Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/4f6187-bc67-4ac3-9c8d-a70f992a5529/1/4uWuDylHbS0epVG0uBDfWNWtlno.roa
File: 4uWuDylHbS0epVG0uBDfWNWtlno.roa (raw, json)
Hash identifier: 9QKWEn0hJ6Y4PVlaec6n/CrOwJdct8FT2bibwF9BT3E=
Subject key identifier: E2:E5:AE:0F:29:47:6D:2D:1E:A5:51:B4:B8:10:DF:58:D5:AD:96:7A
Certificate issuer: /CN=c49c88442ba97345bc0106559e6fa786944adca4
Certificate serial: 018570F0A420A49F44697A0DF3F615919A63
Authority key identifier: C4:9C:88:44:2B:A9:73:45:BC:01:06:55:9E:6F:A7:86:94:4A:DC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJyIRCupc0W8AQZVnm-nhpRK3KQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/4f6187-bc67-4ac3-9c8d-a70f992a5529/1/4uWuDylHbS0epVG0uBDfWNWtlno.roa
Signing time: Mon 02 Jan 2023 05:24:56 +0000
ROA not before: Mon 02 Jan 2023 05:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8749
IP address blocks: 164.138.88.0/21 maxlen: 21
185.3.180.0/22 maxlen: 22
159.253.168.0/21 maxlen: 21
46.183.128.0/22 maxlen: 22
46.183.128.0/21 maxlen: 21
46.183.132.0/23 maxlen: 23
46.183.135.0/24 maxlen: 24
46.183.134.0/24 maxlen: 24
212.19.0.0/19 maxlen: 19
94.125.48.0/21 maxlen: 21
212.19.18.0/24 maxlen: 24
212.19.24.0/24 maxlen: 24
2a00:c040::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a4:20:a4:9f:44:69:7a:0d:f3:f6:15:91:9a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c49c88442ba97345bc0106559e6fa786944adca4
Validity
Not Before: Jan 2 05:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2e5ae0f29476d2d1ea551b4b810df58d5ad967a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:24:7d:fb:c6:71:b3:43:6c:c0:91:93:b6:11:
e5:04:52:9f:f9:bd:17:d0:e1:b3:40:8e:1e:d1:0a:
e2:7c:45:60:e9:a6:ed:30:44:77:e6:97:f7:34:74:
2f:b0:a1:eb:30:86:99:04:45:c7:d5:a6:c8:72:3b:
92:a0:78:fb:a0:6a:79:0a:b3:d4:8e:cb:0e:8a:98:
2e:a0:97:31:52:20:48:e0:2a:62:50:53:aa:6e:a5:
0f:74:75:76:01:8e:85:fa:53:eb:5a:32:d8:80:04:
bc:1d:cf:84:7d:9e:3c:8f:2b:a9:6c:cb:ba:a3:bf:
b0:2f:d5:ea:ae:8d:ff:6b:b9:fa:5d:3c:b3:b3:73:
14:01:c6:90:62:d9:2d:24:4e:20:35:72:7b:e7:01:
6e:30:15:6b:52:9b:35:36:43:c8:8b:1b:2d:a2:8c:
04:6f:da:a4:bb:0f:a8:49:bc:34:b9:e0:4a:cd:18:
90:2b:4f:22:c7:0c:11:d0:a2:e9:de:1c:77:fb:0c:
38:e7:4e:c7:e4:4a:d8:a7:e8:41:91:65:cd:ec:3b:
f1:1b:e0:55:95:9a:03:9f:7b:3a:de:94:46:36:17:
19:65:3c:8b:ea:24:92:31:0b:58:2a:5e:ec:7f:5a:
25:38:2c:a8:53:95:97:bb:74:b7:b3:95:3f:0a:b1:
53:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E5:AE:0F:29:47:6D:2D:1E:A5:51:B4:B8:10:DF:58:D5:AD:96:7A
X509v3 Authority Key Identifier:
keyid:C4:9C:88:44:2B:A9:73:45:BC:01:06:55:9E:6F:A7:86:94:4A:DC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJyIRCupc0W8AQZVnm-nhpRK3KQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/4f6187-bc67-4ac3-9c8d-a70f992a5529/1/4uWuDylHbS0epVG0uBDfWNWtlno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/4f6187-bc67-4ac3-9c8d-a70f992a5529/1/xJyIRCupc0W8AQZVnm-nhpRK3KQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.128.0/21
