Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/4T-EYEJd6HvZQ1yn-l2pOEAJPIs.roa
File: 4T-EYEJd6HvZQ1yn-l2pOEAJPIs.roa (raw, json)
Hash identifier: uIYHH7bE5/Z/GUelBBhb1EouyHEu51Gmh9HqScnWHF8=
Subject key identifier: E1:3F:84:60:42:5D:E8:7B:D9:43:5C:A7:FA:5D:A9:38:40:09:3C:8B
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0189BC7124BF54CC1430EC08C3F33A1CE35D
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/4T-EYEJd6HvZQ1yn-l2pOEAJPIs.roa
Signing time: Thu 03 Aug 2023 17:27:58 +0000
ROA not before: Thu 03 Aug 2023 17:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 85.239.149.0/24 maxlen: 24
85.239.148.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 19:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bc:71:24:bf:54:cc:14:30:ec:08:c3:f3:3a:1c:e3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Aug 3 17:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e13f8460425de87bd9435ca7fa5da93840093c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c6:d8:da:f0:2b:12:9e:19:d6:73:95:19:32:
64:72:2b:59:dd:d0:3e:17:e0:16:20:48:fc:2d:62:
74:46:b6:0b:86:7d:8a:3a:07:65:08:6c:74:f4:e0:
ea:3f:9d:be:d5:7a:86:c2:6d:74:ff:9e:fd:d9:d4:
fb:09:b2:6a:e8:a4:65:41:b9:40:95:f6:d2:82:45:
47:d4:b0:f5:49:0c:33:04:40:2f:8c:ed:08:fc:4e:
c9:7f:0e:b6:96:cf:54:6a:da:14:93:b5:e9:2a:d9:
86:29:8d:dd:94:84:9f:87:66:a9:80:b4:19:13:e4:
f2:9e:4b:f8:8d:84:ce:5f:e1:ba:46:dd:16:a6:36:
6f:8b:d9:9b:0a:95:92:6b:15:f6:70:d3:18:b4:af:
3e:ea:46:10:75:41:be:4f:96:fd:aa:69:59:88:9b:
d3:6a:80:a8:ab:e8:b6:30:4e:af:94:02:3b:b2:3f:
12:5d:5a:7f:4f:92:95:97:72:ce:0a:e5:52:9e:6a:
03:25:62:aa:d0:00:18:ac:c5:78:17:bd:cb:b9:29:
bb:bf:05:80:83:62:79:de:01:f6:72:da:ba:f6:e1:
a7:78:b6:54:58:68:27:af:93:9d:bd:26:73:a0:a2:
61:f5:ba:78:4e:de:e7:bc:c9:e9:0e:86:81:1d:ba:
96:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3F:84:60:42:5D:E8:7B:D9:43:5C:A7:FA:5D:A9:38:40:09:3C:8B
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/4T-EYEJd6HvZQ1yn-l2pOEAJPIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.148.0-85.239.150.255
185.95.156.0-185.95.158.255
Signature Algorithm: sha256WithRSAEncryption
90:d4:0a:33:0b:82:e0:c4:6f:3e:9e:8b:0f:6b:16:58:16:3a:
a8:a2:ee:07:49:22:5d:d7:be:a2:9e:83:81:26:3c:e9:80:cd:
91:60:a1:27:92:ba:96:9a:2b:43:4e:23:e2:83:02:38:52:2c:
bc:82:90:44:0c:0a:50:33:c1:3b:c2:b0:ec:3d:ae:27:38:f0:
37:7e:c3:21:ea:3d:2a:1d:0e:25:a3:05:53:4a:a2:f7:97:f4:
83:30:23:63:5c:57:83:45:7c:a9:ea:f6:68:f1:d3:23:3c:f2:
5f:89:6d:34:ec:ba:e5:d2:4b:bf:44:15:23:31:a1:e1:4a:0e:
1a:aa:7f:a7:22:db:27:e9:f5:9a:ea:3a:ac:49:2e:69:15:d1:
9f:9b:e2:a5:4a:3e:6d:62:31:c7:c1:1b:da:7c:c0:0e:1c:27:
84:2e:e6:80:82:51:13:49:9b:61:12:ff:44:7d:86:bc:11:86:
46:b5:d5:77:ec:4b:d8:48:dd:53:c5:5f:4c:c1:6e:d9:43:62:
a9:d8:b1:e1:dd:0c:99:36:85:41:de:e1:f0:1d:7c:ea:3e:79:
d0:ec:8d:2a:d6:a7:8c:73:f6:78:46:9a:3b:bb:b7:40:08:f5:
30:d1:88:a7:21:eb:21:9b:a7:62:2c:ce:9f:55:da:5d:35:71:
58:50:dc:07
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYm8cSS/VMwUMOwIw/M6HONdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwODAzMTcyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTNmODQ2MDQyNWRlODdiZDk0MzVjYTdmYTVkYTkzODQwMDkzYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcbY2vArEp4Z1nOVGTJkcitZ3dA+
F+AWIEj8LWJ0RrYLhn2KOgdlCGx09ODqP52+1XqGwm10/5792dT7CbJq6KRlQblA
lfbSgkVH1LD1SQwzBEAvjO0I/E7Jfw62ls9UatoUk7XpKtmGKY3dlISfh2apgLQZ
E+Tynkv4jYTOX+G6Rt0WpjZvi9mbCpWSaxX2cNMYtK8+6kYQdUG+T5b9qmlZiJvT
aoCoq+i2ME6vlAI7sj8SXVp/T5KVl3LOCuVSnmoDJWKq0AAYrMV4F73LuSm7vwWA
g2J53gH2ctq69uGneLZUWGgnr5OdvSZzoKJh9bp4Tt7nvMnpDoaBHbqWqwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOE/hGBCXeh72UNcp/pdqThACTyLMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvNFQtRVlFSmQ2SHZaUTF5bi1sMnBPRUFKUElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAJV75QD
BABV75YwDAMEArlfnAMEALlfnjANBgkqhkiG9w0BAQsFAAOCAQEAkNQKMwuC4MRv
Pp6LD2sWWBY6qKLuB0kiXde+op6DgSY86YDNkWChJ5K6lporQ04j4oMCOFIsvIKQ
RAwKUDPBO8Kw7D2uJzjwN37DIeo9Kh0OJaMFU0qi95f0gzAjY1xXg0V8qer2aPHT
IzzyX4ltNOy65dJLv0QVIzGh4UoOGqp/pyLbJ+n1muo6rEkuaRXRn5vipUo+bWIx
x8Eb2nzADhwnhC7mgIJRE0mbYRL/RH2GvBGGRrXVd+xL2EjdU8VfTMFu2UNiqdix
4d0MmTaFQd7h8B186j550OyNKtanjHP2eEaaO7u3QAj1MNGIpyHrIZunYizOn1Xa
XTVxWFDcBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org