Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/D-4Z8DpH8aKg7Lilx3kmrKEIFiA.roa
File: D-4Z8DpH8aKg7Lilx3kmrKEIFiA.roa (raw, json)
Hash identifier: /YFI2XIBx+m2LWTfeI3l/8aMX3FIBDdWLq6Lt3U++cc=
Subject key identifier: 0F:EE:19:F0:3A:47:F1:A2:A0:EC:B8:A5:C7:79:26:AC:A1:08:16:20
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 019094C19A95324BF78EB27DD69BCD1A16E7
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/D-4Z8DpH8aKg7Lilx3kmrKEIFiA.roa
Signing time: Mon 08 Jul 2024 23:50:34 +0000
ROA not before: Mon 08 Jul 2024 23:50:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 151.145.128.0/19 maxlen: 19
158.120.48.0/24 maxlen: 24
158.120.50.0/24 maxlen: 24
158.120.52.0/24 maxlen: 24
158.120.54.0/24 maxlen: 24
158.120.56.0/24 maxlen: 24
158.120.58.0/24 maxlen: 24
158.120.60.0/24 maxlen: 24
158.120.62.0/24 maxlen: 24
170.100.128.0/22 maxlen: 22
170.100.152.0/21 maxlen: 21
170.100.192.0/21 maxlen: 21
170.100.200.0/22 maxlen: 22
192.6.64.0/22 maxlen: 22
192.6.172.0/22 maxlen: 22
192.6.252.0/22 maxlen: 22
192.25.180.0/22 maxlen: 22
192.25.200.0/22 maxlen: 22
192.25.208.0/22 maxlen: 22
192.25.232.0/22 maxlen: 22
192.25.244.0/22 maxlen: 22
192.137.24.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 30 Jul 2024 18:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:94:c1:9a:95:32:4b:f7:8e:b2:7d:d6:9b:cd:1a:16:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jul 8 23:50:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fee19f03a47f1a2a0ecb8a5c77926aca1081620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:eb:49:ad:fa:02:c5:d8:24:bc:82:cb:c2:fd:
6b:66:20:6b:3e:f7:c0:1e:da:1e:e4:0f:0d:a4:7a:
c1:ba:91:22:ad:a6:4e:5d:74:3a:61:2e:35:6b:68:
ec:3f:2f:3d:d2:71:c0:ac:65:34:ed:20:c9:5c:8b:
9f:eb:50:96:29:f4:15:cd:7f:64:19:f5:cf:5f:94:
85:84:25:dc:25:5e:28:18:48:8f:51:ea:6d:bc:5a:
e1:b7:b2:18:66:b3:a0:4c:8a:ca:36:af:5c:f4:83:
34:be:96:0f:36:cc:0e:2b:a3:44:31:de:4b:93:28:
a7:db:77:63:08:08:98:76:01:b2:4d:dc:e7:d2:24:
76:bd:03:0d:23:50:75:44:4c:8d:67:92:f0:be:43:
33:93:47:da:a9:2e:0f:70:b1:8d:0f:c9:6c:d5:a3:
5c:b7:62:78:2a:6e:bb:ec:55:f7:8c:63:44:69:be:
3e:56:04:95:e6:5b:56:ef:70:0f:ec:d6:b5:65:7d:
e5:c8:8a:09:dc:77:cf:5d:f2:a2:67:71:03:48:36:
8f:0d:e4:a5:dd:c8:07:70:46:d7:83:a6:32:2e:27:
48:bf:01:6c:81:f3:ab:48:60:7d:9f:44:99:0e:f3:
76:6f:cf:da:42:d3:9e:dc:b7:92:26:ff:0a:26:65:
3a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EE:19:F0:3A:47:F1:A2:A0:EC:B8:A5:C7:79:26:AC:A1:08:16:20
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/D-4Z8DpH8aKg7Lilx3kmrKEIFiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.145.128.0/19
158.120.48.0/24
158.120.50.0/24
158.120.52.0/24
