Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/4H1FH5Yo5wCFsy4w_uDv2hqOkYw.roa
File: 4H1FH5Yo5wCFsy4w_uDv2hqOkYw.roa (raw, json)
Hash identifier: hXjV8/w7R4DGQ69gm7O7Fo+XcPcGrK9LRiIY3fJh+kc=
Subject key identifier: E0:7D:45:1F:96:28:E7:00:85:B3:2E:30:FE:E0:EF:DA:1A:8E:91:8C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FBC664A7424F3289B20FAD171D8A6
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/4H1FH5Yo5wCFsy4w_uDv2hqOkYw.roa
Signing time: Tue 02 Jan 2024 04:30:14 +0000
ROA not before: Tue 02 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5650
IP address blocks: 185.55.4.0/23 maxlen: 23
185.55.4.0/22 maxlen: 22
185.55.6.0/23 maxlen: 23
176.103.240.0/22 maxlen: 22
176.96.88.0/22 maxlen: 22
176.103.244.0/22 maxlen: 22
176.103.240.0/21 maxlen: 21
176.116.232.0/22 maxlen: 22
185.55.142.0/23 maxlen: 23
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
64.43.112.0/22 maxlen: 22
46.173.240.0/21 maxlen: 21
178.212.184.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
64.43.124.0/22 maxlen: 22
178.212.188.0/22 maxlen: 22
91.233.0.0/23 maxlen: 23
193.36.204.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 03 Apr 2024 13:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:bc:66:4a:74:24:f3:28:9b:20:fa:d1:71:d8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e07d451f9628e70085b32e30fee0efda1a8e918c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:43:59:08:e8:45:85:4b:43:9a:ff:7c:77:96:
9c:cc:11:58:7b:65:5b:71:66:f5:c1:a3:2c:c8:ac:
46:bd:70:89:80:82:3b:6e:0a:31:da:c6:ec:cd:37:
09:1a:65:02:a7:93:c6:21:a5:f8:32:12:91:65:9d:
69:b7:5e:86:d8:f0:7e:66:bc:1f:26:81:0a:13:3b:
59:b0:b6:d8:16:9f:5f:d8:64:d8:4a:38:f0:b2:a7:
46:38:41:15:ee:8d:8b:4b:db:30:ab:a3:74:e1:16:
55:c7:e2:80:51:a8:1c:61:05:6d:eb:01:1c:6f:be:
a7:db:e6:fe:fc:44:34:0e:48:68:be:6b:cb:19:14:
ae:e0:30:d0:6c:d6:ff:1c:4c:f6:ea:90:65:20:f1:
2b:45:ef:71:0c:a3:df:dd:dd:8a:26:8b:50:80:1c:
29:c1:03:a0:19:70:77:1e:7a:45:08:73:69:0b:35:
12:a2:c6:5d:d3:0f:df:95:95:50:4a:ab:cf:a6:3e:
6d:10:ad:49:7d:87:f7:dc:af:81:cf:ba:dd:af:e7:
af:ce:51:d4:ef:5a:4c:3f:85:98:05:de:1c:f7:a2:
04:5f:db:7c:f8:4e:bb:a7:05:ef:57:50:ed:36:84:
24:43:9d:5c:91:a4:3f:62:c5:c7:7f:c3:83:99:88:
ba:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7D:45:1F:96:28:E7:00:85:B3:2E:30:FE:E0:EF:DA:1A:8E:91:8C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/4H1FH5Yo5wCFsy4w_uDv2hqOkYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.240.0/21
