Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/4G-U-nxrvKc0YLwWXF_5ZfZAC6U.roa
File: 4G-U-nxrvKc0YLwWXF_5ZfZAC6U.roa (raw, json)
Hash identifier: mEPCecyLbNPVqrVJf4bMiXAgs3yG9foNq4hxBY6SuIo=
Subject key identifier: E0:6F:94:FA:7C:6B:BC:A7:34:60:BC:16:5C:5F:F9:65:F6:40:0B:A5
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CC649C9427ABBB6DDAD846285C1595FDF
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/4G-U-nxrvKc0YLwWXF_5ZfZAC6U.roa
Signing time: Mon 01 Jan 2024 18:29:33 +0000
ROA not before: Mon 01 Jan 2024 18:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57033
IP address blocks: 89.185.16.0/22 maxlen: 22
89.185.20.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
5.56.24.0/23 maxlen: 23
5.56.28.0/23 maxlen: 23
5.56.30.0/23 maxlen: 23
5.56.26.0/23 maxlen: 23
93.185.208.0/21 maxlen: 21
93.185.218.0/23 maxlen: 23
89.185.4.0/22 maxlen: 22
93.185.216.0/23 maxlen: 23
93.185.222.0/23 maxlen: 23
93.185.220.0/23 maxlen: 23
89.185.8.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c9:42:7a:bb:b6:dd:ad:84:62:85:c1:59:5f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 18:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e06f94fa7c6bbca73460bc165c5ff965f6400ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:7b:df:b6:63:d9:e0:d1:2e:bd:51:e9:23:
a3:88:9e:d8:95:45:3e:ae:b6:9f:52:ce:21:6b:c1:
3b:4a:ff:cb:b4:ee:50:7f:1b:4c:0b:8d:a8:59:c9:
5a:f5:7f:4d:4a:33:9c:c1:f4:f1:5f:bc:0b:f8:07:
99:78:85:9a:85:0f:f5:5c:e1:fb:e6:1a:7c:63:8c:
3e:35:97:79:d2:5a:5a:c0:eb:56:8a:a4:31:ff:0c:
e9:25:fd:c4:15:60:f3:55:f0:70:a8:64:f3:b0:11:
55:de:42:dc:60:6f:9c:e8:18:fe:e7:43:52:7f:31:
99:4e:ee:99:95:16:c5:ec:73:aa:fa:5d:1d:a0:47:
f8:71:95:eb:8b:d8:1b:c0:06:a8:db:d9:3d:8d:05:
62:cf:43:04:93:b1:8d:26:9b:2c:d2:d4:9f:30:dc:
69:13:5c:77:5a:06:1d:93:fd:6c:5b:a6:67:b1:5a:
c7:87:a3:20:2d:93:fc:8a:1a:6a:8e:e4:96:c1:22:
b5:e1:5f:c5:ed:76:33:ad:8a:e3:0a:82:8d:91:66:
90:4f:7d:55:51:e3:64:fe:93:04:e2:1f:82:6d:52:
a7:ec:4a:59:9d:6e:e8:03:0c:84:9b:d6:11:ea:f1:
7a:b9:1e:6e:92:d7:79:be:26:81:7d:50:52:01:75:
cb:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:6F:94:FA:7C:6B:BC:A7:34:60:BC:16:5C:5F:F9:65:F6:40:0B:A5
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/4G-U-nxrvKc0YLwWXF_5ZfZAC6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.24.0/21
89.185.4.0-89.185.21.255
93.185.208.0/20
185.30.203.0/24
Signature Algorithm: sha256WithRSAEncryption
62:c7:bb:68:ba:ae:c2:b2:02:19:b9:18:09:23:a5:e9:f0:e4:
82:37:e1:d9:26:90:fd:4c:9c:8b:1f:44:5a:1a:ba:39:72:05:
d5:72:09:27:e7:ce:ed:22:f8:74:dc:01:3c:e1:94:66:b3:eb:
03:f5:2c:3f:eb:e7:46:cb:18:6f:09:a0:6a:7e:9e:c5:9b:f8:
bc:c9:23:98:68:40:71:20:74:59:76:62:5e:6c:6e:83:19:8d:
2e:dd:4b:52:90:c5:81:74:46:d4:d9:85:65:c7:9f:57:a5:86:
b7:57:30:0f:7c:ae:af:dc:08:c5:ae:2f:66:ef:82:98:29:a4:
04:fd:82:b8:de:c9:5c:83:39:40:12:4b:1a:47:c9:94:7c:03:
24:32:2c:71:07:97:0a:1b:6f:cd:9f:b5:f0:6a:86:dd:25:24:
bd:4e:45:80:07:67:81:b9:87:f3:fc:8e:74:3b:9f:f0:57:9f:
87:b5:2e:22:d1:fc:9b:71:93:c8:fc:fb:1d:b1:48:3a:89:9d:
a9:56:f0:69:39:f0:ce:65:da:40:a1:9e:95:0a:7a:8f:14:be:
1b:fa:67:ff:0d:10:40:6b:d9:c6:32:c8:f7:d5:71:d9:60:c1:
4b:ea:a5:99:4f:d6:db:9f:9c:b0:3d:ad:c6:78:1c:35:b6:f4:
69:1b:9e:e2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzGSclCeru23a2EYoXBWV/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTAxMTgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDZmOTRmYTdjNmJiY2E3MzQ2MGJjMTY1YzVmZjk2NWY2NDAwYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKd737Zj2eDRLr1R6SOjiJ7YlUU+
rrafUs4ha8E7Sv/LtO5QfxtMC42oWcla9X9NSjOcwfTxX7wL+AeZeIWahQ/1XOH7
5hp8Y4w+NZd50lpawOtWiqQx/wzpJf3EFWDzVfBwqGTzsBFV3kLcYG+c6Bj+50NS
fzGZTu6ZlRbF7HOq+l0doEf4cZXri9gbwAao29k9jQViz0MEk7GNJpss0tSfMNxp
E1x3WgYdk/1sW6ZnsVrHh6MgLZP8ihpqjuSWwSK14V/F7XYzrYrjCoKNkWaQT31V
UeNk/pME4h+CbVKn7EpZnW7oAwyEm9YR6vF6uR5uktd5viaBfVBSAXXLvwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOBvlPp8a7ynNGC8Flxf+WX2QAulMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvNEctVS1ueHJ2S2MwWUx3V1hGXzVaZlpBQzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDBTgYMAwD
BAJZuQQDBAFZuRQDBARdudADBAC5HsswDQYJKoZIhvcNAQELBQADggEBAGLHu2i6
rsKyAhm5GAkjpenw5II34dkmkP1MnIsfRFoaujlyBdVyCSfnzu0i+HTcATzhlGaz
6wP1LD/r50bLGG8JoGp+nsWb+LzJI5hoQHEgdFl2Yl5sboMZjS7dS1KQxYF0RtTZ
hWXHn1elhrdXMA98rq/cCMWuL2bvgpgppAT9grjeyVyDOUASSxpHyZR8AyQyLHEH
lwobb82ftfBqht0lJL1ORYAHZ4G5h/P8jnQ7n/BXn4e1LiLR/Jtxk8j8+x2xSDqJ
nalW8Gk58M5l2kChnpUKeo8Uvhv6Z/8NEEBr2cYyyPfVcdlgwUvqpZlP1tufnLA9
rcZ4HDW29GkbnuI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:34 2025 by rpki-client