Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/4H8A130eYOn3yMF6n4H95Pf0Gmg.roa
File: 4H8A130eYOn3yMF6n4H95Pf0Gmg.roa (raw, json)
Hash identifier: lRo9ZUK6nxbi4GtxLgVl+KuTPFE88Nb8Bk9z+xRfBO4=
Subject key identifier: E0:7F:00:D7:7D:1E:60:E9:F7:C8:C1:7A:9F:81:FD:E4:F7:F4:1A:68
Certificate issuer: /CN=3618be04417a6bcb9f33942a631518be533ffaf4
Certificate serial: 01856D818E567344CAE214378B61636A74A3
Authority key identifier: 36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/4H8A130eYOn3yMF6n4H95Pf0Gmg.roa
Signing time: Sun 01 Jan 2023 13:24:45 +0000
ROA not before: Sun 01 Jan 2023 13:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42346
IP address blocks: 83.137.24.0/21 maxlen: 21
185.93.216.0/22 maxlen: 22
194.63.148.0/22 maxlen: 22
109.106.32.0/21 maxlen: 21
109.106.40.0/22 maxlen: 22
185.127.172.0/22 maxlen: 22
195.60.192.0/22 maxlen: 22
212.120.32.0/19 maxlen: 19
213.213.160.0/19 maxlen: 19
2a02:ab0::/29 maxlen: 29
2a00:5480::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 25 Apr 2023 12:21:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:8e:56:73:44:ca:e2:14:37:8b:61:63:6a:74:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3618be04417a6bcb9f33942a631518be533ffaf4
Validity
Not Before: Jan 1 13:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e07f00d77d1e60e9f7c8c17a9f81fde4f7f41a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:92:87:9d:7e:3f:24:8d:f6:68:b7:eb:f0:4c:
ac:c4:99:49:6b:3f:e8:d4:4f:4a:50:97:6c:d6:e3:
4c:1c:ce:5d:e2:52:a7:78:52:06:0c:4e:87:d5:d8:
75:71:6a:b1:67:a0:03:f2:fb:a1:05:ab:94:ff:5a:
bb:71:7d:11:c0:16:df:05:84:df:3e:21:33:6e:9c:
e4:8f:c2:32:1d:72:ed:d1:d9:16:4f:37:72:7e:78:
3f:6d:c3:ba:a0:2f:7f:52:f7:9f:c6:d3:45:01:24:
b8:c5:0e:6d:43:e6:7e:fe:f3:dc:04:f7:c8:ac:2e:
19:b0:d8:e5:9c:20:b2:8c:8a:a9:b6:f7:aa:a8:00:
ca:46:f7:d2:0f:3c:03:99:48:18:47:d7:6c:11:a3:
0f:e7:48:be:64:2d:de:38:dd:d1:52:14:ab:0c:b0:
0f:4a:6d:50:ed:fb:aa:a8:35:1d:b1:8b:3a:0c:bc:
98:cc:24:60:f3:31:f2:39:6a:30:f7:1c:1b:39:a4:
8e:2e:7c:0f:0d:94:03:5f:3d:04:11:26:37:4f:0d:
59:d6:58:29:69:ec:c0:26:49:5c:73:2b:bf:c5:2f:
7b:24:cd:8d:11:69:39:d0:b2:d4:16:b5:90:f1:64:
d3:70:19:b3:16:78:81:cc:36:f9:01:8b:bf:03:ef:
bf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7F:00:D7:7D:1E:60:E9:F7:C8:C1:7A:9F:81:FD:E4:F7:F4:1A:68
X509v3 Authority Key Identifier:
keyid:36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/4H8A130eYOn3yMF6n4H95Pf0Gmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.24.0/21
109.106.32.0-109.106.43.255
185.93.216.0/22
185.127.172.0/22
194.63.148.0/22
195.60.192.0/22
