Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/ECJR4a9rMIUKo_fKMKDlMI_MwvQ.roa
File: ECJR4a9rMIUKo_fKMKDlMI_MwvQ.roa (raw, json)
Hash identifier: rNMCzujSW3jS8hvh30IWcpaWrDoW1bcxogEviWxZxjg=
Subject key identifier: 10:22:51:E1:AF:6B:30:85:0A:A3:F7:CA:30:A0:E5:30:8F:CC:C2:F4
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 018DE4E5495EA4B679FE7F4C11892E164EC7
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/ECJR4a9rMIUKo_fKMKDlMI_MwvQ.roa
Signing time: Mon 26 Feb 2024 10:10:48 +0000
ROA not before: Mon 26 Feb 2024 10:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50810
IP address blocks: 37.98.64.0/18 maxlen: 22
37.98.114.0/24 maxlen: 24
62.102.128.0/20 maxlen: 22
93.117.176.0/20 maxlen: 22
93.119.208.0/20 maxlen: 22
178.131.0.0/16 maxlen: 22
178.131.0.0/18 maxlen: 22
178.131.64.0/18 maxlen: 22
178.131.128.0/18 maxlen: 22
178.131.192.0/18 maxlen: 22
188.211.0.0/20 maxlen: 20
188.212.240.0/21 maxlen: 21
188.213.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 26 Feb 2024 16:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:e5:49:5e:a4:b6:79:fe:7f:4c:11:89:2e:16:4e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: Feb 26 10:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=102251e1af6b30850aa3f7ca30a0e5308fccc2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c1:09:e3:fa:53:e6:9e:de:5f:e4:64:a3:10:
fc:ef:88:9f:88:68:ba:79:84:33:3a:80:02:cd:6f:
ca:f2:ab:7a:e9:7f:84:c6:d3:1b:e1:98:fc:42:fc:
f3:fb:03:5e:18:9e:bb:66:27:eb:a9:fd:d7:c8:70:
7c:4a:d4:3b:87:bb:df:03:76:71:38:3b:75:8e:ba:
32:ab:46:ad:74:56:9e:00:8e:5e:3e:b4:77:b6:f5:
22:40:11:78:7e:e9:a4:74:27:3f:bf:24:98:b4:6e:
38:55:87:ff:95:b2:66:7e:a9:f6:4f:12:18:86:49:
86:b1:89:7c:93:16:f6:15:54:7a:c4:83:d7:58:4c:
d5:1c:c1:e0:e9:25:7f:9c:44:4b:8c:17:70:ec:b4:
bb:83:88:dd:99:73:f9:80:3d:12:87:78:0c:e7:fd:
cb:83:81:c9:5c:1e:bb:2a:09:c8:ca:13:dd:eb:53:
a8:e9:8a:49:5f:27:40:e6:7a:22:09:d7:bd:9e:1e:
1e:24:81:84:7b:97:25:81:26:27:19:a8:73:a4:24:
7b:b5:b1:72:28:96:df:66:db:14:53:67:fd:ec:d7:
13:f4:11:8e:3e:76:6e:ad:84:f6:64:cb:7b:7d:b2:
db:5e:a9:64:8a:85:80:fe:b3:99:31:e4:ac:6e:8e:
b0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:22:51:E1:AF:6B:30:85:0A:A3:F7:CA:30:A0:E5:30:8F:CC:C2:F4
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/ECJR4a9rMIUKo_fKMKDlMI_MwvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.64.0/18
62.102.128.0/20
93.117.176.0/20
93.119.208.0/20
178.131.0.0/16
188.211.0.0/20
188.212.240.0/21
188.213.192.0/22
Signature Algorithm: sha256WithRSAEncryption
32:9b:62:65:b5:4c:1e:2b:d8:98:1d:86:74:96:a0:00:62:68:
aa:ee:fa:49:33:4c:d3:b6:19:db:8c:b6:ab:3a:7c:17:74:8c:
15:fa:86:1d:85:b3:24:a7:59:e1:24:77:cf:31:d4:8a:16:05:
ef:11:fd:4d:af:ea:de:7d:24:f3:48:a2:21:de:84:f4:89:d4:
76:57:a0:56:cd:8e:b2:fb:29:ea:47:05:8d:16:f9:ad:2c:3f:
29:a6:4c:ab:2c:c1:29:4d:fa:76:86:6c:fc:09:de:34:2e:0e:
b8:ed:1b:a7:db:68:77:54:0e:ff:af:71:d2:14:39:78:91:5e:
2b:4e:ad:5a:94:45:87:2e:6e:16:c2:cf:b6:15:2e:5c:4a:85:
3f:db:16:00:ac:1e:27:63:bc:07:83:52:83:61:2a:a0:e6:67:
b8:b1:50:e4:ed:e3:aa:8b:e3:1f:19:cd:35:52:98:b0:52:40:
d3:e4:40:ee:ec:3e:0c:e9:04:e8:8d:29:d2:12:35:af:aa:68:
3f:ed:05:fe:19:54:3b:b8:f5:19:93:21:4a:bb:80:0d:e6:bb:
88:c7:c4:79:8f:7a:bd:d9:c7:0e:f4:b4:38:86:49:33:75:8a:
83:47:46:61:8d:c3:2e:52:a1:b5:2c:d5:27:63:56:c2:75:27:
20:1c:78:df
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY3k5UlepLZ5/n9MEYkuFk7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjQwMjI2MTAxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDIyNTFlMWFmNmIzMDg1MGFhM2Y3Y2EzMGEwZTUzMDhmY2NjMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcEJ4/pT5p7eX+RkoxD874ifiGi6
eYQzOoACzW/K8qt66X+ExtMb4Zj8Qvzz+wNeGJ67Zifrqf3XyHB8StQ7h7vfA3Zx
ODt1jroyq0atdFaeAI5ePrR3tvUiQBF4fumkdCc/vySYtG44VYf/lbJmfqn2TxIY
hkmGsYl8kxb2FVR6xIPXWEzVHMHg6SV/nERLjBdw7LS7g4jdmXP5gD0Sh3gM5/3L
g4HJXB67KgnIyhPd61Oo6YpJXydA5noiCde9nh4eJIGEe5clgSYnGahzpCR7tbFy
KJbfZtsUU2f97NcT9BGOPnZurYT2ZMt7fbLbXqlkioWA/rOZMeSsbo6w0wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBAiUeGvazCFCqP3yjCg5TCPzML0MB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvRUNKUjRhOXJNSVVLb19mS01LRGxNSV9Nd3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAATAvAwQGJWJAAwQE
PmaAAwQEXXWwAwQEXXfQAwMAsoMDBAS80wADBAO81PADBAK81cAwDQYJKoZIhvcN
AQELBQADggEBADKbYmW1TB4r2JgdhnSWoABiaKru+kkzTNO2GduMtqs6fBd0jBX6
hh2FsySnWeEkd88x1IoWBe8R/U2v6t59JPNIoiHehPSJ1HZXoFbNjrL7KepHBY0W
+a0sPymmTKsswSlN+naGbPwJ3jQuDrjtG6fbaHdUDv+vcdIUOXiRXitOrVqURYcu
bhbCz7YVLlxKhT/bFgCsHidjvAeDUoNhKqDmZ7ixUOTt46qL4x8ZzTVSmLBSQNPk
QO7sPgzpBOiNKdISNa+qaD/tBf4ZVDu49RmTIUq7gA3mu4jHxHmPer3Zxw70tDiG
STN1ioNHRmGNwy5SobUs1SdjVsJ1JyAceN8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:15 2024 by rpki-client on console-fra.rpki-client.org