Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/4PQwvc6Q3cLl6970Oa9Fu-Z2G5I.roa
File: 4PQwvc6Q3cLl6970Oa9Fu-Z2G5I.roa (raw, json)
Hash identifier: TzcgePqun0kopcjMwxANbtd0FvFrbQTAMSvJfmBMEck=
Subject key identifier: E0:F4:30:BD:CE:90:DD:C2:E5:EB:DE:F4:39:AF:45:BB:E6:76:1B:92
Certificate issuer: /CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Certificate serial: 018971D7AE615CF8B02CAE00F9871801E48A
Authority key identifier: 8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/4PQwvc6Q3cLl6970Oa9Fu-Z2G5I.roa
Signing time: Thu 20 Jul 2023 05:48:27 +0000
ROA not before: Thu 20 Jul 2023 05:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202499
IP address blocks: 185.239.64.0/24 maxlen: 24
185.239.64.0/22 maxlen: 24
185.71.168.0/24 maxlen: 24
185.71.168.0/22 maxlen: 24
185.71.169.0/24 maxlen: 24
185.71.170.0/24 maxlen: 24
185.71.171.0/24 maxlen: 24
185.239.65.0/24 maxlen: 24
185.239.66.0/24 maxlen: 24
185.239.67.0/24 maxlen: 24
185.228.240.0/24 maxlen: 24
185.228.241.0/24 maxlen: 24
185.228.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:71:d7:ae:61:5c:f8:b0:2c:ae:00:f9:87:18:01:e4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Validity
Not Before: Jul 20 05:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0f430bdce90ddc2e5ebdef439af45bbe6761b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a9:0e:93:0d:a0:d2:42:59:c3:df:ae:88:ac:
55:f3:3f:38:f7:92:97:60:47:d7:28:2e:3a:35:38:
af:bb:ca:48:de:ad:d2:43:c2:41:cb:6a:7e:78:bf:
46:d7:8e:6c:62:3f:58:a8:af:fa:0b:e1:ac:ab:a0:
56:b2:1b:bb:d4:65:56:35:e2:9e:6e:a6:46:73:6e:
d2:cf:64:d7:43:17:bf:f0:13:f2:6f:8e:8c:4c:a2:
9c:97:05:b9:67:3c:e8:fd:d3:63:97:51:4e:c8:dd:
0b:ac:bc:cb:ef:d8:4d:ee:54:1a:95:52:82:03:8e:
a6:46:ef:92:3f:36:dd:2a:b1:61:e5:28:6d:90:ee:
ba:5b:b5:c7:7f:3b:bd:dc:9d:04:98:1c:11:cf:c2:
9d:98:e2:49:a5:72:a1:bd:9e:85:3b:69:d1:3a:e9:
81:64:f7:54:0c:44:7f:05:d5:2b:93:9e:68:67:a1:
e1:55:31:a8:3e:88:f8:d6:7a:c0:0d:a1:ac:31:6e:
6c:4c:e3:8a:6d:d7:49:e5:3e:52:4d:01:d8:d9:4f:
65:a2:38:1e:1b:3c:fe:4c:35:5b:b7:69:ed:5b:2c:
a3:04:0f:95:61:fa:cb:4f:4c:ef:c0:ae:1d:3b:54:
7a:65:86:2d:83:20:30:2c:63:12:df:2a:ff:fa:83:
62:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F4:30:BD:CE:90:DD:C2:E5:EB:DE:F4:39:AF:45:BB:E6:76:1B:92
X509v3 Authority Key Identifier:
keyid:8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/4PQwvc6Q3cLl6970Oa9Fu-Z2G5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/ju56OtFSu4clp9ubt1IIBLbxFV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.168.0/22
