Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/oX4BT43-Nu4QMB4x563F1I6o5oI.roa
File: oX4BT43-Nu4QMB4x563F1I6o5oI.roa (raw, json)
Hash identifier: 7QB5Ygcy4nMq/RFtMi4eYWAJ2U7qbS7dIAaphaPiicQ=
Subject key identifier: A1:7E:01:4F:8D:FE:36:EE:10:30:1E:31:E7:AD:C5:D4:8E:A8:E6:82
Certificate issuer: /CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Certificate serial: 01902B12DBD30315410104872240A3A1BF65
Authority key identifier: 4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/oX4BT43-Nu4QMB4x563F1I6o5oI.roa
Signing time: Tue 18 Jun 2024 11:19:34 +0000
ROA not before: Tue 18 Jun 2024 11:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8821
IP address blocks: 62.171.0.0/17 maxlen: 17
77.245.176.0/20 maxlen: 20
82.136.64.0/18 maxlen: 18
151.248.128.0/17 maxlen: 17
158.181.96.0/19 maxlen: 19
185.42.244.0/22 maxlen: 22
185.244.112.0/22 maxlen: 22
212.4.64.0/19 maxlen: 19
2a01:760::/32 maxlen: 32
2a01:8b80::/29 maxlen: 29
2a01:8b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 19 Jun 2024 10:59:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2b:12:db:d3:03:15:41:01:04:87:22:40:a3:a1:bf:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Validity
Not Before: Jun 18 11:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a17e014f8dfe36ee10301e31e7adc5d48ea8e682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b8:7a:62:32:68:06:92:ad:bc:b5:66:d2:48:
aa:d4:0f:da:d9:83:13:6a:5a:95:b4:10:46:a5:80:
25:14:4e:9a:87:cf:4b:95:96:3d:0b:a8:5a:26:fb:
a5:fc:66:01:30:43:c8:86:eb:45:45:09:96:03:1c:
1f:db:15:e4:ca:cb:d6:a0:f0:e7:d4:06:4f:58:57:
94:78:fa:1a:f0:8e:6f:6a:0b:52:24:ae:9d:6c:20:
bc:0f:dd:34:61:f7:ad:86:f2:0a:06:2b:8b:ed:01:
e5:91:bd:d8:b6:b9:17:56:9a:ef:a8:85:26:d7:76:
0c:84:45:4c:d6:a4:13:2e:31:73:ab:bb:78:66:90:
3e:96:da:ac:ac:2c:6e:bf:b1:fd:e9:84:7f:76:94:
d9:74:7f:61:e5:5a:3a:94:93:ed:b4:c2:1b:f1:5b:
ce:12:84:4e:fd:9c:3a:64:fd:83:eb:f5:a0:54:8e:
c9:c9:80:86:dd:13:50:7e:64:42:fa:7e:88:97:71:
e8:02:c0:9f:eb:66:b6:5d:87:1b:0c:0d:95:1d:d2:
1f:c6:c2:94:65:1b:ba:34:1e:3f:d4:e8:0d:43:1f:
6e:93:63:4a:16:e6:71:0d:c7:e6:d6:74:52:27:0a:
b1:06:a6:5f:f8:b8:88:17:91:d8:c7:3d:52:25:64:
00:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7E:01:4F:8D:FE:36:EE:10:30:1E:31:E7:AD:C5:D4:8E:A8:E6:82
X509v3 Authority Key Identifier:
keyid:4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/oX4BT43-Nu4QMB4x563F1I6o5oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.0.0/17
77.245.176.0/20
82.136.64.0/18
151.248.128.0/17
158.181.96.0/19
185.42.244.0/22
