Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/nE4RAyUyUQcYAJ2aLCwDxd6PG94.roa
File: nE4RAyUyUQcYAJ2aLCwDxd6PG94.roa (raw, json)
Hash identifier: 4hvD8fr8xTv+jvZ/OQm8Af1dQ7aZhEMvn3MegEga9VI=
Subject key identifier: 9C:4E:11:03:25:32:51:07:18:00:9D:9A:2C:2C:03:C5:DE:8F:1B:DE
Certificate issuer: /CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Certificate serial: 018E52118B31225C5499248B6048CCC30614
Authority key identifier: C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/nE4RAyUyUQcYAJ2aLCwDxd6PG94.roa
Signing time: Mon 18 Mar 2024 14:57:45 +0000
ROA not before: Mon 18 Mar 2024 14:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29283
IP address blocks: 85.184.64.0/19 maxlen: 19
85.184.78.0/24 maxlen: 24
89.33.144.0/21 maxlen: 21
94.199.120.0/21 maxlen: 21
149.232.176.0/21 maxlen: 21
185.6.60.0/22 maxlen: 22
185.6.60.0/24 maxlen: 24
185.6.61.0/24 maxlen: 24
185.6.62.0/24 maxlen: 24
213.174.96.0/19 maxlen: 19
213.174.127.0/24 maxlen: 24
2a02:6c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 21 Jun 2024 10:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:11:8b:31:22:5c:54:99:24:8b:60:48:cc:c3:06:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Validity
Not Before: Mar 18 14:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c4e11032532510718009d9a2c2c03c5de8f1bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f8:a6:58:68:2c:1f:ac:21:8f:33:22:91:94:
fa:fc:7f:07:51:66:7f:8e:8b:a6:14:cd:0b:f3:18:
6b:d7:c6:8c:24:09:63:f5:45:09:c6:29:de:3a:f5:
71:49:83:e4:6d:c3:3b:ea:b9:c1:34:93:f6:70:6b:
63:61:87:87:2e:0e:be:cd:3f:be:59:c7:80:b2:cc:
40:3d:55:fe:02:5e:73:2f:9c:43:fa:c5:3b:cd:6c:
01:ad:f6:6f:10:cd:94:f1:56:83:60:e0:4c:c2:05:
b5:b1:7c:94:4f:73:4e:96:8f:18:33:a8:9a:c4:77:
39:4b:16:9b:0b:e3:c9:bc:68:74:d0:92:4d:53:47:
2a:2e:7a:f0:ac:da:1f:84:73:5d:59:41:07:4c:d4:
0f:c0:ed:fe:1c:9d:e5:6b:f7:9e:a9:16:fa:38:12:
79:fd:89:6f:a6:33:65:e7:f0:c2:67:d8:43:31:47:
58:67:6a:bb:c4:c0:73:3e:d7:0d:7d:e3:68:46:cb:
c8:78:3c:db:11:f9:5a:86:f9:8d:3d:2d:0b:37:2d:
30:f1:48:fc:bc:ff:e4:5a:19:d4:1e:93:f2:ce:d1:
19:f8:1c:7d:7d:04:55:a3:7f:3c:25:a1:31:4a:c1:
f8:f1:3a:a6:b2:23:2c:7d:6e:13:88:6e:8e:7c:82:
5c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4E:11:03:25:32:51:07:18:00:9D:9A:2C:2C:03:C5:DE:8F:1B:DE
X509v3 Authority Key Identifier:
keyid:C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/nE4RAyUyUQcYAJ2aLCwDxd6PG94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.184.64.0/19
89.33.144.0/21
94.199.120.0/21
149.232.176.0/21
185.6.60.0/22
213.174.96.0/19
IPv6:
2a02:6c40::/32
Signature Algorithm: sha256WithRSAEncryption
