Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4_Z_czy1PEa3paUx68b-iwS7vEE.roa
File: 4_Z_czy1PEa3paUx68b-iwS7vEE.roa (raw, json)
Hash identifier: C3MmsbowCKCjTdjonDwrSAGkbxnuNgzAUmX9RysYODw=
Subject key identifier: E3:F6:7F:73:3C:B5:3C:46:B7:A5:A5:31:EB:C6:FE:8B:04:BB:BC:41
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C9C535DBDFD87BB40503F413233C2EE86
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4_Z_czy1PEa3paUx68b-iwS7vEE.roa
Signing time: Sun 24 Dec 2023 14:55:58 +0000
ROA not before: Sun 24 Dec 2023 14:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Dec 2023 11:44:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:53:5d:bd:fd:87:bb:40:50:3f:41:32:33:c2:ee:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 24 14:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3f67f733cb53c46b7a5a531ebc6fe8b04bbbc41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a1:e1:17:2d:ed:b4:da:e1:36:69:99:ad:2f:
9b:e4:5e:5d:02:64:56:8f:03:b7:da:07:24:10:e5:
84:df:f8:5f:f9:a4:55:b4:02:20:f6:9c:5d:18:45:
8f:c2:e0:a0:4b:36:56:4c:1a:21:bb:fc:c4:f9:03:
4d:10:1c:34:ab:c5:80:10:d7:9b:1c:05:85:b9:08:
61:ed:a7:c4:00:be:4e:a1:8b:6e:bc:d9:01:87:ce:
7b:a5:61:61:07:3e:0b:5b:50:81:49:1d:a2:44:18:
fa:bb:6b:e3:0c:5a:4b:a7:6c:ef:75:98:2e:6d:a5:
07:b0:4b:04:9c:8f:3b:fd:54:90:02:18:3d:09:1a:
d8:5a:36:33:4b:26:38:a5:90:30:02:35:a5:6b:54:
cf:a9:62:c4:07:27:15:24:3d:ea:a9:e3:24:3a:a8:
16:f2:a3:03:ff:04:ac:c6:a2:03:58:b8:5b:7f:59:
a1:44:25:4e:93:df:17:ea:ad:eb:26:78:fa:95:83:
3e:d4:42:5e:29:5b:a5:d7:72:5c:11:cb:f1:45:c8:
8b:5c:93:c0:81:8f:a0:27:1e:39:3c:11:24:f5:23:
44:56:bc:1c:23:b4:64:75:7c:a2:5a:c9:8c:91:ee:
b4:2c:d2:a9:6e:5e:e4:7f:db:f6:e1:27:21:11:77:
a5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F6:7F:73:3C:B5:3C:46:B7:A5:A5:31:EB:C6:FE:8B:04:BB:BC:41
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4_Z_czy1PEa3paUx68b-iwS7vEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
82.153.1.0/24
82.153.136.0/22
89.213.147.0-89.213.159.255
89.213.172.0/22
89.213.180.0/23
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:8b:d6:1f:27:80:45:90:9e:bc:4c:30:36:5c:09:e7:5f:83:
eb:44:5f:d8:0a:b2:8b:17:0a:09:ec:4d:76:f8:1c:83:10:24:
1b:77:da:aa:14:31:75:8d:85:7d:94:62:67:14:72:1f:8c:35:
01:52:1f:7e:1e:cd:b6:22:81:64:29:cc:58:99:6b:4e:0c:0a:
a7:08:d8:60:bc:b8:35:f6:6c:06:56:97:62:2a:fd:f2:18:dc:
bc:1f:e8:38:52:14:40:a3:70:76:3b:81:2e:cb:af:4f:f4:89:
e5:e5:50:e9:89:d0:64:a1:b9:1d:20:67:9d:d7:cc:ea:1a:2a:
86:28:2e:8a:1d:d6:3c:51:de:30:14:db:a9:02:a5:c1:0a:2e:
f4:1a:17:d1:b4:96:36:cb:41:46:27:a6:ba:e3:5f:fa:fe:de:
16:0e:ad:07:e5:45:1e:8b:a6:e0:49:b8:2c:bf:64:d4:65:64:
5a:47:a6:3f:60:3b:61:38:f1:25:78:c0:ae:93:2b:38:8b:75:
09:52:9d:b7:52:39:77:e7:4d:4e:f7:75:93:d2:b3:2b:75:0e:
4a:2e:89:1d:ba:c0:aa:82:af:2e:ba:9f:d6:51:d9:ba:f3:24:
e7:b6:b3:3b:7d:24:db:75:3d:0a:c6:dc:8b:eb:1d:18:e7:ae:
b4:4d:08:42
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYycU129/Ye7QFA/QTIzwu6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI0MTQ1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Y2N2Y3MzNjYjUzYzQ2YjdhNWE1MzFlYmM2ZmU4YjA0YmJiYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKHhFy3ttNrhNmmZrS+b5F5dAmRW
jwO32gckEOWE3/hf+aRVtAIg9pxdGEWPwuCgSzZWTBohu/zE+QNNEBw0q8WAENeb
HAWFuQhh7afEAL5OoYtuvNkBh857pWFhBz4LW1CBSR2iRBj6u2vjDFpLp2zvdZgu
baUHsEsEnI87/VSQAhg9CRrYWjYzSyY4pZAwAjWla1TPqWLEBycVJD3qqeMkOqgW
8qMD/wSsxqIDWLhbf1mhRCVOk98X6q3rJnj6lYM+1EJeKVul13JcEcvxRciLXJPA
gY+gJx45PBEk9SNEVrwcI7RkdXyiWsmMke60LNKpbl7kf9v24SchEXelpQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOP2f3M8tTxGt6WlMevG/osEu7xBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNF9aX2N6eTFQRWEzcGFVeDY4Yi1pd1M3dkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQA
UpkBAwQCUpmIMAwDBABZ1ZMDBAVZ1YADBAJZ1awDBAFZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAAyL1h8ngEWQnrxMMDZcCedfg+tEX9gKsosXCgns
TXb4HIMQJBt32qoUMXWNhX2UYmcUch+MNQFSH34ezbYigWQpzFiZa04MCqcI2GC8
uDX2bAZWl2Iq/fIY3Lwf6DhSFECjcHY7gS7Lr0/0ieXlUOmJ0GShuR0gZ53XzOoa
KoYoLood1jxR3jAU26kCpcEKLvQaF9G0ljbLQUYnprrjX/r+3hYOrQflRR6LpuBJ
uCy/ZNRlZFpHpj9gO2E48SV4wK6TKziLdQlSnbdSOXfnTU73dZPSsyt1DkouiR26
wKqCry66n9ZR2brzJOe2szt9JNt1PQrG3IvrHRjnrrRNCEI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org