Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/4CIkBmvNOwG9OFPs5kCt9yKJvJY.roa
File: 4CIkBmvNOwG9OFPs5kCt9yKJvJY.roa (raw, json)
Hash identifier: TLZsaG4VhFcRWI2wNlQaDea56syWjU9k0h8z3/t+uM0=
Subject key identifier: E0:22:24:06:6B:CD:3B:01:BD:38:53:EC:E6:40:AD:F7:22:89:BC:96
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 018CC8710D8655C8E7F086299B855FE388A2
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/4CIkBmvNOwG9OFPs5kCt9yKJvJY.roa
Signing time: Tue 02 Jan 2024 04:31:41 +0000
ROA not before: Tue 02 Jan 2024 04:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20875
IP address blocks: 212.39.96.0/19 maxlen: 24
185.38.144.0/22 maxlen: 24
159.20.16.0/21 maxlen: 24
95.156.128.0/18 maxlen: 24
5.133.128.0/19 maxlen: 24
37.8.128.0/20 maxlen: 24
46.35.128.0/19 maxlen: 24
92.240.32.0/19 maxlen: 24
62.113.0.0/19 maxlen: 24
85.94.128.0/19 maxlen: 24
2a02:28b8::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 12 Jul 2024 07:32:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:0d:86:55:c8:e7:f0:86:29:9b:85:5f:e3:88:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Jan 2 04:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e02224066bcd3b01bd3853ece640adf72289bc96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:36:ff:e2:8f:4b:61:bc:3d:b1:4f:21:8f:41:
da:25:65:6b:a5:fc:2a:65:ba:49:51:54:18:ad:d9:
a3:ef:4f:65:d4:82:b3:8a:ad:a5:42:28:b4:33:a1:
71:fb:57:ea:a1:fe:5c:79:ae:a6:a5:dd:d7:28:41:
4b:27:20:63:b4:bc:5b:34:4e:6e:85:dd:43:b6:73:
7f:54:5e:4f:aa:c1:a1:b5:71:03:a6:41:b9:4a:07:
a5:4f:5b:3b:e9:d1:68:a0:34:1d:f3:9a:23:ec:e8:
90:5c:33:23:31:28:87:94:23:44:52:af:11:6e:d0:
0b:a2:0d:45:2c:bf:c7:0e:02:fb:19:04:c3:52:58:
20:e7:8d:f0:7b:a8:2f:01:97:df:e4:4d:4b:c7:c9:
4b:10:0c:dd:d3:d8:db:58:60:93:a0:11:fe:fe:e9:
3c:16:98:d5:0c:06:41:e2:f5:8c:f1:08:75:d3:1b:
ed:ab:f3:35:d1:b6:25:bb:45:32:50:39:13:8a:36:
ef:e8:d1:52:6b:51:37:75:12:43:b3:cc:b0:b3:25:
03:e6:e0:da:66:e0:96:fa:ad:3e:d9:78:2d:be:ce:
68:00:d2:0f:db:e2:43:7d:e0:6c:3f:10:63:89:4c:
d5:2b:ba:8c:70:85:29:3a:95:4a:85:a3:93:5a:97:
bd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:22:24:06:6B:CD:3B:01:BD:38:53:EC:E6:40:AD:F7:22:89:BC:96
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/4CIkBmvNOwG9OFPs5kCt9yKJvJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.128.0/19
37.8.128.0/20
46.35.128.0/19
62.113.0.0/19
85.94.128.0/19
