Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/eQG4Z06AEWg8inmT2V5GMcpXEpk.roa
File: eQG4Z06AEWg8inmT2V5GMcpXEpk.roa (raw, json)
Hash identifier: +WyGjCtYRMnOFlm3OHpMtm8JceosGAxrjMCY+y82evA=
Subject key identifier: 79:01:B8:67:4E:80:11:68:3C:8A:79:93:D9:5E:46:31:CA:57:12:99
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018570B08003ABBB1C206B5C52344101F304
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/eQG4Z06AEWg8inmT2V5GMcpXEpk.roa
Signing time: Mon 02 Jan 2023 04:14:53 +0000
ROA not before: Mon 02 Jan 2023 04:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201106
IP address blocks: 194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
45.150.226.0/23 maxlen: 32
193.218.200.0/23 maxlen: 32
45.154.212.0/22 maxlen: 32
45.150.164.0/22 maxlen: 32
193.221.94.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.145.74.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
Validation: Failed, certificate revoked on Tue 04 Jul 2023 16:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:80:03:ab:bb:1c:20:6b:5c:52:34:41:01:f3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 2 04:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7901b8674e8011683c8a7993d95e4631ca571299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e6:a1:f6:58:57:66:97:f9:fd:22:7c:0d:ed:
64:8b:d8:c0:34:f7:72:68:f4:d9:fb:1c:62:38:99:
27:81:09:47:29:70:68:f9:03:30:d2:71:aa:76:b7:
26:5b:d5:22:87:c4:83:5d:b7:80:16:12:77:c7:59:
86:d6:07:03:40:3c:6d:2b:fc:ad:34:81:34:ff:6b:
a7:03:d0:53:04:b2:f7:5f:23:33:a5:6f:b0:b8:f1:
91:16:38:a4:82:4c:9e:41:db:b3:6f:13:19:3b:f2:
6b:ff:d4:71:d2:ac:e7:22:10:d5:ae:de:66:d8:f6:
7a:67:40:db:2d:39:e1:2e:36:9a:91:04:cd:55:58:
a7:37:d4:c2:44:42:aa:71:66:91:9a:65:2d:f1:ab:
3e:a8:8d:59:99:43:fc:6f:76:15:13:5f:00:c9:6a:
4a:e8:38:2c:74:b4:fa:72:45:7e:88:62:d2:d4:f5:
d7:00:b7:a4:b7:a6:78:f7:1d:97:e6:27:60:60:ef:
bc:85:ad:7d:71:47:a8:fc:ff:8d:53:33:c0:15:5c:
9d:25:c3:04:0b:aa:aa:b2:80:3c:36:60:78:03:23:
8e:9e:6a:5d:5c:82:81:94:72:89:28:53:64:09:15:
25:ef:1b:1c:10:51:36:90:68:b2:d2:22:7d:2c:8b:
07:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:01:B8:67:4E:80:11:68:3C:8A:79:93:D9:5E:46:31:CA:57:12:99
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/eQG4Z06AEWg8inmT2V5GMcpXEpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
Signature Algorithm: sha256WithRSAEncryption
aa:05:a6:94:5c:01:70:d7:53:d0:6e:ff:db:b8:38:0f:af:29:
9a:64:d2:eb:2b:81:e3:de:96:2a:fc:1c:28:86:ed:d2:3d:7d:
10:63:4e:dd:5c:bf:04:0c:34:bc:3d:de:02:8a:2e:14:3e:81:
06:4c:b5:51:b8:56:30:c5:a6:90:b1:c5:98:7f:a0:68:4b:ee:
61:e9:91:43:da:fb:f7:ff:48:06:80:1e:ae:7f:00:9b:44:67:
33:96:fd:7b:24:7d:4c:7d:f9:6e:11:9f:65:77:0b:4a:af:9f:
ca:b4:d6:ca:d3:6f:64:b0:77:a6:b2:a5:41:55:b1:39:78:d2:
c9:ca:ae:d1:8b:55:fd:a9:52:27:29:72:29:5f:32:50:b3:27:
a6:72:e1:0b:75:64:53:0b:3d:5f:04:e2:0e:3c:df:22:62:e4:
ff:33:4c:8e:eb:3a:c7:36:17:3b:6b:0d:70:e5:cf:ba:4c:cc:
d8:d8:6e:86:2d:f7:38:b4:b9:ba:f6:04:13:65:46:6c:66:ef:
a2:5f:f0:df:7d:ef:6d:f3:7d:52:70:b1:b1:b5:f9:20:9c:a7:
5a:2d:9e:23:5c:5b:d0:46:bf:68:d8:2b:76:34:b5:42:58:90:
ba:ca:7e:bb:f7:03:2b:d7:0d:54:1b:f8:81:c0:87:88:55:58:
fe:a6:8d:3a
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYVwsIADq7scIGtcUjRBAfMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjMwMTAyMDQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTAxYjg2NzRlODAxMTY4M2M4YTc5OTNkOTVlNDYzMWNhNTcxMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+ah9lhXZpf5/SJ8De1ki9jANPdy
aPTZ+xxiOJkngQlHKXBo+QMw0nGqdrcmW9Uih8SDXbeAFhJ3x1mG1gcDQDxtK/yt
NIE0/2unA9BTBLL3XyMzpW+wuPGRFjikgkyeQduzbxMZO/Jr/9Rx0qznIhDVrt5m
2PZ6Z0DbLTnhLjaakQTNVVinN9TCREKqcWaRmmUt8as+qI1ZmUP8b3YVE18AyWpK
6DgsdLT6ckV+iGLS1PXXALekt6Z49x2X5idgYO+8ha19cUeo/P+NUzPAFVydJcME
C6qqsoA8NmB4AyOOnmpdXIKBlHKJKFNkCRUl7xscEFE2kGiy0iJ9LIsH3wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFHkBuGdOgBFoPIp5k9leRjHKVxKZMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvZVFHNFowNkFFV2c4aW5tVDJWNUdNY3BYRXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCLY6cAwQC
LZFIAwQCLZakAwQBLZbiAwQCLZeEAwQCLZrUAwQBwdrIAwQBwd1eAwQBwnzaAwQB
wnzgMAwDBAHCk2IDBAHCk2QwDQYJKoZIhvcNAQELBQADggEBAKoFppRcAXDXU9Bu
/9u4OA+vKZpk0usrgePelir8HCiG7dI9fRBjTt1cvwQMNLw93gKKLhQ+gQZMtVG4
VjDFppCxxZh/oGhL7mHpkUPa+/f/SAaAHq5/AJtEZzOW/XskfUx9+W4Rn2V3C0qv
n8q01srTb2Swd6aypUFVsTl40snKrtGLVf2pUicpcilfMlCzJ6Zy4Qt1ZFMLPV8E
4g483yJi5P8zTI7rOsc2FztrDXDlz7pMzNjYboYt9zi0ubr2BBNlRmxm76Jf8N99
723zfVJwsbG1+SCcp1otniNcW9BGv2jYK3Y0tUJYkLrKfrv3AyvXDVQb+IHAh4hV
WP6mjTo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org