Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/1fdf04-8b4e-4332-a4de-7793b9efb1bd/1/Ectn1zv33c5yimRw5Bw-0KKlSb4.roa
File: Ectn1zv33c5yimRw5Bw-0KKlSb4.roa (raw, json)
Hash identifier: ldyHJpO/nAsrea+Q1m195tjMNx8mDo4vfB4rxQ7cZuo=
Subject key identifier: 11:CB:67:D7:3B:F7:DD:CE:72:8A:64:70:E4:1C:3E:D0:A2:A5:49:BE
Certificate issuer: /CN=ae1eb280d1722846a44124c4c62d0059f61af242
Certificate serial: 018C96DE44BDFBB1909838B8F336DFA42B60
Authority key identifier: AE:1E:B2:80:D1:72:28:46:A4:41:24:C4:C6:2D:00:59:F6:1A:F2:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rh6ygNFyKEakQSTExi0AWfYa8kI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/1fdf04-8b4e-4332-a4de-7793b9efb1bd/1/Ectn1zv33c5yimRw5Bw-0KKlSb4.roa
Signing time: Sat 23 Dec 2023 13:29:58 +0000
ROA not before: Sat 23 Dec 2023 13:29:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42428
IP address blocks: 212.11.164.0/24 maxlen: 24
212.11.165.0/24 maxlen: 24
212.11.162.0/24 maxlen: 24
212.11.163.0/24 maxlen: 24
212.11.166.0/24 maxlen: 24
212.11.160.0/23 maxlen: 23
212.11.167.0/24 maxlen: 24
212.11.168.0/23 maxlen: 23
212.11.171.0/24 maxlen: 24
212.11.172.0/24 maxlen: 24
212.11.170.0/24 maxlen: 24
212.11.178.0/23 maxlen: 23
212.11.176.0/24 maxlen: 24
212.11.177.0/24 maxlen: 24
212.11.174.0/23 maxlen: 23
212.11.173.0/24 maxlen: 24
87.230.160.0/19 maxlen: 19
212.11.181.0/24 maxlen: 24
212.11.182.0/24 maxlen: 24
212.11.180.0/24 maxlen: 24
212.11.185.0/24 maxlen: 24
212.11.186.0/23 maxlen: 23
212.11.183.0/24 maxlen: 24
212.11.184.0/24 maxlen: 24
212.11.188.0/22 maxlen: 22
87.230.128.0/19 maxlen: 19
88.84.112.0/20 maxlen: 20
87.230.192.0/18 maxlen: 18
88.84.96.0/22 maxlen: 22
88.84.96.0/19 maxlen: 19
88.84.96.0/20 maxlen: 20
88.84.100.0/22 maxlen: 22
88.84.104.0/21 maxlen: 21
2a02:fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:de:44:bd:fb:b1:90:98:38:b8:f3:36:df:a4:2b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae1eb280d1722846a44124c4c62d0059f61af242
Validity
Not Before: Dec 23 13:29:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11cb67d73bf7ddce728a6470e41c3ed0a2a549be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8c:96:84:46:04:6e:7f:6f:71:bb:d5:1f:62:
44:4e:d6:af:a9:0e:bf:36:e6:25:dc:8a:d2:0a:3c:
30:56:4b:44:00:cc:19:2b:e0:ff:bf:62:4c:e1:35:
ef:e9:5f:91:eb:86:b2:77:41:db:ce:3c:b2:fc:19:
ad:89:75:63:19:eb:6b:a2:eb:be:1e:82:90:34:ef:
8f:18:3c:86:9b:8d:39:1c:1b:36:49:cc:34:1e:81:
45:30:96:9f:9b:cb:3b:7b:47:c6:eb:1d:ff:08:e2:
8a:59:d9:82:c3:a9:5c:ff:8a:6e:89:aa:b2:6b:f8:
e2:7f:2e:b6:14:51:fc:f4:a9:93:24:b5:3b:04:86:
fd:0e:01:22:af:90:91:d5:63:fc:49:b3:00:cc:bc:
0d:a4:2b:cd:cb:69:6f:69:79:be:86:f8:40:03:3f:
70:38:5a:1d:16:74:93:9c:5a:05:3a:36:94:68:5e:
77:75:15:70:6f:72:28:b2:07:3f:60:92:af:f5:69:
27:45:c9:08:e1:8c:0e:fe:93:2f:c8:9e:34:97:cb:
f7:a4:9f:82:88:d3:db:67:85:2a:9f:c2:92:39:81:
33:cc:da:f4:ab:6b:71:00:c1:74:cd:dc:4e:d8:2b:
d6:d7:31:3d:6e:4b:7b:97:86:74:7d:51:53:9e:fe:
df:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:CB:67:D7:3B:F7:DD:CE:72:8A:64:70:E4:1C:3E:D0:A2:A5:49:BE
X509v3 Authority Key Identifier:
