Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/ENAF0m9ZRKxbcc4gi-nRppKFUmE.roa
File: ENAF0m9ZRKxbcc4gi-nRppKFUmE.roa (raw, json)
Hash identifier: JFO2fR5lBLNcBmKgsCEHq9PEb4rwqeyOKbJtUYN6Hbc=
Subject key identifier: 10:D0:05:D2:6F:59:44:AC:5B:71:CE:20:8B:E9:D1:A6:92:85:52:61
Certificate issuer: /CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Certificate serial: 01856CEF11C9F6B9FBB9713F4CF51491554F
Authority key identifier: 09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/ENAF0m9ZRKxbcc4gi-nRppKFUmE.roa
Signing time: Sun 01 Jan 2023 10:44:44 +0000
ROA not before: Sun 01 Jan 2023 10:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13273
IP address blocks: 185.114.208.0/22 maxlen: 24
195.54.62.0/23 maxlen: 24
91.216.209.0/24 maxlen: 24
213.162.32.0/20 maxlen: 24
213.91.0.0/18 maxlen: 24
185.21.152.0/22 maxlen: 24
213.162.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jul 2023 09:24:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:11:c9:f6:b9:fb:b9:71:3f:4c:f5:14:91:55:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Validity
Not Before: Jan 1 10:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10d005d26f5944ac5b71ce208be9d1a692855261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:0a:34:9a:ef:2f:91:93:8d:ff:4d:01:e1:
db:c9:09:14:13:c0:0a:b4:df:ac:48:05:1f:6b:38:
40:b2:a9:06:48:4b:86:21:18:9e:71:88:44:d4:81:
8b:8c:2c:93:35:74:15:06:32:6e:77:11:ba:ab:3c:
bc:87:b0:64:28:78:f3:15:aa:f9:e9:b1:f1:ac:6d:
46:e7:ef:b0:58:5a:15:13:ef:e4:3a:7f:a2:57:a9:
4c:7b:5b:68:fa:7b:4d:92:31:36:27:0e:dc:7e:be:
e5:67:17:0d:91:d3:c5:ff:48:08:70:51:70:7b:5e:
10:a4:52:65:15:ac:c6:c7:a0:9c:51:69:9b:dc:f6:
eb:d1:80:ae:9e:fe:cf:2e:b6:8e:a2:d4:9f:06:e5:
f0:d8:4f:09:5a:93:14:b2:db:b1:64:de:ab:75:fe:
aa:6c:30:06:f3:9a:f8:ce:63:64:1d:40:8f:a5:5a:
d0:a5:4f:f5:f3:7f:43:6b:28:76:3b:1c:72:d2:f2:
10:5c:b4:f0:4f:ce:dd:3c:23:9a:fd:a7:50:8a:ba:
d5:a1:bf:a8:9b:62:35:24:49:1c:f3:9a:09:0b:9a:
38:0a:c0:00:ba:f2:b8:ae:c7:99:c1:d3:07:15:6b:
7a:4f:ad:92:a5:9f:05:c9:e3:85:34:ba:ce:5e:fb:
90:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D0:05:D2:6F:59:44:AC:5B:71:CE:20:8B:E9:D1:A6:92:85:52:61
X509v3 Authority Key Identifier:
keyid:09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/ENAF0m9ZRKxbcc4gi-nRppKFUmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/CYsceb-uEqW4fzXJmLtgs_pOZiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.209.0/24
185.21.152.0/22
185.114.208.0/22
195.54.62.0/23
213.91.0.0/18
