Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/ehCezrm-9LL8eJhoZW6wr2NowYE.roa
File: ehCezrm-9LL8eJhoZW6wr2NowYE.roa (raw, json)
Hash identifier: wVTItJZ8jTXIs9sfN5DLP532uhjV8pga5j2f8GyFX4E=
Subject key identifier: 7A:10:9E:CE:B9:BE:F4:B2:FC:78:98:68:65:6E:B0:AF:63:68:C1:81
Certificate issuer: /CN=a316c7659af1d56bc718faf614f092758f5edc7f
Certificate serial: 018C5EDB676B98735F65768610CF6310D00A
Authority key identifier: A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/ehCezrm-9LL8eJhoZW6wr2NowYE.roa
Signing time: Tue 12 Dec 2023 16:28:06 +0000
ROA not before: Tue 12 Dec 2023 16:28:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54113
IP address blocks: 185.221.87.0/24 maxlen: 24
2a0d:8000:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:db:67:6b:98:73:5f:65:76:86:10:cf:63:10:d0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a316c7659af1d56bc718faf614f092758f5edc7f
Validity
Not Before: Dec 12 16:28:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a109eceb9bef4b2fc789868656eb0af6368c181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:53:c8:34:3c:7b:a0:64:90:97:d4:d6:71:b5:
cd:13:fc:3d:2b:ef:ee:39:e0:44:6b:e3:15:2c:b5:
c1:bc:86:0c:41:84:93:d0:08:e3:fb:ba:44:45:e8:
ac:70:9f:60:84:2a:12:bd:17:e7:bf:d6:f6:09:95:
c7:9c:96:3e:b1:79:ab:32:d9:f7:f9:6d:56:43:06:
4f:eb:11:97:e5:69:0d:fc:f7:6d:10:06:b8:5e:2d:
07:02:87:17:8d:1e:3a:fd:f2:15:5b:e6:3b:02:be:
ac:8c:77:cb:99:22:af:9f:36:b2:23:87:57:62:12:
59:77:40:c9:b4:30:d5:44:5f:0f:cd:44:c8:36:a0:
38:f6:43:6d:8e:3b:ea:86:60:93:76:c0:99:85:a5:
74:ed:ee:7d:1f:fe:69:e4:cd:7f:1d:6d:1d:a0:63:
f4:f0:19:0f:35:a5:9d:cb:d3:5f:e0:58:25:c1:06:
49:ba:12:21:28:64:e7:c8:44:12:31:38:7c:84:3d:
70:18:c4:22:38:97:81:53:80:28:59:20:3a:43:0c:
60:65:8f:18:7a:ee:47:04:41:c0:14:ac:ee:48:be:
d9:77:ff:10:b6:25:c1:7a:d1:fa:02:8b:46:12:4b:
01:6d:99:06:27:0c:84:8a:8d:89:fa:2c:a8:29:fc:
39:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:10:9E:CE:B9:BE:F4:B2:FC:78:98:68:65:6E:B0:AF:63:68:C1:81
X509v3 Authority Key Identifier:
keyid:A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/ehCezrm-9LL8eJhoZW6wr2NowYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.87.0/24
IPv6:
2a0d:8000:1::/48
Signature Algorithm: sha256WithRSAEncryption
6d:81:0f:f2:59:d7:1c:65:b0:a1:81:97:78:60:f3:8f:76:88:
2e:7b:56:1f:06:18:d1:10:69:07:19:9e:73:6a:9e:4e:0e:50:
3c:08:80:ad:56:b3:d0:4f:6b:f7:4f:8f:de:fa:bb:9f:c1:73:
3b:d0:0e:b3:f7:c7:ac:2a:2f:87:24:1d:5d:ca:55:5f:07:cf:
80:fd:ba:2d:b2:55:d8:67:72:86:bd:f4:ea:c2:af:46:47:6e:
7a:80:13:a9:62:ae:4b:50:b1:49:01:49:15:23:a9:49:99:34:
bf:e1:03:6f:51:5c:fe:ad:19:e6:63:e1:01:76:73:85:44:fe:
44:64:f2:56:6b:3e:3e:03:4a:3e:22:a5:53:64:e7:87:d6:c4:
c3:ae:3b:4b:f2:be:fb:e6:75:ec:b3:73:e9:04:f4:9e:ea:26:
96:7a:89:87:cf:59:52:e0:6f:57:ba:06:6a:a9:ea:3f:40:37:
86:ab:80:3c:49:ea:24:53:a4:ac:94:8c:2a:02:7c:f0:8c:be:
da:0e:a3:f8:09:de:92:b7:54:99:dc:0c:47:43:41:8f:ac:2c:
be:80:1f:25:92:da:c3:d9:55:27:32:50:75:b5:a3:74:1f:bc:
a9:fa:22:82:80:d0:f6:9d:fc:05:26:fe:3a:72:dc:12:2f:ba:
ad:da:fb:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxe22drmHNfZXaGEM9jENAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTZjNzY1OWFmMWQ1NmJjNzE4ZmFmNjE0ZjA5Mjc1OGY1
ZWRjN2YwHhcNMjMxMjEyMTYyODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTEwOWVjZWI5YmVmNGIyZmM3ODk4Njg2NTZlYjBhZjYzNjhjMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFPINDx7oGSQl9TWcbXNE/w9K+/u
OeBEa+MVLLXBvIYMQYST0Ajj+7pEReiscJ9ghCoSvRfnv9b2CZXHnJY+sXmrMtn3
+W1WQwZP6xGX5WkN/PdtEAa4Xi0HAocXjR46/fIVW+Y7Ar6sjHfLmSKvnzayI4dX
YhJZd0DJtDDVRF8PzUTINqA49kNtjjvqhmCTdsCZhaV07e59H/5p5M1/HW0doGP0
8BkPNaWdy9Nf4FglwQZJuhIhKGTnyEQSMTh8hD1wGMQiOJeBU4AoWSA6QwxgZY8Y
eu5HBEHAFKzuSL7Zd/8QtiXBetH6AotGEksBbZkGJwyEio2J+iyoKfw5LwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHoQns65vvSy/HiYaGVusK9jaMGBMB8GA1UdIwQY
MBaAFKMWx2Wa8dVrxxj69hTwknWPXtx/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUt
MzY4N2M4MThlZGU1LzEvZWhDZXpybS05TEw4ZUpob1pXNndyMk5vd1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUtMzY4N2M4MThlZGU1
LzEvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAud1XMA8E
AgACMAkDBwAqDYAAAAEwDQYJKoZIhvcNAQELBQADggEBAG2BD/JZ1xxlsKGBl3hg
8492iC57Vh8GGNEQaQcZnnNqnk4OUDwIgK1Ws9BPa/dPj976u5/BczvQDrP3x6wq
L4ckHV3KVV8Hz4D9ui2yVdhncoa99OrCr0ZHbnqAE6lirktQsUkBSRUjqUmZNL/h
A29RXP6tGeZj4QF2c4VE/kRk8lZrPj4DSj4ipVNk54fWxMOuO0vyvvvmdeyzc+kE
9J7qJpZ6iYfPWVLgb1e6Bmqp6j9AN4argDxJ6iRTpKyUjCoCfPCMvtoOo/gJ3pK3
VJncDEdDQY+sLL6AHyWS2sPZVScyUHW1o3QfvKn6IoKA0Pad/AUm/jpy3BIvuq3a
+1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:34 2024 by rpki-client on console-ams.rpki-client.org