Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/4cB0FRNRbJGM2tjn32BBSW_ueXQ.roa
File: 4cB0FRNRbJGM2tjn32BBSW_ueXQ.roa (raw, json)
Hash identifier: lX0tYwi5998cXFKOJiGKrqVYXOcZZsYXSdClCy5bmuY=
Subject key identifier: E1:C0:74:15:13:51:6C:91:8C:DA:D8:E7:DF:60:41:49:6F:EE:79:74
Certificate issuer: /CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Certificate serial: 01856D41A0A126678804335E4D3B67D94A69
Authority key identifier: 3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/4cB0FRNRbJGM2tjn32BBSW_ueXQ.roa
Signing time: Sun 01 Jan 2023 12:14:55 +0000
ROA not before: Sun 01 Jan 2023 12:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43376
IP address blocks: 86.104.179.0/24 maxlen: 24
86.104.178.0/24 maxlen: 24
86.104.177.0/24 maxlen: 24
86.104.176.0/24 maxlen: 24
86.104.182.0/24 maxlen: 24
86.104.180.0/24 maxlen: 24
86.104.183.0/24 maxlen: 24
188.240.82.0/24 maxlen: 24
91.194.234.0/24 maxlen: 24
185.163.105.0/24 maxlen: 24
185.163.104.0/24 maxlen: 24
185.163.106.0/24 maxlen: 24
185.163.107.0/24 maxlen: 24
93.115.243.0/24 maxlen: 24
2a0b:8800:2::/48 maxlen: 48
2a0b:8800:3::/48 maxlen: 48
2a0b:8800:1::/48 maxlen: 48
2a0b:8800::/48 maxlen: 48
2001:67c:2170::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:a0:a1:26:67:88:04:33:5e:4d:3b:67:d9:4a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Validity
Not Before: Jan 1 12:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1c0741513516c918cdad8e7df6041496fee7974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:17:a7:5a:f4:0a:57:70:bb:0b:fa:af:7b:6e:
59:80:f8:2a:88:e5:f2:62:ce:8c:a7:7e:d4:13:84:
ac:73:7f:38:31:5b:97:ab:e0:bb:9d:8f:68:d2:b7:
53:ea:5f:19:b6:e3:72:f3:cf:73:71:a9:30:01:07:
f4:78:05:0b:11:6c:a4:71:81:e8:80:84:f2:6e:7f:
56:32:2c:a8:dd:df:05:5e:3d:be:83:ab:0e:1a:1a:
0e:4b:28:88:3a:d9:1e:05:f0:87:28:da:45:6b:c0:
0f:90:7e:7f:40:bc:20:6e:f3:60:b0:61:d7:e0:f8:
b3:30:3c:ec:82:ad:76:42:ae:04:34:5e:49:92:a7:
a5:4e:f0:c9:45:f2:4f:89:84:fc:a4:66:4f:e2:bd:
64:58:95:f3:e9:19:e1:00:13:69:a3:8b:0c:b9:da:
d0:ca:5e:c9:36:1e:b1:f3:f0:b8:a8:e7:8a:a3:83:
d7:a9:db:b9:7c:28:30:3f:dc:d8:3c:e2:9f:f3:ad:
22:1b:47:6c:a8:e7:ea:48:11:e6:9e:18:86:48:53:
f7:45:0a:ff:b8:07:c0:74:41:b4:40:a0:27:8b:3c:
64:a6:bb:f7:7d:af:30:52:55:cb:3b:2e:89:da:b1:
02:3e:a9:9a:28:f3:d3:26:06:26:32:54:7f:1d:2d:
51:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C0:74:15:13:51:6C:91:8C:DA:D8:E7:DF:60:41:49:6F:EE:79:74
X509v3 Authority Key Identifier:
keyid:3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/4cB0FRNRbJGM2tjn32BBSW_ueXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.176.0-86.104.180.255
86.104.182.0/23
91.194.234.0/24
93.115.243.0/24
185.163.104.0/22
188.240.82.0/24