keyid:AE:1E:B2:80:D1:72:28:46:A4:41:24:C4:C6:2D:00:59:F6:1A:F2:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh6ygNFyKEakQSTExi0AWfYa8kI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/1fdf04-8b4e-4332-a4de-7793b9efb1bd/1/Ectn1zv33c5yimRw5Bw-0KKlSb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/1fdf04-8b4e-4332-a4de-7793b9efb1bd/1/rh6ygNFyKEakQSTExi0AWfYa8kI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.230.128.0/17
88.84.96.0/19
212.11.160.0/19
IPv6:
2a02:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:11:aa:73:1a:28:ec:6c:29:b7:b6:1f:92:d0:17:54:d1:5d:
cf:f8:13:3d:8a:f4:cd:b6:70:55:75:3a:8f:05:59:ec:70:4e:
b8:d9:b6:5a:b0:c2:17:a3:3f:0f:20:f5:09:0e:98:8d:36:2c:
5f:61:a0:5b:ec:ca:64:b9:66:4c:9e:80:38:e1:52:06:46:7b:
bd:b1:80:a3:7f:57:57:f3:b9:ab:46:5c:38:ab:6b:bd:25:3f:
e2:5f:d0:7d:17:92:65:57:8d:c2:28:78:38:73:69:f7:58:f7:
2f:cd:24:bc:e3:41:2f:c7:33:db:71:6a:85:a2:7f:fa:fa:ab:
a7:6b:c1:43:39:2d:5c:4f:a0:0f:3f:6b:c4:53:18:46:0b:7f:
2a:48:41:c4:74:91:3b:3b:dd:77:be:69:66:53:93:17:47:80:
fc:0f:85:ca:a2:b0:ab:9c:1b:fa:d5:ea:18:90:c9:78:37:3b:
70:7c:f7:19:74:f8:97:41:61:53:02:1a:da:95:1c:54:98:32:
45:c1:b2:d6:af:36:9e:a5:f1:85:00:10:b9:bc:bc:0e:9d:c2:
38:66:c0:d2:bf:b9:8e:27:60:3b:c5:ba:96:5f:00:c3:51:1a:
cb:fa:97:79:4e:66:a6:4e:a6:21:e4:12:fc:0a:e0:34:20:51:
5c:ec:06:a2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYyW3kS9+7GQmDi48zbfpCtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWViMjgwZDE3MjI4NDZhNDQxMjRjNGM2MmQwMDU5ZjYx
YWYyNDIwHhcNMjMxMjIzMTMyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWNiNjdkNzNiZjdkZGNlNzI4YTY0NzBlNDFjM2VkMGEyYTU0OWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYyWhEYEbn9vcbvVH2JETtavqQ6/
NuYl3IrSCjwwVktEAMwZK+D/v2JM4TXv6V+R64ayd0Hbzjyy/BmtiXVjGetrouu+
HoKQNO+PGDyGm405HBs2Scw0HoFFMJafm8s7e0fG6x3/COKKWdmCw6lc/4puiaqy
a/jify62FFH89KmTJLU7BIb9DgEir5CR1WP8SbMAzLwNpCvNy2lvaXm+hvhAAz9w
OFodFnSTnFoFOjaUaF53dRVwb3Iosgc/YJKv9WknRckI4YwO/pMvyJ40l8v3pJ+C
iNPbZ4Uqn8KSOYEzzNr0q2txAMF0zdxO2CvW1zE9bkt7l4Z0fVFTnv7fyQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBHLZ9c7993OcopkcOQcPtCipUm+MB8GA1UdIwQY
MBaAFK4esoDRcihGpEEkxMYtAFn2GvJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmg2eWdORnlLRWFrUVNURXhpMEFXZllhOGtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8xZmRmMDQtOGI0ZS00MzMyLWE0ZGUt
Nzc5M2I5ZWZiMWJkLzEvRWN0bjF6djMzYzV5aW1SdzVCdy0wS0tsU2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8xZmRmMDQtOGI0ZS00MzMyLWE0ZGUtNzc5M2I5ZWZiMWJk
LzEvcmg2eWdORnlLRWFrUVNURXhpMEFXZllhOGtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHV+aAAwQF
WFRgAwQF1AugMA0EAgACMAcDBQMqAg/AMA0GCSqGSIb3DQEBCwUAA4IBAQB8Eapz
GijsbCm3th+S0BdU0V3P+BM9ivTNtnBVdTqPBVnscE642bZasMIXoz8PIPUJDpiN
NixfYaBb7MpkuWZMnoA44VIGRnu9sYCjf1dX87mrRlw4q2u9JT/iX9B9F5JlV43C
KHg4c2n3WPcvzSS840EvxzPbcWqFon/6+quna8FDOS1cT6APP2vEUxhGC38qSEHE
dJE7O913vmlmU5MXR4D8D4XKorCrnBv61eoYkMl4NztwfPcZdPiXQWFTAhralRxU
mDJFwbLWrzaepfGFABC5vLwOncI4ZsDSv7mOJ2A7xbqWXwDDURrL+pd5TmamTqYh
5BL8CuA0IFFc7Aai
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:23 2024 by rpki-client on console-ams.rpki-client.org