213.162.32.0/20
213.162.62.0/24
Signature Algorithm: sha256WithRSAEncryption
13:f9:e5:be:93:42:24:09:b9:a3:a0:49:a4:d7:b0:4b:09:ce:
8a:17:b2:7f:d9:b4:4d:64:d2:12:f7:6b:4b:f9:b5:0c:27:a0:
98:f3:00:c6:cd:32:b6:c2:c2:dd:8a:0d:8b:37:89:fc:99:56:
d3:4c:d0:68:63:f7:3e:50:fb:8a:07:92:2f:e4:9c:23:95:48:
f1:53:ad:04:b7:eb:4e:13:92:14:7c:76:f0:16:3d:f3:2e:1a:
75:3b:83:1f:a2:c6:6b:7e:48:df:f9:5c:88:97:ac:16:e7:56:
4e:ac:08:fc:5e:6c:1c:f6:e5:20:c3:7b:b2:10:f8:90:a5:ef:
d8:98:ea:c0:f2:05:7c:09:5e:ef:66:54:2d:a1:9e:46:f9:3e:
98:08:f9:47:7f:d4:65:8f:0c:06:fc:26:89:8e:56:7d:fe:9e:
65:64:cf:c2:47:80:31:db:f5:a9:5f:6b:83:9c:72:4a:15:83:
e5:5e:bc:17:1d:07:bf:47:57:20:59:ae:5a:60:6a:cb:1b:38:
b6:43:d1:dc:44:6e:90:61:dd:28:e3:0a:d8:dc:57:76:8b:c7:
85:80:58:1c:af:38:f5:c0:18:76:46:2a:8c:c9:07:9c:a3:90:
27:8a:ae:4c:df:b3:99:b7:38:3a:bb:8d:eb:f1:f1:2a:01:a6:
ef:ce:b3:e1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVs7xHJ9rn7uXE/TPUUkVVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGIxYzc5YmZhZTEyYTViODdmMzVjOTk4YmI2MGIzZmE0
ZTY2MjEwHhcNMjMwMTAxMTA0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGQwMDVkMjZmNTk0NGFjNWI3MWNlMjA4YmU5ZDFhNjkyODU1MjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA0KNJrvL5GTjf9NAeHbyQkUE8AK
tN+sSAUfazhAsqkGSEuGIRiecYhE1IGLjCyTNXQVBjJudxG6qzy8h7BkKHjzFar5
6bHxrG1G5++wWFoVE+/kOn+iV6lMe1to+ntNkjE2Jw7cfr7lZxcNkdPF/0gIcFFw
e14QpFJlFazGx6CcUWmb3Pbr0YCunv7PLraOotSfBuXw2E8JWpMUstuxZN6rdf6q
bDAG85r4zmNkHUCPpVrQpU/1839Dayh2Oxxy0vIQXLTwT87dPCOa/adQirrVob+o
m2I1JEkc85oJC5o4CsAAuvK4rseZwdMHFWt6T62SpZ8FyeOFNLrOXvuQFwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBDQBdJvWUSsW3HOIIvp0aaShVJhMB8GA1UdIwQY
MBaAFAmLHHm/rhKluH81yZi7YLP6TmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWIt
OWI3YzQ0ZGMxOTNiLzEvRU5BRjBtOVpSS3hiY2M0Z2ktblJwcEtGVW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWItOWI3YzQ0ZGMxOTNi
LzEvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAW9jRAwQC
uRWYAwQCuXLQAwQBwzY+AwQG1VsAAwQE1aIgAwQA1aI+MA0GCSqGSIb3DQEBCwUA
A4IBAQAT+eW+k0IkCbmjoEmk17BLCc6KF7J/2bRNZNIS92tL+bUMJ6CY8wDGzTK2
wsLdig2LN4n8mVbTTNBoY/c+UPuKB5Iv5JwjlUjxU60Et+tOE5IUfHbwFj3zLhp1
O4MfosZrfkjf+VyIl6wW51ZOrAj8Xmwc9uUgw3uyEPiQpe/YmOrA8gV8CV7vZlQt
oZ5G+T6YCPlHf9RljwwG/CaJjlZ9/p5lZM/CR4Ax2/WpX2uDnHJKFYPlXrwXHQe/
R1cgWa5aYGrLGzi2Q9HcRG6QYd0o4wrY3Fd2i8eFgFgcrzj1wBh2RiqMyQeco5An
iq5M37OZtzg6u43r8fEqAabvzrPh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:57 2024 by rpki-client on console-ams.rpki-client.org