Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/eZMIlgk56x1yGKszHUpQ2etW2zI.roa
File: eZMIlgk56x1yGKszHUpQ2etW2zI.roa (raw, json)
Hash identifier: xdTLUdAHoPOIbUyTNJBsc/Kb1Uxs23Pli07F7GghGmo=
Subject key identifier: 79:93:08:96:09:39:EB:1D:72:18:AB:33:1D:4A:50:D9:EB:56:DB:32
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 019194041A8B6D28C7AC60EB54C6C7D1D645
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/eZMIlgk56x1yGKszHUpQ2etW2zI.roa
Signing time: Tue 27 Aug 2024 13:26:22 +0000
ROA not before: Tue 27 Aug 2024 13:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203596
IP address blocks: 91.213.223.0/24 maxlen: 24
91.216.15.0/24 maxlen: 24
185.14.176.0/24 maxlen: 24
185.14.178.0/24 maxlen: 24
185.122.100.0/22 maxlen: 24
185.222.88.0/22 maxlen: 24
2a06:a400::/29 maxlen: 29
2a06:a400:20::/44 maxlen: 48
2a06:a402::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Sep 2024 13:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:94:04:1a:8b:6d:28:c7:ac:60:eb:54:c6:c7:d1:d6:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Aug 27 13:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=799308960939eb1d7218ab331d4a50d9eb56db32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:25:75:51:3f:09:96:5a:e8:ae:6a:17:7a:6a:
f9:29:b6:e6:8c:cb:1a:d0:18:81:cb:7f:b0:74:59:
e5:ea:98:e1:79:22:dc:59:19:5e:26:f7:ad:9c:2c:
3b:c8:1e:34:a5:c3:a8:47:8b:84:49:17:bd:7b:b2:
15:df:05:77:ca:4e:cd:54:d3:5f:13:19:c1:f1:c2:
b0:cf:ea:f4:48:ce:39:c4:c9:26:2d:d0:95:7f:95:
28:6b:57:3a:b4:a8:0e:11:2a:eb:a9:e5:73:49:aa:
ea:23:f6:87:7a:df:0a:6a:72:de:e8:0b:a2:7d:5f:
51:9c:c8:69:ac:9b:eb:2f:1d:f8:4f:65:53:9c:41:
ac:07:11:74:4e:d9:d5:2a:b6:60:00:9e:5e:63:eb:
ad:34:16:ee:28:26:71:dd:24:42:60:da:7f:51:70:
8a:69:ec:47:8b:55:4f:be:07:08:58:54:a1:0a:b0:
f4:48:af:41:a6:f0:dc:1a:a0:5e:aa:56:7b:72:dd:
80:5a:b8:07:cd:13:d7:f7:57:a8:90:c0:6a:f1:82:
db:c4:94:25:9c:9a:67:9c:80:04:41:2c:36:16:10:
f3:4e:1a:1c:fc:48:ce:f7:70:5c:9e:10:1c:6e:63:
f2:2b:8d:98:5f:f0:7a:8d:cd:44:da:cc:f1:9c:aa:
92:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:93:08:96:09:39:EB:1D:72:18:AB:33:1D:4A:50:D9:EB:56:DB:32
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/eZMIlgk56x1yGKszHUpQ2etW2zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.223.0/24
91.216.15.0/24
185.14.176.0/24
185.14.178.0/24
185.122.100.0/22
185.222.88.0/22
IPv6:
2a06:a400::/29
Signature Algorithm: sha256WithRSAEncryption
0e:8f:46:45:6b:bc:f5:1a:ad:dc:0d:71:0c:8b:8c:5d:a9:f9:
8c:e6:0b:f2:30:bc:a4:da:34:47:5b:53:de:76:09:c0:98:c5:
eb:94:ed:27:8e:ca:ad:55:43:60:07:44:04:80:63:97:ac:72:
7b:3c:7f:75:23:17:a2:7c:86:28:69:df:af:b9:89:03:06:8c:
9e:d4:af:36:6b:21:db:a6:0a:c8:ab:50:18:ba:7c:fb:2b:97:
02:de:3d:da:40:38:ff:92:64:f4:ef:a5:81:42:4a:80:15:78:
a5:18:b1:ca:58:34:3d:bf:c8:93:e3:0a:19:58:4f:ed:5f:21:
4f:08:c0:69:b4:a2:b1:9c:17:7a:f4:f4:c6:ee:77:ee:91:d1:
d1:41:ca:5e:96:ac:e2:9f:dc:91:a4:bf:c1:54:8e:26:99:5e:
40:a3:a7:62:82:7f:3f:ca:25:ce:dc:ad:a5:a8:2b:44:cc:d2:
65:64:b1:83:ca:2c:1f:de:b6:41:e5:94:d3:4e:1b:0c:12:30:
47:59:b0:96:bd:0b:be:64:a5:d4:a9:31:11:80:65:37:5c:19:
2a:5e:00:3c:62:a7:cb:e2:ef:38:b1:76:11:3b:93:f5:17:5b:
9f:2c:f0:ad:a0:10:cc:b2:5f:7a:e5:3c:01:26:09:b8:69:dd:
4a:ca:e7:a5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZGUBBqLbSjHrGDrVMbH0dZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjQwODI3MTMyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTkzMDg5NjA5MzllYjFkNzIxOGFiMzMxZDRhNTBkOWViNTZkYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSV1UT8JllrormoXemr5KbbmjMsa
0BiBy3+wdFnl6pjheSLcWRleJvetnCw7yB40pcOoR4uESRe9e7IV3wV3yk7NVNNf
ExnB8cKwz+r0SM45xMkmLdCVf5Uoa1c6tKgOESrrqeVzSarqI/aHet8KanLe6Aui
fV9RnMhprJvrLx34T2VTnEGsBxF0TtnVKrZgAJ5eY+utNBbuKCZx3SRCYNp/UXCK
aexHi1VPvgcIWFShCrD0SK9BpvDcGqBeqlZ7ct2AWrgHzRPX91eokMBq8YLbxJQl
nJpnnIAEQSw2FhDzThoc/EjO93BcnhAcbmPyK42YX/B6jc1E2szxnKqSYwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHmTCJYJOesdchirMx1KUNnrVtsyMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvZVpNSWxnazU2eDF5R0tzekhVcFEyZXRXMnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9XfAwQA
W9gPAwQAuQ6wAwQAuQ6yAwQCuXpkAwQCud5YMA0EAgACMAcDBQMqBqQAMA0GCSqG
SIb3DQEBCwUAA4IBAQAOj0ZFa7z1Gq3cDXEMi4xdqfmM5gvyMLyk2jRHW1PedgnA
mMXrlO0njsqtVUNgB0QEgGOXrHJ7PH91IxeifIYoad+vuYkDBoye1K82ayHbpgrI
q1AYunz7K5cC3j3aQDj/kmT076WBQkqAFXilGLHKWDQ9v8iT4woZWE/tXyFPCMBp
tKKxnBd69PTG7nfukdHRQcpelqzin9yRpL/BVI4mmV5Ao6dign8/yiXO3K2lqCtE
zNJlZLGDyiwf3rZB5ZTTThsMEjBHWbCWvQu+ZKXUqTERgGU3XBkqXgA8YqfL4u84
sXYRO5P1F1ufLPCtoBDMsl965TwBJgm4ad1Kyuel
-----END CERTIFICATE-----
Generated at Mon Sep 2 17:08:26 2024 by rpki-client on console-fra.rpki-client.org