Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/4g0ckRxigV6NUVw0xYUf_F6ouLY.roa
File: 4g0ckRxigV6NUVw0xYUf_F6ouLY.roa (raw, json)
Hash identifier: tnZlxF0fwI4uMjVLqrxWkA5LcfjTl6i5zWCS2UVZFcI=
Subject key identifier: E2:0D:1C:91:1C:62:81:5E:8D:51:5C:34:C5:85:1F:FC:5E:A8:B8:B6
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 01909B5717A1B18B958CB64B97E6B5264B4C
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/4g0ckRxigV6NUVw0xYUf_F6ouLY.roa
Signing time: Wed 10 Jul 2024 06:31:34 +0000
ROA not before: Wed 10 Jul 2024 06:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49037
IP address blocks: 46.226.160.0/21 maxlen: 32
80.72.16.0/21 maxlen: 32
80.72.24.0/22 maxlen: 32
85.198.120.0/21 maxlen: 32
89.169.52.0/22 maxlen: 32
92.118.72.0/22 maxlen: 32
92.246.132.0/22 maxlen: 32
92.246.136.0/21 maxlen: 32
94.141.100.0/22 maxlen: 32
95.174.96.0/19 maxlen: 32
178.212.139.0/24 maxlen: 32
185.9.184.0/22 maxlen: 32
185.136.32.0/22 maxlen: 32
185.230.240.0/22 maxlen: 32
185.230.241.0/24 maxlen: 24
185.230.242.0/24 maxlen: 24
213.108.20.0/22 maxlen: 32
217.144.176.0/20 maxlen: 32
2a00:8740::/32 maxlen: 128
2a0b:1c40::/29 maxlen: 128
2a12:3280::/32 maxlen: 128
Validation: Failed, certificate revoked on Wed 09 Oct 2024 09:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:57:17:a1:b1:8b:95:8c:b6:4b:97:e6:b5:26:4b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jul 10 06:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e20d1c911c62815e8d515c34c5851ffc5ea8b8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fb:8f:ff:47:fa:48:a5:f9:4f:0e:67:c0:bf:
db:38:0b:58:2b:43:55:5f:10:d6:fd:1c:52:8b:6c:
00:6a:83:37:a0:f8:30:fb:26:98:bd:c6:80:5e:f7:
23:5c:f3:42:fe:08:ee:0f:2e:31:d2:ce:91:79:89:
dd:44:ae:71:61:fd:d1:54:9f:fb:14:48:37:c4:f4:
ba:7e:30:14:c4:af:61:42:51:2a:60:73:3b:c6:b8:
e0:3a:d5:72:2b:8d:ba:2d:87:74:05:50:74:75:a8:
66:8a:04:5c:ea:7b:59:37:48:b6:ff:b4:f7:43:9a:
b8:5c:83:83:95:c7:2c:cd:d8:ea:32:12:4a:2d:30:
a3:72:a8:f8:b8:37:53:d0:6c:eb:77:bc:4c:b2:20:
14:81:75:82:4f:65:08:74:44:45:5c:3a:eb:8e:b5:
e0:fc:80:17:75:cd:3f:36:9c:e8:42:4d:39:e6:e2:
42:a9:78:28:27:d7:8b:07:4e:fd:c3:c9:76:bb:b4:
f8:c4:a3:e9:eb:71:c9:43:7e:57:ca:32:27:5f:cf:
47:4e:f2:62:29:84:dc:35:db:ff:82:44:73:97:d9:
71:aa:29:2d:aa:3d:cf:ec:83:4d:3b:ef:66:35:9c:
38:73:40:1d:c1:b3:31:01:d3:06:3d:ac:f5:bb:0b:
d9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:0D:1C:91:1C:62:81:5E:8D:51:5C:34:C5:85:1F:FC:5E:A8:B8:B6
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/4g0ckRxigV6NUVw0xYUf_F6ouLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.160.0/21
80.72.16.0-80.72.27.255
