Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/4LE42N0rPQR6lx6klWqYdqucmbo.roa
File: 4LE42N0rPQR6lx6klWqYdqucmbo.roa (raw, json)
Hash identifier: iLzBSYMDTymOfuSUaDwIsgE7WwAEKFKa66FXLXBXjng=
Subject key identifier: E0:B1:38:D8:DD:2B:3D:04:7A:97:1E:A4:95:6A:98:76:AB:9C:99:BA
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 01910D15E70F6FFD207E8ED49A4E72A77F2B
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/4LE42N0rPQR6lx6klWqYdqucmbo.roa
Signing time: Thu 01 Aug 2024 08:37:04 +0000
ROA not before: Thu 01 Aug 2024 08:37:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49549
IP address blocks: 146.19.128.0/24 maxlen: 24
178.250.187.0/24 maxlen: 24
178.250.191.0/24 maxlen: 24
193.0.227.0/24 maxlen: 24
193.0.230.0/24 maxlen: 24
193.0.239.0/24 maxlen: 24
193.163.203.0/24 maxlen: 24
217.119.129.0/24 maxlen: 24
2a0f:cdc2::/32 maxlen: 32
2a0f:cdc4::/32 maxlen: 32
2a0f:cdc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 Aug 2024 16:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0d:15:e7:0f:6f:fd:20:7e:8e:d4:9a:4e:72:a7:7f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Aug 1 08:37:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0b138d8dd2b3d047a971ea4956a9876ab9c99ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6b:0d:24:26:02:12:e4:0e:e7:6c:e8:34:ea:
78:94:a8:01:17:ee:ef:94:55:cb:bb:4c:8c:68:62:
9d:85:26:3a:06:68:9c:77:98:37:9c:8a:51:72:63:
9b:b3:47:13:f8:2b:0f:be:e3:89:2e:cb:10:f3:71:
7b:d6:62:51:fd:2f:73:86:bd:d3:db:cd:25:49:10:
19:87:3e:fc:28:47:74:cb:77:80:60:91:a1:b3:9d:
62:89:fb:61:72:6c:23:f5:54:e8:b1:4b:f6:ba:bd:
84:e4:1b:d1:e2:76:cc:ba:0f:a8:0d:1c:a7:3f:9c:
a7:31:32:f1:60:34:91:ae:7c:a8:f9:3b:b7:75:98:
42:66:97:aa:9d:10:42:30:40:be:e3:0f:03:35:60:
b1:24:c8:fb:1c:de:fd:6c:3a:22:f3:c1:48:0e:97:
e9:b5:8d:70:26:9d:dc:81:b2:b1:55:72:ad:83:c8:
ad:8a:df:d3:65:59:ea:79:a8:ad:17:d1:8d:38:7c:
d6:0d:34:22:ac:11:d3:80:3c:db:df:93:8f:d8:4a:
66:93:d3:70:1b:a7:9a:b8:75:2e:c7:fb:46:84:08:
7a:51:8b:d8:3e:5a:01:7f:1a:ef:e8:68:4e:08:4e:
5c:46:22:cd:02:34:da:dc:b0:1c:97:a1:dd:88:d2:
39:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B1:38:D8:DD:2B:3D:04:7A:97:1E:A4:95:6A:98:76:AB:9C:99:BA
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/4LE42N0rPQR6lx6klWqYdqucmbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.128.0/24
178.250.187.0/24
178.250.191.0/24
193.0.227.0/24
193.0.230.0/24
