Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/EDh-5Sw9mc_6I2ZXeM4NEMcLq9I.roa
File: EDh-5Sw9mc_6I2ZXeM4NEMcLq9I.roa (raw, json)
Hash identifier: EWYlHaUnrAnsBf4sg1OBo4FD/E4asapT9izKsez8A2s=
Subject key identifier: 10:38:7E:E5:2C:3D:99:CF:FA:23:66:57:78:CE:0D:10:C7:0B:AB:D2
Certificate issuer: /CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Certificate serial: 01856FCB94C2C8776F79FB9A2F88053FB929
Authority key identifier: CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/EDh-5Sw9mc_6I2ZXeM4NEMcLq9I.roa
Signing time: Mon 02 Jan 2023 00:04:50 +0000
ROA not before: Mon 02 Jan 2023 00:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29513
IP address blocks: 46.31.208.0/21 maxlen: 21
89.251.48.0/20 maxlen: 20
194.180.228.0/22 maxlen: 22
146.66.144.0/21 maxlen: 21
146.66.149.0/24 maxlen: 24
37.60.184.0/21 maxlen: 21
193.105.225.0/24 maxlen: 24
217.64.48.0/20 maxlen: 20
2a06:15c0::/29 maxlen: 29
2a01:1c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:94:c2:c8:77:6f:79:fb:9a:2f:88:05:3f:b9:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Validity
Not Before: Jan 2 00:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10387ee52c3d99cffa23665778ce0d10c70babd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:34:1a:ce:9d:bc:65:8e:df:c4:c1:d2:16:26:
47:92:00:0d:c4:c8:ac:c0:9c:cd:cf:f0:23:80:e8:
c8:24:29:8d:5a:b1:3c:c4:0d:a6:9f:bc:44:8c:1a:
6a:f9:44:0d:20:1f:34:66:bd:c7:0f:27:32:39:33:
07:a6:aa:e5:dc:e4:bb:01:cc:b4:55:7f:7c:fe:44:
61:01:4b:87:65:0a:36:dc:73:a6:4c:ee:c0:fe:7d:
a6:60:a9:31:aa:3a:5f:23:09:07:1e:e7:64:5c:91:
90:9c:60:2e:51:a3:6f:ac:4e:e1:cb:82:11:af:c2:
fb:1f:0b:b3:3d:8a:f6:e3:a2:0e:79:14:7e:af:fe:
71:93:14:62:c7:8f:a4:a1:24:0d:ad:00:25:45:91:
18:a2:04:4d:dc:ff:d7:0b:16:d1:e2:fd:6e:ff:f8:
f6:73:95:0c:99:a9:72:a5:af:f6:83:77:ff:eb:29:
02:8c:11:7e:7c:9b:c1:19:e8:f9:52:ec:2d:bd:34:
4c:54:66:53:c5:13:16:32:70:e2:cb:96:26:b9:8a:
e7:5e:b0:c4:3b:35:f2:99:4f:d6:3a:e1:18:77:46:
81:0d:7c:c6:a7:d1:a6:fa:4a:3f:ef:8a:32:01:ed:
5f:d3:49:f4:e7:86:28:3b:dd:02:da:dc:0c:c4:66:
d0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:38:7E:E5:2C:3D:99:CF:FA:23:66:57:78:CE:0D:10:C7:0B:AB:D2
X509v3 Authority Key Identifier:
keyid:CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/EDh-5Sw9mc_6I2ZXeM4NEMcLq9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.184.0/21
46.31.208.0/21
89.251.48.0/20
146.66.144.0/21
193.105.225.0/24
194.180.228.0/22
217.64.48.0/20
IPv6:
2a01:1c0::/32
