Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/K14hgu4PRepy9ufFmJjWC6fBpCY.roa
File: K14hgu4PRepy9ufFmJjWC6fBpCY.roa (raw, json)
Hash identifier: 4LanOq4gbpJvbTCfvrcy5k4TyggIb8ibAn9PeiFzIJE=
Subject key identifier: 2B:5E:21:82:EE:0F:45:EA:72:F6:E7:C5:98:98:D6:0B:A7:C1:A4:26
Certificate issuer: /CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Certificate serial: 018C365BCD0A5A683008834FCC6D5BDE4853
Authority key identifier: 4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/K14hgu4PRepy9ufFmJjWC6fBpCY.roa
Signing time: Mon 04 Dec 2023 19:43:55 +0000
ROA not before: Mon 04 Dec 2023 19:43:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48707
IP address blocks: 185.238.137.0/24 maxlen: 24
195.2.208.0/24 maxlen: 24
195.2.209.0/24 maxlen: 24
185.253.212.0/24 maxlen: 24
185.253.213.0/24 maxlen: 24
185.253.214.0/24 maxlen: 24
185.253.215.0/24 maxlen: 24
91.230.202.0/24 maxlen: 24
91.230.203.0/24 maxlen: 24
91.230.204.0/24 maxlen: 24
91.230.205.0/24 maxlen: 24
91.230.200.0/24 maxlen: 24
91.230.201.0/24 maxlen: 24
185.237.30.0/24 maxlen: 24
185.237.31.0/24 maxlen: 24
185.237.28.0/24 maxlen: 24
185.237.29.0/24 maxlen: 24
2a0c:b40::/48 maxlen: 48
2a0c:b40:2::/48 maxlen: 48
2a0c:b40:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Dec 2023 21:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:36:5b:cd:0a:5a:68:30:08:83:4f:cc:6d:5b:de:48:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Validity
Not Before: Dec 4 19:43:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b5e2182ee0f45ea72f6e7c59898d60ba7c1a426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:20:42:e0:8d:44:b5:cf:32:ff:30:1d:58:43:
03:4b:3c:da:fe:38:ca:7a:bc:39:84:b7:ec:98:dd:
a6:cd:85:38:24:97:e4:35:cb:f4:e1:47:f6:cf:14:
df:03:04:2a:99:8b:9e:92:08:08:40:b3:b5:f8:90:
07:27:db:df:03:97:2c:67:9e:bd:e9:cc:52:ad:89:
97:12:d2:31:b7:1e:c8:97:20:d6:e2:b0:74:30:8d:
59:11:ce:64:b9:3f:1f:ce:f4:2a:3c:c8:2d:cd:cf:
e2:ef:f7:7b:48:7e:a4:05:c9:89:e3:38:a1:2c:5f:
bf:c3:30:b4:9f:2e:69:58:51:70:65:d3:ab:63:f2:
0e:97:95:0f:a4:5f:5f:bd:74:e2:6a:61:a6:89:4d:
a8:c5:43:7c:ce:3e:22:cd:bd:e6:2a:d6:21:83:cd:
bd:df:f3:f6:ec:5c:34:53:1f:d3:90:cf:4f:89:47:
49:9b:16:3b:e2:b2:d1:eb:a3:37:b9:77:a3:1e:ff:
a3:04:da:38:e8:bc:4f:27:0a:28:7d:b8:60:34:4d:
73:44:65:0e:37:92:e4:c4:87:23:07:26:8f:7d:5f:
5d:51:58:2d:e7:bc:a0:cf:a5:a1:57:4c:1b:75:63:
b4:a3:94:24:3a:64:c4:0d:2b:a1:9a:94:53:41:56:
31:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5E:21:82:EE:0F:45:EA:72:F6:E7:C5:98:98:D6:0B:A7:C1:A4:26
X509v3 Authority Key Identifier:
keyid:4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/K14hgu4PRepy9ufFmJjWC6fBpCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.200.0-91.230.205.255
