Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/4VXroOa1m2nrP-Ytw4nGQqiTyLM.roa
File: 4VXroOa1m2nrP-Ytw4nGQqiTyLM.roa (raw, json)
Hash identifier: 0kpNu1/1KE7aFTHkA1oVDi9vcAmcnAz4/B3MH3ppHlw=
Subject key identifier: E1:55:EB:A0:E6:B5:9B:69:EB:3F:E6:2D:C3:89:C6:42:A8:93:C8:B3
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 018CC8022B308D585322EF0A10869D2494A8
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/4VXroOa1m2nrP-Ytw4nGQqiTyLM.roa
Signing time: Tue 02 Jan 2024 02:30:34 +0000
ROA not before: Tue 02 Jan 2024 02:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49121
IP address blocks: 185.232.166.0/24 maxlen: 24
194.61.10.0/23 maxlen: 23
37.221.71.0/24 maxlen: 24
37.221.68.0/24 maxlen: 24
37.221.69.0/24 maxlen: 24
37.221.70.0/24 maxlen: 24
45.87.118.0/24 maxlen: 24
45.87.117.0/24 maxlen: 24
45.87.119.0/24 maxlen: 24
185.186.0.0/24 maxlen: 24
5.57.209.0/24 maxlen: 24
2a09:e200:e200::/48 maxlen: 48
2a09:e200::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Jun 2024 07:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:2b:30:8d:58:53:22:ef:0a:10:86:9d:24:94:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: Jan 2 02:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e155eba0e6b59b69eb3fe62dc389c642a893c8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f3:66:0d:2a:b5:2e:a0:f0:88:04:c7:71:20:
e8:ab:8e:e8:e3:9a:17:8c:b8:78:f1:9f:8c:11:b4:
a0:33:5e:a5:6a:06:08:90:c2:38:15:3e:fa:a4:6e:
4a:07:dc:3e:7d:a1:0a:ba:8a:0e:8b:9d:7d:44:af:
5e:6b:7c:f9:1a:87:c1:e4:66:80:1f:09:0f:de:78:
a1:3a:9f:fd:db:41:32:38:12:9b:4f:5c:3b:67:b6:
e4:b9:06:6e:2c:8b:af:93:85:29:5f:80:df:6d:0b:
12:fa:e8:76:5c:70:1d:dd:0e:b2:43:16:26:4f:d0:
cc:55:31:a5:c7:35:68:79:53:32:7b:50:a9:12:c9:
03:dc:38:3a:34:c6:7b:c7:c8:8f:08:49:50:03:6c:
f8:ff:d8:37:be:1d:19:88:34:75:7b:79:54:c0:ec:
07:49:24:28:eb:4a:e4:40:fd:2b:f7:97:ee:fa:00:
d2:f0:29:2f:dc:8a:6f:a6:ca:ad:ad:63:13:2f:45:
4e:31:0a:51:38:a8:7a:75:1b:2a:4d:1a:33:ed:f7:
f1:ee:b2:17:a1:b0:8d:13:53:97:b0:bb:2e:d3:d1:
80:1a:bd:fe:28:95:ce:64:78:f3:21:a7:0d:42:73:
e6:bb:3f:ab:de:dd:ef:bc:37:65:09:74:da:55:17:
46:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:55:EB:A0:E6:B5:9B:69:EB:3F:E6:2D:C3:89:C6:42:A8:93:C8:B3
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/4VXroOa1m2nrP-Ytw4nGQqiTyLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.209.0/24
37.221.68.0/22
