Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/4JbgOwBd3aBL3aEpy-Y22SWcBAw.roa
File: 4JbgOwBd3aBL3aEpy-Y22SWcBAw.roa (raw, json)
Hash identifier: HnhLnVxdAgq0yVbYn9P1z+SDGGQ2VVQUaG7ICdEN55g=
Subject key identifier: E0:96:E0:3B:00:5D:DD:A0:4B:DD:A1:29:CB:E6:36:D9:25:9C:04:0C
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018678A5325342C47082A8AE16FB12FB2B2A
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/4JbgOwBd3aBL3aEpy-Y22SWcBAw.roa
Signing time: Wed 22 Feb 2023 10:22:17 +0000
ROA not before: Wed 22 Feb 2023 10:22:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197540
IP address blocks: 185.232.68.0/22 maxlen: 22
188.172.228.0/23 maxlen: 24
194.36.144.0/22 maxlen: 22
94.16.112.0/21 maxlen: 24
193.26.156.0/22 maxlen: 22
94.16.30.0/23 maxlen: 23
2a00:11c0:60::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Feb 2023 05:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:a5:32:53:42:c4:70:82:a8:ae:16:fb:12:fb:2b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Feb 22 10:22:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e096e03b005ddda04bdda129cbe636d9259c040c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a3:65:cc:b9:42:26:44:74:68:ac:65:2a:57:
32:6f:ee:c5:bb:3f:96:75:d8:ef:ca:36:0a:d3:3d:
7d:f8:7d:62:59:88:d3:10:31:47:f8:2b:8c:f9:19:
c0:f9:8c:e2:2b:49:85:fd:48:20:61:e7:85:77:37:
f8:59:13:00:d3:a2:5e:84:18:a7:ea:76:ca:85:1e:
bc:a3:a0:05:ba:a3:18:ef:83:13:93:22:61:4a:69:
51:cd:f1:24:18:44:f4:ef:25:c8:0d:01:a2:91:c2:
44:83:06:b2:9f:aa:63:a1:3e:9e:b4:4e:fa:dd:2c:
0b:14:d4:d2:a0:1f:fd:0c:3a:ac:91:48:d1:97:fd:
86:d3:17:e9:93:18:a2:44:ba:58:a1:38:19:22:d6:
f6:18:47:49:9a:0a:4a:aa:f9:ea:62:2d:47:af:6e:
51:6e:82:68:8e:b5:27:ce:04:a0:88:5b:81:d2:24:
e1:10:8b:fe:29:4a:2c:3e:3a:73:d3:86:5c:64:05:
e6:03:fc:38:b9:67:a4:65:41:51:e9:74:0f:a3:a9:
c3:ff:ef:8d:64:0c:9d:61:8c:1d:63:c7:48:46:75:
8e:0b:52:2c:8f:ad:e5:e2:fc:49:3f:3a:84:f3:07:
0b:18:ba:10:64:d7:bd:0b:c7:f2:02:f7:7b:ec:c9:
87:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:96:E0:3B:00:5D:DD:A0:4B:DD:A1:29:CB:E6:36:D9:25:9C:04:0C
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/4JbgOwBd3aBL3aEpy-Y22SWcBAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.30.0/23
94.16.112.0/21
185.232.68.0/22
188.172.228.0/23
193.26.156.0/22
194.36.144.0/22
IPv6:
2a00:11c0:60::/48
Signature Algorithm: sha256WithRSAEncryption
54:eb:6c:8b:d9:f4:35:a6:bd:f9:5a:a1:db:47:74:42:67:58:
9b:2b:e2:58:f9:39:31:77:63:08:42:68:91:00:d4:3c:eb:44:
b5:af:ab:a5:12:54:61:63:32:9d:c1:dd:db:11:05:34:b2:66:
9f:95:84:a8:d4:43:74:e2:e6:b1:2a:04:0f:bd:1d:6a:70:a9:
8e:d9:9b:a6:fd:eb:d0:6c:1d:6e:7c:11:9b:b8:b4:89:da:4a:
0d:7c:35:9d:bb:db:a2:bf:70:f2:13:02:50:c4:3c:fe:bd:3e:
b1:e0:87:c7:9a:4a:49:e6:0e:9d:ad:c0:15:ca:f1:88:b8:26:
82:26:e5:ec:30:bb:17:84:f8:de:3a:fa:de:d0:53:4c:d1:29:
bc:73:2e:b4:80:a7:66:f3:b7:5e:48:08:a3:35:30:ca:c7:25:
67:cd:ee:5b:9f:5e:b0:54:3e:b6:17:ff:2e:22:2a:a4:b4:84:
c2:9e:e1:62:4a:fe:1a:63:56:82:96:1a:90:49:90:90:4a:fa:
ca:bb:0d:a6:86:4f:41:f2:85:0a:cb:f7:d3:28:07:1b:fe:87:
13:b6:0b:ab:53:ce:cf:c6:86:27:f5:f9:43:42:13:e3:34:bc:
ad:97:54:1e:2d:13:3b:da:55:c0:57:49:13:8c:5e:d0:7d:16:
5e:b4:19:81
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYZ4pTJTQsRwgqiuFvsS+ysqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwMjIyMTAyMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDk2ZTAzYjAwNWRkZGEwNGJkZGExMjljYmU2MzZkOTI1OWMwNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6NlzLlCJkR0aKxlKlcyb+7Fuz+W
ddjvyjYK0z19+H1iWYjTEDFH+CuM+RnA+YziK0mF/UggYeeFdzf4WRMA06JehBin
6nbKhR68o6AFuqMY74MTkyJhSmlRzfEkGET07yXIDQGikcJEgwayn6pjoT6etE76
3SwLFNTSoB/9DDqskUjRl/2G0xfpkxiiRLpYoTgZItb2GEdJmgpKqvnqYi1Hr25R
boJojrUnzgSgiFuB0iThEIv+KUosPjpz04ZcZAXmA/w4uWekZUFR6XQPo6nD/++N
ZAydYYwdY8dIRnWOC1Isj63l4vxJPzqE8wcLGLoQZNe9C8fyAvd77MmHwwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFOCW4DsAXd2gS92hKcvmNtklnAQMMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvNEpiZ093QmQzYUJMM2FFcHktWTIyU1djQkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQBXhAeAwQD
XhBwAwQCuehEAwQBvKzkAwQCwRqcAwQCwiSQMA8EAgACMAkDBwAqABHAAGAwDQYJ
KoZIhvcNAQELBQADggEBAFTrbIvZ9DWmvflaodtHdEJnWJsr4lj5OTF3YwhCaJEA
1DzrRLWvq6USVGFjMp3B3dsRBTSyZp+VhKjUQ3Ti5rEqBA+9HWpwqY7Zm6b969Bs
HW58EZu4tInaSg18NZ2726K/cPITAlDEPP69PrHgh8eaSknmDp2twBXK8Yi4JoIm
5ewwuxeE+N46+t7QU0zRKbxzLrSAp2bzt15ICKM1MMrHJWfN7lufXrBUPrYX/y4i
KqS0hMKe4WJK/hpjVoKWGpBJkJBK+sq7DaaGT0HyhQrL99MoBxv+hxO2C6tTzs/G
hif1+UNCE+M0vK2XVB4tEzvaVcBXSROMXtB9Fl60GYE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org