Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/4qF59gfCwla3ZFi6xpg63z71reE.roa
File: 4qF59gfCwla3ZFi6xpg63z71reE.roa (raw, json)
Hash identifier: UZ71FdjBUcnM3Ysb1BS0cRsGZ0H0e3CCvMlefHj+OQY=
Subject key identifier: E2:A1:79:F6:07:C2:C2:56:B7:64:58:BA:C6:98:3A:DF:3E:F5:AD:E1
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018A70323A604371ED24E1441DEE73028AFF
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/4qF59gfCwla3ZFi6xpg63z71reE.roa
Signing time: Thu 07 Sep 2023 15:10:54 +0000
ROA not before: Thu 07 Sep 2023 15:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47820
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.1.0/24 maxlen: 24
109.234.2.0/24 maxlen: 24
109.234.0.0/21 maxlen: 21
109.234.0.0/24 maxlen: 24
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 13 Sep 2023 16:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:32:3a:60:43:71:ed:24:e1:44:1d:ee:73:02:8a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Sep 7 15:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2a179f607c2c256b76458bac6983adf3ef5ade1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:15:62:02:83:58:ac:81:48:6c:a6:21:7f:e4:
fe:73:15:41:fa:bb:ef:93:94:a3:df:8d:3b:76:a5:
3a:06:72:4b:8a:b9:04:60:c9:9d:81:99:43:e8:dd:
3f:58:10:71:cd:30:45:db:1c:ee:8d:28:38:e3:a5:
f9:00:8d:de:b0:3e:3c:85:89:c8:3f:fe:f6:83:c5:
a7:f6:78:6e:e5:b8:c4:5d:1c:68:04:33:2b:fc:6f:
c6:3d:9a:d6:47:eb:aa:34:25:9a:6e:cf:5c:7a:d9:
ae:45:ff:57:e4:f4:54:63:04:c4:86:51:c4:79:fe:
7c:90:ca:9f:5f:bf:cb:c3:6c:8b:08:e1:b1:fe:6a:
63:ff:4a:c5:49:d5:eb:77:72:ac:fa:5c:d2:8a:f8:
63:e1:7d:c3:94:63:6e:40:11:bb:22:21:d2:af:ed:
d3:24:cc:43:a8:54:09:04:8d:f4:9b:b1:cb:f8:7b:
02:3f:70:76:22:d6:b7:50:c6:82:cb:83:ab:d0:3d:
9e:3e:be:b1:b0:71:b1:29:96:f7:6e:ee:1e:f4:f8:
84:04:86:7b:ef:26:8f:a4:17:3b:cb:3e:fc:8a:4b:
65:b6:94:47:e1:1d:6f:15:df:6d:2d:48:3e:58:6f:
27:19:cd:e8:db:dd:73:11:ae:ce:aa:54:62:61:90:
fb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A1:79:F6:07:C2:C2:56:B7:64:58:BA:C6:98:3A:DF:3E:F5:AD:E1
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/4qF59gfCwla3ZFi6xpg63z71reE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200::/29
Signature Algorithm: sha256WithRSAEncryption
06:2b:78:01:5c:9b:57:f9:b8:5e:e5:17:ca:15:52:96:62:13:
e4:d9:46:6a:34:bd:fa:a6:fe:de:8f:ae:82:f1:a8:b5:f2:f2:
ba:86:a4:20:13:32:f2:c6:4a:b1:34:3b:02:ed:b4:db:13:dd:
26:0d:3c:c4:fd:97:40:5e:b8:d4:45:6c:97:49:96:4a:6b:ca:
4e:c6:ef:92:8a:4d:ea:5e:61:a9:3f:08:da:6a:27:04:cb:be:
13:14:de:14:48:1c:d9:a9:00:f8:df:d8:a2:ee:82:14:d7:96:
08:bc:cd:aa:6c:f2:d3:66:8f:6a:07:9d:af:14:5d:f9:e7:25:
b8:8e:2a:49:bd:5d:d2:1c:f8:d0:f8:8d:50:2a:82:c7:a5:8b:
5c:c5:b3:41:43:f4:e4:8c:0f:75:62:65:ad:93:6f:b3:de:2f:
40:2a:1c:82:91:0c:39:c5:2d:19:31:e0:b8:3f:90:eb:4e:0c:
07:f0:6d:6a:26:8a:57:70:91:bb:2b:8a:55:1f:83:b5:b1:70:
fa:15:97:43:28:4a:cc:9c:0f:ff:36:a2:83:8b:3c:3f:d4:1c:
9c:35:37:e4:8c:ef:f8:6c:e0:0b:27:20:e6:43:30:3f:82:6a:
8f:67:9e:0c:b3:00:be:86:f1:48:bb:2c:15:7b:5f:94:6b:22:
55:4c:2a:f5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYpwMjpgQ3HtJOFEHe5zAor/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwOTA3MTUxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmExNzlmNjA3YzJjMjU2Yjc2NDU4YmFjNjk4M2FkZjNlZjVhZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxViAoNYrIFIbKYhf+T+cxVB+rvv
k5Sj3407dqU6BnJLirkEYMmdgZlD6N0/WBBxzTBF2xzujSg446X5AI3esD48hYnI
P/72g8Wn9nhu5bjEXRxoBDMr/G/GPZrWR+uqNCWabs9cetmuRf9X5PRUYwTEhlHE
ef58kMqfX7/Lw2yLCOGx/mpj/0rFSdXrd3Ks+lzSivhj4X3DlGNuQBG7IiHSr+3T
JMxDqFQJBI30m7HL+HsCP3B2Ita3UMaCy4Or0D2ePr6xsHGxKZb3bu4e9PiEBIZ7
7yaPpBc7yz78iktltpRH4R1vFd9tLUg+WG8nGc3o291zEa7OqlRiYZD79wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOKhefYHwsJWt2RYusaYOt8+9a3hMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvNHFGNTlnZkN3bGEzWkZpNnhwZzYzejcxcmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA0EAgACMAcDBQMqB2IAMA0GCSqGSIb3DQEBCwUAA4IB
AQAGK3gBXJtX+bhe5RfKFVKWYhPk2UZqNL36pv7ej66C8ai18vK6hqQgEzLyxkqx
NDsC7bTbE90mDTzE/ZdAXrjURWyXSZZKa8pOxu+Sik3qXmGpPwjaaicEy74TFN4U
SBzZqQD439ii7oIU15YIvM2qbPLTZo9qB52vFF355yW4jipJvV3SHPjQ+I1QKoLH
pYtcxbNBQ/TkjA91YmWtk2+z3i9AKhyCkQw5xS0ZMeC4P5DrTgwH8G1qJopXcJG7
K4pVH4O1sXD6FZdDKErMnA//NqKDizw/1BycNTfkjO/4bOALJyDmQzA/gmqPZ54M
swC+hvFIuywVe1+UayJVTCr1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:51 2024 by rpki-client on console-ams.rpki-client.org