185.244.112.0/22
212.4.64.0/19
IPv6:
2a01:760::/32
2a01:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
59:d0:27:16:e8:53:79:ed:4a:00:d1:2d:0b:14:9a:3c:1e:94:
2a:50:22:65:af:b3:cc:cb:be:f1:73:8f:35:0e:be:63:dc:58:
e1:39:d3:38:6b:64:23:0b:b3:49:d9:61:0d:e9:1e:0e:1f:42:
25:90:fa:cb:6b:de:12:34:e8:81:3d:75:6e:43:62:f4:a7:bc:
a4:de:aa:28:a8:16:d4:66:ec:b2:b9:d5:7a:17:1e:1b:d6:8b:
a4:da:29:b9:65:09:93:9e:84:41:ea:3d:b9:8b:6d:84:34:a6:
23:b7:ec:30:c7:27:b5:d4:12:b4:b7:0c:e9:dc:c2:97:ce:a9:
c4:52:0f:d0:e0:d4:0f:36:71:90:6c:9c:39:26:df:94:ef:9f:
f6:67:1c:42:ab:60:2a:4b:de:ca:40:16:87:3d:7e:9e:ba:56:
66:9e:df:df:f4:0a:91:b8:50:e9:22:b6:fa:6c:bb:41:90:ef:
dc:f9:14:76:89:fb:2e:ac:6a:9b:78:ed:aa:be:75:39:48:16:
e2:98:0d:48:2e:45:ef:b6:0f:14:8f:86:c2:ad:5f:0b:df:56:
a5:3a:8e:b2:13:bf:cd:8d:66:70:91:e7:b4:d7:88:c5:82:bf:
50:17:c5:af:52:84:54:d9:cb:86:a5:46:c0:45:5b:6c:b2:2b:
52:c9:03:cd
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZArEtvTAxVBAQSHIkCjob9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYzJiYzBlM2U1OTMzMmY0YmUyYzU4ZmYyNWExODYxZjVm
ZGU4MTkwHhcNMjQwNjE4MTExOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTdlMDE0ZjhkZmUzNmVlMTAzMDFlMzFlN2FkYzVkNDhlYThlNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7h6YjJoBpKtvLVm0kiq1A/a2YMT
alqVtBBGpYAlFE6ah89LlZY9C6haJvul/GYBMEPIhutFRQmWAxwf2xXkysvWoPDn
1AZPWFeUePoa8I5vagtSJK6dbCC8D900YfethvIKBiuL7QHlkb3YtrkXVprvqIUm
13YMhEVM1qQTLjFzq7t4ZpA+ltqsrCxuv7H96YR/dpTZdH9h5Vo6lJPttMIb8VvO
EoRO/Zw6ZP2D6/WgVI7JyYCG3RNQfmRC+n6Il3HoAsCf62a2XYcbDA2VHdIfxsKU
ZRu6NB4/1OgNQx9uk2NKFuZxDcfm1nRSJwqxBqZf+LiIF5HYxz1SJWQAmwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKF+AU+N/jbuEDAeMeetxdSOqOaCMB8GA1UdIwQY
MBaAFErCvA4+WTMvS+LFj/JaGGH1/egZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYt
ODA3M2RjZTA5NjI4LzEvb1g0QlQ0My1OdTRRTUI0eDU2M0YxSTZvNW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYtODA3M2RjZTA5NjI4
LzEvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQHPqsAAwQE
TfWwAwQGUohAAwQHl/iAAwQFnrVgAwQCuSr0AwQCufRwAwQF1ARAMBQEAgACMA4D
BQAqAQdgAwUDKgGLgDANBgkqhkiG9w0BAQsFAAOCAQEAWdAnFuhTee1KANEtCxSa
PB6UKlAiZa+zzMu+8XOPNQ6+Y9xY4TnTOGtkIwuzSdlhDekeDh9CJZD6y2veEjTo
gT11bkNi9Ke8pN6qKKgW1GbssrnVehceG9aLpNopuWUJk56EQeo9uYtthDSmI7fs
MMcntdQStLcM6dzCl86pxFIP0ODUDzZxkGycOSbflO+f9mccQqtgKkveykAWhz1+
nrpWZp7f3/QKkbhQ6SK2+my7QZDv3PkUdon7Lqxqm3jtqr51OUgW4pgNSC5F77YP
FI+Gwq1fC99WpTqOshO/zY1mcJHntNeIxYK/UBfFr1KEVNnLhqVGwEVbbLIrUskD
zQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:58 2025 by rpki-client