Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/c4SPhZyELtuJBHdKaWK_2OmtwTw.roa
File: c4SPhZyELtuJBHdKaWK_2OmtwTw.roa (raw, json)
Hash identifier: 9ZaNdmeHT4IlkgUJRe2RNvHLM9aIDa9tb4yBI3t1L7s=
Subject key identifier: 73:84:8F:85:9C:84:2E:DB:89:04:77:4A:69:62:BF:D8:E9:AD:C1:3C
Certificate issuer: /CN=8686ae8e49374bac84caa3de0d26070b6b190054
Certificate serial: 01856D5CF26AC789567FA278735208FD64BF
Authority key identifier: 86:86:AE:8E:49:37:4B:AC:84:CA:A3:DE:0D:26:07:0B:6B:19:00:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoaujkk3S6yEyqPeDSYHC2sZAFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/c4SPhZyELtuJBHdKaWK_2OmtwTw.roa
Signing time: Sun 01 Jan 2023 12:44:45 +0000
ROA not before: Sun 01 Jan 2023 12:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200023
IP address blocks: 176.103.219.0/24 maxlen: 24
88.218.4.0/22 maxlen: 22
185.39.44.0/22 maxlen: 22
94.177.105.0/24 maxlen: 24
2a04:7c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:f2:6a:c7:89:56:7f:a2:78:73:52:08:fd:64:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8686ae8e49374bac84caa3de0d26070b6b190054
Validity
Not Before: Jan 1 12:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73848f859c842edb8904774a6962bfd8e9adc13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:64:e7:09:34:fc:6f:38:1a:a5:10:0c:aa:55:
15:e3:e2:9f:62:d4:a5:65:13:31:26:9e:e6:eb:f3:
43:04:28:ab:bc:8c:96:b3:46:6a:6f:5a:5d:59:83:
4b:95:b9:74:0e:d3:99:57:d5:c9:5b:d0:2d:1c:b4:
df:94:eb:6d:3e:06:a2:54:ca:e3:c6:50:99:8b:72:
eb:e9:54:cb:2c:5c:01:9c:56:26:e7:e3:87:3f:d8:
e6:f3:26:e8:a2:62:63:7a:dd:bd:ca:80:0c:f0:05:
45:72:22:24:9a:97:7e:91:26:61:ce:1a:9c:16:39:
7a:c4:42:56:db:8d:6b:2e:27:41:b8:36:41:0e:19:
f1:94:1e:c5:f1:12:a4:89:1c:9a:05:4b:c9:dd:3d:
63:49:46:f4:89:52:35:70:63:71:7a:5f:dd:5e:8f:
91:f0:26:c9:a0:5b:f6:14:46:38:2a:dd:4b:d3:28:
bb:6f:6c:80:03:63:7a:00:16:40:e9:98:8d:82:a2:
b6:79:c1:09:ef:a3:bd:5f:14:a5:fb:63:4d:b8:90:
a8:a8:11:4e:7a:89:4c:e6:be:29:26:7d:69:a0:43:
e6:17:6f:d9:f2:fa:f9:c6:8c:dd:d8:09:41:56:fd:
ef:a6:ef:3b:fc:8d:1d:7c:a2:50:7a:c3:0f:32:9c:
85:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:84:8F:85:9C:84:2E:DB:89:04:77:4A:69:62:BF:D8:E9:AD:C1:3C
X509v3 Authority Key Identifier:
keyid:86:86:AE:8E:49:37:4B:AC:84:CA:A3:DE:0D:26:07:0B:6B:19:00:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoaujkk3S6yEyqPeDSYHC2sZAFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/c4SPhZyELtuJBHdKaWK_2OmtwTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/hoaujkk3S6yEyqPeDSYHC2sZAFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.4.0/22
94.177.105.0/24
