Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/EoI4XktpsQGJtfsno0u07Gc11R0.roa
File: EoI4XktpsQGJtfsno0u07Gc11R0.roa (raw, json)
Hash identifier: +34IE2Q7VIWF5qUtKmvJtpbXkKM9TGJ9lyMDWZ3B0pM=
Subject key identifier: 12:82:38:5E:4B:69:B1:01:89:B5:FB:27:A3:4B:B4:EC:67:35:D5:1D
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0188DCB22D5A2299817B751B0DE12E0D0DDE
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/EoI4XktpsQGJtfsno0u07Gc11R0.roa
Signing time: Wed 21 Jun 2023 06:44:04 +0000
ROA not before: Wed 21 Jun 2023 06:44:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 94.26.89.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dc:b2:2d:5a:22:99:81:7b:75:1b:0d:e1:2e:0d:0d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 21 06:44:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1282385e4b69b10189b5fb27a34bb4ec6735d51d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:02:1b:22:d0:d5:ab:61:ff:f2:db:82:4d:19:
b4:d6:ab:a9:d7:d7:cd:e5:c6:8e:3a:a0:91:f8:5f:
b1:08:38:66:c4:89:08:dd:85:34:6d:db:cd:a6:76:
97:34:28:99:bb:f7:7a:7a:50:4f:15:96:42:fb:06:
e3:dd:a4:8b:1c:d5:4a:6d:ef:5b:7c:82:e3:d2:57:
7e:32:2b:87:34:85:2d:a6:c8:37:9e:e5:16:90:6e:
b0:83:af:56:ee:0b:5b:dc:01:cd:da:53:45:f6:ac:
4d:40:0e:6c:dd:e9:79:14:72:33:b8:12:eb:fa:a8:
67:d8:5c:81:4b:c1:bd:59:cd:d9:26:ce:95:d1:d8:
c2:56:c9:a9:46:48:39:12:14:30:e1:fa:3d:2a:05:
65:7d:f3:07:2d:14:d2:5e:c2:84:ab:6a:9d:d2:b5:
b3:cd:84:0f:80:65:a4:54:b3:62:63:ba:f5:02:ea:
1d:9a:f7:5f:dd:a6:39:06:9f:64:63:93:64:4b:b3:
e9:f6:87:ae:6b:b2:a6:f2:7e:07:23:dd:78:2a:2d:
d8:8f:e0:81:40:14:42:62:fd:88:51:f1:31:ab:51:
f7:ef:e0:26:a3:43:8e:31:69:19:6b:08:0e:a5:c1:
56:eb:cb:24:5f:32:fd:4b:b0:49:26:15:cf:a3:9f:
95:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:82:38:5E:4B:69:B1:01:89:B5:FB:27:A3:4B:B4:EC:67:35:D5:1D
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/EoI4XktpsQGJtfsno0u07Gc11R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.210.0/24
93.152.212.0/24
93.152.217.0-93.152.218.255
93.152.222.0/24
93.152.226.0/23
94.26.89.0/24
212.102.105.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:ad:ed:10:cf:13:a0:df:ed:18:c2:e3:ae:da:44:4a:cf:17:
c2:06:a9:fe:f6:a4:4f:8f:f1:24:37:ae:82:88:26:f0:ca:bc:
a0:3b:02:10:4e:6b:75:46:c4:86:ae:d9:5a:2a:04:07:33:0b:
16:6d:71:f5:08:88:f9:2d:37:43:ba:4c:44:05:e9:44:9c:f1:
c8:6a:a3:b8:04:3b:18:22:18:d5:6f:13:fd:31:d4:89:e0:44:
a9:24:73:b1:5f:db:f3:08:12:1e:c0:cf:fa:c4:00:34:72:8b:
32:1c:a4:b7:8c:b0:c1:7b:f6:01:7b:0c:55:e8:a1:04:6f:2b:
b4:ae:47:24:a6:0d:ea:6a:9e:b7:6e:25:a6:64:52:e1:81:86:
37:6d:52:11:af:bd:45:c0:dc:5e:aa:8a:3f:89:37:de:c3:f9:
c6:11:f4:ae:c5:44:89:2f:2d:b5:b0:d8:c1:c8:03:07:c4:fd:
b6:8a:2d:c1:b5:52:f8:a2:f8:bc:95:37:85:2a:35:59:f4:69:
34:4e:86:37:30:1c:27:ab:0e:37:67:b2:5f:66:40:0b:ab:93:
33:4d:0d:7b:75:ad:ed:9e:f8:d7:3b:fb:98:05:22:be:70:15:
b9:50:49:2a:42:20:d8:da:0c:0b:36:b3:19:41:62:ca:7d:2f:
3a:26:53:6f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYjcsi1aIpmBe3UbDeEuDQ3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNjIxMDY0NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjgyMzg1ZTRiNjliMTAxODliNWZiMjdhMzRiYjRlYzY3MzVkNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwIbItDVq2H/8tuCTRm01qup19fN
5caOOqCR+F+xCDhmxIkI3YU0bdvNpnaXNCiZu/d6elBPFZZC+wbj3aSLHNVKbe9b
fILj0ld+MiuHNIUtpsg3nuUWkG6wg69W7gtb3AHN2lNF9qxNQA5s3el5FHIzuBLr
+qhn2FyBS8G9Wc3ZJs6V0djCVsmpRkg5EhQw4fo9KgVlffMHLRTSXsKEq2qd0rWz
zYQPgGWkVLNiY7r1Auodmvdf3aY5Bp9kY5NkS7Pp9oeua7Km8n4HI914Ki3Yj+CB
QBRCYv2IUfExq1H37+Amo0OOMWkZawgOpcFW68skXzL9S7BJJhXPo5+VwwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBKCOF5LabEBibX7J6NLtOxnNdUdMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvRW9JNFhrdHBzUUdKdGZzbm8wdTA3R2MxMVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAXZjSAwQA
XZjUMAwDBABdmNkDBABdmNoDBABdmN4DBAFdmOIDBABeGlkDBADUZmkwDQYJKoZI
hvcNAQELBQADggEBAI6t7RDPE6Df7RjC467aRErPF8IGqf72pE+P8SQ3roKIJvDK
vKA7AhBOa3VGxIau2VoqBAczCxZtcfUIiPktN0O6TEQF6USc8chqo7gEOxgiGNVv
E/0x1IngRKkkc7Ff2/MIEh7Az/rEADRyizIcpLeMsMF79gF7DFXooQRvK7SuRySm
DepqnrduJaZkUuGBhjdtUhGvvUXA3F6qij+JN97D+cYR9K7FRIkvLbWw2MHIAwfE
/baKLcG1Uvii+LyVN4UqNVn0aTROhjcwHCerDjdnsl9mQAurkzNNDXt1re2e+Nc7
+5gFIr5wFblQSSpCINjaDAs2sxlBYsp9LzomU28=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org