Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/k4L7gqAHP0RBZGmEW-0RQ24PIsM.roa
File: k4L7gqAHP0RBZGmEW-0RQ24PIsM.roa (raw, json)
Hash identifier: cg176EQEKtcxoMDQl860MtC2aVlYGQyLjt1fQn2xFcA=
Subject key identifier: 93:82:FB:82:A0:07:3F:44:41:64:69:84:5B:ED:11:43:6E:0F:22:C3
Certificate issuer: /CN=0b8fb1deb09e72425b309a1414917daf893bef59
Certificate serial: 0185723A298639461F52B0CC1F49D93FD359
Authority key identifier: 0B:8F:B1:DE:B0:9E:72:42:5B:30:9A:14:14:91:7D:AF:89:3B:EF:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C4-x3rCeckJbMJoUFJF9r4k771k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/k4L7gqAHP0RBZGmEW-0RQ24PIsM.roa
Signing time: Mon 02 Jan 2023 11:24:52 +0000
ROA not before: Mon 02 Jan 2023 11:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48324
IP address blocks: 89.44.8.0/24 maxlen: 24
185.30.32.0/22 maxlen: 22
88.82.224.0/19 maxlen: 19
185.10.70.0/24 maxlen: 24
37.17.224.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:29:86:39:46:1f:52:b0:cc:1f:49:d9:3f:d3:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8fb1deb09e72425b309a1414917daf893bef59
Validity
Not Before: Jan 2 11:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9382fb82a0073f44416469845bed11436e0f22c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dd:cb:eb:30:33:89:6f:8e:b0:e2:cc:f4:7d:
a7:11:e9:64:6f:af:c8:d4:45:cd:d2:b4:24:2e:df:
7d:0d:ab:5e:83:08:dd:73:c7:e0:8b:f1:36:61:d4:
2f:79:92:0c:25:7d:34:d2:d9:28:13:34:8f:bc:63:
4d:9e:b0:28:33:07:e2:91:ca:53:34:8a:ea:4a:6b:
35:63:fa:95:f5:c1:19:b0:27:7b:68:b1:0b:21:98:
66:2e:73:70:ab:07:a3:3e:54:94:ef:34:ff:cf:62:
fa:d5:82:b9:2c:22:74:63:fe:f4:18:48:d1:68:7e:
1c:e5:38:0e:7c:2b:ea:61:e7:ce:78:a3:07:03:99:
93:60:34:1a:7e:3d:f7:45:e1:98:bc:4c:8c:0e:de:
82:cd:2f:26:1d:0f:20:64:d7:43:2e:d9:c6:52:1d:
aa:d4:54:df:be:6e:92:b7:91:fd:a3:9c:76:ef:ca:
42:69:a2:60:24:92:b4:4c:c3:44:bf:0d:e1:1b:49:
19:e2:b0:5d:44:a9:41:d3:a3:2e:69:b3:f2:48:a6:
d2:b4:16:fe:aa:d8:c7:f5:2e:91:54:88:2f:45:ce:
02:d6:22:e6:35:29:83:1d:a2:25:71:e1:3f:0b:32:
cf:88:71:dc:4b:47:ca:bf:3d:96:06:20:3d:eb:7c:
2a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:82:FB:82:A0:07:3F:44:41:64:69:84:5B:ED:11:43:6E:0F:22:C3
X509v3 Authority Key Identifier:
keyid:0B:8F:B1:DE:B0:9E:72:42:5B:30:9A:14:14:91:7D:AF:89:3B:EF:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C4-x3rCeckJbMJoUFJF9r4k771k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/k4L7gqAHP0RBZGmEW-0RQ24PIsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/C4-x3rCeckJbMJoUFJF9r4k771k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.224.0/21
88.82.224.0/19
89.44.8.0/24
