Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4rMm0z3SD7e-7LlKAi20khlGTdU.roa
File: 4rMm0z3SD7e-7LlKAi20khlGTdU.roa (raw, json)
Hash identifier: gvlQLJGWdy2KUJmJB35Br/rrnxItcA6/ch3m9bra2IU=
Subject key identifier: E2:B3:26:D3:3D:D2:0F:B7:BE:EC:B9:4A:02:2D:B4:92:19:46:4D:D5
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018C304F253B7BF88E8210F0F79B6F482CBE
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4rMm0z3SD7e-7LlKAi20khlGTdU.roa
Signing time: Sun 03 Dec 2023 15:32:22 +0000
ROA not before: Sun 03 Dec 2023 15:32:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34872
IP address blocks: 62.3.50.0/24 maxlen: 24
45.154.97.0/24 maxlen: 24
194.28.98.0/23 maxlen: 24
2a0c:b641:540::/44 maxlen: 48
2a0c:b641:30::/44 maxlen: 48
2a0c:b641:10::/44 maxlen: 48
2a0c:b641:2c0::/44 maxlen: 48
2a0f:8400::/32 maxlen: 48
2a0c:b641::/44 maxlen: 48
2a0c:b640::/32 maxlen: 48
2a0c:b641:70f::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Dec 2023 08:56:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:30:4f:25:3b:7b:f8:8e:82:10:f0:f7:9b:6f:48:2c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Dec 3 15:32:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2b326d33dd20fb7beecb94a022db49219464dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e9:55:03:9b:a4:64:30:74:af:6b:74:e9:e0:
6f:d3:88:40:b1:1e:c0:0e:45:a2:fe:da:ee:e0:06:
b4:09:f1:95:0f:67:34:f0:a6:59:23:56:de:0b:d3:
61:fd:7a:63:ec:7b:ce:42:8c:e2:33:3f:40:88:b6:
f1:7b:12:a2:fa:c6:c6:fe:99:45:32:b9:88:94:82:
00:d2:7a:8d:e6:20:e4:9a:89:0c:f6:31:63:97:7c:
ed:2e:98:27:1b:6f:1b:7a:88:7d:ae:4a:4b:7b:21:
28:f6:c4:80:59:fe:1e:ce:82:57:31:66:89:9c:78:
c0:9f:a7:b0:d1:1a:8b:eb:0f:1a:4b:e5:62:96:a1:
d2:9c:83:87:76:20:77:8d:1e:42:ab:bf:8a:ca:c4:
fe:71:b1:56:6e:82:22:10:9c:73:92:c4:de:12:53:
42:bf:92:54:82:41:3e:38:83:2d:7d:72:6e:2a:24:
9c:f6:93:b3:8d:a3:71:09:08:68:90:71:40:7e:09:
29:90:2a:fa:56:04:e8:61:98:b3:08:c2:7d:8c:d6:
5f:26:f6:8c:f7:73:70:e4:d4:45:f8:4e:4e:05:84:
7e:be:c6:18:1b:cf:4e:88:6c:72:5c:69:41:af:3b:
dc:5c:0d:01:30:2a:38:6f:6c:8b:00:1c:52:61:a3:
8b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B3:26:D3:3D:D2:0F:B7:BE:EC:B9:4A:02:2D:B4:92:19:46:4D:D5
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4rMm0z3SD7e-7LlKAi20khlGTdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
62.3.50.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:30::/44
2a0c:b641:2c0::/44
2a0c:b641:540::/44
2a0c:b641:70f::/48
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
19:52:dd:7a:df:bd:db:8d:fc:9d:c7:a6:fe:f5:e4:c9:f2:1e:
09:07:e7:2d:1e:60:62:f8:95:64:45:b8:09:3b:b8:98:7b:5b:
b9:4d:83:ff:b6:ef:ae:92:40:72:c1:fb:c4:6f:72:6c:53:f8:
1f:69:e9:03:82:8d:c5:8f:2d:aa:41:53:c4:a9:af:54:99:8d:
78:ea:cc:b6:d7:d8:e2:47:f8:c5:09:c4:71:6d:9a:5d:cd:ac:
41:dc:e1:c7:6b:55:4f:87:32:15:b5:b2:4a:b4:d0:dc:ae:52:
bb:60:5f:81:7c:5a:8b:f8:fe:38:68:65:1e:9c:84:c6:56:79:
49:dd:1d:14:62:35:c2:96:1b:63:92:c9:cd:53:85:f6:0e:c7:
d4:23:0e:4a:a3:77:c2:b1:36:6b:5e:f7:a5:21:44:a0:f6:38:
22:8f:d1:25:3f:18:c1:e5:67:1f:f5:04:14:c3:59:5c:d9:cf:
7f:df:16:d1:69:a9:3c:7f:f0:08:d5:1b:6b:5c:a5:3d:40:46:
61:1a:86:8f:f3:82:a1:37:1c:3b:b3:09:b8:5b:c9:1a:7e:9d:
96:f4:9d:03:2f:5c:cc:44:86:48:5c:ed:94:8c:0d:ba:0a:1a:
0a:fb:91:2c:31:bd:0b:80:91:cf:56:04:d6:27:35:ee:1a:83:
42:b5:57:c4
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYwwTyU7e/iOghDw95tvSCy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMxMjAzMTUzMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmIzMjZkMzNkZDIwZmI3YmVlY2I5NGEwMjJkYjQ5MjE5NDY0ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAielVA5ukZDB0r2t06eBv04hAsR7A
DkWi/tru4Aa0CfGVD2c08KZZI1beC9Nh/Xpj7HvOQoziMz9AiLbxexKi+sbG/plF
MrmIlIIA0nqN5iDkmokM9jFjl3ztLpgnG28beoh9rkpLeyEo9sSAWf4ezoJXMWaJ
nHjAn6ew0RqL6w8aS+VilqHSnIOHdiB3jR5Cq7+KysT+cbFWboIiEJxzksTeElNC
v5JUgkE+OIMtfXJuKiSc9pOzjaNxCQhokHFAfgkpkCr6VgToYZizCMJ9jNZfJvaM
93Nw5NRF+E5OBYR+vsYYG89OiGxyXGlBrzvcXA0BMCo4b2yLABxSYaOLUwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFOKzJtM90g+3vuy5SgIttJIZRk3VMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvNHJNbTB6M1NEN2UtN0xsS0FpMjBraGxHVGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzAYBAIAATASAwQALZphAwQA
PgMyAwQBwhxiMEMEAgACMD0wEAMFBioMtkADBwUqDLZBAAADBwQqDLZBADADBwQq
DLZBAsADBwQqDLZBBUADBwAqDLZBBw8DBQAqD4QAMA0GCSqGSIb3DQEBCwUAA4IB
AQAZUt16373bjfydx6b+9eTJ8h4JB+ctHmBi+JVkRbgJO7iYe1u5TYP/tu+ukkBy
wfvEb3JsU/gfaekDgo3Fjy2qQVPEqa9UmY146sy219jiR/jFCcRxbZpdzaxB3OHH
a1VPhzIVtbJKtNDcrlK7YF+BfFqL+P44aGUenITGVnlJ3R0UYjXClhtjksnNU4X2
DsfUIw5Ko3fCsTZrXvelIUSg9jgij9ElPxjB5Wcf9QQUw1lc2c9/3xbRaak8f/AI
1RtrXKU9QEZhGoaP84KhNxw7swm4W8kafp2W9J0DL1zMRIZIXO2UjA26ChoK+5Es
Mb0LgJHPVgTWJzXuGoNCtVfE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org