Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/EmEK-3UGzuAgmCooeeoEUhzWT1U.roa
File: EmEK-3UGzuAgmCooeeoEUhzWT1U.roa (raw, json)
Hash identifier: 8BZfobCWzkx6FT10jP19LeJLeOy8xuibKSGAuMv46bE=
Subject key identifier: 12:61:0A:FB:75:06:CE:E0:20:98:2A:28:79:EA:04:52:1C:D6:4F:55
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 01856F5DF3A01AAD7409DA4ED8CA73DCDD11
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/EmEK-3UGzuAgmCooeeoEUhzWT1U.roa
Signing time: Sun 01 Jan 2023 22:05:06 +0000
ROA not before: Sun 01 Jan 2023 22:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50304
IP address blocks: 193.28.1.0/24 maxlen: 24
193.28.4.0/24 maxlen: 24
193.28.7.0/24 maxlen: 24
178.255.144.0/21 maxlen: 32
91.90.40.0/21 maxlen: 24
91.199.193.0/24 maxlen: 24
194.99.40.0/22 maxlen: 24
185.41.240.0/22 maxlen: 24
193.138.6.0/23 maxlen: 24
176.125.232.0/22 maxlen: 22
134.90.144.0/21 maxlen: 32
134.90.148.0/24 maxlen: 24
194.127.198.0/23 maxlen: 23
194.127.199.0/24 maxlen: 24
91.205.184.0/22 maxlen: 22
193.27.45.0/24 maxlen: 24
37.202.56.0/21 maxlen: 24
31.169.48.0/21 maxlen: 32
185.35.200.0/22 maxlen: 24
185.35.200.0/24 maxlen: 24
185.12.56.0/22 maxlen: 24
194.35.228.0/22 maxlen: 24
185.152.32.0/23 maxlen: 23
185.152.32.0/22 maxlen: 24
217.197.164.0/22 maxlen: 24
45.152.48.0/22 maxlen: 22
2a02:ed01::/32 maxlen: 32
2a02:ed00::/32 maxlen: 32
2a02:ed03::/32 maxlen: 32
2a02:ed04:100::/44 maxlen: 44
2a02:ed04:4700::/44 maxlen: 44
2a02:ed04:4600::/44 maxlen: 44
2a02:ed04:4500::/44 maxlen: 44
2a02:ed04:4400::/44 maxlen: 44
2a02:ed04:3400::/44 maxlen: 44
2a02:ed04:3580::/44 maxlen: 44
2a02:ed06::/32 maxlen: 32
2a02:20c8::/32 maxlen: 48
2a07:7d80::/29 maxlen: 29
2a04:8d40::/29 maxlen: 32
2a02:ed05::/32 maxlen: 32
2a02:ed00::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:f3:a0:1a:ad:74:09:da:4e:d8:ca:73:dc:dd:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 1 22:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12610afb7506cee020982a2879ea04521cd64f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:53:8c:f0:ce:95:31:e7:14:99:6e:99:38:f2:
5a:03:c7:69:e2:99:0e:e3:3e:93:e8:6b:7b:06:0a:
88:8b:50:15:f0:e3:69:06:b3:f6:3a:07:76:ed:bc:
46:2c:bc:64:e4:b9:76:1d:78:67:fd:87:17:2c:bf:
ce:28:e0:a8:79:03:82:3a:e2:75:8a:24:86:53:b7:
d8:bd:1f:2c:5a:61:de:85:6c:f5:cf:61:ec:04:3c:
dd:88:5b:9e:43:c8:77:20:12:a2:89:91:54:2c:82:
d7:79:eb:47:d5:c3:36:51:40:2e:8d:92:0a:38:ca:
44:ed:1c:0d:62:cc:19:4b:f9:7e:92:a4:b3:99:af:
ce:8b:c7:30:2b:d4:c0:37:71:8e:dc:3a:2e:07:b7:
a0:6c:0e:3d:f6:c6:cd:d5:1d:9e:78:43:5c:8c:e5:
b7:2f:d1:b2:f9:d5:db:72:2e:2f:4a:21:38:11:36:
3a:ca:f8:03:35:fe:07:2d:a2:00:75:d1:71:19:19:
69:11:7f:40:51:1a:0f:13:b2:68:4a:aa:86:ee:e5:
4f:3c:9b:eb:a5:f9:03:1b:32:0c:e5:d3:20:a1:98:
1d:46:fd:6a:18:64:7a:c0:f8:e5:a7:46:11:b9:2a:
eb:f5:c9:f2:09:15:bc:1b:b6:64:38:47:4e:70:a0:
07:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:61:0A:FB:75:06:CE:E0:20:98:2A:28:79:EA:04:52:1C:D6:4F:55
