Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/4mMl2qNB1U-wxEn2oyjCSa57h98.roa
File: 4mMl2qNB1U-wxEn2oyjCSa57h98.roa (raw, json)
Hash identifier: J06dBwBAWoTTGqfPGpvbo2AamRlxcQcc32kIHym8otA=
Subject key identifier: E2:63:25:DA:A3:41:D5:4F:B0:C4:49:F6:A3:28:C2:49:AE:7B:87:DF
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 0194079C1D13C62A651C4DB04F14C651F159
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/4mMl2qNB1U-wxEn2oyjCSa57h98.roa
Signing time: Fri 27 Dec 2024 10:14:19 +0000
ROA not before: Fri 27 Dec 2024 10:14:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58327
IP address blocks: 5.252.252.0/22 maxlen: 24
176.120.168.0/21 maxlen: 24
185.74.193.0/24 maxlen: 24
185.74.194.0/23 maxlen: 24
185.194.25.0/24 maxlen: 24
185.221.191.0/24 maxlen: 24
185.224.93.0/24 maxlen: 24
185.224.94.0/23 maxlen: 24
185.226.228.0/24 maxlen: 24
185.230.144.0/24 maxlen: 24
185.232.135.0/24 maxlen: 24
185.239.4.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
193.242.188.0/23 maxlen: 24
2a09:4e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:07:9c:1d:13:c6:2a:65:1c:4d:b0:4f:14:c6:51:f1:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Dec 27 10:14:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e26325daa341d54fb0c449f6a328c249ae7b87df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b8:04:be:4e:1a:3c:3e:87:f4:5f:88:1c:f5:
02:c5:c5:dd:be:e5:40:20:8f:56:f6:04:13:91:04:
43:b3:93:2a:a7:d9:5a:68:13:4f:d1:a8:a8:a1:9e:
30:6a:a7:9f:fe:f2:f2:80:fa:91:15:5d:4d:41:90:
fb:3d:31:b7:0f:6f:8e:c1:04:e9:d9:63:b8:3a:d9:
8f:0c:f1:5c:d6:a6:5f:51:1a:48:a0:42:02:45:d7:
7b:d3:1c:6b:7c:38:02:e4:77:ae:d8:6d:c9:20:3a:
31:fb:f1:17:ba:43:f6:f0:74:59:33:6c:5a:e1:b2:
27:f0:f6:c5:e6:be:f7:1f:c3:f8:47:16:18:e8:3e:
2a:ae:47:4f:d4:c3:2c:38:8a:17:5b:fc:4c:04:ca:
e9:5e:90:92:b9:aa:9f:d9:9c:ad:23:b6:8f:c6:a9:
b2:3c:da:d4:00:c8:88:6b:16:b7:c0:ad:ed:0e:4d:
97:b1:eb:9f:30:44:c4:c6:81:30:6c:3e:59:b6:65:
af:62:32:a7:ce:9b:03:1b:4d:cc:12:65:82:f9:d6:
9b:83:b4:99:c0:21:98:73:0c:cb:20:0b:29:85:d1:
53:2f:69:a2:e0:e0:87:25:aa:13:95:0b:10:07:d9:
e0:d5:12:bb:d1:bb:25:a8:4c:4c:7e:5f:f7:3c:4d:
3e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:63:25:DA:A3:41:D5:4F:B0:C4:49:F6:A3:28:C2:49:AE:7B:87:DF
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/4mMl2qNB1U-wxEn2oyjCSa57h98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
176.120.168.0/21
185.74.193.0-185.74.195.255
185.194.25.0/24
185.221.191.0/24
185.224.93.0-185.224.95.255
185.226.228.0/24
185.230.144.0/24
