Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/4tJgRazkuC01mIZFu0fB66gn4go.roa
File: 4tJgRazkuC01mIZFu0fB66gn4go.roa (raw, json)
Hash identifier: 5c1jphk6XnTCa2XsIsNLCaOmGnYpFehx8/jy7P5KoxA=
Subject key identifier: E2:D2:60:45:AC:E4:B8:2D:35:98:86:45:BB:47:C1:EB:A8:27:E2:0A
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018CD5EF70BD1FD1EBAA46787000C699B922
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/4tJgRazkuC01mIZFu0fB66gn4go.roa
Signing time: Thu 04 Jan 2024 19:24:48 +0000
ROA not before: Thu 04 Jan 2024 19:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 86.38.26.0/24 maxlen: 24
86.38.36.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
82.140.177.0/24 maxlen: 24
89.116.71.0/24 maxlen: 24
82.140.180.0/24 maxlen: 24
89.116.77.0/24 maxlen: 24
89.116.78.0/24 maxlen: 24
86.38.222.0/24 maxlen: 24
89.116.90.0/24 maxlen: 24
89.116.97.0/24 maxlen: 24
89.116.93.0/24 maxlen: 24
86.38.236.0/24 maxlen: 24
86.38.234.0/24 maxlen: 24
89.116.14.0/24 maxlen: 24
82.140.129.0/24 maxlen: 24
82.140.130.0/24 maxlen: 24
82.140.128.0/24 maxlen: 24
86.38.154.0/24 maxlen: 24
82.140.128.0/23 maxlen: 23
82.140.159.0/24 maxlen: 24
84.46.204.0/24 maxlen: 24
84.46.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 10:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d5:ef:70:bd:1f:d1:eb:aa:46:78:70:00:c6:99:b9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 4 19:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2d26045ace4b82d35988645bb47c1eba827e20a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ba:56:38:4e:50:a5:94:89:ed:59:d4:5e:b3:
3e:c5:bb:70:cd:e3:b1:c9:75:36:e9:4b:88:1a:72:
93:0d:5c:8f:e6:ce:3c:13:85:f1:d8:2e:71:83:8c:
69:68:12:53:43:e9:04:22:90:fa:b7:7c:49:67:03:
c7:47:14:be:87:29:df:17:fd:86:b0:ff:89:5c:4f:
71:e0:f6:62:65:62:0a:9a:ce:01:8c:f0:b8:57:f3:
1d:c5:7a:fe:e9:e9:8f:6e:79:e8:d9:3e:4c:96:21:
48:cb:40:25:3e:26:28:e6:79:3b:78:2f:21:dd:df:
6f:e3:e6:e4:b8:70:3b:e3:bf:83:d9:db:73:c9:c7:
dc:ba:f7:1f:07:dc:0f:81:a8:e9:29:ab:96:dd:a3:
d9:98:e7:87:4e:7b:ce:fe:f3:63:74:1b:18:31:f9:
64:f9:e6:c0:0e:e5:59:96:a6:c1:d6:25:85:f0:a0:
65:5f:f9:d5:d2:a1:5f:d2:0a:72:63:68:43:c0:48:
48:ce:14:f0:04:87:a0:1e:a4:c6:ad:b2:d0:5a:f8:
69:14:57:cc:e9:9a:e1:32:41:fe:b5:68:0d:36:9c:
57:8f:14:09:2b:5e:bd:a3:60:70:0e:65:63:27:cb:
8b:fe:9a:e4:e1:18:8f:f5:62:6e:44:fb:33:ca:5f:
46:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D2:60:45:AC:E4:B8:2D:35:98:86:45:BB:47:C1:EB:A8:27:E2:0A
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/4tJgRazkuC01mIZFu0fB66gn4go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.128.0-82.140.130.255
82.140.159.0/24
