Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/_-Rh4NlA9GyznJunLU2LOgns6oU.roa
File: _-Rh4NlA9GyznJunLU2LOgns6oU.roa (raw, json)
Hash identifier: JevIBO7KMq7gytbi0GS3929IyHbQkKWiIkqVcxVrEy0=
Subject key identifier: FF:E4:61:E0:D9:40:F4:6C:B3:9C:9B:A7:2D:4D:8B:3A:09:EC:EA:85
Certificate issuer: /CN=64dfe26d403141be9059ab2144325b402d4cab7d
Certificate serial: 018588DB7636F4A3D8A764CA2AE6C7F0EFE0
Authority key identifier: 64:DF:E2:6D:40:31:41:BE:90:59:AB:21:44:32:5B:40:2D:4C:AB:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZN_ibUAxQb6QWashRDJbQC1Mq30.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/_-Rh4NlA9GyznJunLU2LOgns6oU.roa
Signing time: Fri 06 Jan 2023 20:52:42 +0000
ROA not before: Fri 06 Jan 2023 20:52:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57588
IP address blocks: 185.129.4.0/22 maxlen: 22
185.129.4.0/23 maxlen: 23
185.129.4.0/24 maxlen: 24
185.129.5.0/24 maxlen: 24
185.129.6.0/24 maxlen: 24
185.129.6.0/23 maxlen: 23
185.129.7.0/24 maxlen: 24
176.241.84.0/24 maxlen: 24
176.241.80.0/24 maxlen: 24
176.241.80.0/22 maxlen: 22
176.241.81.0/24 maxlen: 24
176.241.82.0/24 maxlen: 24
176.241.83.0/24 maxlen: 24
176.241.84.0/23 maxlen: 23
176.241.85.0/24 maxlen: 24
176.241.80.0/20 maxlen: 20
176.241.86.0/24 maxlen: 24
176.241.87.0/24 maxlen: 24
176.241.88.0/24 maxlen: 24
176.241.88.0/22 maxlen: 22
176.241.89.0/24 maxlen: 24
176.241.90.0/24 maxlen: 24
176.241.91.0/24 maxlen: 24
176.241.94.0/24 maxlen: 24
176.241.95.0/24 maxlen: 24
176.241.92.0/22 maxlen: 22
176.241.92.0/24 maxlen: 24
176.241.93.0/24 maxlen: 24
2a0d:d680:a::/48 maxlen: 48
2a0d:d680::/48 maxlen: 48
2a0d:d680::/29 maxlen: 29
2a0d:d680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:88:db:76:36:f4:a3:d8:a7:64:ca:2a:e6:c7:f0:ef:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64dfe26d403141be9059ab2144325b402d4cab7d
Validity
Not Before: Jan 6 20:52:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffe461e0d940f46cb39c9ba72d4d8b3a09ecea85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b2:47:96:b0:22:08:bb:58:be:02:cb:3a:c4:
74:b7:d5:4d:f1:10:30:fb:d0:96:3a:bd:65:4b:7e:
4f:c6:0b:90:c3:e7:8b:f5:e5:91:ef:f3:9e:75:72:
05:62:00:c1:aa:41:71:6d:1e:15:4c:2f:53:d6:77:
70:97:0b:7e:da:22:d3:b6:a8:1f:d8:0a:b1:0a:71:
19:3d:57:e0:3f:0e:83:31:77:e4:48:94:78:43:80:
81:33:fb:83:fc:24:cc:4d:85:73:43:d3:ab:2b:c1:
b0:70:90:1e:03:e4:43:30:04:17:bc:fd:8b:e8:50:
f7:44:f1:27:0a:73:28:da:93:25:7d:b6:93:7a:1f:
46:70:e2:98:3a:8d:fd:d1:b1:14:77:4a:3b:c3:15:
fd:55:59:3e:1d:ed:de:6d:3c:34:79:79:14:aa:ae:
61:d9:5d:3b:81:34:3d:1d:5d:01:35:86:03:22:1d:
ce:1a:6a:4a:00:9d:fa:3a:56:2c:eb:4b:f7:aa:eb:
3e:69:95:9f:80:d1:7a:a7:7e:bf:f4:7a:ab:22:f1:
7d:f4:8d:3a:b9:02:c3:95:9a:0a:58:ce:ed:63:d0:
90:ef:5b:08:52:b5:16:37:39:95:00:74:a1:dd:5f:
24:52:91:ec:82:7e:c9:ed:f1:4b:e4:90:9c:0b:5c:
9c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E4:61:E0:D9:40:F4:6C:B3:9C:9B:A7:2D:4D:8B:3A:09:EC:EA:85
X509v3 Authority Key Identifier:
