Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/4LQbLGohnN3U3DEBHw1j3JuN7Ak.roa
File: 4LQbLGohnN3U3DEBHw1j3JuN7Ak.roa (raw, json)
Hash identifier: 7I93OKHolusGS7DAYD+xcTyhvkR+zvve6daQYksmk0U=
Subject key identifier: E0:B4:1B:2C:6A:21:9C:DD:D4:DC:31:01:1F:0D:63:DC:9B:8D:EC:09
Certificate issuer: /CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Certificate serial: 018C39825FFD1AF7F60BC37DB049956266AC
Authority key identifier: A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/4LQbLGohnN3U3DEBHw1j3JuN7Ak.roa
Signing time: Tue 05 Dec 2023 10:24:54 +0000
ROA not before: Tue 05 Dec 2023 10:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199493
IP address blocks: 193.221.197.0/24 maxlen: 24
193.221.196.0/23 maxlen: 23
193.221.196.0/22 maxlen: 22
193.221.196.0/24 maxlen: 24
193.221.198.0/23 maxlen: 23
193.221.199.0/24 maxlen: 24
193.221.198.0/24 maxlen: 24
80.243.232.0/22 maxlen: 22
80.243.232.0/23 maxlen: 23
80.243.233.0/24 maxlen: 24
80.243.232.0/24 maxlen: 24
80.243.234.0/23 maxlen: 23
80.243.234.0/24 maxlen: 24
80.243.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Dec 2023 13:38:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:82:5f:fd:1a:f7:f6:0b:c3:7d:b0:49:95:62:66:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Validity
Not Before: Dec 5 10:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0b41b2c6a219cddd4dc31011f0d63dc9b8dec09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:38:33:ef:ff:56:7c:d0:76:0d:2a:57:af:4b:
40:5f:ac:32:da:17:5d:73:e6:c1:ed:1a:40:1a:d1:
bd:d3:c0:e9:28:04:07:aa:bf:5b:b2:18:35:cc:a0:
95:7d:f4:0d:d1:f3:ec:6f:87:80:55:91:96:91:46:
f5:1a:05:26:b9:17:1d:ac:59:b6:99:b2:c3:f6:d8:
98:ad:c7:59:6f:5c:05:8c:4a:69:1a:6f:8e:e0:04:
d4:5f:e4:70:c0:6d:72:e2:e2:d6:a9:96:ce:bf:92:
d8:ba:5b:c2:0b:3a:99:3e:a2:46:95:e9:15:29:5f:
52:af:e4:90:4c:d2:78:21:15:40:cc:7f:fe:83:c3:
60:e2:0c:e0:f5:c7:ff:44:6a:45:9a:0f:49:df:e0:
3b:e7:c3:4d:f2:41:7f:5e:61:57:57:2e:21:ab:49:
e2:7f:53:80:ab:10:de:af:09:c6:6e:d4:33:aa:6b:
82:40:21:fa:f5:ce:04:35:c9:b2:ef:50:31:c2:b0:
69:46:82:1a:03:ae:78:e2:3b:b6:9f:b4:23:c1:a2:
df:72:57:78:e9:69:1f:83:81:51:2d:f6:fe:76:ac:
93:2b:1b:d6:49:be:83:1e:b6:1a:bf:eb:19:10:31:
94:6a:93:9a:0c:f1:34:85:ae:74:a9:75:5e:f7:c1:
41:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B4:1B:2C:6A:21:9C:DD:D4:DC:31:01:1F:0D:63:DC:9B:8D:EC:09
X509v3 Authority Key Identifier:
keyid:A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/4LQbLGohnN3U3DEBHw1j3JuN7Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.232.0/22
