Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/eKSAqoOEgZd-3iPkl3_BnVfBqqc.roa
File: eKSAqoOEgZd-3iPkl3_BnVfBqqc.roa (raw, json)
Hash identifier: X+v/XTDJd9sAgBjAfGZxottCxp76IYak2VeSj4vXVJo=
Subject key identifier: 78:A4:80:AA:83:84:81:97:7E:DE:23:E4:97:7F:C1:9D:57:C1:AA:A7
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 0187140C0E4226492CFFE32E361381B4A14C
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/eKSAqoOEgZd-3iPkl3_BnVfBqqc.roa
Signing time: Fri 24 Mar 2023 14:35:47 +0000
ROA not before: Fri 24 Mar 2023 14:35:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31034
IP address blocks: 185.58.116.0/22 maxlen: 24
94.177.192.0/18 maxlen: 24
89.46.104.0/21 maxlen: 24
95.110.128.0/17 maxlen: 24
31.14.128.0/20 maxlen: 24
31.11.32.0/21 maxlen: 24
77.81.224.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
89.46.192.0/21 maxlen: 24
62.149.128.0/17 maxlen: 24
188.213.160.0/20 maxlen: 24
176.107.144.0/21 maxlen: 24
80.73.224.0/21 maxlen: 24
89.36.208.0/22 maxlen: 24
217.198.128.0/20 maxlen: 24
5.249.128.0/19 maxlen: 24
195.231.0.0/17 maxlen: 24
217.61.0.0/18 maxlen: 24
89.46.64.0/20 maxlen: 24
94.177.160.0/19 maxlen: 24
185.56.8.0/22 maxlen: 24
80.211.0.0/16 maxlen: 24
82.192.128.0/19 maxlen: 24
194.182.110.0/23 maxlen: 24
195.231.88.0/21 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:14:0c:0e:42:26:49:2c:ff:e3:2e:36:13:81:b4:a1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Mar 24 14:35:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78a480aa838481977ede23e4977fc19d57c1aaa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2d:a3:ab:d2:cb:29:1f:58:2e:be:72:e7:3f:
17:45:96:dc:e0:64:05:e8:22:82:48:dc:ce:de:a2:
ed:c3:d8:cb:e4:3e:19:48:7a:ca:b3:02:17:cf:85:
97:20:26:a8:89:ed:38:e5:87:38:32:d7:c6:ec:0e:
3f:41:49:6b:b9:9c:5d:4b:d0:cb:f3:39:ce:b9:e0:
bf:04:f2:ba:64:d5:7b:d9:9f:7d:ef:2e:39:ed:6d:
21:0a:8f:f3:0c:e4:15:38:7e:07:45:75:7a:48:bc:
20:b6:61:c1:b0:04:90:7c:ab:ef:42:83:66:c9:31:
41:74:5e:36:bf:a0:1f:38:58:d5:00:cb:55:9c:c9:
e0:9a:ff:c3:8a:5d:f7:4a:aa:c0:08:99:2f:45:b4:
65:6b:2e:b6:5d:0f:32:e9:ad:d8:f5:04:d1:ec:ea:
96:a9:e6:33:77:d5:81:f8:ad:29:dc:e1:ce:56:31:
95:e2:ed:88:e2:60:df:34:6b:7e:ae:44:96:2c:06:
43:6a:38:dc:8c:ff:92:70:e7:66:0e:e2:e5:bf:1b:
cd:ad:60:34:e7:13:6c:94:f6:e4:9c:4e:fc:48:b7:
8a:49:50:af:3a:51:a5:b1:23:8d:19:db:a2:d6:d3:
a0:82:ad:0a:f6:52:09:11:20:d5:ec:b1:4d:be:b6:
b8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A4:80:AA:83:84:81:97:7E:DE:23:E4:97:7F:C1:9D:57:C1:AA:A7
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/eKSAqoOEgZd-3iPkl3_BnVfBqqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