185.232.135.0/24
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
IPv6:
2a09:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
0d:11:cc:9c:15:63:33:8e:41:f4:8a:82:79:ef:ec:f3:1a:73:
f8:1c:44:bc:a2:3f:ff:13:d3:0d:63:d2:d8:42:f0:ff:1f:05:
5c:7e:21:32:60:aa:70:c8:0b:cd:20:1b:ba:8e:9c:f2:55:9d:
aa:69:b4:88:e3:79:9d:52:58:8c:e0:b9:19:71:03:11:a3:3c:
7d:66:4e:aa:a2:fa:de:83:36:6b:28:5f:35:10:a9:de:16:d6:
73:3a:9a:58:b0:62:5b:19:69:d9:4e:eb:59:7d:e6:20:9f:6a:
2a:97:14:12:83:ab:62:98:2a:fe:8e:44:26:a7:0f:2d:18:57:
66:d6:4e:67:e3:6b:d2:a7:6a:96:8f:fe:e4:d0:bd:7a:e2:a5:
73:c4:fc:13:c5:60:2d:e5:b0:51:5b:e1:0c:29:b0:e9:8e:df:
25:fc:9d:c5:e9:36:75:97:a6:6b:e0:66:7d:4e:76:39:77:94:
b3:7e:03:7f:a2:24:76:23:b4:8d:e0:e1:87:77:3f:6d:ab:c5:
55:50:eb:df:cb:76:f4:ea:42:32:a2:55:21:1a:c3:4d:38:26:
3f:3c:84:6b:58:fe:39:26:5e:79:0f:36:19:aa:5c:c5:b3:3e:
a1:3c:8d:f0:64:e2:78:64:83:c3:24:1b:3f:0d:c2:b2:f3:6e:
69:54:99:9b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZQHnB0TxiplHE2wTxTGUfFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh
Y2Y1YjIwHhcNMjQxMjI3MTAxNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjYzMjVkYWEzNDFkNTRmYjBjNDQ5ZjZhMzI4YzI0OWFlN2I4N2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbgEvk4aPD6H9F+IHPUCxcXdvuVA
II9W9gQTkQRDs5Mqp9laaBNP0aiooZ4waqef/vLygPqRFV1NQZD7PTG3D2+OwQTp
2WO4OtmPDPFc1qZfURpIoEICRdd70xxrfDgC5Heu2G3JIDox+/EXukP28HRZM2xa
4bIn8PbF5r73H8P4RxYY6D4qrkdP1MMsOIoXW/xMBMrpXpCSuaqf2ZytI7aPxqmy
PNrUAMiIaxa3wK3tDk2XseufMETExoEwbD5ZtmWvYjKnzpsDG03MEmWC+dabg7SZ
wCGYcwzLIAsphdFTL2mi4OCHJaoTlQsQB9ng1RK70bslqExMfl/3PE0+sQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFOJjJdqjQdVPsMRJ9qMowkmue4ffMB8GA1UdIwQY
MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt
NTQxZjQ4OTI0OTUyLzEvNG1NbDJxTkIxVS13eEVuMm95akNTYTU3aDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy
LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wXgQCAAEwWAMEAgX8/AME
A7B4qDAMAwQAuUrBAwQCuUrAAwQAucIZAwQAud2/MAwDBAC54F0DBAW54EADBAC5
4uQDBAC55pADBAC56IcDBAK57wQDBAG81CADBAHB8rwwDQQCAAIwBwMFAyoJTkAw
DQYJKoZIhvcNAQELBQADggEBAA0RzJwVYzOOQfSKgnnv7PMac/gcRLyiP/8T0w1j
0thC8P8fBVx+ITJgqnDIC80gG7qOnPJVnapptIjjeZ1SWIzguRlxAxGjPH1mTqqi
+t6DNmsoXzUQqd4W1nM6mliwYlsZadlO61l95iCfaiqXFBKDq2KYKv6ORCanDy0Y
V2bWTmfja9KnapaP/uTQvXripXPE/BPFYC3lsFFb4QwpsOmO3yX8ncXpNnWXpmvg
Zn1Odjl3lLN+A3+iJHYjtI3g4Yd3P22rxVVQ69/LdvTqQjKiVSEaw004Jj88hGtY
/jkmXnkPNhmqXMWzPqE8jfBk4nhkg8MkGz8NwrLzbmlUmZs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:37:36 2025 by rpki-client