45.87.117.0-45.87.119.255
185.186.0.0/24
185.232.166.0/24
194.61.10.0/23
IPv6:
2a09:e200::/48
2a09:e200:e200::/48
Signature Algorithm: sha256WithRSAEncryption
65:c3:06:00:9f:f2:e2:df:16:8b:07:8d:78:20:90:58:c3:da:
06:26:f3:a4:41:41:97:76:d3:b2:a0:c3:87:98:ca:77:a9:da:
e8:16:0e:cd:80:67:83:2e:dd:e5:a4:64:97:22:07:a9:dc:7d:
b9:0a:d9:21:0c:31:b5:d5:a9:b5:43:e5:3d:31:46:bc:99:0e:
cb:b0:c4:59:e8:c6:7b:84:9e:59:00:ac:fd:c5:e2:3e:df:68:
53:eb:32:01:b1:b2:ad:9c:34:3f:4d:2f:cd:fa:bd:be:79:61:
dc:e6:80:02:0e:d4:d8:76:ea:e8:74:ba:7e:63:45:d9:b4:f8:
86:4f:bf:8b:a7:76:8b:94:1d:12:64:6a:59:8e:ed:bd:da:73:
43:8b:f9:50:17:13:82:62:f4:c4:97:31:d0:00:00:8b:12:b6:
63:dc:29:78:d1:f6:0b:a9:9b:60:2d:8a:1f:9c:e1:86:54:e9:
11:bb:43:cc:af:04:b0:96:b7:b5:aa:a4:84:11:a1:8e:88:2d:
93:56:5c:f1:ab:74:ce:35:d3:e0:d6:98:41:2f:45:43:7c:92:
08:43:39:d0:c8:a1:b2:fa:cc:f4:74:92:31:84:d7:58:92:34:
f1:02:22:02:4e:6b:0f:ee:e8:f3:d8:17:dc:37:63:b0:fb:04:
8e:85:70:21
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzIAiswjVhTIu8KEIadJJSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjQwMTAyMDIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTU1ZWJhMGU2YjU5YjY5ZWIzZmU2MmRjMzg5YzY0MmE4OTNjOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/NmDSq1LqDwiATHcSDoq47o45oX
jLh48Z+MEbSgM16lagYIkMI4FT76pG5KB9w+faEKuooOi519RK9ea3z5GofB5GaA
HwkP3nihOp/920EyOBKbT1w7Z7bkuQZuLIuvk4UpX4DfbQsS+uh2XHAd3Q6yQxYm
T9DMVTGlxzVoeVMye1CpEskD3Dg6NMZ7x8iPCElQA2z4/9g3vh0ZiDR1e3lUwOwH
SSQo60rkQP0r95fu+gDS8Ckv3IpvpsqtrWMTL0VOMQpROKh6dRsqTRoz7ffx7rIX
obCNE1OXsLsu09GAGr3+KJXOZHjzIacNQnPmuz+r3t3vvDdlCXTaVRdGhQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOFV66DmtZtp6z/mLcOJxkKok8izMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvNFZYcm9PYTFtMm5yUC1ZdHc0bkdRcWlUeUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsAwQABTnRAwQC
Jd1EMAwDBAAtV3UDBAMtV3ADBAC5ugADBAC56KYDBAHCPQowGAQCAAIwEgMHACoJ
4gAAAAMHACoJ4gDiADANBgkqhkiG9w0BAQsFAAOCAQEAZcMGAJ/y4t8WiweNeCCQ
WMPaBibzpEFBl3bTsqDDh5jKd6na6BYOzYBngy7d5aRklyIHqdx9uQrZIQwxtdWp
tUPlPTFGvJkOy7DEWejGe4SeWQCs/cXiPt9oU+syAbGyrZw0P00vzfq9vnlh3OaA
Ag7U2Hbq6HS6fmNF2bT4hk+/i6d2i5QdEmRqWY7tvdpzQ4v5UBcTgmL0xJcx0AAA
ixK2Y9wpeNH2C6mbYC2KH5zhhlTpEbtDzK8EsJa3taqkhBGhjogtk1Zc8at0zjXT
4NaYQS9FQ3ySCEM50MihsvrM9HSSMYTXWJI08QIiAk5rD+7o89gX3DdjsPsEjoVw
IQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:13 2024 by rpki-client on console-ams.rpki-client.org