Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/EX2yq_xdeIFjyPizTQWVz1VgcX8.roa
File: EX2yq_xdeIFjyPizTQWVz1VgcX8.roa (raw, json)
Hash identifier: hQZV5s07rNxDUsAwLEO8mn5At7zaknX790shtQ1qyvI=
Subject key identifier: 11:7D:B2:AB:FC:5D:78:81:63:C8:F8:B3:4D:05:95:CF:55:60:71:7F
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0185BF7AE089026DD9F5482045ECD0D6A282
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/EX2yq_xdeIFjyPizTQWVz1VgcX8.roa
Signing time: Tue 17 Jan 2023 11:26:19 +0000
ROA not before: Tue 17 Jan 2023 11:26:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
185.81.219.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:7a:e0:89:02:6d:d9:f5:48:20:45:ec:d0:d6:a2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 17 11:26:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=117db2abfc5d788163c8f8b34d0595cf5560717f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f8:67:a0:aa:47:35:28:7f:ce:80:3c:52:11:
6d:44:d9:36:20:36:46:45:84:1a:d8:4c:e3:6b:02:
5f:c9:78:8a:08:a7:c3:99:c0:42:bd:3f:ee:aa:5d:
63:d6:7d:a6:0a:0d:64:3c:ba:86:52:64:e0:8a:5b:
61:98:9a:9a:29:c8:42:1d:41:11:ef:32:01:27:f9:
e6:f7:fd:f3:12:bd:7e:31:9e:82:0f:22:d9:c4:e3:
92:4c:a7:aa:c9:63:03:b9:a4:dc:6e:72:dd:72:ee:
94:2f:13:5a:36:f0:0d:10:ab:86:69:15:a5:4e:21:
1a:6b:34:be:87:76:0c:21:c6:53:fb:e7:68:8f:15:
4b:63:fd:8d:fd:ae:c1:13:68:e5:73:bd:aa:d9:70:
f7:b9:30:cd:04:ff:d4:47:89:fe:ef:21:d5:e5:63:
e1:2d:38:be:96:b3:be:83:62:05:2d:71:cb:ba:fc:
2b:dc:bb:93:e1:6e:94:13:0c:d9:ef:9f:a2:f3:af:
90:3a:a7:f8:09:24:22:13:1f:79:da:9b:0a:e5:2f:
1e:3e:19:71:06:19:08:00:c3:09:73:b5:41:4f:0f:
82:92:fc:91:e3:10:30:35:14:d4:df:4e:d7:ba:19:
1c:11:0c:2a:ac:68:9a:05:b4:2f:26:36:bb:17:ac:
f3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7D:B2:AB:FC:5D:78:81:63:C8:F8:B3:4D:05:95:CF:55:60:71:7F
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/EX2yq_xdeIFjyPizTQWVz1VgcX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.201.0-37.128.203.255
46.23.96.0/24
46.23.98.0/23
185.81.216.0/24
185.81.219.0/24
Signature Algorithm: sha256WithRSAEncryption
47:5b:db:6a:9c:1f:5d:dc:1b:11:e8:ec:85:c0:a2:ed:df:17:
4c:e9:29:a8:0e:bc:78:3e:26:11:a2:57:5d:4c:e1:9e:3c:08:
6f:52:8e:36:fe:7e:e2:75:21:a4:89:b9:3a:12:4b:b7:04:da:
5e:59:a7:22:8b:e1:8b:32:ec:7d:67:a0:0e:64:27:0f:4b:28:
b3:34:b3:8a:0b:ab:ac:f2:a0:5a:bc:d4:8f:6b:6b:87:cf:0a:
d4:3f:73:be:27:9b:c2:df:2b:d7:b1:7e:69:2c:aa:42:e4:f2:
d4:86:09:45:f3:ce:d3:64:34:64:1e:01:32:02:77:78:03:89:
ed:ff:3e:ae:2a:6f:74:0f:fa:f8:44:17:00:43:c1:b5:68:61:
6b:4f:d2:af:06:02:90:46:54:8d:90:ad:51:dd:3d:c9:e5:2a:
6c:b1:ae:e5:54:4e:38:da:eb:7d:20:b6:0f:af:e6:56:4e:e7:
4e:56:e0:13:44:61:6a:4b:c0:88:95:f0:68:d7:a7:68:22:fe:
e0:1d:fc:67:a0:f1:3d:c3:42:73:c8:7e:ca:7b:cf:47:2d:61:
f2:6a:50:b7:ba:53:21:bf:de:9e:43:e6:a9:ea:75:70:ea:78:
2e:4e:fa:7d:48:a4:b5:a6:99:3d:7d:c4:d8:0c:6c:86:d1:7c:
7a:39:f3:66
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYW/euCJAm3Z9UggRezQ1qKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMTE3MTEyNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTdkYjJhYmZjNWQ3ODgxNjNjOGY4YjM0ZDA1OTVjZjU1NjA3MTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvhnoKpHNSh/zoA8UhFtRNk2IDZG
RYQa2EzjawJfyXiKCKfDmcBCvT/uql1j1n2mCg1kPLqGUmTgilthmJqaKchCHUER
7zIBJ/nm9/3zEr1+MZ6CDyLZxOOSTKeqyWMDuaTcbnLdcu6ULxNaNvANEKuGaRWl
TiEaazS+h3YMIcZT++dojxVLY/2N/a7BE2jlc72q2XD3uTDNBP/UR4n+7yHV5WPh
LTi+lrO+g2IFLXHLuvwr3LuT4W6UEwzZ75+i86+QOqf4CSQiEx952psK5S8ePhlx
BhkIAMMJc7VBTw+CkvyR4xAwNRTU307XuhkcEQwqrGiaBbQvJja7F6zzmwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBF9sqv8XXiBY8j4s00Flc9VYHF/MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvRVgyeXFfeGRlSUZqeVBpelRRV1Z6MVZnY1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAAlgMkD
BAIlgMgDBAAuF2ADBAEuF2IDBAC5UdgDBAC5UdswDQYJKoZIhvcNAQELBQADggEB
AEdb22qcH13cGxHo7IXAou3fF0zpKagOvHg+JhGiV11M4Z48CG9Sjjb+fuJ1IaSJ
uToSS7cE2l5ZpyKL4Ysy7H1noA5kJw9LKLM0s4oLq6zyoFq81I9ra4fPCtQ/c74n
m8LfK9exfmksqkLk8tSGCUXzztNkNGQeATICd3gDie3/Pq4qb3QP+vhEFwBDwbVo
YWtP0q8GApBGVI2QrVHdPcnlKmyxruVUTjja630gtg+v5lZO505W4BNEYWpLwIiV
8GjXp2gi/uAd/Geg8T3DQnPIfsp7z0ctYfJqULe6UyG/3p5D5qnqdXDqeC5O+n1I
pLWmmT19xNgMbIbRfHo582Y=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org