Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/EWSYZCHlC-UyQol4jVqc4ZofTAc.roa
File: EWSYZCHlC-UyQol4jVqc4ZofTAc.roa (raw, json)
Hash identifier: F4jQGIIVTWG0OFeF8KrewzBuN2orlD4jEXzzYLrTX00=
Subject key identifier: 11:64:98:64:21:E5:0B:E5:32:42:89:78:8D:5A:9C:E1:9A:1F:4C:07
Certificate issuer: /CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Certificate serial: 018CC7955E203714BAA17DDE57F822D47DFA
Authority key identifier: 4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/EWSYZCHlC-UyQol4jVqc4ZofTAc.roa
Signing time: Tue 02 Jan 2024 00:31:44 +0000
ROA not before: Tue 02 Jan 2024 00:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8751
IP address blocks: 93.113.13.0/24 maxlen: 32
85.204.224.0/21 maxlen: 32
85.204.232.0/24 maxlen: 32
85.204.236.0/22 maxlen: 32
85.204.236.0/24 maxlen: 32
85.204.234.0/23 maxlen: 32
86.107.224.0/20 maxlen: 32
93.113.0.0/20 maxlen: 32
86.107.246.0/23 maxlen: 32
93.113.11.0/24 maxlen: 32
188.215.112.0/24 maxlen: 32
188.215.112.0/23 maxlen: 32
188.215.118.0/24 maxlen: 32
188.215.112.0/21 maxlen: 32
188.215.114.0/24 maxlen: 32
185.85.200.0/22 maxlen: 32
37.156.71.0/24 maxlen: 32
2a03:7420::/48 maxlen: 48
2001:67c:2580::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 08 Mar 2024 12:09:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:5e:20:37:14:ba:a1:7d:de:57:f8:22:d4:7d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Validity
Not Before: Jan 2 00:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1164986421e50be5324289788d5a9ce19a1f4c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0b:62:51:58:ed:c9:f8:8e:5c:0f:88:e1:73:
8d:f1:30:a0:b1:20:ec:d1:3b:28:0e:47:b2:43:6b:
70:87:8f:5e:3b:ef:50:0a:03:0d:67:09:ed:c9:6e:
cc:31:27:9d:0b:1c:28:af:24:39:d4:9d:69:17:01:
db:3a:cc:41:16:8d:61:5d:e9:33:b7:63:7f:df:ad:
7a:02:25:57:fb:cf:63:e2:d9:91:c2:77:0a:63:35:
d2:fe:86:71:92:bd:41:fd:0f:7c:bf:1d:0e:8b:23:
c4:b2:04:e6:ee:d1:33:b4:28:77:c9:a1:d0:f1:90:
bc:39:ca:74:83:71:ad:7b:8f:83:12:d1:f5:4f:55:
82:12:d7:f8:05:f4:c4:1e:89:f6:8e:81:7d:f9:6d:
3e:97:48:86:7a:e3:4f:b0:19:b2:1f:b9:cb:15:54:
fd:4b:33:0a:a0:f1:92:eb:e3:93:f6:a1:3c:18:e3:
5a:55:19:a2:42:ee:f9:fd:13:54:0f:0c:79:50:e7:
81:33:49:b1:1b:f6:55:7c:17:75:bf:5f:ae:5e:85:
e0:15:d0:fb:48:7b:58:a9:fd:35:af:4f:8d:27:0c:
74:ed:4c:5c:f6:97:0d:07:f7:43:d3:e2:1e:d6:b0:
81:72:fb:27:11:30:f0:76:08:f3:59:e4:bd:4f:45:
99:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:64:98:64:21:E5:0B:E5:32:42:89:78:8D:5A:9C:E1:9A:1F:4C:07
X509v3 Authority Key Identifier:
keyid:4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/EWSYZCHlC-UyQol4jVqc4ZofTAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/TXCvGpmIbJEB0TX1S9K97zWLJm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.71.0/24
