Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/4b4NrP7VXCIRNsFk7JFQe4n1bqg.roa
File: 4b4NrP7VXCIRNsFk7JFQe4n1bqg.roa (raw, json)
Hash identifier: HkTSc2RDoV/xz6fa3vWjnzPiDKFAyB4bRpTjlybnoLM=
Subject key identifier: E1:BE:0D:AC:FE:D5:5C:22:11:36:C1:64:EC:91:50:7B:89:F5:6E:A8
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E13F43405B9649B014439482F9A3B595B
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/4b4NrP7VXCIRNsFk7JFQe4n1bqg.roa
Signing time: Wed 06 Mar 2024 13:29:14 +0000
ROA not before: Wed 06 Mar 2024 13:29:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16625
IP address blocks: 84.53.156.0/22 maxlen: 22
84.53.164.0/22 maxlen: 22
84.53.188.0/22 maxlen: 22
92.123.240.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 19 Mar 2024 13:24:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:f4:34:05:b9:64:9b:01:44:39:48:2f:9a:3b:59:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 6 13:29:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1be0dacfed55c221136c164ec91507b89f56ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:11:e6:83:f8:2c:a1:f5:ec:7f:21:9d:77:5a:
49:2c:fe:fc:c2:5d:19:28:c1:21:b0:81:d9:f3:51:
f8:c1:0d:00:45:10:3c:99:e9:27:c2:9a:dd:e9:d3:
70:66:3c:f1:27:76:ce:63:e3:2c:4e:71:ac:77:99:
f5:d4:cd:d1:66:07:bb:4f:31:37:14:3f:0c:a4:63:
4e:fc:49:bb:c2:45:f6:7d:64:b8:2b:54:bc:64:03:
fa:1b:66:aa:76:fc:92:15:6b:be:f0:81:3d:8c:2e:
48:03:51:40:b2:40:ae:14:88:75:de:b3:45:65:e3:
2b:aa:36:78:6e:fe:1e:d7:b0:d2:01:e1:08:b6:9d:
cf:1a:46:5d:a5:cc:72:cd:e6:19:92:37:ee:e9:e1:
1c:41:ce:d5:e0:7b:8e:94:b7:ff:cf:c5:2e:0d:e7:
16:16:f7:99:d3:3a:80:93:02:62:0e:d7:c9:26:df:
f8:8f:19:2d:e5:3d:66:31:87:72:fa:fd:6a:62:c1:
99:cc:35:28:eb:a3:c9:18:2d:ee:24:8b:8b:7c:4c:
b7:b7:e7:3b:34:64:75:5c:04:d2:74:d8:c4:ad:e2:
24:98:a5:c4:6f:8f:7d:d1:c8:7e:0d:b0:68:05:7c:
d3:a1:ed:a3:b9:f4:94:d7:1d:49:d6:2b:a3:3a:0e:
74:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BE:0D:AC:FE:D5:5C:22:11:36:C1:64:EC:91:50:7B:89:F5:6E:A8
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/4b4NrP7VXCIRNsFk7JFQe4n1bqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.53.156.0/22
84.53.164.0/22
84.53.188.0/22
92.123.240.0/22
Signature Algorithm: sha256WithRSAEncryption
78:78:c0:1e:57:c4:e3:d3:b7:4f:7c:89:b4:f8:ad:89:20:97:
60:0e:ce:15:5b:64:bc:48:6c:ee:3b:f8:fe:92:82:21:e3:d9:
b9:cc:3b:97:86:c8:0a:94:ed:8d:fa:f6:23:5d:d8:8c:33:ce:
82:28:cb:59:fc:bb:d6:f9:9a:58:27:25:14:39:22:db:c4:67:
5f:b7:f0:73:62:dd:0b:be:d9:f0:39:d0:04:cf:b7:86:23:46:
30:3e:a1:7c:9c:37:5a:38:e4:dc:59:e3:37:01:8c:1f:2a:c5:
28:06:94:21:e7:76:66:f4:7d:97:c7:c5:e8:83:64:25:9b:5e:
7c:04:14:f7:7c:01:bc:6e:98:b5:dd:b9:83:aa:2f:c8:0d:f6:
9f:24:1e:41:8f:30:28:4e:90:92:86:13:30:d2:9d:b9:a6:3b:
17:cb:c6:78:bd:5d:78:a0:e4:18:ce:d2:6e:3b:bb:bb:1e:23:
b8:52:5e:5c:e9:a8:1f:9a:0e:13:69:dd:8a:7c:ff:69:24:21:
22:db:c7:12:38:ab:0e:e9:a8:08:82:0d:ae:6c:84:72:29:df:
4f:dc:b2:94:29:bb:58:f3:36:b3:59:d3:26:e3:47:2f:39:85:
15:a8:36:a9:3c:ec:fc:45:8f:54:e2:69:12:cd:86:8b:4b:16:
a7:27:b6:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4T9DQFuWSbAUQ5SC+aO1lbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzA2MTMyOTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWJlMGRhY2ZlZDU1YzIyMTEzNmMxNjRlYzkxNTA3Yjg5ZjU2ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhHmg/gsofXsfyGdd1pJLP78wl0Z
KMEhsIHZ81H4wQ0ARRA8meknwprd6dNwZjzxJ3bOY+MsTnGsd5n11M3RZge7TzE3
FD8MpGNO/Em7wkX2fWS4K1S8ZAP6G2aqdvySFWu+8IE9jC5IA1FAskCuFIh13rNF
ZeMrqjZ4bv4e17DSAeEItp3PGkZdpcxyzeYZkjfu6eEcQc7V4HuOlLf/z8UuDecW
FveZ0zqAkwJiDtfJJt/4jxkt5T1mMYdy+v1qYsGZzDUo66PJGC3uJIuLfEy3t+c7
NGR1XATSdNjEreIkmKXEb4990ch+DbBoBXzToe2jufSU1x1J1iujOg50EQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOG+Daz+1VwiETbBZOyRUHuJ9W6oMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvNGI0TnJQN1ZYQ0lSTnNGazdKRlFlNG4xYnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVDWcAwQC
VDWkAwQCVDW8AwQCXHvwMA0GCSqGSIb3DQEBCwUAA4IBAQB4eMAeV8Tj07dPfIm0
+K2JIJdgDs4VW2S8SGzuO/j+koIh49m5zDuXhsgKlO2N+vYjXdiMM86CKMtZ/LvW
+ZpYJyUUOSLbxGdft/BzYt0LvtnwOdAEz7eGI0YwPqF8nDdaOOTcWeM3AYwfKsUo
BpQh53Zm9H2Xx8Xog2Qlm158BBT3fAG8bpi13bmDqi/IDfafJB5BjzAoTpCShhMw
0p25pjsXy8Z4vV14oOQYztJuO7u7HiO4Ul5c6agfmg4Tad2KfP9pJCEi28cSOKsO
6agIgg2ubIRyKd9P3LKUKbtY8zazWdMm40cvOYUVqDapPOz8RY9U4mkSzYaLSxan
J7bh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:32 2024 by rpki-client on console-fra.rpki-client.org