Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/4LkIX-5xQP4_ERq7MpolsTd0tow.roa
File: 4LkIX-5xQP4_ERq7MpolsTd0tow.roa (raw, json)
Hash identifier: 1PxffE/ceHrBa/cchgd8P8/OSZJd/3IcodBZ5xX9hv4=
Subject key identifier: E0:B9:08:5F:EE:71:40:FE:3F:11:1A:BB:32:9A:25:B1:37:74:B6:8C
Certificate issuer: /CN=0866af425ab3d39d7337c2b125d39593ad91c1d1
Certificate serial: 018BAE9E138725D737B93A8C6C4A6AC5AB2F
Authority key identifier: 08:66:AF:42:5A:B3:D3:9D:73:37:C2:B1:25:D3:95:93:AD:91:C1:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGavQlqz051zN8KxJdOVk62RwdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/4LkIX-5xQP4_ERq7MpolsTd0tow.roa
Signing time: Wed 08 Nov 2023 11:07:57 +0000
ROA not before: Wed 08 Nov 2023 11:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205344
IP address blocks: 194.148.0.0/22 maxlen: 22
91.239.54.0/24 maxlen: 24
185.219.12.0/22 maxlen: 22
2a0c:bc00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:9e:13:87:25:d7:37:b9:3a:8c:6c:4a:6a:c5:ab:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0866af425ab3d39d7337c2b125d39593ad91c1d1
Validity
Not Before: Nov 8 11:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0b9085fee7140fe3f111abb329a25b13774b68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ad:67:c7:3d:92:ac:12:64:ed:ae:11:a2:90:
53:83:19:31:e1:01:f1:01:85:4f:6d:3a:65:7f:74:
96:27:22:0e:6c:d1:6e:6e:58:f8:13:8f:fc:7c:64:
e5:e0:7a:8a:20:a3:77:9a:a8:aa:94:97:91:53:34:
50:e6:50:55:e7:4c:05:a1:02:3f:56:23:4f:13:63:
db:6d:2e:62:7f:09:26:ce:e2:0b:64:c6:c6:a9:37:
d3:08:69:9a:da:bf:9f:d8:83:c0:3b:3c:85:b6:ae:
44:9e:13:fc:2e:e9:9a:e2:44:72:90:d9:eb:d9:e1:
40:79:14:1e:30:83:81:01:db:5f:aa:a4:b1:db:1c:
99:46:cd:e1:40:2c:14:fb:62:16:cd:8c:aa:d3:56:
b3:02:9e:bf:fb:bb:c8:4a:90:9d:4e:42:9b:cf:01:
ca:59:eb:01:a5:80:4d:af:3f:17:09:2c:2c:ee:48:
47:2b:d0:34:45:e6:36:e2:60:57:b8:74:d0:f1:48:
f3:f5:bc:79:b8:c6:08:17:ae:37:d7:ce:0d:03:91:
0e:51:df:41:9a:65:f3:c2:68:db:99:a1:af:f9:03:
02:eb:3b:ae:ae:1b:b0:79:ff:ef:7c:83:7e:11:66:
53:ab:2a:5a:97:44:a3:45:1a:97:6d:2b:ff:61:ae:
36:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B9:08:5F:EE:71:40:FE:3F:11:1A:BB:32:9A:25:B1:37:74:B6:8C
X509v3 Authority Key Identifier:
keyid:08:66:AF:42:5A:B3:D3:9D:73:37:C2:B1:25:D3:95:93:AD:91:C1:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGavQlqz051zN8KxJdOVk62RwdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/4LkIX-5xQP4_ERq7MpolsTd0tow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/39b8ad-e653-4ccd-828c-b7eb12998b35/1/CGavQlqz051zN8KxJdOVk62RwdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.54.0/24
185.219.12.0/22
194.148.0.0/22