92.240.32.0/19
95.156.128.0/18
159.20.16.0/21
185.38.144.0/22
212.39.96.0/19
IPv6:
2a02:28b8::/29
Signature Algorithm: sha256WithRSAEncryption
37:5b:b4:b0:81:8c:67:6e:81:04:b5:da:50:14:6c:3b:86:8e:
df:eb:88:3e:d6:c9:8b:0e:7a:a7:73:fe:54:14:5c:c4:65:3c:
13:53:1c:64:c1:2b:b5:13:ad:c2:80:72:ea:e6:bf:57:45:e6:
69:6e:6b:59:cd:d3:0d:5b:82:de:15:8b:2a:ef:5b:dc:19:1f:
98:73:29:02:f7:fa:bc:5f:ce:1f:5d:60:b8:7b:21:ca:de:a5:
c3:b4:b0:69:c5:45:45:85:f3:3e:93:85:00:79:84:99:a2:ff:
25:98:18:96:3d:51:be:66:8a:d5:9e:38:26:ba:e4:39:08:3d:
55:c7:63:17:76:72:3d:2b:fa:a4:be:d3:e9:69:05:da:1f:41:
52:9f:d4:cb:e5:38:c2:b5:00:f1:ce:4e:d9:d4:c2:e0:9e:c0:
35:4f:eb:80:b2:c1:14:31:2a:34:2c:5a:81:03:0d:29:67:46:
4b:9f:b6:16:82:29:25:af:48:98:55:95:6f:c1:5f:68:e9:7e:
53:21:29:a9:fb:b3:8b:10:3d:e8:7d:e7:38:0e:ea:61:f1:fb:
cc:a3:1a:87:81:b9:01:14:a5:ff:0d:10:c0:9a:17:3b:5a:05:
7f:7f:39:ee:fe:72:b5:f4:b5:19:e4:47:48:0a:46:e4:30:06:
d4:e6:35:59
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzIcQ2GVcjn8IYpm4Vf44iiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjQwMTAyMDQzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDIyMjQwNjZiY2QzYjAxYmQzODUzZWNlNjQwYWRmNzIyODliYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzb/4o9LYbw9sU8hj0HaJWVrpfwq
ZbpJUVQYrdmj709l1IKziq2lQii0M6Fx+1fqof5cea6mpd3XKEFLJyBjtLxbNE5u
hd1DtnN/VF5PqsGhtXEDpkG5SgelT1s76dFooDQd85oj7OiQXDMjMSiHlCNEUq8R
btALog1FLL/HDgL7GQTDUlgg543we6gvAZff5E1Lx8lLEAzd09jbWGCToBH+/uk8
FpjVDAZB4vWM8Qh10xvtq/M10bYlu0UyUDkTijbv6NFSa1E3dRJDs8ywsyUD5uDa
ZuCW+q0+2Xgtvs5oANIP2+JDfeBsPxBjiUzVK7qMcIUpOpVKhaOTWpe93QIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFOAiJAZrzTsBvThT7OZArfciibyWMB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvNENJa0Jtdk5Pd0c5T0ZQczVrQ3Q5eUtKdkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFBYWAAwQE
JQiAAwQFLiOAAwQFPnEAAwQFVV6AAwQFXPAgAwQGX5yAAwQDnxQQAwQCuSaQAwQF
1CdgMA0EAgACMAcDBQMqAii4MA0GCSqGSIb3DQEBCwUAA4IBAQA3W7SwgYxnboEE
tdpQFGw7ho7f64g+1smLDnqnc/5UFFzEZTwTUxxkwSu1E63CgHLq5r9XReZpbmtZ
zdMNW4LeFYsq71vcGR+YcykC9/q8X84fXWC4eyHK3qXDtLBpxUVFhfM+k4UAeYSZ
ov8lmBiWPVG+ZorVnjgmuuQ5CD1Vx2MXdnI9K/qkvtPpaQXaH0FSn9TL5TjCtQDx
zk7Z1MLgnsA1T+uAssEUMSo0LFqBAw0pZ0ZLn7YWgiklr0iYVZVvwV9o6X5TISmp
+7OLED3ofec4Duph8fvMoxqHgbkBFKX/DRDAmhc7WgV/fznu/nK19LUZ5EdICkbk
MAbU5jVZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:40 2025 by rpki-client