Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/4fyBqeHIEN8m2A2_EggCeMGds3o.roa
File: 4fyBqeHIEN8m2A2_EggCeMGds3o.roa (raw, json)
Hash identifier: OV5vNmsUnx++UF6Pc54AmgEAQwRhHex0goFRb7CXszI=
Subject key identifier: E1:FC:81:A9:E1:C8:10:DF:26:D8:0D:BF:12:08:02:78:C1:9D:B3:7A
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0185C07C2493E2E2ED7DB310A3AC4D154B69
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/4fyBqeHIEN8m2A2_EggCeMGds3o.roa
Signing time: Tue 17 Jan 2023 16:07:19 +0000
ROA not before: Tue 17 Jan 2023 16:07:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
185.83.132.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
89.40.84.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
91.242.148.0/22 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.160.0/22 maxlen: 24
2a09:eac0::/29 maxlen: 29
2a05:9b00::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
2a02:5fc0::/32 maxlen: 48
2a05:a800::/29 maxlen: 29
2a02:5dc0::/32 maxlen: 32
2a06:3c00::/29 maxlen: 29
2a03:440::/32 maxlen: 32
2a0a:1280::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 27 Jun 2023 12:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c0:7c:24:93:e2:e2:ed:7d:b3:10:a3:ac:4d:15:4b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 17 16:07:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1fc81a9e1c810df26d80dbf12080278c19db37a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:72:50:b7:78:4a:2d:ee:33:9c:e8:32:cd:c5:
71:8d:e4:6d:48:ce:8f:0a:3d:22:ce:5d:ac:64:df:
0c:58:26:fb:a9:57:ab:9d:74:1a:51:0b:94:3b:f6:
07:32:c3:b3:cc:91:ad:a8:10:fb:33:10:19:00:ce:
27:47:c0:30:f4:74:96:97:d6:93:16:44:15:94:03:
79:a3:98:8a:78:11:f5:3e:eb:99:27:56:ef:51:75:
7f:2b:df:be:50:45:d9:11:b9:d6:2f:aa:8e:87:4e:
c5:8a:c7:af:f4:33:2d:07:8d:50:da:94:73:90:c5:
11:1b:24:fc:fa:ee:41:a6:af:dd:e6:cd:a9:28:21:
92:5d:e6:b9:da:a1:af:82:19:d4:c6:b2:c4:28:2d:
1b:5c:a7:d1:eb:fc:3e:68:87:91:7f:d3:54:6c:bd:
cf:b0:5c:d8:36:c9:59:d1:07:80:00:54:83:c5:b3:
86:3f:1e:18:f6:7c:49:f2:12:66:51:d6:f9:32:2e:
48:02:64:73:bf:cb:de:df:c5:e7:8d:f0:0e:74:c0:
4d:5a:73:d7:cf:3a:38:98:17:67:c1:92:6a:3e:56:
fe:36:51:1c:10:e9:d6:6a:89:00:d0:72:5d:90:99:
85:eb:c6:ab:ac:ec:a3:1a:e5:bc:16:a0:7b:4b:97:
c1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FC:81:A9:E1:C8:10:DF:26:D8:0D:BF:12:08:02:78:C1:9D:B3:7A
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/4fyBqeHIEN8m2A2_EggCeMGds3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
0d:44:a8:b0:f4:63:09:45:3f:62:60:1a:e8:6a:81:34:f3:9b:
c2:91:60:4a:6f:ee:1d:b7:3f:97:8e:f6:c9:09:4a:27:cd:8c:
79:38:80:9d:b8:3f:83:e4:99:db:36:5d:f7:71:2a:07:28:64:
d8:f8:dc:74:6c:7e:9f:1a:7c:24:5a:fc:0f:d5:4f:62:93:58:
01:0a:f9:75:05:05:0c:b2:6d:80:d9:4b:4b:10:1b:c6:bc:60:
0f:82:71:c2:6f:b2:59:b0:12:a0:a6:23:b7:7e:01:2c:48:48:
4e:18:71:06:0e:32:92:c2:e8:fd:28:fd:06:7c:12:8c:5f:ef:
96:74:09:27:b1:1c:15:ea:49:76:a9:1a:17:94:bd:15:c6:a4:
55:6f:f7:ff:f1:91:6d:a3:c7:3f:1f:eb:90:50:42:d1:51:c8:
ea:a0:37:e9:bd:3f:81:b3:28:a8:58:73:72:33:d4:5c:4b:8c:
37:8c:74:ac:ab:68:7c:d6:38:1b:b6:e7:41:f7:6e:e8:01:cc:
a7:6c:25:e4:7a:14:bb:6c:d3:ec:13:b0:51:d0:72:5b:58:54:
39:30:14:44:fb:17:e8:cf:a4:ce:94:ca:4b:bf:82:09:d1:ca:
c1:0c:dd:ba:b4:09:6b:d9:9c:ba:41:57:4d:c0:a9:78:8f:1d:
3b:28:2b:9d
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYXAfCST4uLtfbMQo6xNFUtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjMwMTE3MTYwNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWZjODFhOWUxYzgxMGRmMjZkODBkYmYxMjA4MDI3OGMxOWRiMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nJQt3hKLe4znOgyzcVxjeRtSM6P
Cj0izl2sZN8MWCb7qVernXQaUQuUO/YHMsOzzJGtqBD7MxAZAM4nR8Aw9HSWl9aT
FkQVlAN5o5iKeBH1PuuZJ1bvUXV/K9++UEXZEbnWL6qOh07Fisev9DMtB41Q2pRz
kMURGyT8+u5Bpq/d5s2pKCGSXea52qGvghnUxrLEKC0bXKfR6/w+aIeRf9NUbL3P
sFzYNslZ0QeAAFSDxbOGPx4Y9nxJ8hJmUdb5Mi5IAmRzv8ve38XnjfAOdMBNWnPX
zzo4mBdnwZJqPlb+NlEcEOnWaokA0HJdkJmF68arrOyjGuW8FqB7S5fBNQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFOH8ganhyBDfJtgNvxIIAnjBnbN6MB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvNGZ5QnFlSElFTjhtMkEyX0VnZ0NlTUdkczNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTBoBAIAATBiAwQDHxmw
AwQDLhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCuQr4
AwQCuUaYAwQCuVOEAwQCubBoAwQCueR8AwQCue+gMAwDBAHB9poDBAHB9pwwRQQC
AAIwPwMFACoCXcADBQAqAl/AAwUAKgMEQAMFAyoFmwADBQMqBagAAwUDKgY8AAMF
AyoJ6sADBQMqChKAAwUDKgsMQDANBgkqhkiG9w0BAQsFAAOCAQEADUSosPRjCUU/
YmAa6GqBNPObwpFgSm/uHbc/l472yQlKJ82MeTiAnbg/g+SZ2zZd93EqByhk2Pjc
dGx+nxp8JFr8D9VPYpNYAQr5dQUFDLJtgNlLSxAbxrxgD4Jxwm+yWbASoKYjt34B
LEhIThhxBg4yksLo/Sj9BnwSjF/vlnQJJ7EcFepJdqkaF5S9FcakVW/3//GRbaPH
Px/rkFBC0VHI6qA36b0/gbMoqFhzcjPUXEuMN4x0rKtofNY4G7bnQfdu6AHMp2wl
5HoUu2zT7BOwUdByW1hUOTAURPsX6M+kzpTKS7+CCdHKwQzdurQJa9mcukFXTcCp
eI8dOygrnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:47 2024 by rpki-client on console-ams.rpki-client.org