77.81.224.0/20
80.73.224.0/21
80.211.0.0/16
82.192.128.0/19
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
188.213.160.0/20
194.182.110.0/23
195.231.0.0/17
217.61.0.0/18
217.198.128.0/20
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
71:c8:6c:cc:6d:65:a7:a8:63:25:e4:91:21:72:78:41:e0:01:
24:f8:6f:95:cb:99:f0:9b:e8:8f:a8:ad:ec:c8:63:08:7e:98:
11:be:e0:80:a7:21:3f:ff:9f:3b:5a:be:f1:c8:96:c3:1e:36:
b0:97:1c:0e:27:82:30:8a:02:8a:d2:88:b9:95:4b:e8:41:43:
31:a9:6f:dc:1f:a0:66:3b:1b:79:35:41:1f:b1:54:8a:ae:31:
c1:df:03:ba:5e:bb:6f:25:97:dc:49:8d:45:36:52:00:15:fc:
ef:1e:b5:eb:37:07:19:04:ca:fb:b7:70:d0:1e:22:6b:50:d7:
42:fd:7d:34:7f:e3:14:05:ad:82:f5:fa:51:b1:49:1a:db:f8:
43:24:0b:f6:99:c0:a4:87:6c:fd:ff:d5:b2:9b:97:ce:99:47:
d9:31:5a:4f:24:3c:6b:83:28:94:56:b7:38:20:c3:50:d2:09:
68:50:5a:b9:dc:c0:a7:be:9e:4a:b2:df:b9:86:06:93:62:ce:
ec:43:b6:1a:9a:18:6f:ec:be:60:3d:93:90:f8:c5:ca:c1:7c:
1f:44:5c:33:86:c4:b4:21:74:af:20:70:6b:65:9a:26:44:10:
9c:6f:84:2e:de:e9:10:ed:66:78:cb:3e:06:74:fe:25:b6:86:
8d:91:23:06
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYcUDA5CJkks/+MuNhOBtKFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwMzI0MTQzNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE0ODBhYTgzODQ4MTk3N2VkZTIzZTQ5NzdmYzE5ZDU3YzFhYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC2jq9LLKR9YLr5y5z8XRZbc4GQF
6CKCSNzO3qLtw9jL5D4ZSHrKswIXz4WXICaoie045Yc4MtfG7A4/QUlruZxdS9DL
8znOueC/BPK6ZNV72Z997y457W0hCo/zDOQVOH4HRXV6SLwgtmHBsASQfKvvQoNm
yTFBdF42v6AfOFjVAMtVnMngmv/Dil33SqrACJkvRbRlay62XQ8y6a3Y9QTR7OqW
qeYzd9WB+K0p3OHOVjGV4u2I4mDfNGt+rkSWLAZDajjcjP+ScOdmDuLlvxvNrWA0
5xNslPbknE78SLeKSVCvOlGlsSONGdui1tOggq0K9lIJESDV7LFNvra4pQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFHikgKqDhIGXft4j5Jd/wZ1XwaqnMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvZUtTQXFvT0VnWmQtM2lQa2wzX0JuVmZCcXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBARNUeADBANQSeADAwBQ0wMEBVLA
gAMEAlkk0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBAOw
a5ADBAK5OAgDBAK5OnQDBAS81aADBAHCtm4DBAfD5wADBAbZPQADBATZxoAwDQQC
AAIwBwMFAyoAbUAwDQYJKoZIhvcNAQELBQADggEBAHHIbMxtZaeoYyXkkSFyeEHg
AST4b5XLmfCb6I+orezIYwh+mBG+4ICnIT//nztavvHIlsMeNrCXHA4ngjCKAorS
iLmVS+hBQzGpb9wfoGY7G3k1QR+xVIquMcHfA7peu28ll9xJjUU2UgAV/O8etes3
BxkEyvu3cNAeImtQ10L9fTR/4xQFrYL1+lGxSRrb+EMkC/aZwKSHbP3/1bKbl86Z
R9kxWk8kPGuDKJRWtzggw1DSCWhQWrncwKe+nkqy37mGBpNizuxDthqaGG/svmA9
k5D4xcrBfB9EXDOGxLQhdK8gcGtlmiZEEJxvhC7e6RDtZnjLPgZ0/iW2ho2RIwY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:07 2023 by rpki-client on console-fra.rpki-client.org