94.125.48.0/21
159.253.168.0/21
164.138.88.0/21
185.3.180.0/22
212.19.0.0/19
IPv6:
2a00:c040::/32
Signature Algorithm: sha256WithRSAEncryption
4c:92:73:1b:d1:a9:b3:01:cb:e9:03:61:5b:e0:51:83:bb:74:
57:1e:fe:b3:83:ae:c6:28:d7:4e:cf:30:a2:38:5d:8d:ba:3a:
1c:b9:3f:d7:ae:64:7e:37:e7:14:ff:c3:2d:87:1b:8a:92:ee:
4d:bf:ad:ab:3a:90:62:5d:ef:b2:05:7f:80:89:48:67:d4:94:
89:7c:59:a7:1c:96:b2:90:5f:4b:d8:49:6d:b7:12:7d:e8:42:
37:0d:dc:0a:33:d8:77:85:4f:83:71:2a:4e:97:08:cb:f4:64:
75:29:3c:a8:c0:6a:e2:a4:33:ff:7b:3e:7b:02:87:da:60:c4:
99:32:83:57:da:7e:2f:f6:70:31:80:a5:90:11:3e:42:a7:a5:
56:3b:6b:97:8d:48:44:60:86:6c:29:b5:d8:e5:7a:89:ab:8d:
80:79:33:01:58:84:1c:0f:ec:22:6c:7c:9b:b8:d8:f8:e7:8f:
82:02:03:cf:fe:87:7e:8c:df:f9:a9:48:24:16:6e:f3:49:96:
08:ec:ee:4b:b1:9d:05:2b:89:8f:ca:db:c1:ba:04:52:0d:98:
08:68:0e:ec:90:75:36:fe:ff:b7:8c:f5:2e:a2:fe:f5:f4:07:
20:00:5d:df:06:40:64:da:16:91:be:f5:1d:a5:61:ff:48:f1:
6f:8e:9f:93
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVw8KQgpJ9EaXoN8/YVkZpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OWM4ODQ0MmJhOTczNDViYzAxMDY1NTllNmZhNzg2OTQ0
YWRjYTQwHhcNMjMwMTAyMDUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmU1YWUwZjI5NDc2ZDJkMWVhNTUxYjRiODEwZGY1OGQ1YWQ5NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyR9+8Zxs0NswJGTthHlBFKf+b0X
0OGzQI4e0QrifEVg6abtMER35pf3NHQvsKHrMIaZBEXH1abIcjuSoHj7oGp5CrPU
jssOipguoJcxUiBI4CpiUFOqbqUPdHV2AY6F+lPrWjLYgAS8Hc+EfZ48jyupbMu6
o7+wL9Xqro3/a7n6XTyzs3MUAcaQYtktJE4gNXJ75wFuMBVrUps1NkPIixstoowE
b9qkuw+oSbw0ueBKzRiQK08ixwwR0KLp3hx3+ww4507H5ErYp+hBkWXN7DvxG+BV
lZoDn3s63pRGNhcZZTyL6iSSMQtYKl7sf1olOCyoU5WXu3S3s5U/CrFTiQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOLlrg8pR20tHqVRtLgQ31jVrZZ6MB8GA1UdIwQY
MBaAFMSciEQrqXNFvAEGVZ5vp4aUStykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEp5SVJDdXBjMFc4QVFaVm5tLW5ocFJLM0tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi80ZjYxODctYmM2Ny00YWMzLTljOGQt
YTcwZjk5MmE1NTI5LzEvNHVXdUR5bEhiUzBlcFZHMHVCRGZXTld0bG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi80ZjYxODctYmM2Ny00YWMzLTljOGQtYTcwZjk5MmE1NTI5
LzEveEp5SVJDdXBjMFc4QVFaVm5tLW5ocFJLM0tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLreAAwQD
Xn0wAwQDn/2oAwQDpIpYAwQCuQO0AwQF1BMAMA0EAgACMAcDBQAqAMBAMA0GCSqG
SIb3DQEBCwUAA4IBAQBMknMb0amzAcvpA2Fb4FGDu3RXHv6zg67GKNdOzzCiOF2N
ujocuT/XrmR+N+cU/8MthxuKku5Nv62rOpBiXe+yBX+AiUhn1JSJfFmnHJaykF9L
2ElttxJ96EI3DdwKM9h3hU+DcSpOlwjL9GR1KTyowGripDP/ez57AofaYMSZMoNX
2n4v9nAxgKWQET5Cp6VWO2uXjUhEYIZsKbXY5XqJq42AeTMBWIQcD+wibHybuNj4
54+CAgPP/od+jN/5qUgkFm7zSZYI7O5LsZ0FK4mPytvBugRSDZgIaA7skHU2/v+3
jPUuov719AcgAF3fBkBk2haRvvUdpWH/SPFvjp+T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:10 2024 by rpki-client on console-fra.rpki-client.org