193.0.239.0/24
193.163.203.0/24
217.119.129.0/24
IPv6:
2a0f:cdc2::/32
2a0f:cdc4::/31
Signature Algorithm: sha256WithRSAEncryption
79:f6:9d:ec:5b:cf:dd:07:e8:e0:2a:5f:ce:4a:25:b4:92:b0:
59:f9:c2:ec:d3:3d:8d:db:da:b9:d4:8d:92:e2:03:74:b5:80:
32:21:1e:90:e5:ce:31:45:45:12:50:6a:5d:10:67:54:be:37:
45:a1:85:5d:99:77:9f:6d:23:5a:27:ee:5f:10:16:81:a1:23:
79:03:69:3e:d5:d8:23:76:ea:e8:c1:ac:bd:39:b7:16:67:12:
6a:a1:c9:98:54:1a:c0:15:fb:84:75:2f:55:56:d6:45:a6:ba:
af:54:94:4e:0b:b9:e8:d1:a9:5b:20:87:e0:b0:a6:ea:cf:d5:
08:3a:89:d2:c1:27:28:2d:ab:b6:95:74:06:c7:81:a2:55:09:
53:da:b8:89:42:7a:51:da:96:c6:08:89:84:76:e5:41:9d:65:
e2:12:1e:9b:40:0c:09:31:39:27:5f:f9:c6:05:be:7f:d4:07:
16:9c:df:5d:c7:7c:21:df:91:e0:2e:6e:47:de:84:46:fb:10:
fc:bd:1f:c5:df:a7:c4:68:23:61:43:91:31:e8:5f:3f:87:a1:
03:72:af:f9:2e:64:10:f2:2b:af:fa:05:56:63:61:c6:1d:b8:
bf:5b:12:c6:50:9c:2a:6d:cb:88:f1:df:d8:5c:10:8f:73:1b:
34:10:73:2c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZENFecPb/0gfo7Umk5yp38rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwODAxMDgzNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGIxMzhkOGRkMmIzZDA0N2E5NzFlYTQ5NTZhOTg3NmFiOWM5OWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGsNJCYCEuQO52zoNOp4lKgBF+7v
lFXLu0yMaGKdhSY6Bmicd5g3nIpRcmObs0cT+CsPvuOJLssQ83F71mJR/S9zhr3T
280lSRAZhz78KEd0y3eAYJGhs51iifthcmwj9VTosUv2ur2E5BvR4nbMug+oDRyn
P5ynMTLxYDSRrnyo+Tu3dZhCZpeqnRBCMEC+4w8DNWCxJMj7HN79bDoi88FIDpfp
tY1wJp3cgbKxVXKtg8itit/TZVnqeaitF9GNOHzWDTQirBHTgDzb35OP2Epmk9Nw
G6eauHUux/tGhAh6UYvYPloBfxrv6GhOCE5cRiLNAjTa3LAcl6HdiNI5XwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOCxONjdKz0EepcepJVqmHarnJm6MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvNExFNDJOMHJQUVI2bHg2a2xXcVlkcXVjbWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAkhOAAwQA
svq7AwQAsvq/AwQAwQDjAwQAwQDmAwQAwQDvAwQAwaPLAwQA2XeBMBQEAgACMA4D
BQAqD83CAwUBKg/NxDANBgkqhkiG9w0BAQsFAAOCAQEAefad7FvP3Qfo4Cpfzkol
tJKwWfnC7NM9jdvaudSNkuIDdLWAMiEekOXOMUVFElBqXRBnVL43RaGFXZl3n20j
WifuXxAWgaEjeQNpPtXYI3bq6MGsvTm3FmcSaqHJmFQawBX7hHUvVVbWRaa6r1SU
Tgu56NGpWyCH4LCm6s/VCDqJ0sEnKC2rtpV0BseBolUJU9q4iUJ6UdqWxgiJhHbl
QZ1l4hIem0AMCTE5J1/5xgW+f9QHFpzfXcd8Id+R4C5uR96ERvsQ/L0fxd+nxGgj
YUORMehfP4ehA3Kv+S5kEPIrr/oFVmNhxh24v1sSxlCcKm3LiPHf2FwQj3MbNBBz
LA==
-----END CERTIFICATE-----
Generated at Mon Aug 5 18:50:06 2024 by rpki-client on console-fra.rpki-client.org