IPv6:
2001:67c:2170::/48
2a0b:8800::/46
Signature Algorithm: sha256WithRSAEncryption
80:cf:a0:b5:7a:b3:e5:1f:e7:a6:1a:06:24:57:24:10:68:7f:
5e:30:77:30:e6:49:32:e0:22:61:f1:c5:f2:47:1f:21:72:0b:
d4:79:0e:bc:c2:f4:ca:45:12:22:2e:9d:83:dd:17:0f:21:86:
18:c6:3d:98:3e:1e:ea:c4:21:65:f0:3f:05:94:2a:4a:e4:02:
c9:c9:ea:1b:ff:ca:99:d6:9b:19:f9:a0:23:e4:33:33:35:c8:
57:7a:3b:10:0d:3a:fc:f6:7a:13:d9:2e:7c:5e:6a:f6:7e:b6:
c2:25:a1:19:22:cd:1c:8b:db:a9:47:b6:2f:37:34:4a:32:18:
fe:96:26:7f:ee:05:3e:6a:d0:38:d6:df:15:e0:23:e1:1f:c1:
13:4b:d1:80:ed:85:96:8c:4d:0b:9f:40:bc:6e:56:1c:77:28:
ce:1a:ec:f2:78:c7:1a:20:6d:99:93:14:0f:ca:c8:f9:77:03:
6b:b1:08:18:51:99:7d:ab:3e:35:13:bc:23:5e:b9:1e:96:c3:
de:53:c5:50:ac:7b:5f:dd:36:1b:c6:f3:45:ae:d8:6b:d1:37:
17:60:79:8c:1b:53:4a:95:bf:7d:37:91:36:41:01:90:61:50:
6a:da:22:14:d9:13:e2:16:25:22:70:b7:21:5e:5d:e8:f8:34:
a7:06:1d:54
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVtQaChJmeIBDNeTTtn2UppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNTBkMWRkMzFiYzc0NDliYWNjMTg2NGIwMWFmOTk0YzU0
N2VmZDMwHhcNMjMwMTAxMTIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWMwNzQxNTEzNTE2YzkxOGNkYWQ4ZTdkZjYwNDE0OTZmZWU3OTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghenWvQKV3C7C/qve25ZgPgqiOXy
Ys6Mp37UE4Ssc384MVuXq+C7nY9o0rdT6l8ZtuNy889zcakwAQf0eAULEWykcYHo
gITybn9WMiyo3d8FXj2+g6sOGhoOSyiIOtkeBfCHKNpFa8APkH5/QLwgbvNgsGHX
4PizMDzsgq12Qq4ENF5JkqelTvDJRfJPiYT8pGZP4r1kWJXz6RnhABNpo4sMudrQ
yl7JNh6x8/C4qOeKo4PXqdu5fCgwP9zYPOKf860iG0dsqOfqSBHmnhiGSFP3RQr/
uAfAdEG0QKAnizxkprv3fa8wUlXLOy6J2rECPqmaKPPTJgYmMlR/HS1RUwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOHAdBUTUWyRjNrY599gQUlv7nl0MB8GA1UdIwQY
MBaAFD5Q0d0xvHRJuswYZLAa+ZTFR+/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGxEUjNURzhkRW02ekJoa3NCcjVsTVZINzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC82ZWMzOWMtYTlkNC00YTEyLTgxMGEt
NGYwNjUwZGE1NDViLzEvNGNCMEZSTlJiSkdNMnRqbjMyQkJTV191ZVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC82ZWMzOWMtYTlkNC00YTEyLTgxMGEtNGYwNjUwZGE1NDVi
LzEvUGxEUjNURzhkRW02ekJoa3NCcjVsTVZINzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsMAwDBARWaLAD
BABWaLQDBAFWaLYDBABbwuoDBABdc/MDBAK5o2gDBAC88FIwGAQCAAIwEgMHACAB
BnwhcAMHAioLiAAAADANBgkqhkiG9w0BAQsFAAOCAQEAgM+gtXqz5R/nphoGJFck
EGh/XjB3MOZJMuAiYfHF8kcfIXIL1HkOvML0ykUSIi6dg90XDyGGGMY9mD4e6sQh
ZfA/BZQqSuQCycnqG//KmdabGfmgI+QzMzXIV3o7EA06/PZ6E9kufF5q9n62wiWh
GSLNHIvbqUe2Lzc0SjIY/pYmf+4FPmrQONbfFeAj4R/BE0vRgO2FloxNC59AvG5W
HHcozhrs8njHGiBtmZMUD8rI+XcDa7EIGFGZfas+NRO8I165HpbD3lPFUKx7X902
G8bzRa7Ya9E3F2B5jBtTSpW/fTeRNkEBkGFQatoiFNkT4hYlInC3IV5d6Pg0pwYd
VA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:56 2024 by rpki-client on console-fra.rpki-client.org