Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/EbU7V02haR737w6AR-0dpyY6CGU.roa
File: EbU7V02haR737w6AR-0dpyY6CGU.roa (raw, json)
Hash identifier: /km8mBu1iusmhy0CvcalNcOAgi6c0kC1nPkd0ccLJYY=
Subject key identifier: 11:B5:3B:57:4D:A1:69:1E:F7:EF:0E:80:47:ED:1D:A7:26:3A:08:65
Certificate issuer: /CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Certificate serial: 01856D8AE02C4869A6E61CAFAB132C065493
Authority key identifier: D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/EbU7V02haR737w6AR-0dpyY6CGU.roa
Signing time: Sun 01 Jan 2023 13:34:55 +0000
ROA not before: Sun 01 Jan 2023 13:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47944
IP address blocks: 94.125.200.0/21 maxlen: 21
94.125.207.0/24 maxlen: 24
2a03:2ba0::/32 maxlen: 32
2a03:2ba0:1:888::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:e0:2c:48:69:a6:e6:1c:af:ab:13:2c:06:54:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Validity
Not Before: Jan 1 13:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11b53b574da1691ef7ef0e8047ed1da7263a0865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c6:d7:9d:62:6a:75:15:fd:95:a3:63:e1:dd:
0f:08:b5:c1:30:e4:0d:9a:4a:95:c2:92:7a:6e:da:
9f:92:06:bc:87:65:9e:ac:9a:65:cf:61:4a:85:d2:
40:0f:6d:be:b1:43:c3:89:37:11:42:e6:b6:6c:b6:
6f:a0:5c:11:d2:42:a9:96:87:87:34:13:b3:75:3d:
84:a7:f3:4e:c2:e7:58:8b:fc:62:78:3a:e4:1c:1a:
b4:0a:eb:1b:35:0b:78:07:3b:bc:75:28:48:33:6e:
71:e4:db:2d:f0:be:48:32:42:5d:eb:76:74:42:5d:
9f:de:cc:4d:8c:17:5f:66:22:40:27:cf:1f:3a:9e:
48:42:8e:7d:32:ca:55:31:50:6e:f8:fa:ca:fa:05:
39:9b:22:4a:b2:70:f3:53:74:a8:b1:c4:44:49:14:
4b:7a:12:f6:4f:6a:fb:f2:14:e3:c2:85:81:46:9c:
3c:bc:5a:36:e7:46:44:c3:58:e7:63:41:85:f9:1a:
94:85:52:47:fd:d1:ba:72:ff:ff:29:ee:b3:b3:1e:
63:60:7f:09:6c:76:e0:72:7a:aa:5f:c4:96:27:1b:
3c:63:d1:38:a0:bd:17:62:6a:66:f7:d1:c5:8b:5f:
1d:90:ae:1e:38:e9:95:05:35:2b:3d:c8:45:fa:c1:
e3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B5:3B:57:4D:A1:69:1E:F7:EF:0E:80:47:ED:1D:A7:26:3A:08:65
X509v3 Authority Key Identifier:
keyid:D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/EbU7V02haR737w6AR-0dpyY6CGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.200.0/21
IPv6:
2a03:2ba0::/32
Signature Algorithm: sha256WithRSAEncryption
ab:cf:9d:6c:e1:c6:ba:58:48:5a:95:5f:d6:62:fa:39:49:21:
73:1d:e3:ee:89:4a:b6:cf:e8:11:5f:af:d5:22:94:1e:29:78:
4b:1c:d4:b9:08:b4:c5:ea:ed:f8:41:1e:1e:e9:1f:04:da:d9:
3b:6a:7e:0b:e1:66:13:ff:dc:0f:87:80:36:82:61:a5:d8:5e:
bd:a0:c7:77:36:ce:98:77:06:75:c4:23:71:fe:b4:f4:ea:8b:
8e:bc:00:bb:34:90:bd:c6:f0:c6:d2:07:7b:8b:9b:25:1d:86:
d0:5d:5f:a1:6e:00:f4:44:d0:05:6e:6f:f3:90:80:5d:5b:27:
0b:67:a6:c8:ce:10:2b:fd:89:e3:95:cf:73:33:03:bf:39:4c:
ef:5a:9b:36:1a:58:e2:2c:82:17:4f:ad:70:77:9f:90:98:1b:
5b:d8:cb:0a:a9:18:25:3f:27:77:20:ee:8e:4b:3c:24:6a:9f:
e3:7d:da:55:98:9c:b9:cc:04:b5:fa:94:35:ea:96:32:a2:65:
b3:e0:bd:54:fc:04:e6:14:11:03:5c:86:ac:c8:1c:10:df:2e:
d9:02:33:6d:fb:a5:71:a1:63:45:c8:31:a0:25:e6:c1:d2:c0:
97:1c:2a:41:7c:f8:83:cc:44:31:ab:7b:36:be:75:93:37:97:
d2:f6:eb:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtiuAsSGmm5hyvqxMsBlSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjdjZDBlYzRjM2JjNTRjNTk0MzEzMDdlZWMzNmVmMDM4
Mjc3MzMwHhcNMjMwMTAxMTMzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWI1M2I1NzRkYTE2OTFlZjdlZjBlODA0N2VkMWRhNzI2M2EwODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8bXnWJqdRX9laNj4d0PCLXBMOQN
mkqVwpJ6btqfkga8h2WerJplz2FKhdJAD22+sUPDiTcRQua2bLZvoFwR0kKploeH
NBOzdT2Ep/NOwudYi/xieDrkHBq0CusbNQt4Bzu8dShIM25x5Nst8L5IMkJd63Z0
Ql2f3sxNjBdfZiJAJ88fOp5IQo59MspVMVBu+PrK+gU5myJKsnDzU3SoscRESRRL
ehL2T2r78hTjwoWBRpw8vFo250ZEw1jnY0GF+RqUhVJH/dG6cv//Ke6zsx5jYH8J
bHbgcnqqX8SWJxs8Y9E4oL0XYmpm99HFi18dkK4eOOmVBTUrPchF+sHjzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBG1O1dNoWke9+8OgEftHacmOghlMB8GA1UdIwQY
MBaAFNH3zQ7Ew7xUxZQxMH7sNu8DgnczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgt
OWNiNWQ4OGZkZDM5LzEvRWJVN1YwMmhhUjczN3c2QVItMGRweVk2Q0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgtOWNiNWQ4OGZkZDM5
LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXn3IMA0E
AgACMAcDBQAqAyugMA0GCSqGSIb3DQEBCwUAA4IBAQCrz51s4ca6WEhalV/WYvo5
SSFzHePuiUq2z+gRX6/VIpQeKXhLHNS5CLTF6u34QR4e6R8E2tk7an4L4WYT/9wP
h4A2gmGl2F69oMd3Ns6YdwZ1xCNx/rT06ouOvAC7NJC9xvDG0gd7i5slHYbQXV+h
bgD0RNAFbm/zkIBdWycLZ6bIzhAr/Ynjlc9zMwO/OUzvWps2GljiLIIXT61wd5+Q
mBtb2MsKqRglPyd3IO6OSzwkap/jfdpVmJy5zAS1+pQ16pYyomWz4L1U/ATmFBED
XIasyBwQ3y7ZAjNt+6VxoWNFyDGgJebB0sCXHCpBfPiDzEQxq3s2vnWTN5fS9uts
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:19 2024 by rpki-client on console-ams.rpki-client.org