Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/ECmdGDM3kQa99kLAHjKvNKguaA4.roa
File: ECmdGDM3kQa99kLAHjKvNKguaA4.roa (raw, json)
Hash identifier: XOS3UgqtTkzmSbamn200V0gXGhEVJ0JsnmvP5mbQp4A=
Subject key identifier: 10:29:9D:18:33:37:91:06:BD:F6:42:C0:1E:32:AF:34:A8:2E:68:0E
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 018AEFB686DE9EBFCA0374C982647FBD05D0
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/ECmdGDM3kQa99kLAHjKvNKguaA4.roa
Signing time: Mon 02 Oct 2023 09:27:11 +0000
ROA not before: Mon 02 Oct 2023 09:27:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 123.100.227.0/24 maxlen: 24
64.225.244.0/23 maxlen: 23
148.222.40.0/22 maxlen: 22
104.225.253.0/24 maxlen: 24
216.183.120.0/24 maxlen: 24
167.234.38.0/24 maxlen: 24
216.203.15.0/24 maxlen: 24
198.49.103.0/24 maxlen: 24
46.17.217.0/24 maxlen: 24
91.198.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Oct 2023 14:59:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:b6:86:de:9e:bf:ca:03:74:c9:82:64:7f:bd:05:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Oct 2 09:27:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10299d1833379106bdf642c01e32af34a82e680e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:46:d5:7e:11:40:69:72:91:c9:b0:b7:e1:77:
74:87:dc:67:1f:d1:e8:e1:ae:6b:1c:de:df:84:e0:
4b:5e:34:27:84:9d:65:9c:12:e0:98:6f:bb:07:49:
85:54:e7:ee:6d:b6:50:f8:ba:d9:03:42:1f:56:c5:
7a:1a:b2:6c:b7:8d:12:45:a6:df:a9:eb:2c:85:7e:
a8:19:90:db:32:d2:56:49:05:49:dc:d0:c1:b3:03:
2e:ce:90:25:ec:71:ba:27:24:3e:10:e9:9a:a4:5a:
fa:12:5f:5f:b6:eb:da:70:27:c1:d1:21:be:ac:57:
98:c0:a6:e0:70:6b:64:f5:c2:f8:95:49:7e:78:40:
7b:ab:17:5b:ab:eb:fe:e4:95:9a:9b:77:12:9b:03:
3f:6d:c3:22:46:a3:b2:9c:b1:35:8f:b7:9d:e6:05:
0d:8e:ac:ec:4a:11:23:72:8a:9a:c6:d0:61:61:4d:
d9:aa:1a:a1:b6:e9:8a:75:fa:81:0f:7e:71:2f:90:
90:95:b5:f2:68:fb:03:31:c3:dc:84:7a:2c:2e:3a:
63:2f:41:f5:f5:cf:02:af:b3:00:70:1e:80:80:23:
3f:b3:08:da:b3:40:43:9f:f5:10:2b:44:be:67:67:
9b:97:27:44:ed:9d:80:b9:23:2f:c5:ce:9d:d0:02:
92:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:29:9D:18:33:37:91:06:BD:F6:42:C0:1E:32:AF:34:A8:2E:68:0E
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/ECmdGDM3kQa99kLAHjKvNKguaA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.217.0/24
64.225.244.0/23
91.198.19.0/24
104.225.253.0/24
123.100.227.0/24
148.222.40.0/22
167.234.38.0/24
198.49.103.0/24
216.183.120.0/24
216.203.15.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:09:ac:e1:e8:2b:67:78:7a:a1:94:f3:23:6d:e0:34:75:a1:
0f:54:1f:65:87:fc:a4:fe:7e:2d:33:ae:5b:e6:f9:85:a4:99:
3d:2e:ae:53:f8:75:b2:58:4f:6a:99:28:09:ba:28:52:4f:5c:
2b:76:2a:34:79:32:85:6d:86:2c:29:09:ac:9b:eb:fa:6d:b0:
16:1e:c4:c2:78:32:3b:fb:f7:b4:10:90:a9:c7:1f:af:82:87:
84:1b:d7:57:4b:cf:59:65:64:b4:73:1f:b3:4c:e2:d8:5e:12:
6d:04:da:04:56:42:87:71:f4:64:46:93:51:2a:4b:75:a2:12:
a8:cc:99:e2:61:a4:5f:7e:4c:86:ba:20:e0:0d:1e:7d:a8:65:
4c:8b:fd:9d:52:3c:38:e7:65:b7:7f:f5:46:f8:4a:49:94:a3:
4e:af:e6:ac:4d:e7:b2:f9:0b:81:16:18:7e:d2:b9:74:f2:1a:
d4:6d:14:1c:fd:17:95:98:2c:e7:08:51:7c:61:09:e4:34:ab:
8d:ef:72:c0:c4:40:fb:ae:77:ab:2e:9f:55:c5:78:3d:87:9f:
44:50:53:4e:73:eb:2c:5f:f5:fc:39:52:1b:1b:46:3e:66:50:
6d:69:44:5e:0e:93:18:f4:9f:4a:68:b3:23:c4:9d:09:6a:30:
47:3d:85:e9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYrvtobenr/KA3TJgmR/vQXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjMxMDAyMDkyNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDI5OWQxODMzMzc5MTA2YmRmNjQyYzAxZTMyYWYzNGE4MmU2ODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0bVfhFAaXKRybC34Xd0h9xnH9Ho
4a5rHN7fhOBLXjQnhJ1lnBLgmG+7B0mFVOfubbZQ+LrZA0IfVsV6GrJst40SRabf
qesshX6oGZDbMtJWSQVJ3NDBswMuzpAl7HG6JyQ+EOmapFr6El9ftuvacCfB0SG+
rFeYwKbgcGtk9cL4lUl+eEB7qxdbq+v+5JWam3cSmwM/bcMiRqOynLE1j7ed5gUN
jqzsShEjcoqaxtBhYU3ZqhqhtumKdfqBD35xL5CQlbXyaPsDMcPchHosLjpjL0H1
9c8Cr7MAcB6AgCM/swjas0BDn/UQK0S+Z2eblydE7Z2AuSMvxc6d0AKSkwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFBApnRgzN5EGvfZCwB4yrzSoLmgOMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvRUNtZEdETTNrUWE5OWtMQUhqS3ZOS2d1YUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALhHZAwQB
QOH0AwQAW8YTAwQAaOH9AwQAe2TjAwQClN4oAwQAp+omAwQAxjFnAwQA2Ld4AwQA
2MsPMA0GCSqGSIb3DQEBCwUAA4IBAQB+Cazh6CtneHqhlPMjbeA0daEPVB9lh/yk
/n4tM65b5vmFpJk9Lq5T+HWyWE9qmSgJuihST1wrdio0eTKFbYYsKQmsm+v6bbAW
HsTCeDI7+/e0EJCpxx+vgoeEG9dXS89ZZWS0cx+zTOLYXhJtBNoEVkKHcfRkRpNR
Kkt1ohKozJniYaRffkyGuiDgDR59qGVMi/2dUjw452W3f/VG+EpJlKNOr+asTeey
+QuBFhh+0rl08hrUbRQc/ReVmCznCFF8YQnkNKuN73LAxED7rnerLp9VxXg9h59E
UFNOc+ssX/X8OVIbG0Y+ZlBtaUReDpMY9J9KaLMjxJ0JajBHPYXp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:13 2024 by rpki-client on console-fra.rpki-client.org