185.228.240.0-185.228.242.255
185.239.64.0/22
Signature Algorithm: sha256WithRSAEncryption
79:d8:bf:78:ab:74:72:32:a8:b0:da:36:7d:ec:6a:e9:e3:1e:
05:bb:6c:92:4b:06:98:18:b7:c4:4f:81:62:c3:17:3b:a2:f8:
46:78:06:13:bb:88:38:fe:8e:eb:b7:95:e9:b1:3d:55:c6:e1:
20:15:cf:b6:0e:bc:7c:a4:3b:f9:b8:13:fa:ef:69:a3:33:97:
05:90:22:1b:cd:04:8a:db:4d:ba:9f:8c:08:2c:a9:7d:c0:d1:
3a:3c:46:19:3b:91:1e:43:32:aa:56:0e:5b:d7:a8:ab:96:ca:
68:52:25:43:7a:bf:b4:45:b9:3d:41:22:5e:00:5b:57:a3:c1:
d7:c1:b9:bb:af:27:5d:08:a8:49:cd:15:1c:ff:a8:c6:f6:7d:
f8:db:83:15:39:53:2b:a2:1a:10:e6:2f:ed:f0:af:63:cb:0f:
d9:dc:e5:a7:1f:f6:94:91:45:86:9d:70:ee:b8:62:9a:47:4b:
1d:0f:14:6a:f9:58:c2:5f:41:34:73:20:30:5d:cd:3b:ea:0a:
3a:37:14:75:99:67:26:d0:db:37:19:d7:2f:9f:17:d8:cd:29:
d8:15:5d:8c:57:3c:f3:05:41:6d:a0:79:2e:2e:8e:34:af:ff:
32:2e:2d:0c:bf:cc:c2:14:d0:b6:2e:75:ad:44:3c:2d:dc:81:
ad:22:6c:b0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYlx165hXPiwLK4A+YcYAeSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZWU3YTNhZDE1MmJiODcyNWE3ZGI5YmI3NTIwODA0YjZm
MTE1NWYwHhcNMjMwNzIwMDU0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGY0MzBiZGNlOTBkZGMyZTVlYmRlZjQzOWFmNDViYmU2NzYxYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuakOkw2g0kJZw9+uiKxV8z8495KX
YEfXKC46NTivu8pI3q3SQ8JBy2p+eL9G145sYj9YqK/6C+Gsq6BWshu71GVWNeKe
bqZGc27Sz2TXQxe/8BPyb46MTKKclwW5Zzzo/dNjl1FOyN0LrLzL79hN7lQalVKC
A46mRu+SPzbdKrFh5ShtkO66W7XHfzu93J0EmBwRz8KdmOJJpXKhvZ6FO2nROumB
ZPdUDER/BdUrk55oZ6HhVTGoPoj41nrADaGsMW5sTOOKbddJ5T5STQHY2U9lojge
Gzz+TDVbt2ntWyyjBA+VYfrLT0zvwK4dO1R6ZYYtgyAwLGMS3yr/+oNi+QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOD0ML3OkN3C5eve9DmvRbvmdhuSMB8GA1UdIwQY
MBaAFI7uejrRUruHJafbm7dSCAS28RVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYt
NDk1OTFhZmUxN2YwLzEvNFBRd3ZjNlEzY0xsNjk3ME9hOUZ1LVoyRzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYtNDk1OTFhZmUxN2Yw
LzEvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuUeoMAwD
BAS55PADBAC55PIDBAK570AwDQYJKoZIhvcNAQELBQADggEBAHnYv3irdHIyqLDa
Nn3saunjHgW7bJJLBpgYt8RPgWLDFzui+EZ4BhO7iDj+juu3lemxPVXG4SAVz7YO
vHykO/m4E/rvaaMzlwWQIhvNBIrbTbqfjAgsqX3A0To8Rhk7kR5DMqpWDlvXqKuW
ymhSJUN6v7RFuT1BIl4AW1ejwdfBubuvJ10IqEnNFRz/qMb2ffjbgxU5UyuiGhDm
L+3wr2PLD9nc5acf9pSRRYadcO64YppHSx0PFGr5WMJfQTRzIDBdzTvqCjo3FHWZ
ZybQ2zcZ1y+fF9jNKdgVXYxXPPMFQW2geS4ujjSv/zIuLQy/zMIU0LYuda1EPC3c
ga0ibLA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:54 2024 by rpki-client on console-ams.rpki-client.org