3b:d9:99:be:84:cb:b2:51:bd:af:d1:3d:02:a6:d4:38:9b:32:
bc:bb:c8:bb:c6:26:db:85:f7:98:d2:0c:d3:df:d1:4a:28:23:
c7:fa:7b:4d:3b:fa:72:ad:89:76:de:70:92:35:2b:1e:93:03:
ee:aa:75:e8:96:f1:18:be:b2:5a:79:08:07:d1:e3:5c:c1:07:
53:e8:07:0c:a5:94:b9:22:d9:88:83:d3:a2:fb:1f:c4:2a:b4:
ec:01:56:16:68:cb:ed:35:58:72:1f:18:e0:69:f7:33:d6:0b:
0b:2d:8f:ee:93:6a:0c:1e:83:40:15:ea:d8:61:4b:c2:af:ce:
b3:03:a9:37:26:f7:69:d9:1e:46:35:90:ee:1d:8d:13:43:e7:
d0:d2:d2:c0:ea:9d:4f:a5:bc:c9:60:af:b1:cb:6c:6b:9b:b7:
22:2c:07:73:04:00:21:30:d7:a6:37:e7:f6:7b:e4:a0:dd:7b:
d7:cb:7c:45:88:9d:8b:c1:f4:48:21:64:0a:f1:28:84:e4:7b:
63:86:e7:bf:3c:08:24:74:79:df:88:ab:33:40:e7:2f:b7:ab:
73:9f:c7:6b:28:47:1f:87:c9:bc:e1:69:73:1f:6b:14:c4:a4:
62:28:5a:a1:86:62:29:10:da:08:63:c4:e2:30:d8:6e:ec:13:
a8:b3:2d:bd
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY5SEYsxIlxUmSSLYEjMwwYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZWQ2NGM5M2RkZmRmMmY0OWI3ZWExYzIzZWFhZDA4NzAy
NDlhMzMwHhcNMjQwMzE4MTQ1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRlMTEwMzI1MzI1MTA3MTgwMDlkOWEyYzJjMDNjNWRlOGYxYmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifimWGgsH6whjzMikZT6/H8HUWZ/
joumFM0L8xhr18aMJAlj9UUJxineOvVxSYPkbcM76rnBNJP2cGtjYYeHLg6+zT++
WceAssxAPVX+Al5zL5xD+sU7zWwBrfZvEM2U8VaDYOBMwgW1sXyUT3NOlo8YM6ia
xHc5SxabC+PJvGh00JJNU0cqLnrwrNofhHNdWUEHTNQPwO3+HJ3la/eeqRb6OBJ5
/YlvpjNl5/DCZ9hDMUdYZ2q7xMBzPtcNfeNoRsvIeDzbEflahvmNPS0LNy0w8Uj8
vP/kWhnUHpPyztEZ+Bx9fQRVo388JaExSsH48TqmsiMsfW4TiG6OfIJcVwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJxOEQMlMlEHGACdmiwsA8XejxveMB8GA1UdIwQY
MBaAFMntZMk9398vSbfqHCPqrQhwJJozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWUxa3lUM2YzeTlKdC1vY0ktcXRDSEFrbWpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yYTJhYjItMzA5OC00YTBmLTgwOWMt
MzVlZDViNTNkYTA1LzEvbkU0UkF5VXlVUWNZQUoyYUxDd0R4ZDZQRzk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yYTJhYjItMzA5OC00YTBmLTgwOWMtMzVlZDViNTNkYTA1
LzEveWUxa3lUM2YzeTlKdC1vY0ktcXRDSEFrbWpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFVbhAAwQD
WSGQAwQDXsd4AwQDleiwAwQCuQY8AwQF1a5gMA0EAgACMAcDBQAqAmxAMA0GCSqG
SIb3DQEBCwUAA4IBAQA72Zm+hMuyUb2v0T0CptQ4mzK8u8i7xibbhfeY0gzT39FK
KCPH+ntNO/pyrYl23nCSNSsekwPuqnXolvEYvrJaeQgH0eNcwQdT6AcMpZS5ItmI
g9Oi+x/EKrTsAVYWaMvtNVhyHxjgafcz1gsLLY/uk2oMHoNAFerYYUvCr86zA6k3
Jvdp2R5GNZDuHY0TQ+fQ0tLA6p1PpbzJYK+xy2xrm7ciLAdzBAAhMNemN+f2e+Sg
3XvXy3xFiJ2LwfRIIWQK8SiE5Htjhue/PAgkdHnfiKszQOcvt6tzn8drKEcfh8m8
4WlzH2sUxKRiKFqhhmIpENoIY8TiMNhu7BOosy29
-----END CERTIFICATE-----
Generated at Fri Jun 21 13:17:27 2024 by rpki-client on console-fra.rpki-client.org