Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/EYYA6Y46rzjbfvUj8x_-cpQdhJc.roa
File: EYYA6Y46rzjbfvUj8x_-cpQdhJc.roa (raw, json)
Hash identifier: XQiKjU4TDgMIb6tm/IfHrQmnj2H41e0Ngt6fOnugbic=
Subject key identifier: 11:86:00:E9:8E:3A:AF:38:DB:7E:F5:23:F3:1F:FE:72:94:1D:84:97
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018B49C6F89C3031437DB5CC0302F6E282DA
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/EYYA6Y46rzjbfvUj8x_-cpQdhJc.roa
Signing time: Thu 19 Oct 2023 21:10:58 +0000
ROA not before: Thu 19 Oct 2023 21:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20657
IP address blocks: 195.68.214.0/23 maxlen: 24
193.108.24.0/24 maxlen: 24
194.79.12.0/22 maxlen: 24
88.80.131.0/24 maxlen: 24
88.80.128.0/21 maxlen: 21
88.80.132.0/24 maxlen: 24
88.80.134.0/23 maxlen: 23
88.80.133.0/24 maxlen: 24
88.80.152.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 30 Oct 2023 08:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:c6:f8:9c:30:31:43:7d:b5:cc:03:02:f6:e2:82:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Oct 19 21:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=118600e98e3aaf38db7ef523f31ffe72941d8497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7d:21:eb:a4:e6:63:af:dc:ee:83:a0:51:f4:
9b:0d:ab:ac:96:1b:b7:da:fc:c4:26:b4:23:94:a2:
d4:93:f2:ce:1a:c8:38:eb:66:5e:72:1c:60:77:6c:
8f:84:26:c6:73:a6:54:07:93:87:a9:c5:a7:93:0c:
aa:2a:59:37:2f:c6:b7:69:b1:da:21:f7:0f:77:25:
d1:90:54:57:66:76:a6:0d:1e:76:0b:d7:19:c1:35:
af:2f:31:5a:e1:14:d6:10:5a:ea:96:8a:bb:a1:0d:
1c:01:1f:c6:59:ce:4e:89:05:c0:64:ac:28:68:a4:
56:ff:0f:84:4d:3b:27:03:55:ae:c4:d6:da:97:79:
28:a6:1a:98:a8:84:0c:26:b0:cb:2b:82:66:00:08:
98:6f:76:5b:62:be:60:04:0b:2e:35:74:96:db:2f:
bd:a9:10:69:39:86:af:6d:aa:20:05:f8:57:22:90:
d3:fe:ac:04:7a:91:5b:1e:12:c1:88:97:03:74:03:
63:3b:f3:16:90:89:25:ed:60:14:f1:ac:e8:15:33:
da:02:be:e4:29:7a:9f:52:9e:27:ec:fa:1d:31:fd:
9b:af:5e:57:ba:4c:80:b5:7e:36:bb:96:1c:fc:8e:
91:ef:31:fd:6e:9f:09:2c:e9:c9:f4:1c:94:8b:82:
a2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:86:00:E9:8E:3A:AF:38:DB:7E:F5:23:F3:1F:FE:72:94:1D:84:97
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/EYYA6Y46rzjbfvUj8x_-cpQdhJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.128.0/21
88.80.152.0/21
193.108.24.0/24
194.79.12.0/22
195.68.214.0/23
Signature Algorithm: sha256WithRSAEncryption
63:e1:17:5b:65:e8:fa:b2:df:61:c5:af:cc:1e:7f:e4:24:c7:
f9:ae:52:c6:65:b4:0a:73:d2:63:4a:86:c4:b8:2b:25:2a:1b:
24:8a:b9:df:f0:d1:5c:80:62:f1:d4:fe:a4:a0:b2:8a:6b:28:
58:af:11:d5:cc:75:19:70:1e:47:bc:cb:d3:e5:25:6b:77:a4:
cd:69:cd:b2:3d:f3:fb:9f:8e:2e:ec:92:e2:32:b2:e4:0d:89:
59:7f:e4:8b:23:e5:f2:4a:94:66:5b:37:3c:99:de:4b:ed:67:
81:b3:b3:b4:a4:f3:12:c2:da:59:a2:11:a4:f4:f1:1e:5f:d4:
ec:e2:28:a4:2a:5b:e9:c7:d9:dd:81:4c:b7:7d:7e:b3:da:0d:
a7:bc:11:78:bb:bf:ba:33:05:b0:17:70:92:4a:3d:ee:3f:b7:
ab:d1:cf:c9:c2:52:f1:10:70:cf:d9:08:e9:55:49:c2:45:13:
3b:df:7c:36:71:26:9e:24:1e:c4:b3:55:15:1d:51:85:46:93:
b9:02:28:96:bd:ed:e8:b0:56:83:84:ac:27:d7:65:4d:e0:51:
56:20:0f:d8:98:fc:33:a3:fb:cd:c8:0e:6e:6b:30:13:2d:ab:
ad:19:b8:27:bd:07:7a:a4:77:72:25:93:6f:23:eb:18:ee:e0:
1f:f9:01:fb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtJxvicMDFDfbXMAwL24oLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjMxMDE5MjExMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTg2MDBlOThlM2FhZjM4ZGI3ZWY1MjNmMzFmZmU3Mjk0MWQ4NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2n0h66TmY6/c7oOgUfSbDauslhu3
2vzEJrQjlKLUk/LOGsg462Zechxgd2yPhCbGc6ZUB5OHqcWnkwyqKlk3L8a3abHa
IfcPdyXRkFRXZnamDR52C9cZwTWvLzFa4RTWEFrqloq7oQ0cAR/GWc5OiQXAZKwo
aKRW/w+ETTsnA1WuxNbal3kophqYqIQMJrDLK4JmAAiYb3ZbYr5gBAsuNXSW2y+9
qRBpOYavbaogBfhXIpDT/qwEepFbHhLBiJcDdANjO/MWkIkl7WAU8azoFTPaAr7k
KXqfUp4n7PodMf2br15XukyAtX42u5Yc/I6R7zH9bp8JLOnJ9ByUi4KimwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBGGAOmOOq842371I/Mf/nKUHYSXMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvRVlZQTZZNDZyempiZnZVajh4Xy1jcFFkaEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDWFCAAwQD
WFCYAwQAwWwYAwQCwk8MAwQBw0TWMA0GCSqGSIb3DQEBCwUAA4IBAQBj4RdbZej6
st9hxa/MHn/kJMf5rlLGZbQKc9JjSobEuCslKhskirnf8NFcgGLx1P6koLKKayhY
rxHVzHUZcB5HvMvT5SVrd6TNac2yPfP7n44u7JLiMrLkDYlZf+SLI+XySpRmWzc8
md5L7WeBs7O0pPMSwtpZohGk9PEeX9Ts4iikKlvpx9ndgUy3fX6z2g2nvBF4u7+6
MwWwF3CSSj3uP7er0c/JwlLxEHDP2QjpVUnCRRM733w2cSaeJB7Es1UVHVGFRpO5
AiiWve3osFaDhKwn12VN4FFWIA/YmPwzo/vNyA5uazATLautGbgnvQd6pHdyJZNv
I+sY7uAf+QH7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org