Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/4wV1YyHF133hYwmZtXsYFdz-Vj8.roa
File: 4wV1YyHF133hYwmZtXsYFdz-Vj8.roa (raw, json)
Hash identifier: HRfdkzl9q0cREF0F8+HYVMB4O4jxPmqKPqmX5vn47W4=
Subject key identifier: E3:05:75:63:21:C5:D7:7D:E1:63:09:99:B5:7B:18:15:DC:FE:56:3F
Certificate issuer: /CN=668e9b2eefb205342382b6072a903f9d9837071a
Certificate serial: 018571276F98A0033EAE60C50F462C079525
Authority key identifier: 66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/4wV1YyHF133hYwmZtXsYFdz-Vj8.roa
Signing time: Mon 02 Jan 2023 06:24:47 +0000
ROA not before: Mon 02 Jan 2023 06:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44056
IP address blocks: 176.125.192.0/19 maxlen: 19
91.230.146.0/24 maxlen: 24
31.135.224.0/20 maxlen: 20
46.148.128.0/22 maxlen: 22
46.148.128.0/20 maxlen: 20
46.148.143.0/24 maxlen: 24
195.2.238.0/23 maxlen: 23
109.196.64.0/22 maxlen: 22
109.196.64.0/20 maxlen: 24
109.196.68.0/22 maxlen: 22
91.195.130.0/23 maxlen: 23
83.97.104.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 14 Apr 2023 14:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:6f:98:a0:03:3e:ae:60:c5:0f:46:2c:07:95:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668e9b2eefb205342382b6072a903f9d9837071a
Validity
Not Before: Jan 2 06:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e305756321c5d77de1630999b57b1815dcfe563f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c1:f4:16:3a:18:be:bc:c8:67:6a:55:ae:b1:
18:89:8e:db:e0:aa:89:a1:3d:3a:78:62:09:52:0f:
b3:50:4d:e4:7a:64:11:7a:8b:12:10:1d:5e:91:5b:
e3:7c:e1:b6:3c:09:7f:b2:61:29:b9:2e:b9:ce:ba:
f6:dd:f1:ba:80:47:51:14:b8:17:3f:2e:44:ed:0b:
1a:af:1e:19:f1:07:b7:88:7c:bb:e8:c1:93:f5:17:
9f:08:af:c9:40:f9:12:6a:ec:20:29:28:0a:ee:78:
cc:6d:6e:5d:16:7d:3e:d4:c5:86:56:78:f7:56:be:
37:74:7d:a3:f0:de:5a:43:87:b0:af:9e:27:cb:c8:
8a:4e:3f:ab:ec:12:0b:76:c5:a7:e1:1c:bb:33:2c:
f7:28:4a:18:5b:c5:23:9c:ed:85:3d:c1:2a:8d:e8:
c3:55:de:2c:6f:41:9f:66:29:bc:4f:69:23:0d:94:
b4:8f:00:59:db:ee:81:de:72:0d:87:75:5c:92:bf:
98:74:01:2f:c1:59:b9:47:8d:99:c6:ca:bf:8f:0f:
38:09:43:59:44:13:ae:98:fb:3b:12:d7:4c:2c:37:
9c:dc:5e:35:cc:9e:9f:1a:10:79:d8:09:5a:f7:c8:
7d:a0:9c:5a:53:01:73:00:c5:8c:ef:de:b8:f4:09:
0d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:05:75:63:21:C5:D7:7D:E1:63:09:99:B5:7B:18:15:DC:FE:56:3F
X509v3 Authority Key Identifier:
keyid:66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/4wV1YyHF133hYwmZtXsYFdz-Vj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.224.0/20
46.148.128.0/20
83.97.104.0/21
