Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d5e9f6-3f6d-4694-89b8-a093d100874c/1/EijTdNS_BWPHooZTeM5CsET3SE0.roa
File: EijTdNS_BWPHooZTeM5CsET3SE0.roa (raw, json)
Hash identifier: ilzGG4nYg5TI8RM66U88RkO/NAyIcFKOd/J6ZLpYP8k=
Subject key identifier: 12:28:D3:74:D4:BF:05:63:C7:A2:86:53:78:CE:42:B0:44:F7:48:4D
Certificate issuer: /CN=57c0bd9f8331ea8438fd2a2f671b71af4a2dec17
Certificate serial: 018A1C67810E159DE0ADE0A886A696EB0C2F
Authority key identifier: 57:C0:BD:9F:83:31:EA:84:38:FD:2A:2F:67:1B:71:AF:4A:2D:EC:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8C9n4Mx6oQ4_SovZxtxr0ot7Bc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d5e9f6-3f6d-4694-89b8-a093d100874c/1/EijTdNS_BWPHooZTeM5CsET3SE0.roa
Signing time: Tue 22 Aug 2023 08:40:59 +0000
ROA not before: Tue 22 Aug 2023 08:40:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3232
IP address blocks: 193.105.132.0/24 maxlen: 24
193.17.43.0/24 maxlen: 24
91.216.220.0/24 maxlen: 24
194.165.45.0/24 maxlen: 24
194.165.53.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:67:81:0e:15:9d:e0:ad:e0:a8:86:a6:96:eb:0c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c0bd9f8331ea8438fd2a2f671b71af4a2dec17
Validity
Not Before: Aug 22 08:40:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1228d374d4bf0563c7a2865378ce42b044f7484d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:81:fb:13:d9:ff:31:5b:9c:43:98:2a:11:db:
17:e5:d1:78:5a:b1:42:aa:50:10:fe:bf:0f:66:0c:
f1:24:c6:9e:46:5c:16:55:db:4f:38:c3:2a:e2:89:
6d:ec:98:6b:e5:8b:b6:87:44:10:23:bb:cc:73:45:
1e:8e:26:bb:5b:c0:dd:de:55:b4:46:db:4e:0f:80:
2e:ba:ca:cf:f8:42:91:f1:06:7d:8c:a4:67:07:e9:
2a:5a:5f:81:38:2e:3d:73:ec:f8:ed:b4:ad:9a:2b:
b1:45:0b:d5:53:90:c4:30:70:ff:2f:3c:8b:b4:68:
55:74:a9:80:07:9c:48:57:62:70:bf:e9:84:fe:4f:
de:9e:3d:d3:83:cd:92:f1:4c:6e:9a:63:e9:2f:26:
ca:52:fd:c6:20:24:91:4a:a3:ce:89:a2:e3:b3:43:
1b:02:c4:22:1a:16:7a:b4:a5:b3:c9:d4:c7:72:32:
d2:48:5d:3d:31:17:c3:38:d7:ea:69:d8:5e:bc:16:
28:10:d7:1f:63:92:0f:67:06:86:5d:88:da:b2:46:
37:6a:fc:39:ae:35:4c:a3:40:86:b8:48:8d:41:23:
0e:f4:92:32:8e:5e:ba:92:65:03:5f:00:49:c7:89:
81:b4:1c:27:eb:ea:a3:4a:a3:13:98:71:d6:59:c2:
3c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:28:D3:74:D4:BF:05:63:C7:A2:86:53:78:CE:42:B0:44:F7:48:4D
X509v3 Authority Key Identifier:
keyid:57:C0:BD:9F:83:31:EA:84:38:FD:2A:2F:67:1B:71:AF:4A:2D:EC:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8C9n4Mx6oQ4_SovZxtxr0ot7Bc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d5e9f6-3f6d-4694-89b8-a093d100874c/1/EijTdNS_BWPHooZTeM5CsET3SE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d5e9f6-3f6d-4694-89b8-a093d100874c/1/V8C9n4Mx6oQ4_SovZxtxr0ot7Bc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.220.0/24
