Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/4hv9Oc8YL5Pigul6uwDXpKJ-BJw.roa
File: 4hv9Oc8YL5Pigul6uwDXpKJ-BJw.roa (raw, json)
Hash identifier: TJWn2OwwQpuqWVQ9spAz1cxwSrukx+/tJqCu9RIx9VE=
Subject key identifier: E2:1B:FD:39:CF:18:2F:93:E2:82:E9:7A:BB:00:D7:A4:A2:7E:04:9C
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 018EBD8289946FD2E5574A45336F3C4CB103
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/4hv9Oc8YL5Pigul6uwDXpKJ-BJw.roa
Signing time: Mon 08 Apr 2024 11:40:32 +0000
ROA not before: Mon 08 Apr 2024 11:40:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25311
IP address blocks: 86.105.206.0/23 maxlen: 24
89.34.180.0/22 maxlen: 24
195.182.220.0/23 maxlen: 24
2a03:9c20:2002::/48 maxlen: 56
2a03:9c20:3000::/36 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 Apr 2024 06:46:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:82:89:94:6f:d2:e5:57:4a:45:33:6f:3c:4c:b1:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Apr 8 11:40:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e21bfd39cf182f93e282e97abb00d7a4a27e049c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0d:7f:44:84:2f:5d:42:b2:ca:3b:41:06:80:
c0:fa:e2:f0:76:97:88:40:00:e9:40:e6:01:c5:82:
a4:0d:8b:86:9d:88:75:39:d7:40:1a:a4:78:d8:00:
82:36:ee:9d:d8:0e:c3:f4:7a:1b:96:d6:27:81:c9:
55:89:c0:f3:08:05:e9:dc:ba:a8:ca:1c:6f:1d:d2:
cb:21:b3:ba:e5:08:76:35:d7:b6:eb:1f:f4:49:78:
95:df:16:9f:2d:d3:bb:ad:f3:93:38:97:57:d8:c3:
02:cf:d2:c3:54:00:d3:13:9f:10:0b:b7:99:c0:36:
88:c8:fc:a9:ab:f9:12:fc:c9:c7:be:fd:d1:08:da:
32:62:9d:99:14:66:25:20:e2:a5:d5:34:60:ac:e9:
68:45:5d:f7:90:3d:20:24:1a:9f:cb:b0:52:f9:60:
3e:93:27:95:5e:ef:f2:57:b4:45:8a:c6:2e:d6:5f:
4f:e7:9e:b8:c8:05:0e:c8:04:68:36:33:aa:ea:53:
37:2a:ab:e0:3b:27:55:69:76:fb:c1:3c:53:57:30:
6c:af:94:a2:5c:96:7a:96:db:45:8f:06:6f:1e:ce:
e7:57:72:7f:c9:08:09:5c:4c:c5:7c:c1:3f:58:72:
7a:1a:e4:8d:d2:c9:17:82:32:18:ff:02:03:1b:3a:
77:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1B:FD:39:CF:18:2F:93:E2:82:E9:7A:BB:00:D7:A4:A2:7E:04:9C
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/4hv9Oc8YL5Pigul6uwDXpKJ-BJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.206.0/23
89.34.180.0/22
195.182.220.0/23
IPv6:
2a03:9c20:2002::/48
2a03:9c20:3000::/36
Signature Algorithm: sha256WithRSAEncryption
64:80:6a:8b:8a:93:dd:64:cd:84:7c:3c:6a:6b:f6:cf:9a:ed:
c2:be:d5:a5:dd:61:58:11:f0:ef:06:56:a6:84:18:96:80:8d:
49:bb:a4:03:cf:75:0a:f3:54:5b:51:34:b8:9a:93:77:86:6c:
3b:80:0c:e1:2d:db:90:cd:04:a0:83:3a:91:e5:38:4f:f5:c3:
52:ab:1a:d1:ce:9d:8f:4b:c6:93:2c:b4:46:a7:95:0a:92:bc:
80:11:89:f0:e0:95:8b:f9:52:aa:54:74:0a:84:83:51:15:3b:
ee:9f:0c:71:6b:65:72:91:a3:38:3d:de:38:7c:8b:91:30:7c:
51:07:3b:c5:32:b7:f1:3d:d8:b9:51:06:81:3d:6e:72:6e:70:
85:1d:17:4b:46:04:45:ac:0f:09:49:af:9f:09:c6:db:de:85:
6c:e7:2f:9d:e3:fd:70:11:44:e4:25:cd:6e:01:a3:78:28:c2:
79:83:8d:8b:32:7b:81:e5:7d:31:41:e6:4a:6f:42:30:d4:97:
ce:51:d8:b3:02:e0:c6:23:a1:77:af:86:ef:bd:3b:dd:01:5b:
88:23:28:5b:1a:1c:89:3d:f3:81:6a:5a:d8:92:ea:3d:5e:8d:
40:05:91:88:c3:d0:45:bb:8d:25:0e:4c:e4:90:24:d3:63:63:
19:40:a2:1a
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY69gomUb9LlV0pFM288TLEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjQwNDA4MTE0MDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFiZmQzOWNmMTgyZjkzZTI4MmU5N2FiYjAwZDdhNGEyN2UwNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzg1/RIQvXUKyyjtBBoDA+uLwdpeI
QADpQOYBxYKkDYuGnYh1OddAGqR42ACCNu6d2A7D9HobltYngclVicDzCAXp3Lqo
yhxvHdLLIbO65Qh2Nde26x/0SXiV3xafLdO7rfOTOJdX2MMCz9LDVADTE58QC7eZ
wDaIyPypq/kS/MnHvv3RCNoyYp2ZFGYlIOKl1TRgrOloRV33kD0gJBqfy7BS+WA+
kyeVXu/yV7RFisYu1l9P5564yAUOyARoNjOq6lM3KqvgOydVaXb7wTxTVzBsr5Si
XJZ6lttFjwZvHs7nV3J/yQgJXEzFfME/WHJ6GuSN0skXgjIY/wIDGzp3TQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFOIb/TnPGC+T4oLpersA16SifgScMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvNGh2OU9jOFlMNVBpZ3VsNnV3RFhwS0otQkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAYBAIAATASAwQBVmnOAwQC
WSK0AwQBw7bcMBcEAgACMBEDBwAqA5wgIAIDBgQqA5wgMDANBgkqhkiG9w0BAQsF
AAOCAQEAZIBqi4qT3WTNhHw8amv2z5rtwr7Vpd1hWBHw7wZWpoQYloCNSbukA891
CvNUW1E0uJqTd4ZsO4AM4S3bkM0EoIM6keU4T/XDUqsa0c6dj0vGkyy0RqeVCpK8
gBGJ8OCVi/lSqlR0CoSDURU77p8McWtlcpGjOD3eOHyLkTB8UQc7xTK38T3YuVEG
gT1ucm5whR0XS0YERawPCUmvnwnG296FbOcvneP9cBFE5CXNbgGjeCjCeYONizJ7
geV9MUHmSm9CMNSXzlHYswLgxiOhd6+G77073QFbiCMoWxociT3zgWpa2JLqPV6N
QAWRiMPQRbuNJQ5M5JAk02NjGUCiGg==
-----END CERTIFICATE-----
Generated at Fri Apr 19 09:00:19 2024 by rpki-client on console-fra.rpki-client.org