Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/AQ4wEdrtak4GCvRxERzqOos86FI.roa
File: AQ4wEdrtak4GCvRxERzqOos86FI.roa (raw, json)
Hash identifier: HzZT2RcSOwfHedlFE28tRlf+m9buLpcIE0M1PKMVrWg=
Subject key identifier: 01:0E:30:11:DA:ED:6A:4E:06:0A:F4:71:11:1C:EA:3A:8B:3C:E8:52
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018B96D187EFA493D028C7CFAD8C6F7177EA
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/AQ4wEdrtak4GCvRxERzqOos86FI.roa
Signing time: Fri 03 Nov 2023 20:13:16 +0000
ROA not before: Fri 03 Nov 2023 20:13:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24961
IP address blocks: 185.219.208.0/22 maxlen: 24
78.31.64.0/21 maxlen: 24
93.186.192.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
85.114.128.0/19 maxlen: 24
5.104.104.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
62.141.32.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.228.192.0/20 maxlen: 24
194.107.129.0/24 maxlen: 24
81.30.144.0/20 maxlen: 24
80.82.208.0/20 maxlen: 24
91.212.159.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
89.163.128.0/17 maxlen: 24
146.0.32.0/20 maxlen: 24
91.194.84.0/24 maxlen: 24
213.202.192.0/18 maxlen: 24
5.199.128.0/20 maxlen: 24
185.15.244.0/22 maxlen: 24
217.79.176.0/20 maxlen: 24
193.111.198.0/23 maxlen: 24
2001:4ba4::/32 maxlen: 32
2a01:480::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba0::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:d1:87:ef:a4:93:d0:28:c7:cf:ad:8c:6f:71:77:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Nov 3 20:13:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=010e3011daed6a4e060af471111cea3a8b3ce852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e6:d5:97:00:14:fd:f2:d2:f4:7c:1e:e9:46:
ec:e7:60:c0:eb:89:41:db:01:87:53:2c:b8:3b:25:
b0:42:f3:6f:f5:38:b5:50:83:f3:01:c2:a8:fc:be:
64:d9:d8:13:4f:a4:fa:f1:e6:13:39:7f:b4:a3:29:
75:93:f0:d4:0d:ce:ad:a0:b4:e7:ed:33:df:c1:5b:
53:86:1a:cd:c2:d8:c7:ec:2f:98:a7:ec:cc:a7:bf:
21:1f:e4:b1:6a:65:0a:cc:d5:fe:cd:41:c7:5d:a8:
ea:84:7a:d2:00:ff:61:76:aa:c7:68:b5:a9:5f:ab:
79:49:19:a2:5e:9c:6b:c2:2c:a3:1b:82:5e:15:82:
46:7f:7b:11:a2:2e:7d:d3:93:d5:93:60:ab:a2:47:
7a:ae:3b:63:69:3d:5b:ee:94:a7:59:3b:f1:0e:e8:
f7:ba:5f:c2:e8:1e:4f:92:7f:7b:8c:c4:29:71:ee:
fb:3c:6b:9e:06:cd:9e:22:41:4e:04:d3:5e:77:f4:
73:89:b5:33:78:06:3b:d4:05:cb:80:b2:98:f0:11:
fa:0b:42:61:19:da:f3:48:36:b0:2f:98:1d:92:d6:
b2:c3:d4:57:d0:e0:62:3e:16:84:a8:fd:e8:21:58:
ca:4e:1a:d3:9e:4a:1b:40:fc:3a:8f:51:37:64:99:
01:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:0E:30:11:DA:ED:6A:4E:06:0A:F4:71:11:1C:EA:3A:8B:3C:E8:52
