Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/EqRC2pvVfmCc5GV7I43-QfskRmk.roa
File: EqRC2pvVfmCc5GV7I43-QfskRmk.roa (raw, json)
Hash identifier: 9i50HGedCpOKfgWi3FMhFS/yk3rnDHKfPn+op1GTaDU=
Subject key identifier: 12:A4:42:DA:9B:D5:7E:60:9C:E4:65:7B:23:8D:FE:41:FB:24:46:69
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AE12CD76DA8152875556542D75341
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/EqRC2pvVfmCc5GV7I43-QfskRmk.roa
Signing time: Sun 01 Jan 2023 11:15:07 +0000
ROA not before: Sun 01 Jan 2023 11:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3058
IP address blocks: 185.71.96.0/22 maxlen: 22
83.149.192.0/18 maxlen: 18
188.93.105.0/24 maxlen: 25
188.93.104.0/21 maxlen: 21
188.93.106.0/23 maxlen: 23
194.149.64.0/21 maxlen: 21
2a00:db8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Oct 2023 08:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:e1:2c:d7:6d:a8:15:28:75:55:65:42:d7:53:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12a442da9bd57e609ce4657b238dfe41fb244669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:91:1d:31:b9:98:6e:6f:68:00:46:48:0d:1b:
c7:10:3f:c9:25:81:98:0c:86:c7:2d:63:5c:fa:eb:
4e:e3:99:6b:dc:1b:9b:5a:5e:0d:52:da:35:cb:68:
49:f9:a3:d4:c9:05:2b:63:4f:64:6f:c2:90:dd:06:
67:f5:cc:90:f6:44:c9:8a:a4:66:ee:37:5b:72:44:
f8:5a:c8:99:97:40:b0:38:67:31:12:f4:7d:e2:d0:
bf:c6:83:0f:54:b0:b1:9e:55:50:43:67:81:cc:20:
f1:ef:40:40:a3:03:8e:92:4a:ca:10:7b:db:16:82:
63:fe:5f:e0:7d:9b:9e:82:97:3d:09:35:5e:57:3a:
ab:c1:7b:92:d3:d8:4a:49:17:3b:66:13:02:f3:41:
de:b4:32:6c:af:02:7b:3c:4c:ab:2a:c9:c3:f8:59:
a7:e2:0f:1f:db:d5:cf:ae:34:e2:17:fd:b7:19:5b:
55:b5:66:24:98:31:2f:c7:e6:79:26:b8:05:d2:57:
3a:c3:dc:76:c8:dd:7a:fb:ed:b3:f3:6f:6b:6c:7a:
8f:71:01:85:d5:f3:ab:35:fa:49:9f:8e:15:0f:d8:
2b:b3:a1:98:f3:5f:f2:95:ba:4c:f8:fc:0b:cd:51:
f7:59:cd:2a:74:17:13:fb:b7:ca:a2:53:14:af:ca:
a5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A4:42:DA:9B:D5:7E:60:9C:E4:65:7B:23:8D:FE:41:FB:24:46:69
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/EqRC2pvVfmCc5GV7I43-QfskRmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.149.192.0/18
185.71.96.0/22
188.93.104.0/21
194.149.64.0/21
IPv6:
2a00:db8::/32
Signature Algorithm: sha256WithRSAEncryption
4d:9c:9a:14:32:89:a8:97:2c:93:3f:af:2a:50:04:74:45:58:
14:8b:db:1e:f9:43:e2:38:64:77:e8:09:46:e0:19:5e:b9:50:
e5:6f:7e:5b:26:b0:f3:19:92:d6:6d:f3:20:fb:08:e4:a2:e2:
ed:2b:ca:d8:8d:dc:d7:d3:c2:d0:d6:7b:52:8b:29:f2:e5:29:
c9:fe:bf:93:ff:ee:e2:32:35:5e:92:6e:e0:47:66:b8:c5:6f:
4e:9e:f4:a5:af:2a:59:33:c7:bc:f8:9d:73:69:61:b7:39:18:
c6:c5:62:7c:68:93:34:85:59:37:09:5b:60:a3:7d:c2:c7:3c:
58:d2:21:90:ef:fe:f3:ec:f0:a1:80:6e:20:33:e9:c4:a4:07:
96:1e:8c:c9:ac:3c:fb:f7:88:50:80:89:55:82:a2:86:82:37:
24:9e:54:00:59:ee:f2:3d:98:67:74:15:aa:30:14:06:b1:26:
68:e6:7b:ed:fe:24:b9:ec:8a:f5:da:51:24:6c:4d:3b:93:2c:
e2:85:0d:69:b0:2e:f2:df:e6:d2:41:f3:35:58:76:6a:32:51:
13:8e:23:88:a7:1f:59:5b:44:cf:b9:b7:a3:50:3c:a4:e3:69:
47:1e:6e:58:c8:fc:ef:c5:bb:1b:f4:e9:b9:43:41:10:c6:f1:
7b:83:67:61
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtCuEs122oFSh1VWVC11NBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmE0NDJkYTliZDU3ZTYwOWNlNDY1N2IyMzhkZmU0MWZiMjQ0NjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJEdMbmYbm9oAEZIDRvHED/JJYGY
DIbHLWNc+utO45lr3BubWl4NUto1y2hJ+aPUyQUrY09kb8KQ3QZn9cyQ9kTJiqRm
7jdbckT4WsiZl0CwOGcxEvR94tC/xoMPVLCxnlVQQ2eBzCDx70BAowOOkkrKEHvb
FoJj/l/gfZuegpc9CTVeVzqrwXuS09hKSRc7ZhMC80HetDJsrwJ7PEyrKsnD+Fmn
4g8f29XPrjTiF/23GVtVtWYkmDEvx+Z5JrgF0lc6w9x2yN16++2z829rbHqPcQGF
1fOrNfpJn44VD9grs6GY81/ylbpM+PwLzVH3Wc0qdBcT+7fKolMUr8qlSwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBKkQtqb1X5gnORleyON/kH7JEZpMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvRXFSQzJwdlZmbUNjNUdWN0k0My1RZnNrUm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGU5XAAwQC
uUdgAwQDvF1oAwQDwpVAMA0EAgACMAcDBQAqAA24MA0GCSqGSIb3DQEBCwUAA4IB
AQBNnJoUMomolyyTP68qUAR0RVgUi9se+UPiOGR36AlG4BleuVDlb35bJrDzGZLW
bfMg+wjkouLtK8rYjdzX08LQ1ntSiyny5SnJ/r+T/+7iMjVekm7gR2a4xW9OnvSl
rypZM8e8+J1zaWG3ORjGxWJ8aJM0hVk3CVtgo33CxzxY0iGQ7/7z7PChgG4gM+nE
pAeWHozJrDz794hQgIlVgqKGgjcknlQAWe7yPZhndBWqMBQGsSZo5nvt/iS57Ir1
2lEkbE07kyzihQ1psC7y3+bSQfM1WHZqMlETjiOIpx9ZW0TPubejUDyk42lHHm5Y
yPzvxbsb9Om5Q0EQxvF7g2dh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org