Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/EWf1PyiJpzdsuHboHZoklo-SxCo.roa
File: EWf1PyiJpzdsuHboHZoklo-SxCo.roa (raw, json)
Hash identifier: S0m8P4IoaEXB44guZr83e53WYt6kGA5E3GUJzGhucp8=
Subject key identifier: 11:67:F5:3F:28:89:A7:37:6C:B8:76:E8:1D:9A:24:96:8F:92:C4:2A
Certificate issuer: /CN=620dd5186de65a646dda4b89dd48ed44873af149
Certificate serial: 018571CC2B9BB3ADFA70257009520B0D00F6
Authority key identifier: 62:0D:D5:18:6D:E6:5A:64:6D:DA:4B:89:DD:48:ED:44:87:3A:F1:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/EWf1PyiJpzdsuHboHZoklo-SxCo.roa
Signing time: Mon 02 Jan 2023 09:24:43 +0000
ROA not before: Mon 02 Jan 2023 09:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44664
IP address blocks: 91.247.226.0/24 maxlen: 24
91.247.224.0/24 maxlen: 24
91.247.224.0/22 maxlen: 22
91.247.225.0/24 maxlen: 24
91.247.227.0/24 maxlen: 24
91.225.56.0/24 maxlen: 24
91.225.56.0/22 maxlen: 22
91.225.58.0/24 maxlen: 24
91.225.57.0/24 maxlen: 24
91.225.59.0/24 maxlen: 24
91.202.144.0/22 maxlen: 22
91.202.144.0/24 maxlen: 24
91.202.145.0/24 maxlen: 24
91.202.147.0/24 maxlen: 24
91.202.146.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:cc:2b:9b:b3:ad:fa:70:25:70:09:52:0b:0d:00:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=620dd5186de65a646dda4b89dd48ed44873af149
Validity
Not Before: Jan 2 09:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1167f53f2889a7376cb876e81d9a24968f92c42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:62:e8:7a:f8:6b:27:07:b7:2a:1c:48:63:ba:
a2:be:39:44:8c:91:85:e5:2e:2b:4f:df:59:0e:d3:
2b:6c:9f:2a:40:84:26:1b:e9:88:f9:66:bb:90:1d:
4b:c4:cf:d9:d1:8e:e0:c8:3b:fc:3f:5c:94:a8:47:
38:42:c8:9a:87:8d:05:62:27:5d:1b:9c:97:42:1f:
41:57:b5:68:de:5a:aa:97:34:18:d0:08:7a:7b:85:
02:e0:40:fd:c7:45:5e:e8:48:28:26:0a:72:da:0a:
c3:b5:c5:ea:33:80:6d:28:62:84:bb:4b:15:66:f8:
7b:98:91:fc:27:4d:ac:90:b5:88:94:a2:a7:5b:52:
31:4a:d1:5f:37:63:c9:33:c3:c6:f3:a8:f4:2a:01:
37:a4:26:73:00:17:a2:f9:7c:70:ff:01:6d:ed:52:
28:57:f8:03:7e:dc:64:96:96:9d:f4:1d:76:b7:e5:
58:4c:8d:34:31:ad:12:4d:f9:ef:e8:76:09:cd:e0:
78:92:f3:e9:a9:f4:94:fb:c0:e5:15:c8:a0:8b:d7:
e1:b9:55:c8:33:f5:7c:a3:63:5d:a1:63:af:51:af:
ec:c4:ff:58:7d:3d:df:57:c4:f8:55:0d:c5:9f:b7:
6c:87:ba:31:1a:67:5a:1d:55:1e:fc:54:28:07:04:
75:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:67:F5:3F:28:89:A7:37:6C:B8:76:E8:1D:9A:24:96:8F:92:C4:2A
X509v3 Authority Key Identifier:
keyid:62:0D:D5:18:6D:E6:5A:64:6D:DA:4B:89:DD:48:ED:44:87:3A:F1:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/EWf1PyiJpzdsuHboHZoklo-SxCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e2c33a-2143-43ff-8fd6-e6f3ecbf6743/1/Yg3VGG3mWmRt2kuJ3UjtRIc68Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.144.0/22
