Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/p4kRZXGeKQkbxAiI14LrXZp62Pc.roa
File: p4kRZXGeKQkbxAiI14LrXZp62Pc.roa (raw, json)
Hash identifier: arbJp9bT6cz+WGgLQ+MCHHCyLSkq40NbdyDHs45Pgyg=
Subject key identifier: A7:89:11:65:71:9E:29:09:1B:C4:08:88:D7:82:EB:5D:9A:7A:D8:F7
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 01896879E7BE877FAC77D053B5672DB6FA37
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/p4kRZXGeKQkbxAiI14LrXZp62Pc.roa
Signing time: Tue 18 Jul 2023 10:09:26 +0000
ROA not before: Tue 18 Jul 2023 10:09:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47215
IP address blocks: 5.11.48.0/21 maxlen: 24
109.75.176.0/20 maxlen: 24
93.190.64.0/21 maxlen: 24
185.32.116.0/22 maxlen: 24
95.130.248.0/21 maxlen: 24
95.130.253.0/24 maxlen: 24
185.143.164.0/22 maxlen: 24
141.101.32.0/21 maxlen: 24
185.65.88.0/22 maxlen: 24
2a00:12c0::/29 maxlen: 48
2a00:12c0::/32 maxlen: 48
2a04:4cc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:79:e7:be:87:7f:ac:77:d0:53:b5:67:2d:b6:fa:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jul 18 10:09:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7891165719e29091bc40888d782eb5d9a7ad8f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:14:ac:67:09:4c:2f:e6:7f:21:6c:df:cf:4b:
3d:c4:ab:39:18:81:ef:4e:44:d5:94:24:1f:b0:d8:
d3:12:aa:e1:fc:89:93:1d:bf:37:90:81:3c:e6:0a:
88:30:39:2f:17:7f:a0:14:d6:91:af:6e:7d:13:51:
92:3f:f5:bb:64:36:1b:97:c5:7e:5d:16:47:e5:eb:
6a:0d:54:a5:89:c9:43:b4:90:c1:5f:70:c7:4a:a2:
96:84:41:22:ee:ad:cd:0b:b1:74:20:8d:12:06:d7:
c1:c3:3d:ae:67:ce:1d:34:36:b1:29:c7:f6:35:95:
fb:f6:b7:d9:d5:5b:50:4d:35:f0:f4:4a:c0:63:ad:
63:fa:b4:de:66:1e:3d:39:53:3c:3e:ed:f4:81:bd:
b4:22:6c:ef:8a:68:e8:0a:d5:f8:98:7e:13:2d:77:
51:6a:4b:d0:97:a0:9b:77:af:dd:a3:3d:87:5b:49:
8e:63:95:73:af:4e:65:dd:fc:31:e4:74:c5:f3:32:
be:f3:70:d9:df:e6:08:cb:7f:8e:a2:47:45:eb:84:
89:8d:16:01:ba:0c:c5:5a:cd:3d:67:ef:06:e0:cc:
a6:d2:15:72:5a:9d:99:2a:24:0b:b5:b1:8a:30:21:
4e:f1:31:42:09:e2:4b:47:43:c7:5d:e3:74:90:48:
eb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:89:11:65:71:9E:29:09:1B:C4:08:88:D7:82:EB:5D:9A:7A:D8:F7
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/p4kRZXGeKQkbxAiI14LrXZp62Pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.48.0/21
93.190.64.0/21
95.130.248.0/21
109.75.176.0/20