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/EmEK-3UGzuAgmCooeeoEUhzWT1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.48.0/21
37.202.56.0/21
45.152.48.0/22
91.90.40.0/21
91.199.193.0/24
91.205.184.0/22
134.90.144.0/21
176.125.232.0/22
178.255.144.0/21
185.12.56.0/22
185.35.200.0/22
185.41.240.0/22
185.152.32.0/22
193.27.45.0/24
193.28.1.0/24
193.28.4.0/24
193.28.7.0/24
193.138.6.0/23
194.35.228.0/22
194.99.40.0/22
194.127.198.0/23
217.197.164.0/22
IPv6:
2a02:20c8::/32
2a02:ed00::/29
2a04:8d40::/29
2a07:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
90:5c:4a:02:94:9a:e3:7d:a1:88:c7:0f:30:b6:20:e6:d5:47:
2f:a8:2b:61:fb:3a:a7:39:d8:77:09:cf:bb:98:d8:ce:ca:69:
8e:34:a4:72:0c:b5:53:80:d2:40:e7:76:df:ff:d7:06:57:5c:
ad:81:c9:5d:5a:8e:27:e6:79:07:45:13:c0:08:31:9b:18:9c:
c0:3e:de:34:1c:f6:d0:2d:98:6d:42:84:39:5e:33:a5:55:f6:
84:ad:59:c8:0c:c7:58:21:ee:c5:9e:db:c6:c4:d6:27:fd:ab:
50:df:98:c4:55:d7:4e:93:2c:2c:a5:fe:27:ea:51:53:ab:b3:
6a:a8:26:70:bb:62:a9:fe:20:f5:80:85:9e:d3:82:14:b8:06:
1d:49:5b:dd:d9:35:91:78:bf:30:66:2f:22:e0:29:29:b7:a5:
f7:0e:5b:f7:45:71:ee:9f:db:d8:74:ff:70:55:d0:01:0e:fa:
9a:f8:82:b0:62:89:fb:03:05:3f:dd:e1:6e:24:bc:9a:e5:4a:
63:83:d7:46:34:91:49:40:bb:cf:44:82:01:01:b5:98:80:cf:
76:3d:77:a3:73:5a:a0:96:46:e6:a0:2e:41:27:c3:42:14:43:
5f:94:c0:92:95:2c:46:21:9f:89:1c:a4:23:b1:d7:03:2f:5b:
82:a0:41:2b
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYVvXfOgGq10CdpO2Mpz3N0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjMwMTAxMjIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjYxMGFmYjc1MDZjZWUwMjA5ODJhMjg3OWVhMDQ1MjFjZDY0ZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVOM8M6VMecUmW6ZOPJaA8dp4pkO
4z6T6Gt7BgqIi1AV8ONpBrP2Ogd27bxGLLxk5Ll2HXhn/YcXLL/OKOCoeQOCOuJ1
iiSGU7fYvR8sWmHehWz1z2HsBDzdiFueQ8h3IBKiiZFULILXeetH1cM2UUAujZIK
OMpE7RwNYswZS/l+kqSzma/Oi8cwK9TAN3GO3DouB7egbA499sbN1R2eeENcjOW3
L9Gy+dXbci4vSiE4ETY6yvgDNf4HLaIAddFxGRlpEX9AURoPE7JoSqqG7uVPPJvr
pfkDGzIM5dMgoZgdRv1qGGR6wPjlp0YRuSrr9cnyCRW8G7ZkOEdOcKAH8wIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFBJhCvt1Bs7gIJgqKHnqBFIc1k9VMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvRW1FSy0zVUd6dUFnbUNvb2Vlb0VVaHpXVDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBiwQCAAEwgYQDBAMf
qTADBAMlyjgDBAItmDADBANbWigDBABbx8EDBAJbzbgDBAOGWpADBAKwfegDBAOy
/5ADBAK5DDgDBAK5I8gDBAK5KfADBAK5mCADBADBGy0DBADBHAEDBADBHAQDBADB
HAcDBAHBigYDBALCI+QDBALCYygDBAHCf8YDBALZxaQwIgQCAAIwHAMFACoCIMgD
BQMqAu0AAwUDKgSNQAMFAyoHfYAwDQYJKoZIhvcNAQELBQADggEBAJBcSgKUmuN9
oYjHDzC2IObVRy+oK2H7Oqc52HcJz7uY2M7KaY40pHIMtVOA0kDndt//1wZXXK2B
yV1ajifmeQdFE8AIMZsYnMA+3jQc9tAtmG1ChDleM6VV9oStWcgMx1gh7sWe28bE
1if9q1DfmMRV106TLCyl/ifqUVOrs2qoJnC7Yqn+IPWAhZ7TghS4Bh1JW93ZNZF4
vzBmLyLgKSm3pfcOW/dFce6f29h0/3BV0AEO+pr4grBiifsDBT/d4W4kvJrlSmOD
10Y0kUlAu89EggEBtZiAz3Y9d6NzWqCWRuagLkEnw0IUQ1+UwJKVLEYhn4kcpCOx
1wMvW4KgQSs=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:22 2023 by rpki-client on console-fra.rpki-client.org