Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/eP-dUI8zS99o85D5Zit3Dbp0n5M.roa
File: eP-dUI8zS99o85D5Zit3Dbp0n5M.roa (raw, json)
Hash identifier: AYpzivHcQkz7Cjl0U/RYOf9OW+kM79wHFJNgxm0NLuw=
Subject key identifier: 78:FF:9D:50:8F:33:4B:DF:68:F3:90:F9:66:2B:77:0D:BA:74:9F:93
Certificate issuer: /CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Certificate serial: 018572BA546A2DCF5342303E411F5D3460C7
Authority key identifier: DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/eP-dUI8zS99o85D5Zit3Dbp0n5M.roa
Signing time: Mon 02 Jan 2023 13:44:51 +0000
ROA not before: Mon 02 Jan 2023 13:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8423
IP address blocks: 91.207.124.0/23 maxlen: 24
78.31.128.0/21 maxlen: 24
91.200.96.0/22 maxlen: 24
176.118.184.0/22 maxlen: 24
91.223.45.0/24 maxlen: 24
195.225.84.0/22 maxlen: 24
2a0d:ca47:862::/48 maxlen: 48
2001:67c:44::/48 maxlen: 48
2a0d:ca40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:54:6a:2d:cf:53:42:30:3e:41:1f:5d:34:60:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Validity
Not Before: Jan 2 13:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78ff9d508f334bdf68f390f9662b770dba749f93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ed:1c:1c:85:af:61:a1:4b:5e:10:fd:65:c1:
d3:76:13:32:3e:35:97:2d:09:86:7e:62:cc:5a:03:
33:18:f4:09:48:1d:ca:33:0a:d0:ff:4d:0d:87:81:
49:40:5f:c5:ef:43:19:72:fd:a9:79:f9:f1:fa:f3:
65:57:90:9c:88:ac:69:cd:19:1a:cb:b6:65:29:a9:
b5:33:a0:47:9d:c6:a8:2a:c1:f2:85:58:a0:b6:16:
39:36:39:3d:1f:b3:6e:13:4d:f0:ee:f3:e3:84:a2:
b3:fd:3b:f2:16:c5:14:9b:53:95:85:8b:31:fc:2b:
d1:67:bc:b7:41:af:ef:96:1c:c4:5e:43:92:a3:0c:
27:16:aa:35:34:bf:a5:60:6f:b7:c5:ab:74:ff:2f:
71:a4:fd:39:f6:b0:26:9d:12:82:ec:87:12:81:e0:
c1:db:64:5c:e8:0c:4d:5f:fe:a6:4f:a2:32:39:64:
8d:3f:83:d4:a2:31:ae:db:7f:9b:29:88:d2:61:04:
fc:59:12:28:2b:49:91:1b:7d:c8:98:fb:14:cd:cc:
a8:89:29:6a:39:56:28:ce:b7:5d:c7:02:76:36:96:
4e:bc:ff:34:28:83:aa:da:f2:7a:d5:c9:35:08:e9:
53:f3:82:22:a3:b1:8e:30:de:fd:1d:69:c2:25:f3:
a3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:FF:9D:50:8F:33:4B:DF:68:F3:90:F9:66:2B:77:0D:BA:74:9F:93
X509v3 Authority Key Identifier:
keyid:DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/eP-dUI8zS99o85D5Zit3Dbp0n5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.128.0/21
91.200.96.0/22
91.207.124.0/23
91.223.45.0/24
176.118.184.0/22
195.225.84.0/22
IPv6:
2001:67c:44::/48