91.225.56.0/22
91.247.224.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:1e:99:99:24:42:3a:c6:9e:12:eb:da:a0:76:cc:8e:7a:8f:
8f:20:39:fb:d5:25:e6:95:4f:19:a0:59:8b:fe:95:4b:d4:4c:
17:81:8b:c9:bc:50:ce:b7:43:71:85:3b:37:c5:25:5c:b1:ae:
2a:3e:b6:02:40:de:73:af:c2:54:c6:df:b6:38:ff:e4:10:6f:
79:91:b7:cc:f6:4a:d0:af:33:69:a3:1f:f6:cb:31:b3:e0:9e:
0a:34:3d:ed:09:69:ac:68:52:2e:bf:8b:42:94:93:00:7e:0b:
fa:dd:62:af:4c:ec:ca:e1:20:d4:6f:bd:f5:5c:de:17:e4:da:
d0:7b:47:92:7e:ce:01:19:25:ee:30:d2:09:11:6f:d1:25:11:
c8:b5:3a:d5:c0:59:7f:75:73:92:47:4e:b5:54:e8:04:9a:b9:
31:d8:3d:6c:21:18:87:5c:99:05:12:42:22:be:7f:a6:88:2b:
df:12:52:11:be:a3:70:18:60:b1:ac:6a:06:6f:84:95:16:ba:
d5:57:3f:7f:1a:a5:e1:a5:fb:a5:a5:e4:df:2f:c0:1c:33:37:
1a:cc:c9:42:48:c4:b7:05:f5:89:cd:80:e0:6d:b8:85:65:34:
21:c8:b9:81:d6:10:b8:3f:10:81:24:98:7e:1d:95:99:9c:f9:
89:37:7f:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxzCubs636cCVwCVILDQD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMGRkNTE4NmRlNjVhNjQ2ZGRhNGI4OWRkNDhlZDQ0ODcz
YWYxNDkwHhcNMjMwMTAyMDkyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY3ZjUzZjI4ODlhNzM3NmNiODc2ZTgxZDlhMjQ5NjhmOTJjNDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGLoevhrJwe3KhxIY7qivjlEjJGF
5S4rT99ZDtMrbJ8qQIQmG+mI+Wa7kB1LxM/Z0Y7gyDv8P1yUqEc4Qsiah40FYidd
G5yXQh9BV7Vo3lqqlzQY0Ah6e4UC4ED9x0Ve6EgoJgpy2grDtcXqM4BtKGKEu0sV
Zvh7mJH8J02skLWIlKKnW1IxStFfN2PJM8PG86j0KgE3pCZzABei+Xxw/wFt7VIo
V/gDftxklpad9B12t+VYTI00Ma0STfnv6HYJzeB4kvPpqfSU+8DlFcigi9fhuVXI
M/V8o2NdoWOvUa/sxP9YfT3fV8T4VQ3Fn7dsh7oxGmdaHVUe/FQoBwR1DwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBFn9T8oiac3bLh26B2aJJaPksQqMB8GA1UdIwQY
MBaAFGIN1Rht5lpkbdpLid1I7USHOvFJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWczVkdHM21XbVJ0Mmt1SjNVanRSSWM2OFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lMmMzM2EtMjE0My00M2ZmLThmZDYt
ZTZmM2VjYmY2NzQzLzEvRVdmMVB5aUpwemRzdUhib0hab2tsby1TeENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lMmMzM2EtMjE0My00M2ZmLThmZDYtZTZmM2VjYmY2NzQz
LzEvWWczVkdHM21XbVJ0Mmt1SjNVanRSSWM2OFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8qQAwQC
W+E4AwQCW/fgMA0GCSqGSIb3DQEBCwUAA4IBAQAvHpmZJEI6xp4S69qgdsyOeo+P
IDn71SXmlU8ZoFmL/pVL1EwXgYvJvFDOt0NxhTs3xSVcsa4qPrYCQN5zr8JUxt+2
OP/kEG95kbfM9krQrzNpox/2yzGz4J4KND3tCWmsaFIuv4tClJMAfgv63WKvTOzK
4SDUb731XN4X5NrQe0eSfs4BGSXuMNIJEW/RJRHItTrVwFl/dXOSR061VOgEmrkx
2D1sIRiHXJkFEkIivn+miCvfElIRvqNwGGCxrGoGb4SVFrrVVz9/GqXhpfulpeTf
L8AcMzcazMlCSMS3BfWJzYDgbbiFZTQhyLmB1hC4PxCBJJh+HZWZnPmJN3/N
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:03:07 2024 by rpki-client on console-ams.rpki-client.org