:c8:d2:2e:42:e3:f6:
1b:8c:54:2b:6e:a2:43:d9:ab:8e:51:a2:69:6e:9e:0d:d0:b0:
1d:cc:cc:ee:91:78:8e:84:35:39:6f:91:e6:61:53:34:8c:cd:
19:60:68:4a:ac:e7:38:f6:52:12:79:28:3e:e7:b3:4c:73:32:
5d:e1:5e:dd:30:6a:54:30:31:89:1c:37:2d:15:3f:77:6f:11:
37:62:99:4f:62:46:d4:a4:25:af:a2:d2:3c:16:5c:59:4f:3d:
6b:81:f0:72:27:ea:4f:83:44:5d:ce:1b:ad:e8:ac:ec:c8:ee:
fe:be:6c:4b:38:31:bd:f8:35:6d:fe:c3:02:66:6d:8c:ef:bc:
ec:fa:35:2e:13:09:58:bb:da:f0:64:a1:61:3a:b4:ea:ce:d7:
d2:49:de:61:89:3b:c0:0c:5c:50:1d:97:3a:60:57:10:4b:0e:
ed:5d:d9:d4:a7:49:2b:d6:2e:86:79:f4:9d:95:dc:0e:81:8e:
bf:34:8d:16:67:d1:d3:d7:8b:20:c0:b3:68:2f:cf:81:b5:b5:
38:b9:e4:76
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwMGA74hxsbyWMHXnGqirFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyOGYwOTYwYmYyZmJmNzBjNGM0OWFlMTAxZGZmMmVjYzM5
ODc1ZWQwHhcNMjMwMTAyMDE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmI1ZjM0YjNjMGFmODQyOTRlYmNmNWIyNDE3MTI4MTIzNGI0NDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5Ekz2t1j3C+JsYonE7eJUloOZD+
pPK0z6QbeA5wiBzxubCESJoflUcwQJXR4z8tLLMA/ZM6dd61swvRvzsgw3GsEHl2
tEKE1oEufqnTTP3AnK7FUx9MuUTi2LLBoSBu9krd7hb2YI/fQPJrRAq48eBHDG0b
4GiieI5Ik7oNSdfcHvfdDa74IpGNeuzYWiNG5iYfQaCayhiM0+qq7aRQh/VNg+f6
Vj3uAxNRLJhiGED8mRj6S1QfLV/m+vMULnB8fwQnVwNDhyUWBjRgsu87NUk1XjEN
m+SL3sXG/C5iapDe2DmmbDwx7ZCT4Dr31veBEX8byLljKZyYn8c20NDGywIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBK180s8CvhClOvPWyQXEoEjS0RnMB8GA1UdIwQY
MBaAFBKPCWC/L79wxMSa4QHf8uzDmHXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW84SllMOHZ2M0RFeEpyaEFkX3k3TU9ZZGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wMDg2ODEtZGY3OS00NzdiLTkyMzYt
NDUzMDlhNWUyNzY4LzEvRXJYelN6d0stRUtVNjg5YkpCY1NnU05MUkdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wMDg2ODEtZGY3OS00NzdiLTkyMzYtNDUzMDlhNWUyNzY4
LzEvRW84SllMOHZ2M0RFeEpyaEFkX3k3TU9ZZGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhJYAwQD
jYqYAwQCuXRYAwQCwWs4MA0EAgACMAcDBQAqAM6AMA0GCSqGSIb3DQEBCwUAA4IB
AQAnqJaV6tOvmA/RNxRFRWVzdFzbVEDJSKkPzGWjuYZQPyBD/2vcxs1UfyLlICI4
d0PI0i5C4/YbjFQrbqJD2auOUaJpbp4N0LAdzMzukXiOhDU5b5HmYVM0jM0ZYGhK
rOc49lISeSg+57NMczJd4V7dMGpUMDGJHDctFT93bxE3YplPYkbUpCWvotI8FlxZ
Tz1rgfByJ+pPg0Rdzhut6KzsyO7+vmxLODG9+DVt/sMCZm2M77zs+jUuEwlYu9rw
ZKFhOrTqztfSSd5hiTvADFxQHZc6YFcQSw7tXdnUp0kr1i6GefSdldwOgY6/NI0W
Z9HT14sgwLNoL8+BtbU4ueR2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org