Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/J4bA9j3vcx3b1tc4a9KhOfVT3R8.roa
File: J4bA9j3vcx3b1tc4a9KhOfVT3R8.roa (raw, json)
Hash identifier: so+4vRx0unNbHqVv86dHd1QHvBJ7V0FIi1hsC7YRuvQ=
Subject key identifier: 27:86:C0:F6:3D:EF:73:1D:DB:D6:D7:38:6B:D2:A1:39:F5:53:DD:1F
Certificate issuer: /CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Certificate serial: 018572CCC6F552B979F86F8F6DE503FC3708
Authority key identifier: CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/J4bA9j3vcx3b1tc4a9KhOfVT3R8.roa
Signing time: Mon 02 Jan 2023 14:05:00 +0000
ROA not before: Mon 02 Jan 2023 14:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8280
IP address blocks: 185.51.132.0/22 maxlen: 24
185.51.132.0/24 maxlen: 32
185.51.135.0/24 maxlen: 24
185.51.133.0/24 maxlen: 24
46.227.58.0/24 maxlen: 32
46.227.56.0/21 maxlen: 24
46.227.56.0/24 maxlen: 32
46.227.57.0/24 maxlen: 24
46.227.60.0/24 maxlen: 24
46.227.61.0/24 maxlen: 32
46.227.59.0/24 maxlen: 24
46.227.63.0/24 maxlen: 24
46.227.62.0/24 maxlen: 24
78.108.32.0/20 maxlen: 24
78.108.37.0/24 maxlen: 24
78.108.36.0/24 maxlen: 24
78.108.38.0/24 maxlen: 24
78.108.33.0/24 maxlen: 24
78.108.32.0/24 maxlen: 24
78.108.35.0/24 maxlen: 24
78.108.34.0/24 maxlen: 24
78.108.40.0/24 maxlen: 24
78.108.39.0/24 maxlen: 24
78.108.42.0/24 maxlen: 24
78.108.41.0/24 maxlen: 24
78.108.44.0/24 maxlen: 24
78.108.43.0/24 maxlen: 24
78.108.45.0/24 maxlen: 24
78.108.47.0/24 maxlen: 24
78.108.46.0/24 maxlen: 24
2001:1548:7006::/48 maxlen: 48
2001:1548:7001::/48 maxlen: 48
2001:1548::/29 maxlen: 29
2001:1548:7010::/48 maxlen: 48
2001:1548:7009::/48 maxlen: 48
2001:1548:7004::/48 maxlen: 48
2001:1548:7007::/48 maxlen: 48
2001:1548:7002::/48 maxlen: 48
2001:1548:7011::/48 maxlen: 48
2001:1548:7005::/48 maxlen: 48
2001:1548:7000::/48 maxlen: 48
2001:1548:7003::/48 maxlen: 48
2001:1548:7008::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:c6:f5:52:b9:79:f8:6f:8f:6d:e5:03:fc:37:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Validity
Not Before: Jan 2 14:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2786c0f63def731ddbd6d7386bd2a139f553dd1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0b:04:c4:8a:f5:05:5b:c9:c4:bd:5c:f0:74:
47:96:b9:db:52:c0:cf:52:c0:86:9d:94:f8:56:66:
ec:58:9d:55:b4:f4:fd:6a:cd:fb:d6:a2:fa:ce:e9:
98:5d:49:f0:f8:49:1f:5f:9b:05:f3:53:27:f9:69:
e6:11:ec:98:58:5b:fa:14:05:75:18:25:dc:3c:dc:
f6:9e:0e:93:0c:30:06:db:35:df:42:f4:53:df:49:
82:33:49:8d:f9:0b:8e:4c:7f:d6:23:da:cc:18:a4:
ba:65:1a:97:23:79:38:e7:fe:f3:d0:ba:65:a2:58:
c9:55:37:fa:66:c1:41:ac:1b:4c:a2:b5:fb:aa:af:
21:45:02:7f:dd:4e:16:66:c1:ce:9a:34:b4:d1:53:
4d:0d:62:56:01:85:14:f6:56:2a:47:c3:80:4d:c1:
f3:36:ab:12:35:17:51:0b:8e:c9:f2:92:e8:45:1a:
38:2d:b2:3a:86:dc:2d:e2:6f:78:cb:38:a9:3f:bd:
61:b9:c4:ff:57:65:ab:d0:6f:8d:51:9b:eb:d7:a7:
04:42:fd:2f:d6:e6:7f:95:d2:e4:a1:99:f6:2c:4a:
dd:e4:ed:4d:2a:a1:d1:7b:9c:bc:a7:a2:5c:63:12:
90:d9:58:4f:19:23:71:6e:7d:de:c5:e8:e8:e4:9a:
aa:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:86:C0:F6:3D:EF:73:1D:DB:D6:D7:38:6B:D2:A1:39:F5:53:DD:1F
X509v3 Authority Key Identifier:
keyid:CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/J4bA9j3vcx3b1tc4a9KhOfVT3R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.56.0/21
78.108.32.0/20
185.51.132.0/22
IPv6:
2001:1548::/29
Signature Algorithm: sha256WithRSAEncryption
12:dc:18:32:f5:ed:44:b9:f3:d0:b5:2f:31:bf:0d:62:7a:9d:
9a:9a:4a:07:6e:54:d5:4b:b8:ab:d2:cb:56:04:e9:fa:4f:bf:
02:1c:c8:a4:28:ff:e5:f8:31:3c:60:05:c5:aa:aa:d7:38:f4:
c0:62:e1:d6:d5:64:3e:89:18:d8:d0:5b:90:79:e9:8c:0d:03:
ab:7c:af:2c:46:83:1f:ca:cb:79:37:14:00:7f:68:30:13:7f:
d0:62:22:02:a0:63:65:3b:18:db:78:9c:e7:0f:0b:be:8a:d3:
26:8b:ab:a1:35:58:ff:5b:9b:6d:02:71:25:5d:9f:64:d1:a7:
6d:e4:f0:7b:11:4c:3e:bb:52:a0:94:3e:46:14:e4:d6:26:42:
8f:75:bd:e2:10:b8:75:46:2e:65:33:08:09:fa:74:f1:dd:20:
83:bc:31:76:7c:4d:51:e8:df:95:aa:a1:f7:14:fa:e3:d4:5d:
8f:35:ba:25:1e:62:e5:ce:78:2c:5a:5b:ca:6d:c2:62:6e:01:
ff:8c:04:30:88:60:7c:27:b7:c8:db:52:e1:19:7a:93:ab:f9:
ca:04:da:77:f3:54:6b:70:ab:57:7d:a7:73:38:32:88:f9:26:
f1:18:9e:36:db:70:dd:5d:cb:e6:d6:79:97:5f:38:4c:2c:45:
10:7e:1c:c5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyzMb1Url5+G+PbeUD/DcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNDBmZGQ4MmEwZmRmM2I3MGJlMTgyMjFlZWJhNjBkODAx
ZWQ3YmYwHhcNMjMwMTAyMTQwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzg2YzBmNjNkZWY3MzFkZGJkNmQ3Mzg2YmQyYTEzOWY1NTNkZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwsExIr1BVvJxL1c8HRHlrnbUsDP
UsCGnZT4VmbsWJ1VtPT9as371qL6zumYXUnw+EkfX5sF81Mn+WnmEeyYWFv6FAV1
GCXcPNz2ng6TDDAG2zXfQvRT30mCM0mN+QuOTH/WI9rMGKS6ZRqXI3k45/7z0Lpl
oljJVTf6ZsFBrBtMorX7qq8hRQJ/3U4WZsHOmjS00VNNDWJWAYUU9lYqR8OATcHz
NqsSNRdRC47J8pLoRRo4LbI6htwt4m94yzipP71hucT/V2Wr0G+NUZvr16cEQv0v
1uZ/ldLkoZn2LErd5O1NKqHRe5y8p6JcYxKQ2VhPGSNxbn3exejo5JqqTwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCeGwPY973Md29bXOGvSoTn1U90fMB8GA1UdIwQY
MBaAFM9A/dgqD987cL4YIh7rpg2AHte/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2It
YTI5Y2U3ZGExMGZkLzEvSjRiQTlqM3ZjeDNiMXRjNGE5S2hPZlZUM1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2ItYTI5Y2U3ZGExMGZk
LzEvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLuM4AwQE
TmwgAwQCuTOEMA0EAgACMAcDBQMgARVIMA0GCSqGSIb3DQEBCwUAA4IBAQAS3Bgy
9e1EufPQtS8xvw1iep2amkoHblTVS7ir0stWBOn6T78CHMikKP/l+DE8YAXFqqrX
OPTAYuHW1WQ+iRjY0FuQeemMDQOrfK8sRoMfyst5NxQAf2gwE3/QYiICoGNlOxjb
eJznDwu+itMmi6uhNVj/W5ttAnElXZ9k0adt5PB7EUw+u1KglD5GFOTWJkKPdb3i
ELh1Ri5lMwgJ+nTx3SCDvDF2fE1R6N+VqqH3FPrj1F2PNbolHmLlzngsWlvKbcJi
bgH/jAQwiGB8J7fI21LhGXqTq/nKBNp381RrcKtXfadzODKI+SbxGJ4223DdXcvm
1nmXXzhMLEUQfhzF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:14 2024 by rpki-client on console-ams.rpki-client.org