91.195.130.0/23
91.230.146.0/24
109.196.64.0/20
176.125.192.0/19
195.2.238.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:07:bd:46:84:e4:47:67:5b:8d:a5:4e:91:13:78:da:e2:ef:
51:d5:a1:14:c9:5e:f1:73:b2:e3:d4:16:17:c6:b8:63:de:e6:
9a:91:4b:c1:f5:ec:12:5f:e3:8f:ae:3b:0e:40:47:db:82:ca:
11:44:ad:89:43:23:73:f1:13:f3:20:df:9c:ef:a3:25:d5:6a:
d4:84:dd:d0:98:3e:d8:b8:77:05:23:bc:68:20:0d:6e:c9:dd:
e8:19:39:f6:d5:bb:87:0d:9a:bb:66:ba:be:5c:e1:cd:47:51:
55:d0:31:72:70:91:c3:f7:70:6e:de:f0:e6:b5:1b:59:70:ac:
01:2f:50:c2:45:82:c6:34:44:b2:76:d9:c6:20:0a:1d:6b:42:
e5:eb:f1:ca:3f:0f:6a:2a:d4:a4:9b:61:22:04:e1:80:41:6a:
ea:0c:58:9c:cd:d0:a3:88:96:35:ec:af:90:79:db:dd:38:f8:
98:74:98:29:c6:2f:64:2a:dc:1b:76:cd:6d:56:bf:8e:91:5d:
f1:8b:3e:dd:b3:11:f6:13:02:53:2e:75:af:52:68:3e:49:55:
81:ad:e8:d8:cf:a5:58:34:b7:94:2b:8b:5f:a7:6c:0e:86:ef:
3d:4c:e3:27:00:11:42:6d:5f:91:fb:33:09:fd:93:06:0b:2c:
c7:bf:be:4e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVxJ2+YoAM+rmDFD0YsB5UlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGU5YjJlZWZiMjA1MzQyMzgyYjYwNzJhOTAzZjlkOTgz
NzA3MWEwHhcNMjMwMTAyMDYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzA1NzU2MzIxYzVkNzdkZTE2MzA5OTliNTdiMTgxNWRjZmU1NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsH0FjoYvrzIZ2pVrrEYiY7b4KqJ
oT06eGIJUg+zUE3kemQReosSEB1ekVvjfOG2PAl/smEpuS65zrr23fG6gEdRFLgX
Py5E7Qsarx4Z8Qe3iHy76MGT9RefCK/JQPkSauwgKSgK7njMbW5dFn0+1MWGVnj3
Vr43dH2j8N5aQ4ewr54ny8iKTj+r7BILdsWn4Ry7Myz3KEoYW8UjnO2FPcEqjejD
Vd4sb0GfZim8T2kjDZS0jwBZ2+6B3nINh3Vckr+YdAEvwVm5R42Zxsq/jw84CUNZ
RBOumPs7EtdMLDec3F41zJ6fGhB52Ala98h9oJxaUwFzAMWM79649AkN1wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOMFdWMhxdd94WMJmbV7GBXc/lY/MB8GA1UdIwQY
MBaAFGaOmy7vsgU0I4K2ByqQP52YNwcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMt
NGMwOGZmZTEwMDc2LzEvNHdWMVl5SEYxMzNoWXdtWnRYc1lGZHotVmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMtNGMwOGZmZTEwMDc2
LzEvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEH4fgAwQE
LpSAAwQDU2FoAwQBW8OCAwQAW+aSAwQEbcRAAwQFsH3AAwQBwwLuMA0GCSqGSIb3
DQEBCwUAA4IBAQCdB71GhORHZ1uNpU6RE3ja4u9R1aEUyV7xc7Lj1BYXxrhj3uaa
kUvB9ewSX+OPrjsOQEfbgsoRRK2JQyNz8RPzIN+c76Ml1WrUhN3QmD7YuHcFI7xo
IA1uyd3oGTn21buHDZq7Zrq+XOHNR1FV0DFycJHD93Bu3vDmtRtZcKwBL1DCRYLG
NESydtnGIAoda0Ll6/HKPw9qKtSkm2EiBOGAQWrqDFiczdCjiJY17K+QedvdOPiY
dJgpxi9kKtwbds1tVr+OkV3xiz7dsxH2EwJTLnWvUmg+SVWBrejYz6VYNLeUK4tf
p2wOhu89TOMnABFCbV+R+zMJ/ZMGCyzHv75O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:45 2024 by rpki-client on console-ams.rpki-client.org