64.43.112.0/22
64.43.124.0/22
91.233.0.0/23
176.96.88.0/22
176.102.120.0/21
176.103.240.0/21
176.116.232.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
20:0c:14:36:9a:5d:b9:bb:15:3c:b3:b4:25:c0:2c:a3:fd:49:
89:86:af:ab:f7:39:bb:4d:0f:05:cc:83:66:ca:57:0e:e8:61:
b3:94:ba:84:73:05:c6:eb:0c:4c:eb:cb:ab:4c:c3:8f:d6:6c:
27:4b:ae:d7:d3:ed:7f:5d:9a:39:97:30:bc:b5:cd:62:9e:5d:
69:76:7c:23:d4:e6:73:75:56:c1:00:0a:fc:3b:54:e3:78:56:
81:f4:e4:c2:1f:f6:3c:4b:53:42:7f:c5:94:83:83:be:4b:02:
53:16:55:8b:df:fa:67:cb:f0:8a:4c:b5:89:26:5b:1c:8b:9b:
ca:ab:e9:1f:f2:7f:94:6e:cb:b4:93:3b:a0:ac:cf:d2:28:ed:
4d:47:e4:e4:6c:47:61:72:0a:da:52:f2:c1:1e:f7:71:1f:5c:
8a:1c:57:5a:24:a9:d9:5e:83:6c:1d:f9:0f:57:ac:b5:82:ec:
d3:14:77:93:49:15:13:51:67:86:64:76:10:93:23:00:d1:ea:
20:9b:80:91:e0:56:f2:25:b2:13:4a:92:cb:36:18:85:4d:b0:
2c:fa:43:49:a0:7a:ad:3f:7b:59:7d:7b:3b:fb:ea:52:20:63:
08:e8:37:1f:79:86:1b:4c:e8:a1:9e:8a:f4:4a:cc:7d:65:67:
f0:73:27:92
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzIb7xmSnQk8yibIPrRcdimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdkNDUxZjk2MjhlNzAwODViMzJlMzBmZWUwZWZkYTFhOGU5MThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0NZCOhFhUtDmv98d5aczBFYe2Vb
cWb1waMsyKxGvXCJgII7bgox2sbszTcJGmUCp5PGIaX4MhKRZZ1pt16G2PB+Zrwf
JoEKEztZsLbYFp9f2GTYSjjwsqdGOEEV7o2LS9swq6N04RZVx+KAUagcYQVt6wEc
b76n2+b+/EQ0DkhovmvLGRSu4DDQbNb/HEz26pBlIPErRe9xDKPf3d2KJotQgBwp
wQOgGXB3HnpFCHNpCzUSosZd0w/flZVQSqvPpj5tEK1JfYf33K+Bz7rdr+evzlHU
71pMP4WYBd4c96IEX9t8+E67pwXvV1DtNoQkQ51ckaQ/YsXHf8ODmYi6ZQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOB9RR+WKOcAhbMuMP7g79oajpGMMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNEgxRkg1WW81d0NGc3k0d191RHYyaHFPa1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDLq3wAwQC
QCtwAwQCQCt8AwQBW+kAAwQCsGBYAwQDsGZ4AwQDsGfwAwQCsHToAwQDstS4AwQC
uTcEAwQCuTeMAwQCwSTMMA0GCSqGSIb3DQEBCwUAA4IBAQAgDBQ2ml25uxU8s7Ql
wCyj/UmJhq+r9zm7TQ8FzINmylcO6GGzlLqEcwXG6wxM68urTMOP1mwnS67X0+1/
XZo5lzC8tc1inl1pdnwj1OZzdVbBAAr8O1TjeFaB9OTCH/Y8S1NCf8WUg4O+SwJT
FlWL3/pny/CKTLWJJlsci5vKq+kf8n+Ubsu0kzugrM/SKO1NR+TkbEdhcgraUvLB
HvdxH1yKHFdaJKnZXoNsHfkPV6y1guzTFHeTSRUTUWeGZHYQkyMA0eogm4CR4Fby
JbITSpLLNhiFTbAs+kNJoHqtP3tZfXs7++pSIGMI6DcfeYYbTOihnor0Ssx9ZWfw
cyeS
-----END CERTIFICATE-----
Generated at Wed Apr 3 16:48:14 2024 by rpki-client on console-ams.rpki-client.org