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/AQ4wEdrtak4GCvRxERzqOos86FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
93.186.192.0/20
146.0.32.0/20
185.15.244.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2a01:480::/32
Signature Algorithm: sha256WithRSAEncryption
53:92:69:ca:09:ef:1b:49:bb:ac:90:d9:a0:bd:69:7f:19:db:
99:e9:d0:23:85:26:4e:ce:a8:b6:57:6f:ed:cc:3e:66:3d:31:
f2:ff:45:99:71:28:97:c5:07:97:9e:fd:13:f5:9a:33:17:1d:
90:28:d7:7c:a2:98:0b:86:36:b1:b8:e0:14:9a:7e:d0:af:eb:
12:4c:a7:56:55:f7:ce:3b:89:c2:15:db:c0:70:a4:cf:2c:75:
a6:03:85:c1:02:f8:95:95:6a:fd:0a:5f:dd:65:81:25:15:80:
9c:c7:e0:8d:90:3a:1f:c9:22:8b:5d:f1:4c:37:b0:a6:08:5e:
1f:24:a0:ce:53:ef:8f:b9:9a:1f:f5:03:32:32:a7:70:d2:b1:
b1:86:92:12:45:cc:18:ee:cc:73:56:f2:ef:a3:88:ac:cb:d4:
bc:15:03:c9:0e:7b:ff:11:ff:2c:a0:d1:3f:4c:b9:64:af:ce:
bc:08:64:8d:6c:5b:66:0b:06:81:11:bd:7c:cd:b5:f1:30:ef:
4f:eb:da:02:c1:3b:2a:b5:23:28:5c:37:d5:4c:f1:e1:ce:69:
0d:8b:2e:2f:0b:1f:38:d0:b3:7e:4a:31:54:cc:5e:b6:94:72:
31:55:67:7b:48:fa:f0:32:f4:64:cc:47:34:c1:a7:8e:21:5d:
87:5d:8a:53
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYuW0YfvpJPQKMfPrYxvcXfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMxMTAzMjAxMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTBlMzAxMWRhZWQ2YTRlMDYwYWY0NzExMTFjZWEzYThiM2NlODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsebVlwAU/fLS9Hwe6Ubs52DA64lB
2wGHUyy4OyWwQvNv9Ti1UIPzAcKo/L5k2dgTT6T68eYTOX+0oyl1k/DUDc6toLTn
7TPfwVtThhrNwtjH7C+Yp+zMp78hH+SxamUKzNX+zUHHXajqhHrSAP9hdqrHaLWp
X6t5SRmiXpxrwiyjG4JeFYJGf3sRoi5905PVk2Crokd6rjtjaT1b7pSnWTvxDuj3
ul/C6B5Pkn97jMQpce77PGueBs2eIkFOBNNed/RzibUzeAY71AXLgLKY8BH6C0Jh
GdrzSDawL5gdktayw9RX0OBiPhaEqP3oIVjKThrTnkobQPw6j1E3ZJkBowIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFAEOMBHa7WpOBgr0cREc6jqLPOhSMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvQVE0d0VkcnRhazRHQ3ZSeEVSenFPb3M4NkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBlwQCAAEwgZADBAMF
aGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtADBARR
HpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8DBARd
usADBASSACADBAK5D/QDBAK529ADBAHBb8YDBADCa4EDBAbVysADBATZT7AwJAQC
AAIwHgMFASABS6AwDgMFACABS6MDBQAgAUukAwUAKgEEgDANBgkqhkiG9w0BAQsF
AAOCAQEAU5JpygnvG0m7rJDZoL1pfxnbmenQI4UmTs6otldv7cw+Zj0x8v9FmXEo
l8UHl579E/WaMxcdkCjXfKKYC4Y2sbjgFJp+0K/rEkynVlX3zjuJwhXbwHCkzyx1
pgOFwQL4lZVq/Qpf3WWBJRWAnMfgjZA6H8kii13xTDewpgheHySgzlPvj7maH/UD
MjKncNKxsYaSEkXMGO7Mc1by76OIrMvUvBUDyQ57/xH/LKDRP0y5ZK/OvAhkjWxb
ZgsGgRG9fM218TDvT+vaAsE7KrUjKFw31Uzx4c5pDYsuLwsfONCzfkoxVMxetpRy
MVVne0j68DL0ZMxHNMGnjiFdh12KUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org