2a0d:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
8a:50:66:65:a3:65:4b:9d:46:33:ab:b7:d3:81:d3:34:df:cc:
b1:a2:fd:26:95:cf:02:b5:44:3c:cf:54:10:f2:98:fa:02:86:
9e:1c:9d:f8:6a:b8:80:50:a7:8d:2d:b8:2e:71:fe:5a:39:28:
05:1a:75:06:f2:b4:da:12:66:9d:18:e4:31:4a:76:95:67:22:
62:43:6a:9f:27:9c:26:89:08:e5:e8:b8:f8:c8:ba:a9:22:69:
4f:1f:e8:67:0c:9e:70:30:23:04:d8:f3:42:b6:a9:3f:ec:14:
df:65:5c:ca:48:77:ce:5e:1a:74:e0:52:bb:f0:0c:dc:7a:c3:
18:66:28:ee:8d:3e:26:35:87:e9:4c:93:e9:69:d9:5d:56:16:
53:0e:7c:06:e6:dd:1b:17:c9:64:3c:fb:9c:dc:64:e8:83:33:
e7:6f:a1:c0:d1:c8:cc:3b:85:2d:d8:ae:7f:c9:e1:6a:91:8c:
0c:03:2b:03:66:f2:68:42:e6:52:8a:4c:8f:7d:52:b5:0a:0a:
5e:c4:1a:77:93:88:db:fc:8d:6f:0e:09:95:e8:59:47:80:9d:
43:86:e4:f4:94:7e:31:58:d1:f7:1b:bb:15:52:78:a3:d7:ad:
27:c0:83:98:3d:25:20:33:49:16:95:ae:8e:d4:4d:ab:5c:53:
4e:e5:72:16
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVyulRqLc9TQjA+QR9dNGDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2M4MmIyMjc2Y2JkZjEzMGNjYWQwNDZiNjVmZWFiMmMy
N2VkNDkwHhcNMjMwMTAyMTM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGZmOWQ1MDhmMzM0YmRmNjhmMzkwZjk2NjJiNzcwZGJhNzQ5ZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu0cHIWvYaFLXhD9ZcHTdhMyPjWX
LQmGfmLMWgMzGPQJSB3KMwrQ/00Nh4FJQF/F70MZcv2pefnx+vNlV5CciKxpzRka
y7ZlKam1M6BHncaoKsHyhVigthY5Njk9H7NuE03w7vPjhKKz/TvyFsUUm1OVhYsx
/CvRZ7y3Qa/vlhzEXkOSowwnFqo1NL+lYG+3xat0/y9xpP059rAmnRKC7IcSgeDB
22Rc6AxNX/6mT6IyOWSNP4PUojGu23+bKYjSYQT8WRIoK0mRG33ImPsUzcyoiSlq
OVYozrddxwJ2NpZOvP80KIOq2vJ61ck1COlT84Iio7GOMN79HWnCJfOj/QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHj/nVCPM0vfaPOQ+WYrdw26dJ+TMB8GA1UdIwQY
MBaAFN58grInbL3xMMytBGtl/qssJ+1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODkt
N2ZhZjdjMWRlN2IwLzEvZVAtZFVJOHpTOTlvODVENVppdDNEYnAwbjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODktN2ZhZjdjMWRlN2Iw
LzEvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQDTh+AAwQC
W8hgAwQBW898AwQAW98tAwQCsHa4AwQCw+FUMBYEAgACMBADBwAgAQZ8AEQDBQMq
DcpAMA0GCSqGSIb3DQEBCwUAA4IBAQCKUGZlo2VLnUYzq7fTgdM038yxov0mlc8C
tUQ8z1QQ8pj6AoaeHJ34ariAUKeNLbgucf5aOSgFGnUG8rTaEmadGOQxSnaVZyJi
Q2qfJ5wmiQjl6Lj4yLqpImlPH+hnDJ5wMCME2PNCtqk/7BTfZVzKSHfOXhp04FK7
8AzcesMYZijujT4mNYfpTJPpadldVhZTDnwG5t0bF8lkPPuc3GTogzPnb6HA0cjM
O4Ut2K5/yeFqkYwMAysDZvJoQuZSikyPfVK1CgpexBp3k4jb/I1vDgmV6FlHgJ1D
huT0lH4xWNH3G7sVUnij160nwIOYPSUgM0kWla6O1E2rXFNO5XIW
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:10 2024 by rpki-client on console-ams.rpki-client.org