Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/4tfxGCTL9_EzpngY3ECWQYpLEdI.roa
File: 4tfxGCTL9_EzpngY3ECWQYpLEdI.roa (raw, json)
Hash identifier: sjxVxNy8ghODfbAQVAGBgl1n47rBAQB7KreBfajs9CY=
Subject key identifier: E2:D7:F1:18:24:CB:F7:F1:33:A6:78:18:DC:40:96:41:8A:4B:11:D2
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0186B9D7EE15A9589B0EB50D59FD404D8EDE
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/4tfxGCTL9_EzpngY3ECWQYpLEdI.roa
Signing time: Tue 07 Mar 2023 02:13:01 +0000
ROA not before: Tue 07 Mar 2023 02:13:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 163.171.89.0/24 maxlen: 24
148.253.240.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.243.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Mar 2023 09:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b9:d7:ee:15:a9:58:9b:0e:b5:0d:59:fd:40:4d:8e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Mar 7 02:13:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2d7f11824cbf7f133a67818dc4096418a4b11d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:76:dd:d5:1a:01:61:3d:4a:e3:7f:8f:5e:e1:
a7:d5:ca:ad:a4:e8:3f:81:87:72:ff:75:c1:00:ef:
73:85:c0:20:4a:85:53:2d:9c:77:36:17:c8:87:11:
f0:51:ac:12:13:eb:fe:a8:f6:bb:ed:8b:7d:c6:19:
d3:94:ad:4c:0f:9b:94:74:54:ef:8a:87:6d:45:b2:
65:72:9e:06:cb:ef:bd:36:e5:54:6b:d4:89:3a:fd:
1c:d7:f8:c3:93:2e:dd:36:4c:1c:85:a4:50:a2:c4:
f4:52:fd:df:7c:5e:c6:fa:d1:a5:b0:4d:45:8e:44:
7e:9d:7d:3c:27:4c:dc:56:cc:b3:79:0e:f8:76:ca:
84:d3:0f:01:75:88:b9:84:c2:57:4f:d4:62:f2:53:
c1:19:5d:41:1a:e0:53:4a:c3:f1:aa:ce:c0:35:c2:
6c:8e:f1:c7:44:11:ec:58:38:c5:6d:d3:50:a7:9a:
53:e5:9c:e6:5d:74:9f:c9:13:3c:7b:98:5e:68:fe:
57:50:63:27:0a:11:a0:ba:6b:46:7f:b8:15:63:bb:
83:53:42:36:ef:99:1b:55:04:4d:93:13:6c:ff:64:
93:cc:bf:f0:a3:e0:85:16:e3:28:e9:e1:a7:f8:0c:
e4:e8:e4:6e:e1:a6:b2:d4:42:e7:8a:7d:f7:7a:c5:
3d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D7:F1:18:24:CB:F7:F1:33:A6:78:18:DC:40:96:41:8A:4B:11:D2
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/4tfxGCTL9_EzpngY3ECWQYpLEdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.253.240.0/23
148.253.243.0/24
163.171.89.0/24
185.27.228.0/24
Signature Algorithm: sha256WithRSAEncryption
47:3b:ea:d5:2f:f3:53:8e:d1:03:f9:38:42:ef:16:7b:ee:4b:
08:66:3b:06:7c:60:b7:81:c2:e7:3e:c6:a6:53:6c:b8:05:99:
42:37:ea:a9:cd:88:90:0d:4b:69:e1:40:8f:53:26:99:86:52:
c8:4d:da:e7:d8:af:25:55:a6:4c:c3:fe:7e:d2:e4:9c:61:92:
39:04:7c:e7:02:81:91:e4:7a:1f:42:c7:33:cf:82:08:79:73:
98:5f:1b:9c:93:0d:1a:f7:51:97:82:0b:bc:b9:1b:9f:dd:c6:
7e:73:55:0c:87:65:1d:cf:3f:6a:0b:15:c9:d5:db:3e:ff:87:
69:b3:85:9a:51:d8:41:64:f3:55:a7:b0:36:1a:32:96:43:13:
8f:a1:c0:6d:5f:fc:03:0b:d2:74:37:2e:a7:61:e6:31:e9:fc:
c8:e2:97:44:5c:d4:a8:20:ee:24:e4:8c:f3:e0:95:48:cf:10:
64:c9:8b:7a:86:d6:a6:e5:b6:24:d1:a6:4b:9e:0a:1b:27:01:
a4:76:11:cf:90:0a:f4:64:7b:92:4f:4c:ac:34:53:29:b7:1f:
dd:df:74:14:e1:bb:9a:f6:49:98:ee:7b:f2:03:a6:f4:6c:67:
9b:ca:e1:88:1e:d2:73:ea:fa:8a:b2:53:d6:28:14:90:8e:8c:
13:f9:0f:e3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYa51+4VqVibDrUNWf1ATY7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjMwMzA3MDIxMzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQ3ZjExODI0Y2JmN2YxMzNhNjc4MThkYzQwOTY0MThhNGIxMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXbd1RoBYT1K43+PXuGn1cqtpOg/
gYdy/3XBAO9zhcAgSoVTLZx3NhfIhxHwUawSE+v+qPa77Yt9xhnTlK1MD5uUdFTv
iodtRbJlcp4Gy++9NuVUa9SJOv0c1/jDky7dNkwchaRQosT0Uv3ffF7G+tGlsE1F
jkR+nX08J0zcVsyzeQ74dsqE0w8BdYi5hMJXT9Ri8lPBGV1BGuBTSsPxqs7ANcJs
jvHHRBHsWDjFbdNQp5pT5ZzmXXSfyRM8e5heaP5XUGMnChGgumtGf7gVY7uDU0I2
75kbVQRNkxNs/2STzL/wo+CFFuMo6eGn+Azk6ORu4aay1ELnin33esU9mwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOLX8Rgky/fxM6Z4GNxAlkGKSxHSMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvNHRmeEdDVEw5X0V6cG5nWTNFQ1dRWXBMRWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBlP3wAwQA
lP3zAwQAo6tZAwQAuRvkMA0GCSqGSIb3DQEBCwUAA4IBAQBHO+rVL/NTjtED+ThC
7xZ77ksIZjsGfGC3gcLnPsamU2y4BZlCN+qpzYiQDUtp4UCPUyaZhlLITdrn2K8l
VaZMw/5+0uScYZI5BHznAoGR5HofQsczz4IIeXOYXxuckw0a91GXggu8uRuf3cZ+
c1UMh2Udzz9qCxXJ1ds+/4dps4WaUdhBZPNVp7A2GjKWQxOPocBtX/wDC9J0Ny6n
YeYx6fzI4pdEXNSoIO4k5Izz4JVIzxBkyYt6htam5bYk0aZLngobJwGkdhHPkAr0
ZHuST0ysNFMptx/d33QU4bua9kmY7nvyA6b0bGebyuGIHtJz6vqKslPWKBSQjowT
+Q/j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-fra.rpki-client.org