193.17.43.0/24
193.105.132.0/24
194.165.45.0/24
194.165.53.0/24
Signature Algorithm: sha256WithRSAEncryption
90:a2:94:ba:0b:65:f0:7b:81:e4:a0:35:84:93:6f:58:29:b6:
1f:0d:80:2a:bd:c2:af:9e:6d:b6:1c:7d:6e:a3:11:b4:92:d8:
57:06:2b:81:de:fe:74:42:b7:7d:17:f0:6e:1a:e6:15:5d:84:
bd:25:95:9c:70:6c:9b:53:70:87:30:68:4e:de:72:1f:8e:38:
5d:d4:d0:ff:f4:b5:72:03:08:cf:0e:e8:03:57:f0:6e:4f:16:
33:ba:56:45:e3:fd:1b:c6:39:ea:e9:b4:56:b1:6c:16:0d:a8:
1e:ea:cd:0c:ee:0a:49:6d:56:41:ef:14:0a:f7:26:cd:20:a5:
6b:59:0e:52:47:d9:a7:8d:12:15:c1:60:64:f6:67:55:87:bc:
d0:c0:7e:e5:7d:3a:c2:99:4f:39:82:be:1c:96:b0:68:7b:72:
98:eb:96:e1:f2:d5:22:b7:ae:6f:85:23:3e:b8:aa:2a:a8:3c:
d8:d6:c9:09:e5:3b:a0:be:c1:b0:4d:68:a3:dd:86:3e:93:96:
6d:5f:d9:05:07:ae:a7:0d:c9:8a:29:cc:f5:b4:df:dd:17:60:
61:ec:17:69:65:70:db:e3:90:55:7c:2d:1f:85:76:76:dc:52:
ac:fb:1a:4f:4b:11:c5:2d:dd:f3:cc:bb:a5:f2:43:e5:3c:36:
4a:6f:56:85
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYocZ4EOFZ3greCohqaW6wwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzBiZDlmODMzMWVhODQzOGZkMmEyZjY3MWI3MWFmNGEy
ZGVjMTcwHhcNMjMwODIyMDg0MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjI4ZDM3NGQ0YmYwNTYzYzdhMjg2NTM3OGNlNDJiMDQ0Zjc0ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4H7E9n/MVucQ5gqEdsX5dF4WrFC
qlAQ/r8PZgzxJMaeRlwWVdtPOMMq4olt7Jhr5Yu2h0QQI7vMc0Uejia7W8Dd3lW0
RttOD4AuusrP+EKR8QZ9jKRnB+kqWl+BOC49c+z47bStmiuxRQvVU5DEMHD/LzyL
tGhVdKmAB5xIV2Jwv+mE/k/enj3Tg82S8UxummPpLybKUv3GICSRSqPOiaLjs0Mb
AsQiGhZ6tKWzydTHcjLSSF09MRfDONfqadhevBYoENcfY5IPZwaGXYjaskY3avw5
rjVMo0CGuEiNQSMO9JIyjl66kmUDXwBJx4mBtBwn6+qjSqMTmHHWWcI8PQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBIo03TUvwVjx6KGU3jOQrBE90hNMB8GA1UdIwQY
MBaAFFfAvZ+DMeqEOP0qL2cbca9KLewXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhDOW40TXg2b1E0X1Nvdlp4dHhyMG90N0JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kNWU5ZjYtM2Y2ZC00Njk0LTg5Yjgt
YTA5M2QxMDA4NzRjLzEvRWlqVGROU19CV1BIb29aVGVNNUNzRVQzU0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kNWU5ZjYtM2Y2ZC00Njk0LTg5YjgtYTA5M2QxMDA4NzRj
LzEvVjhDOW40TXg2b1E0X1Nvdlp4dHhyMG90N0JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW9jcAwQA
wRErAwQAwWmEAwQAwqUtAwQAwqU1MA0GCSqGSIb3DQEBCwUAA4IBAQCQopS6C2Xw
e4HkoDWEk29YKbYfDYAqvcKvnm22HH1uoxG0kthXBiuB3v50Qrd9F/BuGuYVXYS9
JZWccGybU3CHMGhO3nIfjjhd1ND/9LVyAwjPDugDV/BuTxYzulZF4/0bxjnq6bRW
sWwWDage6s0M7gpJbVZB7xQK9ybNIKVrWQ5SR9mnjRIVwWBk9mdVh7zQwH7lfTrC
mU85gr4clrBoe3KY65bh8tUit65vhSM+uKoqqDzY1skJ5TugvsGwTWij3YY+k5Zt
X9kFB66nDcmKKcz1tN/dF2Bh7BdpZXDb45BVfC0fhXZ23FKs+xpPSxHFLd3zzLul
8kPlPDZKb1aF
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:32 2024 by rpki-client on console.sobornost.net