85.198.120.0/21
89.169.52.0/22
92.118.72.0/22
92.246.132.0-92.246.143.255
94.141.100.0/22
95.174.96.0/19
178.212.139.0/24
185.9.184.0/22
185.136.32.0/22
185.230.240.0/22
213.108.20.0/22
217.144.176.0/20
IPv6:
2a00:8740::/32
2a0b:1c40::/29
2a12:3280::/32
Signature Algorithm: sha256WithRSAEncryption
85:34:a0:6d:86:b8:de:c0:b7:71:0d:77:fb:c9:bc:6c:0d:9e:
60:33:6b:a7:96:75:3b:07:57:06:30:0a:a2:60:79:09:9f:b0:
ea:88:12:95:ce:07:1b:5f:03:ae:44:05:06:c6:ec:fc:6d:0b:
39:a9:fd:53:3b:93:3f:c4:00:73:1a:30:d2:94:49:1b:e8:b6:
da:ed:5c:a9:4d:2c:9d:af:1d:24:6f:9d:1d:3d:f7:ff:5e:6f:
4e:d2:c8:e2:8f:60:d2:64:d5:24:eb:5c:7a:26:7c:f6:4e:76:
5f:a1:5d:a0:fb:b5:06:0a:3d:da:72:8f:a7:64:33:46:dd:55:
8d:d6:9a:a7:e9:62:92:85:aa:41:26:27:af:a8:d4:28:f4:e8:
5a:13:6f:ab:7a:8f:32:24:72:88:a4:e0:15:f6:a7:63:28:e4:
f9:a4:05:10:57:5c:f0:fc:61:ca:2f:b7:6c:95:54:86:f3:c0:
8d:52:ca:2d:0d:89:d0:74:c7:17:b5:f1:b7:02:fd:37:ed:e2:
fb:80:57:6a:6e:60:71:dd:02:c6:0b:1b:47:b9:9d:8d:6f:dd:
53:0b:f3:d3:37:6d:95:84:d3:2e:b3:84:50:a8:94:70:d0:c1:
6f:7e:d4:8e:24:7d:44:82:e4:f4:a5:59:33:18:d9:2e:07:d8:
de:4e:da:50
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZCbVxehsYuVjLZLl+a1JktMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwNzEwMDYzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjBkMWM5MTFjNjI4MTVlOGQ1MTVjMzRjNTg1MWZmYzVlYThiOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/uP/0f6SKX5Tw5nwL/bOAtYK0NV
XxDW/RxSi2wAaoM3oPgw+yaYvcaAXvcjXPNC/gjuDy4x0s6ReYndRK5xYf3RVJ/7
FEg3xPS6fjAUxK9hQlEqYHM7xrjgOtVyK426LYd0BVB0dahmigRc6ntZN0i2/7T3
Q5q4XIODlccszdjqMhJKLTCjcqj4uDdT0Gzrd7xMsiAUgXWCT2UIdERFXDrrjrXg
/IAXdc0/NpzoQk055uJCqXgoJ9eLB079w8l2u7T4xKPp63HJQ35XyjInX89HTvJi
KYTcNdv/gkRzl9lxqiktqj3P7INNO+9mNZw4c0AdwbMxAdMGPaz1uwvZRwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFOINHJEcYoFejVFcNMWFH/xeqLi2MB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvNGcwY2tSeGlnVjZOVVZ3MHhZVWZfRjZvdUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTBqBAIAATBkAwQDLuKg
MAwDBARQSBADBAJQSBgDBANVxngDBAJZqTQDBAJcdkgwDAMEAlz2hAMEBFz2gAME
Al6NZAMEBV+uYAMEALLUiwMEArkJuAMEArmIIAMEArnm8AMEAtVsFAMEBNmQsDAb
BAIAAjAVAwUAKgCHQAMFAyoLHEADBQAqEjKAMA0GCSqGSIb3DQEBCwUAA4IBAQCF
NKBthrjewLdxDXf7ybxsDZ5gM2unlnU7B1cGMAqiYHkJn7DqiBKVzgcbXwOuRAUG
xuz8bQs5qf1TO5M/xABzGjDSlEkb6Lba7VypTSydrx0kb50dPff/Xm9O0sjij2DS
ZNUk61x6Jnz2TnZfoV2g+7UGCj3aco+nZDNG3VWN1pqn6WKShapBJievqNQo9Oha
E2+reo8yJHKIpOAV9qdjKOT5pAUQV1zw/GHKL7dslVSG88CNUsotDYnQdMcXtfG3
Av037eL7gFdqbmBx3QLGCxtHuZ2Nb91TC/PTN22VhNMus4RQqJRw0MFvftSOJH1E
guT0pVkzGNkuB9jeTtpQ
-----END CERTIFICATE-----
Generated at Wed Oct 9 13:27:02 2024 by rpki-client on console-fra.rpki-client.org