keyid:64:DF:E2:6D:40:31:41:BE:90:59:AB:21:44:32:5B:40:2D:4C:AB:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZN_ibUAxQb6QWashRDJbQC1Mq30.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/_-Rh4NlA9GyznJunLU2LOgns6oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/ZN_ibUAxQb6QWashRDJbQC1Mq30.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.241.80.0/20
185.129.4.0/22
IPv6:
2a0d:d680::/29
Signature Algorithm: sha256WithRSAEncryption
b2:45:8a:8b:15:6b:82:7f:2d:a0:29:73:7c:2d:07:2e:71:07:
12:4c:b7:1d:b6:fa:6e:e2:53:93:97:b4:b4:60:d8:9e:2d:83:
9f:4b:7e:fa:ce:7e:2d:08:ca:bf:86:50:f1:c0:87:d5:36:48:
2a:b7:12:de:2f:0a:d0:47:5f:69:75:83:c7:d8:e7:6b:55:53:
11:b7:35:ba:2d:d7:d1:18:f5:26:0f:b6:5d:81:1e:e5:b2:86:
41:67:f8:38:6b:d8:ba:08:6d:81:01:d5:f2:89:ad:7f:c3:38:
d0:6d:c6:c5:f1:36:c8:aa:7d:0c:62:d0:41:e9:c6:31:d2:34:
36:93:30:04:2c:40:e8:ef:85:ee:a8:1c:00:d7:22:7f:d8:27:
8e:6f:b9:71:5e:a1:da:af:19:a6:a2:0d:9d:88:4f:bf:cf:bf:
4c:7a:c9:e3:c5:6f:4e:56:43:ff:97:1a:87:de:fb:9c:d8:f3:
2c:d0:13:44:4b:99:a6:a3:09:02:ea:18:fa:87:55:46:2e:fd:
de:d4:21:75:0a:6a:a0:14:88:4e:bf:14:0a:bb:2c:21:ba:a5:
48:ff:23:b2:04:f9:20:07:7e:71:a4:5b:08:ba:03:bd:78:51:
c5:6f:21:9a:47:30:2c:c9:2e:77:5e:1f:62:27:89:85:61:a7:
18:80:ff:05
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWI23Y29KPYp2TKKubH8O/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGZlMjZkNDAzMTQxYmU5MDU5YWIyMTQ0MzI1YjQwMmQ0
Y2FiN2QwHhcNMjMwMTA2MjA1MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmU0NjFlMGQ5NDBmNDZjYjM5YzliYTcyZDRkOGIzYTA5ZWNlYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrJHlrAiCLtYvgLLOsR0t9VN8RAw
+9CWOr1lS35PxguQw+eL9eWR7/OedXIFYgDBqkFxbR4VTC9T1ndwlwt+2iLTtqgf
2AqxCnEZPVfgPw6DMXfkSJR4Q4CBM/uD/CTMTYVzQ9OrK8GwcJAeA+RDMAQXvP2L
6FD3RPEnCnMo2pMlfbaTeh9GcOKYOo390bEUd0o7wxX9VVk+He3ebTw0eXkUqq5h
2V07gTQ9HV0BNYYDIh3OGmpKAJ36OlYs60v3qus+aZWfgNF6p36/9HqrIvF99I06
uQLDlZoKWM7tY9CQ71sIUrUWNzmVAHSh3V8kUpHsgn7J7fFL5JCcC1yc9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP/kYeDZQPRss5ybpy1NizoJ7OqFMB8GA1UdIwQY
MBaAFGTf4m1AMUG+kFmrIUQyW0AtTKt9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5faWJVQXhRYjZRV2FzaFJESmJRQzFNcTMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81ZDYyNTUtNjVjOS00YmZhLWI5ZDct
ZjY1NzUxOWQwMjMzLzEvXy1SaDRObEE5R3l6bkp1bkxVMkxPZ25zNm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81ZDYyNTUtNjVjOS00YmZhLWI5ZDctZjY1NzUxOWQwMjMz
LzEvWk5faWJVQXhRYjZRV2FzaFJESmJRQzFNcTMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEsPFQAwQC
uYEEMA0EAgACMAcDBQMqDdaAMA0GCSqGSIb3DQEBCwUAA4IBAQCyRYqLFWuCfy2g
KXN8LQcucQcSTLcdtvpu4lOTl7S0YNieLYOfS376zn4tCMq/hlDxwIfVNkgqtxLe
LwrQR19pdYPH2OdrVVMRtzW6LdfRGPUmD7ZdgR7lsoZBZ/g4a9i6CG2BAdXyia1/
wzjQbcbF8TbIqn0MYtBB6cYx0jQ2kzAELEDo74XuqBwA1yJ/2CeOb7lxXqHarxmm
og2diE+/z79MesnjxW9OVkP/lxqH3vuc2PMs0BNES5mmowkC6hj6h1VGLv3e1CF1
CmqgFIhOvxQKuywhuqVI/yOyBPkgB35xpFsIugO9eFHFbyGaRzAsyS53Xh9iJ4mF
YacYgP8F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org