Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/EuKNgx8GFhAmRcTMwFCDtph9kJU.roa
File: EuKNgx8GFhAmRcTMwFCDtph9kJU.roa (raw, json)
Hash identifier: bfeNTmIhMeu0pHD00vM12ifN4mJGMBKyCDLsMSa0+88=
Subject key identifier: 12:E2:8D:83:1F:06:16:10:26:45:C4:CC:C0:50:83:B6:98:7D:90:95
Certificate issuer: /CN=324947c0aecefe87f9db96e5b45beb10aeb987a6
Certificate serial: 01856F4B5DE53B912739971B3F6A87F5A640
Authority key identifier: 32:49:47:C0:AE:CE:FE:87:F9:DB:96:E5:B4:5B:EB:10:AE:B9:87:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MklHwK7O_of525bltFvrEK65h6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/EuKNgx8GFhAmRcTMwFCDtph9kJU.roa
Signing time: Sun 01 Jan 2023 21:44:48 +0000
ROA not before: Sun 01 Jan 2023 21:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49627
IP address blocks: 193.169.138.0/23 maxlen: 24
185.68.160.0/22 maxlen: 24
91.232.130.0/24 maxlen: 24
2a03:2c60::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:5d:e5:3b:91:27:39:97:1b:3f:6a:87:f5:a6:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324947c0aecefe87f9db96e5b45beb10aeb987a6
Validity
Not Before: Jan 1 21:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12e28d831f0616102645c4ccc05083b6987d9095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cc:f1:a0:ce:80:dd:5d:99:f9:8b:13:cd:9a:
8c:d7:5d:25:ef:32:0f:02:7e:79:49:f9:31:1f:98:
0b:38:cc:65:c0:9c:00:a8:5a:e9:48:34:b2:b7:87:
d0:8f:03:94:8c:5d:fc:1f:bc:e5:8c:83:b9:54:19:
59:24:42:40:4e:69:d8:a3:66:73:29:d8:f8:55:53:
8d:ed:03:ed:15:9d:0c:02:2d:fa:ef:56:7b:25:6e:
0b:4f:c8:e6:3d:7f:0b:7e:3f:84:39:85:25:9f:8f:
3c:2b:d6:ef:10:5b:63:b1:e5:2b:46:5f:fd:78:39:
e9:9c:4f:06:23:1b:f5:a7:f5:2a:90:62:6f:c7:13:
30:ea:12:1a:f5:fd:c7:6b:b7:a9:13:d7:4c:1b:04:
d1:9b:f0:70:3e:b2:c5:cc:16:26:4c:31:f0:7c:96:
64:89:1a:d8:a3:6c:10:7c:96:5b:c9:1d:d1:c1:26:
e2:5b:44:d4:25:09:e7:59:f6:04:46:63:ae:51:5f:
d7:36:61:9e:54:ef:ee:5f:23:91:23:5f:aa:d2:e3:
d0:e8:22:fa:2f:4f:af:15:60:9f:33:16:a8:75:1b:
88:82:cd:ef:0d:35:67:df:0d:bb:97:dc:d4:16:6a:
ee:89:fa:ad:82:cc:55:11:f9:38:17:a4:aa:60:71:
4e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:E2:8D:83:1F:06:16:10:26:45:C4:CC:C0:50:83:B6:98:7D:90:95
X509v3 Authority Key Identifier:
keyid:32:49:47:C0:AE:CE:FE:87:F9:DB:96:E5:B4:5B:EB:10:AE:B9:87:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MklHwK7O_of525bltFvrEK65h6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/EuKNgx8GFhAmRcTMwFCDtph9kJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/MklHwK7O_of525bltFvrEK65h6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.130.0/24
185.68.160.0/22
193.169.138.0/23
IPv6:
2a03:2c60::/32
Signature Algorithm: sha256WithRSAEncryption
b7:38:d8:0e:96:20:8d:c3:79:ec:9e:b3:2e:85:7c:e4:8c:c7:
a7:97:88:a8:09:70:db:d2:0b:c4:c9:95:6f:a5:04:ef:3a:50:
f3:57:12:9a:e6:ad:08:24:c1:01:f5:a2:89:02:8b:7f:23:fd:
70:30:64:7e:78:cb:39:bd:b2:6e:37:73:77:4d:42:7d:6c:6f:
cf:9a:08:35:2b:22:ab:b0:55:7b:41:44:cf:41:d5:62:47:f4:
c8:40:03:40:21:30:0b:4f:f1:58:41:e0:da:00:47:1c:2b:08:
a1:9e:54:c6:12:ff:0e:84:c6:9c:d3:2d:02:ae:a7:28:f4:e3:
82:52:49:96:b0:d5:14:ee:65:96:5f:de:ab:73:21:f8:25:92:
c1:dd:c4:ff:e1:22:fe:5c:9a:34:27:9e:29:54:d4:05:99:92:
eb:8b:97:84:a1:f5:64:a0:03:9c:7b:58:f6:54:97:64:33:43:
67:c1:4d:f1:cc:46:db:0e:01:b1:5f:fc:ba:5c:50:cb:c8:40:
a9:6e:38:6c:63:76:77:db:9b:4d:25:a0:32:ee:ff:d5:3c:5d:
7a:d9:c1:54:5f:99:97:7c:50:08:00:db:fd:62:c0:8b:2e:ae:
1c:b6:61:a4:96:75:25:a5:f5:47:20:87:a6:b4:da:e6:a9:97:
fa:62:9a:80
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvS13lO5EnOZcbP2qH9aZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDk0N2MwYWVjZWZlODdmOWRiOTZlNWI0NWJlYjEwYWVi
OTg3YTYwHhcNMjMwMTAxMjE0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmUyOGQ4MzFmMDYxNjEwMjY0NWM0Y2NjMDUwODNiNjk4N2Q5MDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzczxoM6A3V2Z+YsTzZqM110l7zIP
An55SfkxH5gLOMxlwJwAqFrpSDSyt4fQjwOUjF38H7zljIO5VBlZJEJATmnYo2Zz
Kdj4VVON7QPtFZ0MAi3671Z7JW4LT8jmPX8Lfj+EOYUln488K9bvEFtjseUrRl/9
eDnpnE8GIxv1p/UqkGJvxxMw6hIa9f3Ha7epE9dMGwTRm/BwPrLFzBYmTDHwfJZk
iRrYo2wQfJZbyR3RwSbiW0TUJQnnWfYERmOuUV/XNmGeVO/uXyORI1+q0uPQ6CL6
L0+vFWCfMxaodRuIgs3vDTVn3w27l9zUFmruifqtgsxVEfk4F6SqYHFODQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBLijYMfBhYQJkXEzMBQg7aYfZCVMB8GA1UdIwQY
MBaAFDJJR8Cuzv6H+duW5bRb6xCuuYemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtsSHdLN09fb2Y1MjVibHRGdnJFSzY1aDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9hOGQzOGItMzE3Ni00Y2M1LWJiNGYt
YzM2MmQyYTllMTIxLzEvRXVLTmd4OEdGaEFtUmNUTXdGQ0R0cGg5a0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9hOGQzOGItMzE3Ni00Y2M1LWJiNGYtYzM2MmQyYTllMTIx
LzEvTWtsSHdLN09fb2Y1MjVibHRGdnJFSzY1aDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+iCAwQC
uUSgAwQBwamKMA0EAgACMAcDBQAqAyxgMA0GCSqGSIb3DQEBCwUAA4IBAQC3ONgO
liCNw3nsnrMuhXzkjMenl4ioCXDb0gvEyZVvpQTvOlDzVxKa5q0IJMEB9aKJAot/
I/1wMGR+eMs5vbJuN3N3TUJ9bG/Pmgg1KyKrsFV7QUTPQdViR/TIQANAITALT/FY
QeDaAEccKwihnlTGEv8OhMac0y0Crqco9OOCUkmWsNUU7mWWX96rcyH4JZLB3cT/
4SL+XJo0J54pVNQFmZLri5eEofVkoAOce1j2VJdkM0NnwU3xzEbbDgGxX/y6XFDL
yECpbjhsY3Z325tNJaAy7v/VPF162cFUX5mXfFAIANv9YsCLLq4ctmGklnUlpfVH
IIemtNrmqZf6YpqA
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:32 2024 by rpki-client on console.sobornost.net