2a06:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:75:22:c6:47:45:04:13:e4:22:5b:37:f5:9d:93:c5:ad:80:
16:3f:78:6b:03:c2:f6:c4:ea:31:bf:c1:b2:63:e8:b8:c6:6b:
ba:23:4f:56:bc:1e:53:a2:4a:4a:86:8e:54:0e:1f:4a:59:aa:
fe:48:e5:3f:5e:4a:99:43:62:94:84:47:13:34:7b:7f:ee:7a:
2b:7e:17:f1:7d:8f:a6:f2:e5:f4:93:e4:5f:b5:91:29:f4:11:
15:d6:fe:f3:ba:d3:c3:ff:12:d0:18:57:89:48:2a:47:d7:9e:
f4:c9:98:9d:fb:28:ea:ac:67:f0:54:46:43:34:d6:4c:11:db:
6e:96:2d:c6:cb:d3:da:30:02:a1:9e:04:e3:f5:f2:da:c1:2d:
98:ac:93:e9:e9:57:2b:e8:2d:a7:76:60:f0:93:80:05:5c:b1:
43:de:d3:fb:cb:f9:22:3c:36:23:1a:e6:4f:74:22:2e:4f:19:
9d:d5:c4:32:b1:23:29:91:4f:09:a6:cb:e3:da:50:db:24:57:
a0:71:ff:f1:15:fe:36:21:62:f3:00:f1:11:80:9d:b5:a7:dc:
8c:46:b2:35:49:9c:72:3f:4d:4c:70:d8:b2:20:89:90:85:82:
6b:60:ca:38:71:ca:ec:3d:a2:9c:d1:67:8e:e5:ed:50:d6:92:
6b:8d:70:00
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVvy5TCyHdvefuaL4gFP7kpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzYzYjg3YThhZWMwOTNkYmU0N2RjY2E5Mjg2MGVhODQx
MjI4ZTAwHhcNMjMwMTAyMDAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDM4N2VlNTJjM2Q5OWNmZmEyMzY2NTc3OGNlMGQxMGM3MGJhYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzQazp28ZY7fxMHSFiZHkgANxMis
wJzNz/AjgOjIJCmNWrE8xA2mn7xEjBpq+UQNIB80Zr3HDycyOTMHpqrl3OS7Acy0
VX98/kRhAUuHZQo23HOmTO7A/n2mYKkxqjpfIwkHHudkXJGQnGAuUaNvrE7hy4IR
r8L7HwuzPYr246IOeRR+r/5xkxRix4+koSQNrQAlRZEYogRN3P/XCxbR4v1u//j2
c5UMmalypa/2g3f/6ykCjBF+fJvBGej5UuwtvTRMVGZTxRMWMnDiy5YmuYrnXrDE
OzXymU/WOuEYd0aBDXzGp9Gm+ko/74oyAe1f00n054YoO90C2twMxGbQqwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFBA4fuUsPZnP+iNmV3jODRDHC6vSMB8GA1UdIwQY
MBaAFM7GO4eorsCT2+R9zKkoYOqEEijgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWIt
ODNiZDY2ZjRlNmY2LzEvRURoLTVTdzltY182STJaWGVNNE5FTWNMcTlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWItODNiZDY2ZjRlNmY2
LzEvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQDJTy4AwQD
Lh/QAwQEWfswAwQDkkKQAwQAwWnhAwQCwrTkAwQE2UAwMBQEAgACMA4DBQAqAQHA
AwUDKgYVwDANBgkqhkiG9w0BAQsFAAOCAQEASnUixkdFBBPkIls39Z2Txa2AFj94
awPC9sTqMb/BsmPouMZruiNPVrweU6JKSoaOVA4fSlmq/kjlP15KmUNilIRHEzR7
f+56K34X8X2PpvLl9JPkX7WRKfQRFdb+87rTw/8S0BhXiUgqR9ee9MmYnfso6qxn
8FRGQzTWTBHbbpYtxsvT2jACoZ4E4/Xy2sEtmKyT6elXK+gtp3Zg8JOABVyxQ97T
+8v5Ijw2IxrmT3QiLk8ZndXEMrEjKZFPCabL49pQ2yRXoHH/8RX+NiFi8wDxEYCd
tafcjEayNUmccj9NTHDYsiCJkIWCa2DKOHHK7D2inNFnjuXtUNaSa41wAA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:49 2024 by rpki-client on console.sobornost.net