141.101.32.0/21
185.32.116.0/22
185.65.88.0/22
185.143.164.0/22
IPv6:
2a00:12c0::/29
2a04:4cc0::/29
Signature Algorithm: sha256WithRSAEncryption
05:ab:ec:25:c5:03:5b:c1:be:51:a4:09:7c:c2:d0:e9:2d:5f:
9f:2d:6c:38:c5:bb:47:da:28:e3:e1:c4:08:17:8d:f8:a9:e8:
7d:40:2e:bb:3b:99:34:f6:03:24:5e:23:3d:86:ee:90:fa:61:
2d:c4:dc:10:51:81:45:85:a5:39:74:33:39:42:e3:0d:27:91:
f2:df:b9:9a:8f:e7:33:04:13:f1:c7:14:9c:ef:64:f0:ad:a9:
ca:ca:85:57:30:76:3c:a3:b2:cd:e5:5e:ab:fb:7b:0e:bf:2b:
73:d3:c9:80:44:7f:d4:57:59:c0:f8:5e:f6:a3:ab:34:a4:69:
cb:45:ab:27:4b:dc:1f:1b:b0:93:f7:9e:b3:01:7f:c8:dd:5a:
cf:f0:e1:dc:1a:8d:f2:a3:2e:95:22:41:65:2b:7e:a1:00:f3:
fe:ca:2e:b9:ce:f2:84:58:50:74:70:26:b3:95:fd:00:61:d0:
27:39:f7:8d:ba:26:b4:bb:2d:e3:b5:31:5e:37:f7:7b:85:7d:
9f:b8:b9:92:46:7c:e4:97:26:cf:cc:60:4d:33:a1:b6:88:9f:
95:1c:ce:1c:d6:d9:b7:cb:3e:f4:f8:30:b1:9e:51:b3:31:24:
dd:3d:1e:33:26:73:f2:1b:19:fa:50:ef:6c:d2:58:24:be:c4:
03:de:ca:43
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYloeee+h3+sd9BTtWcttvo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwNzE4MTAwOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzg5MTE2NTcxOWUyOTA5MWJjNDA4ODhkNzgyZWI1ZDlhN2FkOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRSsZwlML+Z/IWzfz0s9xKs5GIHv
TkTVlCQfsNjTEqrh/ImTHb83kIE85gqIMDkvF3+gFNaRr259E1GSP/W7ZDYbl8V+
XRZH5etqDVSliclDtJDBX3DHSqKWhEEi7q3NC7F0II0SBtfBwz2uZ84dNDaxKcf2
NZX79rfZ1VtQTTXw9ErAY61j+rTeZh49OVM8Pu30gb20ImzvimjoCtX4mH4TLXdR
akvQl6Cbd6/doz2HW0mOY5Vzr05l3fwx5HTF8zK+83DZ3+YIy3+OokdF64SJjRYB
ugzFWs09Z+8G4Mym0hVyWp2ZKiQLtbGKMCFO8TFCCeJLR0PHXeN0kEjrXQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKeJEWVxnikJG8QIiNeC612aetj3MB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvcDRrUlpYR2VLUWtieEFpSTE0THJYWnA2MlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQDBQswAwQD
Xb5AAwQDX4L4AwQEbUuwAwQDjWUgAwQCuSB0AwQCuUFYAwQCuY+kMBQEAgACMA4D
BQMqABLAAwUDKgRMwDANBgkqhkiG9w0BAQsFAAOCAQEABavsJcUDW8G+UaQJfMLQ
6S1fny1sOMW7R9oo4+HECBeN+KnofUAuuzuZNPYDJF4jPYbukPphLcTcEFGBRYWl
OXQzOULjDSeR8t+5mo/nMwQT8ccUnO9k8K2pysqFVzB2PKOyzeVeq/t7Dr8rc9PJ
gER/1FdZwPhe9qOrNKRpy0WrJ0vcHxuwk/eeswF/yN1az/Dh3BqN8qMulSJBZSt+
oQDz/souuc7yhFhQdHAms5X9AGHQJzn3jbomtLst47UxXjf3e4V9n7i5kkZ85Jcm
z8xgTTOhtoiflRzOHNbZt8s+9PgwsZ5RszEk3T0eMyZz8hsZ+lDvbNJYJL7EA97K
Qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org