Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/4qG_xzz6KA3keJZQQCUnybL801s.roa
File: 4qG_xzz6KA3keJZQQCUnybL801s.roa (raw, json)
Hash identifier: tz6jhbMPchlgqtXri/+m9NRtnj3bmRxIKoxtlM7Pgmk=
Subject key identifier: E2:A1:BF:C7:3C:FA:28:0D:E4:78:96:50:40:25:27:C9:B2:FC:D3:5B
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 01859AE1AE44AAB2224ABF5E10468C9BCC16
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/4qG_xzz6KA3keJZQQCUnybL801s.roa
Signing time: Tue 10 Jan 2023 08:52:39 +0000
ROA not before: Tue 10 Jan 2023 08:52:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 185.237.212.0/22 maxlen: 24
185.237.215.0/24 maxlen: 24
185.145.69.0/24 maxlen: 24
185.145.68.0/22 maxlen: 22
185.145.68.0/24 maxlen: 24
103.229.171.0/24 maxlen: 24
103.229.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 17:11:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:e1:ae:44:aa:b2:22:4a:bf:5e:10:46:8c:9b:cc:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Jan 10 08:52:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2a1bfc73cfa280de4789650402527c9b2fcd35b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1d:63:e6:be:87:c8:0a:67:4a:ae:d8:86:af:
0b:03:79:85:ba:ba:d9:8d:a4:67:68:98:08:20:4d:
a1:a3:61:02:03:4e:91:ce:e3:d6:82:22:d5:bb:00:
ba:db:f5:ac:a5:5a:d4:5a:34:8c:a9:e8:ea:bd:18:
db:28:28:0c:21:84:99:ed:1c:e5:ac:bf:55:4a:27:
c5:66:89:db:d8:02:2a:68:1f:45:04:0b:6c:36:48:
bd:8c:54:3e:6e:d2:41:40:c9:c8:3c:57:14:9e:75:
35:69:1e:29:37:bb:9a:56:0b:93:b7:25:fd:11:5e:
a5:51:10:56:07:2a:11:84:66:77:72:03:94:07:ce:
c0:84:20:f8:af:ea:c0:31:39:55:00:70:21:31:0f:
d2:e4:73:f1:67:3a:11:92:54:36:1c:d2:1d:9d:77:
f3:fe:50:5b:de:46:1c:7e:e0:0b:2d:26:82:58:56:
11:34:54:37:13:25:34:31:a5:35:98:bc:e5:e7:d1:
d8:5d:1f:97:e0:fe:9f:f8:c9:c5:8f:7e:36:cc:2e:
6f:d6:1f:e5:a4:10:8f:e6:55:4b:58:fb:16:2f:e9:
57:95:ad:90:b0:d6:a7:b2:87:83:20:dd:22:15:a0:
9c:fe:93:7d:80:22:72:44:a1:b4:7b:1f:9f:0e:0c:
82:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A1:BF:C7:3C:FA:28:0D:E4:78:96:50:40:25:27:C9:B2:FC:D3:5B
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/4qG_xzz6KA3keJZQQCUnybL801s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.229.170.0/23
185.145.68.0/22
185.237.212.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:8a:e3:0f:3a:f3:72:8f:ea:af:c9:f9:b3:47:bd:b1:2e:f4:
bd:94:ec:3a:fe:a8:d3:5e:49:08:ce:0f:ee:b5:a7:ca:10:fb:
b1:94:a6:d2:54:8e:f8:36:8c:4d:0c:0f:29:59:06:0c:61:4f:
56:83:2a:ae:6c:d7:2f:81:c2:1e:46:47:da:d2:9e:85:d0:aa:
e8:c4:20:48:90:f7:c7:62:74:da:8d:2c:2b:5a:39:14:8c:13:
db:e7:78:7f:5c:96:d6:5b:96:ef:01:b5:f6:92:7b:91:81:0d:
13:a8:78:aa:d1:f2:34:62:df:39:36:2d:bb:5a:70:2d:04:56:
98:b0:e2:32:77:59:bb:b2:8d:9e:42:4d:f5:77:00:5b:94:e1:
2d:48:76:fa:8c:ef:48:bd:e0:d6:fa:d2:c9:d8:80:d5:a5:b7:
63:c9:5e:71:fe:9d:1d:93:53:96:49:1a:12:45:de:cf:ee:1c:
2f:16:f1:44:71:b9:6a:13:2b:89:cf:ca:e1:41:cb:94:19:01:
3a:fc:15:f7:3e:0e:33:ac:c8:fe:6a:7f:6b:38:2a:a2:c0:dc:
b9:52:58:38:9b:2a:95:66:34:fb:a2:10:a7:ca:19:84:78:06:
c4:87:2d:4e:01:2b:2f:7b:d8:de:07:82:18:f7:85:6b:2d:ee:
ca:32:19:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWa4a5EqrIiSr9eEEaMm8wWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjMwMTEwMDg1MjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmExYmZjNzNjZmEyODBkZTQ3ODk2NTA0MDI1MjdjOWIyZmNkMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh1j5r6HyApnSq7Yhq8LA3mFurrZ
jaRnaJgIIE2ho2ECA06RzuPWgiLVuwC62/WspVrUWjSMqejqvRjbKCgMIYSZ7Rzl
rL9VSifFZonb2AIqaB9FBAtsNki9jFQ+btJBQMnIPFcUnnU1aR4pN7uaVguTtyX9
EV6lURBWByoRhGZ3cgOUB87AhCD4r+rAMTlVAHAhMQ/S5HPxZzoRklQ2HNIdnXfz
/lBb3kYcfuALLSaCWFYRNFQ3EyU0MaU1mLzl59HYXR+X4P6f+MnFj342zC5v1h/l
pBCP5lVLWPsWL+lXla2QsNansoeDIN0iFaCc/pN9gCJyRKG0ex+fDgyCnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOKhv8c8+igN5HiWUEAlJ8my/NNbMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvNHFHX3h6ejZLQTNrZUpaUVFDVW55Ykw4MDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBZ+WqAwQC
uZFEAwQCue3UMA0GCSqGSIb3DQEBCwUAA4IBAQAfiuMPOvNyj+qvyfmzR72xLvS9
lOw6/qjTXkkIzg/utafKEPuxlKbSVI74NoxNDA8pWQYMYU9WgyqubNcvgcIeRkfa
0p6F0KroxCBIkPfHYnTajSwrWjkUjBPb53h/XJbWW5bvAbX2knuRgQ0TqHiq0fI0
Yt85Ni27WnAtBFaYsOIyd1m7so2eQk31dwBblOEtSHb6jO9IveDW+tLJ2IDVpbdj
yV5x/p0dk1OWSRoSRd7P7hwvFvFEcblqEyuJz8rhQcuUGQE6/BX3Pg4zrMj+an9r
OCqiwNy5Ulg4myqVZjT7ohCnyhmEeAbEhy1OASsve9jeB4IY94VrLe7KMhmC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:14 2024 by rpki-client on console-fra.rpki-client.org