Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/eMpphPSY2JMdLbfoC8V2m9u9xpU.roa
File: eMpphPSY2JMdLbfoC8V2m9u9xpU.roa (raw, json)
Hash identifier: 9itZkCS+WnFFrvvSnGAdUSEryoAsGdSNZf3/ivUsf2w=
Subject key identifier: 78:CA:69:84:F4:98:D8:93:1D:2D:B7:E8:0B:C5:76:9B:DB:BD:C6:95
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018E6956E11FB2C2AF6EADB4D4DFD4F76FF8
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/eMpphPSY2JMdLbfoC8V2m9u9xpU.roa
Signing time: Sat 23 Mar 2024 03:24:45 +0000
ROA not before: Sat 23 Mar 2024 03:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
95.82.0.0/20 maxlen: 20
95.82.0.0/21 maxlen: 24
95.82.32.0/21 maxlen: 21
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.20.0/22 maxlen: 24
176.221.20.0/23 maxlen: 24
176.221.24.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Mar 2024 15:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:69:56:e1:1f:b2:c2:af:6e:ad:b4:d4:df:d4:f7:6f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Mar 23 03:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78ca6984f498d8931d2db7e80bc5769bdbbdc695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0f:a2:16:27:6c:f9:21:b8:7d:03:8c:0e:31:
5f:96:c8:ab:be:8b:8a:23:a4:bb:bd:7b:09:5a:cd:
47:10:60:77:27:63:1f:fa:37:20:2a:3c:ee:08:1a:
c9:34:db:34:41:af:97:ee:e4:d8:35:97:c5:94:e8:
82:ac:94:cd:3c:97:81:41:26:98:e1:dd:5f:e8:03:
51:9c:c3:28:36:97:17:bd:07:bc:26:d4:5b:b3:26:
4e:30:a5:d9:db:16:46:cd:a2:67:85:c8:eb:d6:44:
7b:63:ba:c5:d2:e4:36:d8:f1:d7:b8:c3:ab:9e:07:
77:97:f3:40:be:43:0c:50:46:5c:b6:b9:1b:9c:2d:
46:59:92:be:72:80:cc:b8:9b:e0:2d:2d:ff:94:8a:
b6:5d:9e:21:fd:24:a5:01:21:a6:3e:a6:65:ca:10:
5f:58:0b:ba:35:d5:9b:e9:36:90:bc:58:72:84:06:
f8:8c:7d:18:78:e9:57:9f:96:cf:ea:16:8d:60:ad:
c6:2b:52:84:fd:bd:3b:91:60:03:87:1e:8e:d3:c5:
f3:0f:2e:24:ba:a6:dc:e3:d1:13:ba:35:59:6a:57:
f7:37:88:86:d2:8c:44:c6:ff:49:41:62:9d:5c:ce:
a9:30:98:65:f4:d8:8f:e7:62:0e:50:75:bd:83:a1:
84:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:CA:69:84:F4:98:D8:93:1D:2D:B7:E8:0B:C5:76:9B:DB:BD:C6:95
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/eMpphPSY2JMdLbfoC8V2m9u9xpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/20
95.82.32.0/21
109.111.32.0/20
176.221.16.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
4e:b4:99:62:70:cf:ad:f7:ef:79:5d:43:89:af:b8:53:39:6b:
af:40:58:2d:81:d9:55:67:47:d7:df:5e:2c:63:3c:6a:14:d1:
b7:27:3b:7b:cf:88:dd:c1:40:3b:c1:13:70:87:c9:df:55:11:
ed:48:e7:bd:61:c1:2f:e1:7b:ae:af:89:ab:14:60:8f:d1:15:
21:00:d0:c1:14:60:5b:a9:c0:09:76:98:f4:9e:d9:32:79:3d:
8b:3e:b0:86:81:2f:26:fd:91:e8:df:05:56:b1:1f:7d:97:f7:
70:ab:43:61:9f:c3:e7:2c:cf:1b:bb:d5:1e:c2:d3:6c:e0:1c:
21:1a:d8:17:6c:05:78:de:a8:02:a7:8c:cc:19:c9:03:b8:e9:
12:7e:e0:08:38:c6:20:e2:63:a1:bf:2f:3f:e7:1e:ac:45:af:
ef:c6:a1:a2:31:74:56:6b:7e:44:76:19:6b:69:50:44:fd:21:
be:d9:90:de:9e:6c:66:83:85:73:c9:b6:aa:f3:6e:c2:ad:30:
27:84:c4:04:dc:63:28:7d:20:9e:dc:84:5b:f4:79:36:43:da:
77:74:0f:e7:e7:c8:4a:75:b9:a9:70:cb:4d:67:31:fd:70:59:
0a:52:fb:46:77:c9:9a:78:4b:dd:9e:c4:5e:74:0a:bb:a6:fc:
83:31:b7:71
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY5pVuEfssKvbq201N/U92/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMzIzMDMyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGNhNjk4NGY0OThkODkzMWQyZGI3ZTgwYmM1NzY5YmRiYmRjNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA+iFids+SG4fQOMDjFflsirvouK
I6S7vXsJWs1HEGB3J2Mf+jcgKjzuCBrJNNs0Qa+X7uTYNZfFlOiCrJTNPJeBQSaY
4d1f6ANRnMMoNpcXvQe8JtRbsyZOMKXZ2xZGzaJnhcjr1kR7Y7rF0uQ22PHXuMOr
ngd3l/NAvkMMUEZctrkbnC1GWZK+coDMuJvgLS3/lIq2XZ4h/SSlASGmPqZlyhBf
WAu6NdWb6TaQvFhyhAb4jH0YeOlXn5bP6haNYK3GK1KE/b07kWADhx6O08XzDy4k
uqbc49ETujVZalf3N4iG0oxExv9JQWKdXM6pMJhl9NiP52IOUHW9g6GEywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHjKaYT0mNiTHS236AvFdpvbvcaVMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvZU1wcGhQU1kySk1kTGJmb0M4VjJtOXU5eHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCJYD4AwQE
X1IAAwQDX1IgAwQEbW8gMAwDBASw3RADBAKw3RgwDQYJKoZIhvcNAQELBQADggEB
AE60mWJwz63373ldQ4mvuFM5a69AWC2B2VVnR9ffXixjPGoU0bcnO3vPiN3BQDvB
E3CHyd9VEe1I571hwS/he66viasUYI/RFSEA0MEUYFupwAl2mPSe2TJ5PYs+sIaB
Lyb9kejfBVaxH32X93CrQ2Gfw+cszxu71R7C02zgHCEa2BdsBXjeqAKnjMwZyQO4
6RJ+4Ag4xiDiY6G/Lz/nHqxFr+/GoaIxdFZrfkR2GWtpUET9Ib7ZkN6ebGaDhXPJ
tqrzbsKtMCeExATcYyh9IJ7chFv0eTZD2nd0D+fnyEp1ualwy01nMf1wWQpS+0Z3
yZp4S92exF50Crum/IMxt3E=
-----END CERTIFICATE-----
Generated at Sat Mar 30 18:21:33 2024 by rpki-client on console.sobornost.net