158.120.54.0/24
158.120.56.0/24
158.120.58.0/24
158.120.60.0/24
158.120.62.0/24
170.100.128.0/22
170.100.152.0/21
170.100.192.0-170.100.203.255
192.6.64.0/22
192.6.172.0/22
192.6.252.0/22
192.25.180.0/22
192.25.200.0/22
192.25.208.0/22
192.25.232.0/22
192.25.244.0/22
192.137.24.0/22
Signature Algorithm: sha256WithRSAEncryption
46:50:05:3f:79:fd:ea:36:ae:f3:d9:5e:75:e1:97:2c:16:7b:
dd:9c:d4:07:17:66:1f:cd:a3:35:15:4d:9a:bf:92:d1:12:27:
9c:5a:38:50:4d:f9:7c:21:c5:27:a5:a9:01:06:f7:0c:b0:98:
db:20:16:c4:ed:e7:f6:6f:35:6b:23:a8:c4:01:4f:4a:90:4b:
ff:27:6c:ce:06:a4:b4:2f:0d:cb:e7:59:71:0b:69:22:8a:50:
bd:2d:fa:ba:cd:eb:8d:17:c7:bd:29:ff:17:00:cb:24:4a:b2:
24:98:e3:0d:6f:ad:c7:65:63:08:39:22:45:51:a0:ad:a2:90:
fd:d6:83:6f:f9:4c:76:e1:28:a3:0f:22:eb:88:35:53:03:5a:
7a:a8:b1:5c:0c:33:7f:b7:68:9b:90:96:7d:73:61:a9:3d:4f:
37:fc:25:95:ff:a0:6f:03:c3:31:b1:1f:f8:a2:78:f7:1b:ec:
9c:4a:6f:7c:ce:d1:e0:af:8b:c5:6c:08:6e:9f:2d:eb:46:0d:
c2:aa:6e:17:9d:43:ec:c7:1a:90:60:b6:f0:0f:18:55:55:30:
2a:b1:b4:97:3c:d3:5f:62:48:07:46:81:e6:f9:fd:05:a8:d0:
e4:64:10:7b:31:8e:5d:5f:bd:80:19:f3:56:a7:eb:90:3a:49:
8a:ee:51:a1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZCUwZqVMkv3jrJ91pvNGhbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjQwNzA4MjM1MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmVlMTlmMDNhNDdmMWEyYTBlY2I4YTVjNzc5MjZhY2ExMDgxNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsetJrfoCxdgkvILLwv1rZiBrPvfA
Htoe5A8NpHrBupEiraZOXXQ6YS41a2jsPy890nHArGU07SDJXIuf61CWKfQVzX9k
GfXPX5SFhCXcJV4oGEiPUeptvFrht7IYZrOgTIrKNq9c9IM0vpYPNswOK6NEMd5L
kyin23djCAiYdgGyTdzn0iR2vQMNI1B1REyNZ5LwvkMzk0faqS4PcLGND8ls1aNc
t2J4Km677FX3jGNEab4+VgSV5ltW73AP7Na1ZX3lyIoJ3HfPXfKiZ3EDSDaPDeSl
3cgHcEbXg6YyLidIvwFsgfOrSGB9n0SZDvN2b8/aQtOe3LeSJv8KJmU6tQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFA/uGfA6R/GioOy4pcd5JqyhCBYgMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvRC00WjhEcEg4YUtnN0xpbHgza21yS0VJRmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAWX
kYADBACeeDADBACeeDIDBACeeDQDBACeeDYDBACeeDgDBACeeDoDBACeeDwDBACe
eD4DBAKqZIADBAOqZJgwDAMEBqpkwAMEAqpkyAMEAsAGQAMEAsAGrAMEAsAG/AME
AsAZtAMEAsAZyAMEAsAZ0AMEAsAZ6AMEAsAZ9AMEAsCJGDANBgkqhkiG9w0BAQsF
AAOCAQEARlAFP3n96jau89ledeGXLBZ73ZzUBxdmH82jNRVNmr+S0RInnFo4UE35
fCHFJ6WpAQb3DLCY2yAWxO3n9m81ayOoxAFPSpBL/ydszgaktC8Ny+dZcQtpIopQ
vS36us3rjRfHvSn/FwDLJEqyJJjjDW+tx2VjCDkiRVGgraKQ/daDb/lMduEoow8i
64g1UwNaeqixXAwzf7dom5CWfXNhqT1PN/wllf+gbwPDMbEf+KJ49xvsnEpvfM7R
4K+LxWwIbp8t60YNwqpuF51D7McakGC28A8YVVUwKrG0lzzTX2JIB0aB5vn9BajQ
5GQQezGOXV+9gBnzVqfrkDpJiu5RoQ==
-----END CERTIFICATE-----
Generated at Tue Jul 30 19:59:41 2024 by rpki-client on console-ams.rpki-client.org