193.221.196.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:54:29:52:5e:dd:6b:e4:d1:fe:d2:1d:4e:3d:b2:75:5e:ac:
39:84:e1:fb:0f:60:72:f9:55:54:64:cb:15:c3:e9:ac:7c:5e:
fa:d1:86:51:a1:9e:18:3f:32:b8:b2:a1:35:89:ad:fa:e6:bc:
30:55:e4:c9:ff:0b:a7:5d:43:bd:87:d2:22:5e:aa:87:e5:ee:
7d:ad:1b:3c:e9:5a:94:4a:ea:16:03:a4:28:40:c8:c3:7e:d5:
6c:65:53:ed:70:a3:2b:ad:c9:f3:c5:5a:27:b5:67:2a:8b:d8:
f8:c0:ec:f7:98:ba:1b:ea:dd:9f:70:a8:69:00:62:36:34:f4:
e1:1a:9a:ca:74:f7:37:e4:21:d5:c2:52:d8:e1:85:10:55:c8:
ea:46:4a:b9:29:18:9e:4d:79:74:63:c4:00:64:e3:72:34:9e:
c8:bc:b6:75:7b:10:df:57:5e:9c:72:f3:2f:22:9f:69:bb:cd:
37:d3:18:28:41:9e:68:41:79:59:16:e6:69:4b:0a:f9:ad:00:
e5:59:53:ec:bb:9c:c8:37:d7:c9:0b:3e:2b:bb:73:0d:3d:95:
3e:21:29:d6:55:7c:f4:2b:ba:01:78:fc:a7:e2:d7:a8:fc:12:
90:75:35:ac:b0:ca:bb:af:fd:9e:8c:a4:81:01:14:e6:bb:1d:
fa:d4:4d:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw5gl/9Gvf2C8N9sEmVYmasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzIyNGM1MDE3ZDM0ZWNkYzI4ZDBjZjM2NDQyZDY1YmVm
OWUwYTAwHhcNMjMxMjA1MTAyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGI0MWIyYzZhMjE5Y2RkZDRkYzMxMDExZjBkNjNkYzliOGRlYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTgz7/9WfNB2DSpXr0tAX6wy2hdd
c+bB7RpAGtG908DpKAQHqr9bshg1zKCVffQN0fPsb4eAVZGWkUb1GgUmuRcdrFm2
mbLD9tiYrcdZb1wFjEppGm+O4ATUX+RwwG1y4uLWqZbOv5LYulvCCzqZPqJGlekV
KV9Sr+SQTNJ4IRVAzH/+g8Ng4gzg9cf/RGpFmg9J3+A758NN8kF/XmFXVy4hq0ni
f1OAqxDerwnGbtQzqmuCQCH69c4ENcmy71AxwrBpRoIaA6544ju2n7QjwaLfcld4
6Wkfg4FRLfb+dqyTKxvWSb6DHrYav+sZEDGUapOaDPE0ha50qXVe98FB2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOC0GyxqIZzd1NwxAR8NY9ybjewJMB8GA1UdIwQY
MBaAFKIyJMUBfTTs3CjQzzZELWW++eCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTkt
ZmVjOGE4MGVkMjMzLzEvNExRYkxHb2huTjNVM0RFQkh3MWozSnVON0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTktZmVjOGE4MGVkMjMz
LzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUPPoAwQC
wd3EMA0GCSqGSIb3DQEBCwUAA4IBAQA+VClSXt1r5NH+0h1OPbJ1Xqw5hOH7D2By
+VVUZMsVw+msfF760YZRoZ4YPzK4sqE1ia365rwwVeTJ/wunXUO9h9IiXqqH5e59
rRs86VqUSuoWA6QoQMjDftVsZVPtcKMrrcnzxVontWcqi9j4wOz3mLob6t2fcKhp
AGI2NPThGprKdPc35CHVwlLY4YUQVcjqRkq5KRieTXl0Y8QAZONyNJ7IvLZ1exDf
V16ccvMvIp9pu8030xgoQZ5oQXlZFuZpSwr5rQDlWVPsu5zIN9fJCz4ru3MNPZU+
ISnWVXz0K7oBePyn4teo/BKQdTWssMq7r/2ejKSBARTmux361E23
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:22 2024 by rpki-client on console-ams.rpki-client.org