212.120.32.0/19
213.213.160.0/19
IPv6:
2a00:5480::/29
2a02:ab0::/29
Signature Algorithm: sha256WithRSAEncryption
08:53:4b:e2:de:23:b8:19:cd:6c:e0:eb:ec:cf:ba:8d:7b:0e:
36:8e:f8:97:da:30:08:57:41:8f:d7:6f:2f:7c:a1:67:ba:8d:
47:33:61:6c:d2:a9:cb:4a:1a:1c:d2:d2:7e:35:15:ed:b0:63:
1d:56:4a:0a:52:35:09:e7:fc:e9:03:d7:ff:d9:92:71:ab:02:
58:05:db:21:e8:c1:57:24:57:91:97:64:7c:3f:d1:41:b0:3e:
d4:ce:19:16:0a:be:d5:fc:92:9d:3c:c6:6d:e8:f5:59:6c:05:
71:41:a0:5c:3f:62:0f:6a:fe:03:22:41:78:3d:48:28:fa:ff:
7b:28:e7:30:e7:c2:72:f3:8f:47:4a:c6:92:a0:58:2b:00:87:
28:b8:af:ab:07:9e:81:07:2b:a8:06:35:67:29:65:62:48:9d:
a5:32:81:01:62:7b:2c:00:03:94:42:47:4c:3d:36:3d:0b:78:
e0:77:01:ac:16:f9:99:7c:28:fc:d9:7c:bc:c8:2f:56:85:ca:
4b:eb:6f:74:b1:81:6a:d8:29:07:fb:12:17:8b:3b:fc:f5:cb:
26:91:09:6a:ab:4d:d8:21:58:b0:51:ee:d6:1e:b6:c4:51:cf:
21:46:68:74:42:77:88:16:eb:db:f6:bc:f9:1d:94:97:60:96:
b4:d2:97:26
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYVtgY5Wc0TK4hQ3i2FjanSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MThiZTA0NDE3YTZiY2I5ZjMzOTQyYTYzMTUxOGJlNTMz
ZmZhZjQwHhcNMjMwMTAxMTMyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdmMDBkNzdkMWU2MGU5ZjdjOGMxN2E5ZjgxZmRlNGY3ZjQxYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZKHnX4/JI32aLfr8EysxJlJaz/o
1E9KUJds1uNMHM5d4lKneFIGDE6H1dh1cWqxZ6AD8vuhBauU/1q7cX0RwBbfBYTf
PiEzbpzkj8IyHXLt0dkWTzdyfng/bcO6oC9/UvefxtNFASS4xQ5tQ+Z+/vPcBPfI
rC4ZsNjlnCCyjIqptveqqADKRvfSDzwDmUgYR9dsEaMP50i+ZC3eON3RUhSrDLAP
Sm1Q7fuqqDUdsYs6DLyYzCRg8zHyOWow9xwbOaSOLnwPDZQDXz0EESY3Tw1Z1lgp
aezAJklccyu/xS97JM2NEWk50LLUFrWQ8WTTcBmzFniBzDb5AYu/A++/MQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFOB/ANd9HmDp98jBep+B/eT39BpoMB8GA1UdIwQY
MBaAFDYYvgRBemvLnzOUKmMVGL5TP/r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMt
MjI2OGU5N2E4YmMxLzEvNEg4QTEzMGVZT24zeU1GNm40SDk1UGYwR21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMtMjI2OGU5N2E4YmMx
LzEvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQDU4kYMAwD
BAVtaiADBAJtaigDBAK5XdgDBAK5f6wDBALCP5QDBALDPMADBAXUeCADBAXV1aAw
FAQCAAIwDgMFAyoAVIADBQMqAgqwMA0GCSqGSIb3DQEBCwUAA4IBAQAIU0vi3iO4
Gc1s4Ovsz7qNew42jviX2jAIV0GP128vfKFnuo1HM2Fs0qnLShoc0tJ+NRXtsGMd
VkoKUjUJ5/zpA9f/2ZJxqwJYBdsh6MFXJFeRl2R8P9FBsD7UzhkWCr7V/JKdPMZt
6PVZbAVxQaBcP2IPav4DIkF4PUgo+v97KOcw58Jy849HSsaSoFgrAIcouK+rB56B
ByuoBjVnKWViSJ2lMoEBYnssAAOUQkdMPTY9C3jgdwGsFvmZfCj82Xy8yC9WhcpL
6290sYFq2CkH+xIXizv89csmkQlqq03YIViwUe7WHrbEUc8hRmh0QneIFuvb9rz5
HZSXYJa00pcm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:26 2024 by rpki-client on console-ams.rpki-client.org