85.204.224.0-85.204.232.255
85.204.234.0-85.204.239.255
86.107.224.0/20
86.107.246.0/23
93.113.0.0/20
185.85.200.0/22
188.215.112.0/21
IPv6:
2001:67c:2580::/48
2a03:7420::/48
Signature Algorithm: sha256WithRSAEncryption
18:68:34:83:87:c0:82:eb:56:3a:f0:63:30:c8:ab:a1:63:26:
3f:c8:71:29:03:52:82:a9:2b:22:2d:46:1d:35:e3:50:43:4a:
6b:3f:f9:43:65:26:75:b9:46:77:b7:77:32:04:65:5d:2d:1e:
e1:c4:4d:a4:82:5f:dc:45:86:3e:83:87:09:ca:e5:6c:b9:99:
b8:80:c8:38:97:0f:45:76:4c:3d:fa:e2:ff:6b:58:e3:98:1c:
17:ed:59:6e:f5:1c:a2:4c:d4:b9:06:cd:6e:5f:57:d9:6d:98:
98:0c:fb:75:04:08:7e:d0:34:b7:63:e6:26:33:46:9f:68:68:
ef:30:d5:22:86:e2:0b:3a:12:6b:4b:b4:27:58:ef:f3:c3:25:
c7:41:89:3a:5e:e0:8c:28:69:1a:f5:ea:ab:dd:c6:28:bc:94:
e4:3b:08:6e:55:65:c8:57:8c:ef:3c:5f:b2:98:cc:16:d9:76:
b3:b9:35:f4:06:d7:7c:2d:94:37:e0:da:a3:e4:95:26:b8:67:
c2:03:1b:31:65:6a:37:ae:93:6e:db:77:53:e3:b4:95:79:97:
bf:a1:51:32:0b:9e:5b:7f:95:f6:cb:96:4b:66:4e:cc:fd:e2:
2c:6b:00:60:3f:99:b3:e9:40:bd:f6:6f:c0:b8:ff:e5:f7:9a:
ba:b4:c8:0d
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzHlV4gNxS6oX3eV/gi1H36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzBhZjFhOTk4ODZjOTEwMWQxMzVmNTRiZDJiZGVmMzU4
YjI2NmUwHhcNMjQwMTAyMDAzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY0OTg2NDIxZTUwYmU1MzI0Mjg5Nzg4ZDVhOWNlMTlhMWY0YzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigtiUVjtyfiOXA+I4XON8TCgsSDs
0TsoDkeyQ2twh49eO+9QCgMNZwntyW7MMSedCxworyQ51J1pFwHbOsxBFo1hXekz
t2N/3616AiVX+89j4tmRwncKYzXS/oZxkr1B/Q98vx0OiyPEsgTm7tEztCh3yaHQ
8ZC8Ocp0g3Gte4+DEtH1T1WCEtf4BfTEHon2joF9+W0+l0iGeuNPsBmyH7nLFVT9
SzMKoPGS6+OT9qE8GONaVRmiQu75/RNUDwx5UOeBM0mxG/ZVfBd1v1+uXoXgFdD7
SHtYqf01r0+NJwx07Uxc9pcNB/dD0+Ie1rCBcvsnETDwdgjzWeS9T0WZFQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFBFkmGQh5QvlMkKJeI1anOGaH0wHMB8GA1UdIwQY
MBaAFE1wrxqZiGyRAdE19UvSve81iyZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEt
NDYxYWIwZWNlZTAxLzEvRVdTWVpDSGxDLVV5UW9sNGpWcWM0Wm9mVEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAx
LzEvVFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBGBAIAATBAAwQAJZxHMAwD
BAVVzOADBABVzOgwDAMEAVXM6gMEBFXM4AMEBFZr4AMEAVZr9gMEBF1xAAMEArlV
yAMEA7zXcDAYBAIAAjASAwcAIAEGfCWAAwcAKgN0IAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAYaDSDh8CC61Y68GMwyKuhYyY/yHEpA1KCqSsiLUYdNeNQQ0prP/lDZSZ1
uUZ3t3cyBGVdLR7hxE2kgl/cRYY+g4cJyuVsuZm4gMg4lw9Fdkw9+uL/a1jjmBwX
7Vlu9RyiTNS5Bs1uX1fZbZiYDPt1BAh+0DS3Y+YmM0afaGjvMNUihuILOhJrS7Qn
WO/zwyXHQYk6XuCMKGka9eqr3cYovJTkOwhuVWXIV4zvPF+ymMwW2XazuTX0Btd8
LZQ34Nqj5JUmuGfCAxsxZWo3rpNu23dT47SVeZe/oVEyC55bf5X2y5ZLZk7M/eIs
awBgP5mz6UC99m/AuP/l95q6tMgN
-----END CERTIFICATE-----
Generated at Fri Mar 8 17:08:29 2024 by rpki-client on console-fra.rpki-client.org