Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4hurm_4oI5ayoArmECtPuh_BTUI.roa
File: 4hurm_4oI5ayoArmECtPuh_BTUI.roa (raw, json)
Hash identifier: 52QclKejE2vCq3Wwumgu/OiI9FQ7GOtquBpjcJxzGs0=
Subject key identifier: E2:1B:AB:9B:FE:28:23:96:B2:A0:0A:E6:10:2B:4F:BA:1F:C1:4D:42
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018AC89D7696FBEE6DC5DC71E3A36906E330
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4hurm_4oI5ayoArmECtPuh_BTUI.roa
Signing time: Sun 24 Sep 2023 19:14:37 +0000
ROA not before: Sun 24 Sep 2023 19:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27882
IP address blocks: 181.41.144.0/21 maxlen: 21
181.41.144.0/22 maxlen: 24
181.41.144.0/23 maxlen: 23
181.41.145.0/24 maxlen: 24
181.41.144.0/24 maxlen: 24
181.41.148.0/22 maxlen: 22
181.41.148.0/23 maxlen: 23
181.41.146.0/23 maxlen: 23
181.41.150.0/24 maxlen: 24
181.41.151.0/24 maxlen: 24
181.41.150.0/23 maxlen: 23
181.41.149.0/24 maxlen: 24
181.41.147.0/24 maxlen: 24
181.41.148.0/24 maxlen: 24
181.41.146.0/24 maxlen: 24
181.41.159.0/24 maxlen: 24
181.41.157.0/24 maxlen: 24
181.41.158.0/24 maxlen: 24
181.41.156.0/24 maxlen: 24
181.41.158.0/23 maxlen: 23
181.41.156.0/23 maxlen: 23
181.41.156.0/22 maxlen: 22
189.28.64.0/24 maxlen: 24
189.28.64.0/20 maxlen: 20
189.28.64.0/19 maxlen: 19
189.28.64.0/22 maxlen: 22
189.28.64.0/21 maxlen: 21
189.28.64.0/23 maxlen: 23
189.28.68.0/24 maxlen: 24
189.28.70.0/24 maxlen: 24
189.28.71.0/24 maxlen: 24
189.28.69.0/24 maxlen: 24
189.28.67.0/24 maxlen: 24
189.28.66.0/23 maxlen: 23
189.28.66.0/24 maxlen: 24
189.28.65.0/24 maxlen: 24
189.28.68.0/22 maxlen: 22
189.28.68.0/23 maxlen: 23
189.28.70.0/23 maxlen: 23
189.28.75.0/24 maxlen: 24
189.28.77.0/24 maxlen: 24
189.28.78.0/24 maxlen: 24
189.28.76.0/24 maxlen: 24
189.28.74.0/24 maxlen: 24
189.28.74.0/23 maxlen: 23
189.28.73.0/24 maxlen: 24
189.28.72.0/24 maxlen: 24
189.28.72.0/22 maxlen: 22
189.28.72.0/23 maxlen: 23
189.28.72.0/21 maxlen: 21
189.28.78.0/23 maxlen: 23
189.28.76.0/23 maxlen: 23
189.28.76.0/22 maxlen: 22
189.28.81.0/24 maxlen: 24
189.28.83.0/24 maxlen: 24
189.28.84.0/24 maxlen: 24
189.28.82.0/24 maxlen: 24
189.28.80.0/24 maxlen: 24
189.28.80.0/23 maxlen: 23
189.28.80.0/21 maxlen: 21
189.28.80.0/20 maxlen: 20
189.28.80.0/22 maxlen: 22
189.28.79.0/24 maxlen: 24
189.28.84.0/23 maxlen: 23
189.28.85.0/24 maxlen: 24
189.28.84.0/22 maxlen: 22
189.28.82.0/23 maxlen: 23
189.28.88.0/22 maxlen: 22
189.28.90.0/23 maxlen: 23
189.28.88.0/21 maxlen: 21
189.28.88.0/23 maxlen: 23
189.28.86.0/23 maxlen: 23
189.28.87.0/24 maxlen: 24
189.28.86.0/24 maxlen: 24
189.28.90.0/24 maxlen: 24
189.28.91.0/24 maxlen: 24
189.28.88.0/24 maxlen: 24
189.28.89.0/24 maxlen: 24
189.28.92.0/22 maxlen: 22
189.28.94.0/23 maxlen: 23
189.28.92.0/23 maxlen: 23
189.28.95.0/24 maxlen: 24
189.28.93.0/24 maxlen: 24
189.28.94.0/24 maxlen: 24
189.28.92.0/24 maxlen: 24
203.88.98.0/23 maxlen: 23
203.88.96.0/23 maxlen: 23
203.88.96.0/22 maxlen: 22
203.88.97.0/24 maxlen: 24
203.88.98.0/24 maxlen: 24
203.88.96.0/24 maxlen: 24
203.88.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c8:9d:76:96:fb:ee:6d:c5:dc:71:e3:a3:69:06:e3:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Sep 24 19:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e21bab9bfe282396b2a00ae6102b4fba1fc14d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e1:64:71:46:fb:1c:e7:e1:a2:38:50:98:ea:
9e:1c:fe:92:9f:c4:7d:5e:2d:10:07:0f:18:70:da:
2f:16:ea:95:f8:04:e2:bb:ae:ff:4a:c3:59:33:b5:
9a:37:ba:bb:ad:22:f9:c4:bc:17:55:cc:b2:c2:e5:
44:6e:fb:1c:ce:c0:ab:ff:d8:1b:00:13:e8:0c:8f:
fa:81:87:6c:eb:fa:be:d1:8a:9f:f3:45:55:dd:75:
33:67:c7:51:d3:54:f5:16:64:9d:9d:ad:ff:ef:ea:
6f:38:f1:5e:25:58:b0:bb:a2:99:f2:96:47:46:fc:
03:7e:fc:0e:d8:f6:f1:26:81:f3:d1:77:2c:d2:80:
a7:ab:c7:97:32:b5:87:4d:9c:f2:42:0c:e5:5d:7b:
3a:46:b0:08:55:9f:02:41:ca:34:1f:48:4c:d8:8c:
a5:1b:5a:c5:22:65:18:a3:08:b2:c9:c8:4b:0a:6b:
e5:2f:d7:c8:9f:92:50:78:2c:ec:51:75:fd:cf:9b:
37:e6:9c:a4:fe:69:1d:2a:32:30:fc:02:f8:7e:2e:
e9:cc:b7:ae:2f:8e:99:a8:6c:4f:41:56:84:ed:87:
02:80:30:f7:a5:24:bc:89:4c:cc:fc:8c:27:cd:46:
01:c8:2b:73:18:0d:2e:9f:aa:70:b2:1f:b3:33:4b:
2e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1B:AB:9B:FE:28:23:96:B2:A0:0A:E6:10:2B:4F:BA:1F:C1:4D:42
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4hurm_4oI5ayoArmECtPuh_BTUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.41.144.0/21
181.41.156.0/22
189.28.64.0/19
203.88.96.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:31:21:8d:50:4a:11:45:be:9c:d4:45:f9:b0:b5:16:c7:f5:
64:4a:61:91:d0:90:17:27:3f:02:15:2e:95:10:47:dd:f4:3e:
71:26:ed:e1:5f:6e:14:8e:43:30:d8:c7:e4:63:5e:48:da:e2:
8c:c8:14:78:fb:7a:96:57:61:8f:58:9e:f1:1d:92:c7:4f:1a:
c0:95:b8:48:b5:70:75:a7:ca:35:c6:2a:85:27:07:66:da:ba:
92:88:08:e6:d5:63:c0:fa:01:c2:cd:55:65:03:56:f8:73:b4:
0f:0b:4d:c3:bd:99:a4:c4:83:62:2e:e9:ea:f7:80:43:23:ec:
94:e8:83:60:2c:ea:ff:33:a8:b2:6e:0c:79:14:90:a1:58:7e:
ca:67:fb:2d:57:60:1f:19:d2:ef:6a:e5:e7:6b:58:22:3d:29:
e7:28:e2:10:db:20:11:7d:6a:2b:1f:7b:b1:07:ca:f5:20:04:
9d:06:e6:ec:70:6d:f9:0f:4a:3b:0f:ea:b6:a5:47:11:45:96:
e2:0c:00:2f:9e:70:09:74:51:0c:dd:36:1f:08:0c:2a:c9:5d:
1d:85:19:2b:9f:71:91:86:0f:67:11:6a:9d:cb:df:49:06:51:
d1:76:55:69:dc:85:2c:31:59:b1:ef:bd:d9:2e:71:8f:06:f2:
15:96:32:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrInXaW++5txdxx46NpBuMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwOTI0MTkxNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFiYWI5YmZlMjgyMzk2YjJhMDBhZTYxMDJiNGZiYTFmYzE0ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuFkcUb7HOfhojhQmOqeHP6Sn8R9
Xi0QBw8YcNovFuqV+ATiu67/SsNZM7WaN7q7rSL5xLwXVcyywuVEbvsczsCr/9gb
ABPoDI/6gYds6/q+0Yqf80VV3XUzZ8dR01T1FmSdna3/7+pvOPFeJViwu6KZ8pZH
RvwDfvwO2PbxJoHz0Xcs0oCnq8eXMrWHTZzyQgzlXXs6RrAIVZ8CQco0H0hM2Iyl
G1rFImUYowiyychLCmvlL9fIn5JQeCzsUXX9z5s35pyk/mkdKjIw/AL4fi7pzLeu
L46ZqGxPQVaE7YcCgDD3pSS8iUzM/IwnzUYByCtzGA0un6pwsh+zM0suDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOIbq5v+KCOWsqAK5hArT7ofwU1CMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvNGh1cm1fNG9JNWF5b0FybUVDdFB1aF9CVFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDtSmQAwQC
tSmcAwQFvRxAAwQCy1hgMA0GCSqGSIb3DQEBCwUAA4IBAQAsMSGNUEoRRb6c1EX5
sLUWx/VkSmGR0JAXJz8CFS6VEEfd9D5xJu3hX24UjkMw2MfkY15I2uKMyBR4+3qW
V2GPWJ7xHZLHTxrAlbhItXB1p8o1xiqFJwdm2rqSiAjm1WPA+gHCzVVlA1b4c7QP
C03DvZmkxINiLunq94BDI+yU6INgLOr/M6iybgx5FJChWH7KZ/stV2AfGdLvauXn
a1giPSnnKOIQ2yARfWorH3uxB8r1IASdBubscG35D0o7D+q2pUcRRZbiDAAvnnAJ
dFEM3TYfCAwqyV0dhRkrn3GRhg9nEWqdy99JBlHRdlVp3IUsMVmx773ZLnGPBvIV
ljI1
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:08 2024 by rpki-client on console-ams.rpki-client.org