IPv6:
2a0c:bc00::/29
Signature Algorithm: sha256WithRSAEncryption
6d:c3:cf:66:85:61:00:90:46:e4:e1:9a:df:f6:6a:dd:a9:64:
21:22:ea:93:1b:99:e1:07:83:f1:df:53:de:32:c5:89:c0:39:
26:57:79:0d:fe:c5:6a:a3:c7:a7:1c:3f:39:5f:f6:b1:c1:11:
36:2b:4e:34:df:a7:8a:cd:74:47:01:b0:ff:11:df:96:79:68:
70:30:9a:36:1b:ff:64:b6:95:f5:8b:f6:e4:b6:9b:61:4b:bb:
8b:d3:75:d8:18:a2:bb:f7:ef:43:39:83:1f:c8:f4:5a:79:16:
c7:24:ea:aa:54:b6:ad:6a:43:b6:db:d2:ea:bf:dc:2e:4d:18:
3f:c0:2a:56:8b:4c:7b:30:57:90:c9:af:de:f5:69:a5:40:ad:
73:b1:6d:3b:ca:42:a7:cd:c7:d5:aa:4d:12:6c:f2:13:2f:9b:
25:1f:d7:0b:ba:87:41:80:53:89:0c:33:7b:67:1d:9c:36:d4:
37:e3:f7:c3:01:ab:1a:14:2b:4c:44:5c:ad:95:13:02:95:8e:
7e:02:33:1e:6d:ed:8b:97:79:98:d3:b5:80:a9:8c:6e:59:00:
60:6b:68:19:ea:02:f2:4b:a8:7e:52:61:71:6c:c2:78:4b:2c:
ad:76:91:0e:b0:2e:11:d7:a4:db:a4:43:93:a9:56:a5:e4:39:
e8:db:81:c9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYuunhOHJdc3uTqMbEpqxasvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NjZhZjQyNWFiM2QzOWQ3MzM3YzJiMTI1ZDM5NTkzYWQ5
MWMxZDEwHhcNMjMxMTA4MTEwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGI5MDg1ZmVlNzE0MGZlM2YxMTFhYmIzMjlhMjViMTM3NzRiNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK1nxz2SrBJk7a4RopBTgxkx4QHx
AYVPbTplf3SWJyIObNFublj4E4/8fGTl4HqKIKN3mqiqlJeRUzRQ5lBV50wFoQI/
ViNPE2PbbS5ifwkmzuILZMbGqTfTCGma2r+f2IPAOzyFtq5EnhP8Luma4kRykNnr
2eFAeRQeMIOBAdtfqqSx2xyZRs3hQCwU+2IWzYyq01azAp6/+7vISpCdTkKbzwHK
WesBpYBNrz8XCSws7khHK9A0ReY24mBXuHTQ8Ujz9bx5uMYIF643184NA5EOUd9B
mmXzwmjbmaGv+QMC6zuurhuwef/vfIN+EWZTqypal0SjRRqXbSv/Ya42SQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOC5CF/ucUD+PxEauzKaJbE3dLaMMB8GA1UdIwQY
MBaAFAhmr0Jas9OdczfCsSXTlZOtkcHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0dhdlFscXowNTF6TjhLeEpkT1ZrNjJSd2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zOWI4YWQtZTY1My00Y2NkLTgyOGMt
YjdlYjEyOTk4YjM1LzEvNExrSVgtNXhRUDRfRVJxN01wb2xzVGQwdG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zOWI4YWQtZTY1My00Y2NkLTgyOGMtYjdlYjEyOTk4YjM1
LzEvQ0dhdlFscXowNTF6TjhLeEpkT1ZrNjJSd2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+82AwQC
udsMAwQCwpQAMA0EAgACMAcDBQMqDLwAMA0GCSqGSIb3DQEBCwUAA4IBAQBtw89m
hWEAkEbk4Zrf9mrdqWQhIuqTG5nhB4Px31PeMsWJwDkmV3kN/sVqo8enHD85X/ax
wRE2K04036eKzXRHAbD/Ed+WeWhwMJo2G/9ktpX1i/bktpthS7uL03XYGKK79+9D
OYMfyPRaeRbHJOqqVLatakO229Lqv9wuTRg/wCpWi0x7MFeQya/e9WmlQK1zsW07
ykKnzcfVqk0SbPITL5slH9cLuodBgFOJDDN7Zx2cNtQ34/fDAasaFCtMRFytlRMC
lY5+AjMebe2Ll3mY07WAqYxuWQBga2gZ6gLyS6h+UmFxbMJ4SyytdpEOsC4R16Tb
pEOTqVal5Dno24HJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:43 2024 by rpki-client on console-ams.rpki-client.org