82.140.177.0/24
82.140.180.0/24
84.46.204.0/24
84.46.207.0/24
86.38.26.0/24
86.38.36.0/24
86.38.154.0/24
86.38.222.0/24
86.38.234.0/24
86.38.236.0/24
89.116.14.0/24
89.116.71.0/24
89.116.77.0-89.116.78.255
89.116.90.0/24
89.116.93.0/24
89.116.97.0/24
89.117.243.0/24
Signature Algorithm: sha256WithRSAEncryption
46:61:23:2b:32:7c:ab:e8:80:19:01:bd:36:14:72:90:fe:b0:
20:96:05:13:97:b1:06:55:bf:d1:4f:3b:d5:64:ec:06:08:a2:
c5:f5:77:73:5f:95:8c:1b:04:82:bb:26:49:5d:f3:dc:5c:a1:
86:88:85:34:68:e3:50:6f:81:43:9c:1e:0a:b9:d0:55:30:d8:
09:a2:8f:0e:40:d3:d3:38:b1:82:68:a0:8b:a1:0d:e1:9d:3b:
e8:af:0a:5c:12:d3:40:f9:ee:56:33:b8:16:fe:85:4c:53:45:
f4:86:9c:bf:37:69:01:fd:d3:89:a0:b7:08:3e:31:51:c2:e0:
d9:55:74:83:bc:bd:f8:da:c1:8b:68:40:d8:a3:17:70:41:87:
fd:63:a3:fb:cf:f1:a4:f5:43:f7:f8:21:05:5c:0a:6f:af:40:
63:53:0e:35:de:67:eb:7f:d8:e8:30:b4:07:44:21:ff:51:10:
78:5c:ae:7a:cc:83:3d:fe:97:07:ad:37:92:02:6f:0e:b2:5d:
1e:95:e2:a9:7d:86:0c:7e:b9:ed:01:39:af:7f:e7:5f:d8:2e:
51:87:61:bc:10:25:a8:10:cf:47:81:81:36:bf:e2:df:de:ee:
3e:c5:6c:00:d0:2a:ba:d7:49:da:00:3e:6f:16:e4:fa:b9:12:
c7:bd:48:4f
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYzV73C9H9HrqkZ4cADGmbkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwMTA0MTkyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQyNjA0NWFjZTRiODJkMzU5ODg2NDViYjQ3YzFlYmE4MjdlMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LpWOE5QpZSJ7VnUXrM+xbtwzeOx
yXU26UuIGnKTDVyP5s48E4Xx2C5xg4xpaBJTQ+kEIpD6t3xJZwPHRxS+hynfF/2G
sP+JXE9x4PZiZWIKms4BjPC4V/MdxXr+6emPbnno2T5MliFIy0AlPiYo5nk7eC8h
3d9v4+bkuHA747+D2dtzycfcuvcfB9wPgajpKauW3aPZmOeHTnvO/vNjdBsYMflk
+ebADuVZlqbB1iWF8KBlX/nV0qFf0gpyY2hDwEhIzhTwBIegHqTGrbLQWvhpFFfM
6ZrhMkH+tWgNNpxXjxQJK169o2BwDmVjJ8uL/prk4RiP9WJuRPszyl9G3wIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFOLSYEWs5LgtNZiGRbtHweuoJ+IKMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvNHRKZ1Jhemt1QzAxbUlaRnUwZkI2NmduNGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIwDAME
B1KMgAMEAFKMggMEAFKMnwMEAFKMsQMEAFKMtAMEAFQuzAMEAFQuzwMEAFYmGgME
AFYmJAMEAFYmmgMEAFYm3gMEAFYm6gMEAFYm7AMEAFl0DgMEAFl0RzAMAwQAWXRN
AwQAWXROAwQAWXRaAwQAWXRdAwQAWXRhAwQAWXXzMA0GCSqGSIb3DQEBCwUAA4IB
AQBGYSMrMnyr6IAZAb02FHKQ/rAglgUTl7EGVb/RTzvVZOwGCKLF9XdzX5WMGwSC
uyZJXfPcXKGGiIU0aONQb4FDnB4KudBVMNgJoo8OQNPTOLGCaKCLoQ3hnTvorwpc
EtNA+e5WM7gW/oVMU0X0hpy/N2kB/dOJoLcIPjFRwuDZVXSDvL342sGLaEDYoxdw
QYf9Y6P7z/Gk9UP3+CEFXApvr0BjUw413mfrf9joMLQHRCH/URB4XK56zIM9/pcH
rTeSAm8Osl0eleKpfYYMfrntATmvf+df2C5Rh2G8ECWoEM9HgYE2v+Lf3u4+xWwA
0Cq610naAD5vFuT6uRLHvUhP
-----END CERTIFICATE-----
Generated at Wed Feb 28 14:31:09 2024 by rpki-client on console-fra.rpki-client.org