Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/EwQN1pj-4G8VkcPsZMM6I70g_8c.roa
File: EwQN1pj-4G8VkcPsZMM6I70g_8c.roa (raw, json)
Hash identifier: 6lgD3GHIjTKB5ihMP5S/oE2BEIlV5s5AYVRo7aqrCKE=
Subject key identifier: 13:04:0D:D6:98:FE:E0:6F:15:91:C3:EC:64:C3:3A:23:BD:20:FF:C7
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 01856D819A144694B52AB8195BDC21AD279D
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/EwQN1pj-4G8VkcPsZMM6I70g_8c.roa
Signing time: Sun 01 Jan 2023 13:24:48 +0000
ROA not before: Sun 01 Jan 2023 13:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47841
IP address blocks: 91.208.181.0/24 maxlen: 24
146.185.40.0/21 maxlen: 21
185.65.112.0/22 maxlen: 22
95.131.136.0/21 maxlen: 21
2a02:c70::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:9a:14:46:94:b5:2a:b8:19:5b:dc:21:ad:27:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Jan 1 13:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13040dd698fee06f1591c3ec64c33a23bd20ffc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b6:20:49:6c:f1:ed:f8:af:90:b7:c8:42:85:
26:fc:25:84:94:32:00:4d:02:71:ef:d5:6c:da:3f:
5b:9f:08:49:4f:7c:62:9f:f7:e0:7d:f0:5d:d8:f0:
83:0d:d7:4a:bc:2a:44:74:52:27:32:ff:a9:a0:77:
19:d2:00:4c:7d:14:6a:ba:60:e0:88:99:65:f1:a8:
f0:22:b6:92:8e:c0:66:60:9b:89:b4:9f:56:34:fb:
45:ff:00:c7:23:d5:29:99:68:ca:9e:0a:58:e1:76:
17:5a:9d:87:49:bc:9e:f6:39:1c:24:05:b7:37:7b:
86:04:8e:e1:aa:05:42:3e:04:ed:c6:e8:68:ff:44:
d0:12:72:cd:cc:5d:82:64:11:42:7c:85:a9:10:9c:
cf:49:0f:dc:3c:71:2e:2f:62:7c:20:18:c2:f6:7e:
0a:5c:c3:70:ba:11:ef:12:32:ba:b0:d1:24:8f:d9:
8c:29:d2:36:cd:7c:0b:ca:42:6d:a7:97:3a:01:3b:
fc:1b:f4:13:dc:01:b4:56:43:5a:f9:b4:09:28:a4:
8d:d7:51:c6:2b:58:54:53:a5:ad:a7:8a:b7:01:bf:
52:76:bb:05:5f:c0:50:f5:43:ab:b0:63:5a:b0:f2:
85:ab:bb:2c:fc:12:74:2d:d7:9e:12:52:24:78:32:
4d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:04:0D:D6:98:FE:E0:6F:15:91:C3:EC:64:C3:3A:23:BD:20:FF:C7
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/EwQN1pj-4G8VkcPsZMM6I70g_8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.181.0/24
95.131.136.0/21
146.185.40.0/21
185.65.112.0/22
IPv6:
2a02:c70::/32
Signature Algorithm: sha256WithRSAEncryption
70:2d:f6:16:56:47:3a:73:dc:2d:0d:83:ab:0b:d5:64:e5:6f:
ee:89:23:3a:de:75:91:3a:94:b6:c3:6a:64:b2:a0:19:c3:ba:
f6:eb:32:e2:da:3c:ba:e5:00:1e:51:d5:70:55:f3:ea:bd:b9:
ad:4b:93:71:49:e4:bc:21:d3:0d:fd:ec:0d:e2:37:50:93:8d:
17:84:d7:8f:b6:2b:e1:41:fe:8a:50:dd:ec:8e:e9:ec:ae:d3:
f6:cb:e0:ca:9f:cb:d4:1d:d5:5f:9f:eb:60:91:b6:a9:99:3b:
0b:eb:8c:ab:a8:a8:93:7a:2e:b4:67:28:a8:5e:9f:a5:94:74:
54:96:97:af:19:1f:c7:a5:aa:5e:6f:ec:8b:cb:05:1c:38:11:
13:9e:9d:83:02:d4:21:56:05:d0:0e:0b:4d:70:b9:28:00:a1:
42:79:4f:61:c1:6c:6b:56:f6:21:d8:cb:a3:e6:f8:70:5c:4b:
ed:dd:2f:4a:19:59:af:94:cf:87:4e:3f:87:e9:0d:cf:ab:3b:
99:fe:99:70:8c:99:e9:72:bf:6f:bb:d0:53:0d:7f:46:da:eb:
5a:31:e2:22:61:cc:45:8b:e1:88:7b:57:cb:e4:da:c5:9c:5b:
cf:c6:bc:a1:6b:96:7d:5a:7e:78:b7:fd:ae:05:f4:4b:4f:cb:
dd:75:ce:2c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtgZoURpS1KrgZW9whrSedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjMwMTAxMTMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzA0MGRkNjk4ZmVlMDZmMTU5MWMzZWM2NGMzM2EyM2JkMjBmZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bYgSWzx7fivkLfIQoUm/CWElDIA
TQJx79Vs2j9bnwhJT3xin/fgffBd2PCDDddKvCpEdFInMv+poHcZ0gBMfRRqumDg
iJll8ajwIraSjsBmYJuJtJ9WNPtF/wDHI9UpmWjKngpY4XYXWp2HSbye9jkcJAW3
N3uGBI7hqgVCPgTtxuho/0TQEnLNzF2CZBFCfIWpEJzPSQ/cPHEuL2J8IBjC9n4K
XMNwuhHvEjK6sNEkj9mMKdI2zXwLykJtp5c6ATv8G/QT3AG0VkNa+bQJKKSN11HG
K1hUU6Wtp4q3Ab9SdrsFX8BQ9UOrsGNasPKFq7ss/BJ0LdeeElIkeDJNEQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBMEDdaY/uBvFZHD7GTDOiO9IP/HMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvRXdRTjFwai00RzhWa2NQc1pNTTZJNzBnXzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9C1AwQD
X4OIAwQDkrkoAwQCuUFwMA0EAgACMAcDBQAqAgxwMA0GCSqGSIb3DQEBCwUAA4IB
AQBwLfYWVkc6c9wtDYOrC9Vk5W/uiSM63nWROpS2w2pksqAZw7r26zLi2jy65QAe
UdVwVfPqvbmtS5NxSeS8IdMN/ewN4jdQk40XhNePtivhQf6KUN3sjunsrtP2y+DK
n8vUHdVfn+tgkbapmTsL64yrqKiTei60ZyioXp+llHRUlpevGR/Hpapeb+yLywUc
OBETnp2DAtQhVgXQDgtNcLkoAKFCeU9hwWxrVvYh2Muj5vhwXEvt3S9KGVmvlM+H
Tj+H6Q3PqzuZ/plwjJnpcr9vu9BTDX9G2utaMeIiYcxFi+GIe1fL5NrFnFvPxryh
a5Z9Wn54t/2uBfRLT8vddc4s
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:38 2024 by rpki-client on console-fra.rpki-client.org