176.103.219.0/24
185.39.44.0/22
IPv6:
2a04:7c00::/29
Signature Algorithm: sha256WithRSAEncryption
2f:56:9a:33:42:c0:a6:78:2f:e1:e5:2b:b0:cf:4f:ff:27:84:
8d:31:bc:44:2a:29:ab:13:2e:3b:31:88:0c:c5:f7:f9:d6:ad:
ef:6d:19:d3:a3:c8:c3:89:e2:a3:e8:ff:a0:05:2c:ba:f0:56:
75:00:b4:37:2b:07:14:56:ec:49:e5:2f:a9:18:ab:5b:c9:64:
13:ff:67:71:90:93:8c:bc:49:be:56:3c:80:a8:b3:34:3f:63:
78:8b:38:81:fd:d9:52:8a:02:06:7b:14:60:af:90:c0:c4:f9:
5a:b9:c1:95:70:4d:7c:d1:87:d7:e7:8d:69:48:bc:63:13:74:
b6:e8:c0:23:a6:09:bc:85:a0:94:11:dd:c9:b3:c0:35:0f:8a:
28:33:cf:64:67:b7:f7:b6:86:34:ea:6a:53:80:ef:cb:00:5c:
c7:dd:e5:06:f5:cd:bc:38:a2:ce:ae:3c:e9:45:45:2f:f8:ce:
e6:5f:71:63:9e:1d:a3:51:a4:e7:2b:c1:1c:d3:d2:ee:fd:08:
62:9c:75:80:d3:13:24:b4:fe:a2:a2:24:cd:67:48:b4:34:1f:
03:c6:cb:7b:91:89:09:96:29:12:ed:63:8a:07:04:32:f3:1f:
a6:c0:75:4c:d0:d7:bb:e1:e7:1f:f4:a1:0e:93:51:a5:41:42:
aa:cb:f0:26
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtXPJqx4lWf6J4c1II/WS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ODZhZThlNDkzNzRiYWM4NGNhYTNkZTBkMjYwNzBiNmIx
OTAwNTQwHhcNMjMwMTAxMTI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg0OGY4NTljODQyZWRiODkwNDc3NGE2OTYyYmZkOGU5YWRjMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2TnCTT8bzgapRAMqlUV4+KfYtSl
ZRMxJp7m6/NDBCirvIyWs0Zqb1pdWYNLlbl0DtOZV9XJW9AtHLTflOttPgaiVMrj
xlCZi3Lr6VTLLFwBnFYm5+OHP9jm8yboomJjet29yoAM8AVFciIkmpd+kSZhzhqc
Fjl6xEJW241rLidBuDZBDhnxlB7F8RKkiRyaBUvJ3T1jSUb0iVI1cGNxel/dXo+R
8CbJoFv2FEY4Kt1L0yi7b2yAA2N6ABZA6ZiNgqK2ecEJ76O9XxSl+2NNuJCoqBFO
eolM5r4pJn1poEPmF2/Z8vr5xozd2AlBVv3vpu87/I0dfKJQesMPMpyFNQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHOEj4WchC7biQR3Smliv9jprcE8MB8GA1UdIwQY
MBaAFIaGro5JN0ushMqj3g0mBwtrGQBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG9hdWprazNTNnlFeXFQZURTWUhDMnNaQUZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jMTk2MmEtYzY3OC00ZTQ2LWEwNzYt
YTc0ZjUwZTAwZGQ1LzEvYzRTUGhaeUVMdHVKQkhkS2FXS18yT210d1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jMTk2MmEtYzY3OC00ZTQ2LWEwNzYtYTc0ZjUwZTAwZGQ1
LzEvaG9hdWprazNTNnlFeXFQZURTWUhDMnNaQUZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCWNoEAwQA
XrFpAwQAsGfbAwQCuScsMA0EAgACMAcDBQMqBHwAMA0GCSqGSIb3DQEBCwUAA4IB
AQAvVpozQsCmeC/h5Suwz0//J4SNMbxEKimrEy47MYgMxff51q3vbRnTo8jDieKj
6P+gBSy68FZ1ALQ3KwcUVuxJ5S+pGKtbyWQT/2dxkJOMvEm+VjyAqLM0P2N4iziB
/dlSigIGexRgr5DAxPlaucGVcE180YfX541pSLxjE3S26MAjpgm8haCUEd3Js8A1
D4ooM89kZ7f3toY06mpTgO/LAFzH3eUG9c28OKLOrjzpRUUv+M7mX3Fjnh2jUaTn
K8Ec09Lu/QhinHWA0xMktP6ioiTNZ0i0NB8Dxst7kYkJlikS7WOKBwQy8x+mwHVM
0Ne74ecf9KEOk1GlQUKqy/Am
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org