Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/g9zfh7oNnvGrbw3T3tYguVK1nHU.roa
File: g9zfh7oNnvGrbw3T3tYguVK1nHU.roa (raw, json)
Hash identifier: 4YQv23PRHN0EyxpyA6Fu0k+v108TEFzrbUvnRV93wPo=
Subject key identifier: 83:DC:DF:87:BA:0D:9E:F1:AB:6F:0D:D3:DE:D6:20:B9:52:B5:9C:75
Certificate issuer: /CN=4c54ecce6cbc9c54929eaa4b22b337b0fd9b36bf
Certificate serial: 01856F024B1C248BC48D6A63259FB42BE7C4
Authority key identifier: 4C:54:EC:CE:6C:BC:9C:54:92:9E:AA:4B:22:B3:37:B0:FD:9B:36:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/g9zfh7oNnvGrbw3T3tYguVK1nHU.roa
Signing time: Sun 01 Jan 2023 20:24:59 +0000
ROA not before: Sun 01 Jan 2023 20:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33941
IP address blocks: 195.82.96.0/24 maxlen: 24
195.82.107.0/24 maxlen: 24
83.136.120.0/21 maxlen: 21
212.85.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4b:1c:24:8b:c4:8d:6a:63:25:9f:b4:2b:e7:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c54ecce6cbc9c54929eaa4b22b337b0fd9b36bf
Validity
Not Before: Jan 1 20:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83dcdf87ba0d9ef1ab6f0dd3ded620b952b59c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f5:53:0e:bb:85:c5:5e:a0:61:15:7e:45:b6:
ef:fc:5b:fc:bb:65:18:f8:29:e4:4e:d1:45:e6:e4:
83:99:85:75:18:58:cf:bb:7d:53:03:bb:92:87:a3:
f0:62:cf:9f:ad:6e:17:41:8c:38:6b:c2:90:0a:45:
b0:08:9b:4c:46:93:28:eb:98:32:38:ed:1b:25:55:
7f:a2:81:aa:6a:3d:70:7d:a4:ae:6f:97:5a:cc:84:
32:73:2c:15:f5:23:32:1e:47:67:67:75:bd:30:ab:
dc:12:09:40:91:aa:7b:9d:5d:42:48:85:cc:cc:a7:
b4:62:8b:ed:97:a0:5e:f8:0e:ef:97:25:83:21:91:
27:43:aa:3d:f1:f4:fa:0c:4d:92:e8:a0:25:b2:ac:
ef:bf:3e:97:53:05:f1:40:b8:2e:4e:5c:5c:07:f2:
a6:15:96:ff:35:aa:74:99:32:89:60:79:83:9c:45:
fc:f1:51:66:1c:30:da:ac:6f:e5:ec:c7:35:c6:94:
70:69:29:e5:9d:5b:20:c5:75:97:e6:be:45:1e:67:
5f:fe:e4:c7:bb:6a:b9:96:3b:d5:cd:23:f2:3c:57:
66:10:d4:b2:48:f3:42:2a:f7:da:f8:c9:d3:9b:dd:
21:fa:e1:fa:84:79:51:99:07:17:f4:37:b5:be:13:
2f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:DC:DF:87:BA:0D:9E:F1:AB:6F:0D:D3:DE:D6:20:B9:52:B5:9C:75
X509v3 Authority Key Identifier:
keyid:4C:54:EC:CE:6C:BC:9C:54:92:9E:AA:4B:22:B3:37:B0:FD:9B:36:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/g9zfh7oNnvGrbw3T3tYguVK1nHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.120.0/21
195.82.96.0/24
195.82.107.0/24
212.85.248.0/22
Signature Algorithm: sha256WithRSAEncryption
91:a0:75:9d:c7:dc:ea:5d:87:2c:54:54:60:4c:a8:b5:e0:7b:
3b:b0:dd:9b:1c:6b:f5:64:7a:54:f6:43:e4:86:39:1f:5d:e2:
d9:80:bf:99:6d:ff:97:76:a2:72:73:71:61:83:67:f8:f4:50:
55:aa:d4:dc:dd:81:82:19:16:cd:73:08:f4:73:ba:ff:cb:18:
23:31:dc:c9:fc:b7:3e:90:4c:e8:c2:ed:e9:c3:96:c2:1a:28:
1f:c0:5d:5a:14:a1:de:1a:e5:42:b0:28:41:3c:e9:9a:97:d3:
dc:a0:66:af:cc:f2:ba:bc:af:83:9e:0f:3c:dc:6a:a1:f4:29:
64:0c:11:6a:98:9b:e9:c2:ae:04:b1:87:59:d7:e5:10:35:94:
a4:a8:91:8e:d0:6a:40:3b:01:5c:6b:48:94:9e:8c:d5:90:3b:
e6:d3:01:22:69:ad:fc:a9:6d:e2:63:5d:bf:04:38:31:72:8b:
79:b7:79:5c:c4:ae:36:5f:f3:d1:ca:e7:21:27:e2:86:55:06:
b2:53:a6:59:9f:c4:0d:0f:50:62:c5:73:7b:81:c7:b3:8f:57:
8d:b5:51:27:96:16:84:37:cb:71:06:7e:25:93:be:44:dd:b4:
4b:38:ef:e8:2c:55:09:86:38:b8:49:99:f3:7e:35:f6:c6:7f:
35:6c:9d:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvAkscJIvEjWpjJZ+0K+fEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNTRlY2NlNmNiYzljNTQ5MjllYWE0YjIyYjMzN2IwZmQ5
YjM2YmYwHhcNMjMwMTAxMjAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2RjZGY4N2JhMGQ5ZWYxYWI2ZjBkZDNkZWQ2MjBiOTUyYjU5Yzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifVTDruFxV6gYRV+Rbbv/Fv8u2UY
+CnkTtFF5uSDmYV1GFjPu31TA7uSh6PwYs+frW4XQYw4a8KQCkWwCJtMRpMo65gy
OO0bJVV/ooGqaj1wfaSub5dazIQycywV9SMyHkdnZ3W9MKvcEglAkap7nV1CSIXM
zKe0Yovtl6Be+A7vlyWDIZEnQ6o98fT6DE2S6KAlsqzvvz6XUwXxQLguTlxcB/Km
FZb/Nap0mTKJYHmDnEX88VFmHDDarG/l7Mc1xpRwaSnlnVsgxXWX5r5FHmdf/uTH
u2q5ljvVzSPyPFdmENSySPNCKvfa+MnTm90h+uH6hHlRmQcX9De1vhMvvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIPc34e6DZ7xq28N097WILlStZx1MB8GA1UdIwQY
MBaAFExU7M5svJxUkp6qSyKzN7D9mza/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEZUc3pteThuRlNTbnFwTElyTTNzUDJiTnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wMmM1ZWMtN2M2Zi00YWUyLTk4OTct
MzA1OWM4OWI3MmVhLzEvZzl6Zmg3b05udkdyYnczVDN0WWd1VksxbkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wMmM1ZWMtN2M2Zi00YWUyLTk4OTctMzA1OWM4OWI3MmVh
LzEvVEZUc3pteThuRlNTbnFwTElyTTNzUDJiTnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU4h4AwQA
w1JgAwQAw1JrAwQC1FX4MA0GCSqGSIb3DQEBCwUAA4IBAQCRoHWdx9zqXYcsVFRg
TKi14Hs7sN2bHGv1ZHpU9kPkhjkfXeLZgL+Zbf+XdqJyc3Fhg2f49FBVqtTc3YGC
GRbNcwj0c7r/yxgjMdzJ/Lc+kEzowu3pw5bCGigfwF1aFKHeGuVCsChBPOmal9Pc
oGavzPK6vK+Dng883Gqh9ClkDBFqmJvpwq4EsYdZ1+UQNZSkqJGO0GpAOwFca0iU
nozVkDvm0wEiaa38qW3iY12/BDgxcot5t3lcxK42X/PRyuchJ+KGVQayU6ZZn8QN
D1BixXN7gcezj1eNtVEnlhaEN8txBn4lk75E3bRLOO/oLFUJhji4SZnzfjX2xn81
bJ3x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org