185.10.70.0/24
185.30.32.0/22
Signature Algorithm: sha256WithRSAEncryption
96:76:f6:4c:87:d6:a4:a5:94:87:33:a2:16:4e:7d:62:ec:de:
a6:73:e2:14:77:76:a8:35:e8:86:92:79:3b:0b:21:82:03:21:
7b:54:48:96:cc:7a:b4:ce:d5:b8:34:83:2e:da:31:75:a9:a0:
e4:f0:4c:89:39:02:61:a1:ef:a7:92:cd:18:29:c4:d0:1b:ef:
2d:21:40:20:e6:4d:70:a1:7d:8b:06:b9:f0:d6:9c:60:e4:6b:
13:3b:12:d0:ce:78:4a:3e:ff:f2:cb:b0:5b:58:d9:0b:ea:ed:
d3:8d:ec:16:cf:e7:af:1f:6a:b3:ad:90:44:ba:40:f4:a9:90:
73:76:fd:3e:5a:f9:68:24:93:d5:1b:c1:e1:bf:33:86:1c:89:
de:59:e7:04:40:8e:bb:a8:2c:e6:02:56:12:21:c8:d9:e2:57:
84:d5:de:23:51:e1:20:4f:9b:47:b0:e9:9d:cc:b5:ec:ba:f6:
2b:25:e7:55:08:cc:39:41:32:19:52:94:22:d5:95:1e:89:ee:
b2:83:a0:ee:dd:e2:6f:d2:9a:3c:69:ef:35:ec:33:3e:2d:26:
b2:72:c5:e5:d2:ec:65:97:61:9b:36:e8:14:19:94:c5:35:cd:
cb:b4:eb:d8:4e:b2:55:d3:ef:a7:1d:6f:d3:0c:8a:e6:0c:94:
ec:63:ce:06
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVyOimGOUYfUrDMH0nZP9NZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGZiMWRlYjA5ZTcyNDI1YjMwOWExNDE0OTE3ZGFmODkz
YmVmNTkwHhcNMjMwMTAyMTEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzgyZmI4MmEwMDczZjQ0NDE2NDY5ODQ1YmVkMTE0MzZlMGYyMmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy93L6zAziW+OsOLM9H2nEelkb6/I
1EXN0rQkLt99Dategwjdc8fgi/E2YdQveZIMJX000tkoEzSPvGNNnrAoMwfikcpT
NIrqSms1Y/qV9cEZsCd7aLELIZhmLnNwqwejPlSU7zT/z2L61YK5LCJ0Y/70GEjR
aH4c5TgOfCvqYefOeKMHA5mTYDQafj33ReGYvEyMDt6CzS8mHQ8gZNdDLtnGUh2q
1FTfvm6St5H9o5x278pCaaJgJJK0TMNEvw3hG0kZ4rBdRKlB06MuabPySKbStBb+
qtjH9S6RVIgvRc4C1iLmNSmDHaIlceE/CzLPiHHcS0fKvz2WBiA963wqzwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJOC+4KgBz9EQWRphFvtEUNuDyLDMB8GA1UdIwQY
MBaAFAuPsd6wnnJCWzCaFBSRfa+JO+9ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQteDNyQ2Vja0piTUpvVUZKRjlyNGs3NzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mYzc2M2ItODNlNi00YmQxLWI5M2Et
Zjg3ODVhNTgxMDZjLzEvazRMN2dxQUhQMFJCWkdtRVctMFJRMjRQSXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mYzc2M2ItODNlNi00YmQxLWI5M2EtZjg3ODVhNTgxMDZj
LzEvQzQteDNyQ2Vja0piTUpvVUZKRjlyNGs3NzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJRHgAwQF
WFLgAwQAWSwIAwQAuQpGAwQCuR4gMA0GCSqGSIb3DQEBCwUAA4IBAQCWdvZMh9ak
pZSHM6IWTn1i7N6mc+IUd3aoNeiGknk7CyGCAyF7VEiWzHq0ztW4NIMu2jF1qaDk
8EyJOQJhoe+nks0YKcTQG+8tIUAg5k1woX2LBrnw1pxg5GsTOxLQznhKPv/yy7Bb
WNkL6u3TjewWz+evH2qzrZBEukD0qZBzdv0+WvloJJPVG8HhvzOGHIneWecEQI67
qCzmAlYSIcjZ4leE1d4jUeEgT5tHsOmdzLXsuvYrJedVCMw5QTIZUpQi1ZUeie6y
g6Du3eJv0po8ae817DM+LSaycsXl0uxll2GbNugUGZTFNc3LtOvYTrJV0++nHW/T
DIrmDJTsY84G
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:28 2024 by rpki-client on console-ams.rpki-client.org