185.237.28.0/22
185.238.137.0/24
185.253.212.0/22
195.2.208.0/23
IPv6:
2a0c:b40::-2a0c:b40:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
14:1f:06:dc:06:28:88:1e:98:18:49:e4:e9:ff:85:0a:ea:bb:
c2:c0:e0:64:08:8f:0c:25:9e:64:bd:5e:00:f7:43:99:cd:f4:
e7:c9:7a:38:24:42:18:cd:63:ae:a6:48:6a:a1:fb:b9:44:67:
ac:fd:e4:7d:74:5d:4a:22:64:2c:4c:36:a8:e7:44:30:b5:7c:
1d:24:0b:22:a0:ed:e5:5d:39:f2:43:be:f5:81:c0:72:23:9a:
92:1b:ff:0a:a3:c3:08:e0:c2:5e:11:91:fb:8e:bd:88:52:f9:
8c:71:59:13:fb:c0:4f:67:53:cd:de:88:47:dd:52:f6:27:9f:
79:d3:b6:0e:e7:22:05:91:34:b9:f4:ea:2e:13:77:7f:78:5c:
55:13:b2:a4:d6:02:09:7a:c5:4e:51:57:46:84:00:c4:84:5a:
2c:c3:88:6d:3b:e3:04:f9:1a:90:0b:e9:85:da:69:4b:c3:83:
27:ab:b4:c7:60:fe:c3:a4:e0:5d:0c:f9:47:55:b1:4f:ec:15:
f3:a6:5b:db:48:dc:3d:09:b9:ec:b6:24:6f:81:0e:f6:d7:8e:
a3:d8:c4:a8:49:03:0e:d2:92:76:2c:5f:2e:7d:19:d9:50:9e:
0e:89:ae:46:ae:b0:ab:55:da:09:1d:a3:2d:79:81:a8:a7:4b:
07:47:f1:47
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYw2W80KWmgwCINPzG1b3khTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTMwMjljNWIyNjM5Y2QyOWI5ZjlkZDUyOTRjYzk0ZWY1
MmQ2YWYwHhcNMjMxMjA0MTk0MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjVlMjE4MmVlMGY0NWVhNzJmNmU3YzU5ODk4ZDYwYmE3YzFhNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiBC4I1Etc8y/zAdWEMDSzza/jjK
erw5hLfsmN2mzYU4JJfkNcv04Uf2zxTfAwQqmYuekggIQLO1+JAHJ9vfA5csZ569
6cxSrYmXEtIxtx7IlyDW4rB0MI1ZEc5kuT8fzvQqPMgtzc/i7/d7SH6kBcmJ4zih
LF+/wzC0ny5pWFFwZdOrY/IOl5UPpF9fvXTiamGmiU2oxUN8zj4izb3mKtYhg829
3/P27Fw0Ux/TkM9PiUdJmxY74rLR66M3uXejHv+jBNo46LxPJwoofbhgNE1zRGUO
N5LkxIcjByaPfV9dUVgt57ygz6WhV0wbdWO0o5QkOmTEDSuhmpRTQVYxkwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCteIYLuD0XqcvbnxZiY1gunwaQmMB8GA1UdIwQY
MBaAFEyTApxbJjnNKbn53VKUzJTvUtavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYt
MTg3YjFmNzdjMWE1LzEvSzE0aGd1NFBSZXB5OXVmRm1KaldDNmZCcENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYtMTg3YjFmNzdjMWE1
LzEvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAsBAIAATAmMAwDBANb5sgD
BAFb5swDBAK57RwDBAC57okDBAK5/dQDBAHDAtAwGAQCAAIwEjAQAwUGKgwLQAMH
ACoMC0AAAjANBgkqhkiG9w0BAQsFAAOCAQEAFB8G3AYoiB6YGEnk6f+FCuq7wsDg
ZAiPDCWeZL1eAPdDmc3058l6OCRCGM1jrqZIaqH7uURnrP3kfXRdSiJkLEw2qOdE
MLV8HSQLIqDt5V058kO+9YHAciOakhv/CqPDCODCXhGR+469iFL5jHFZE/vAT2dT
zd6IR91S9iefedO2DuciBZE0ufTqLhN3f3hcVROypNYCCXrFTlFXRoQAxIRaLMOI
bTvjBPkakAvphdppS8ODJ6u0x2D+w6TgXQz5R1WxT+wV86Zb20jcPQm57LYkb4EO
9teOo9jEqEkDDtKSdixfLn0Z2VCeDomuRq6wq1XaCR2jLXmBqKdLB0fxRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:12 2024 by rpki-client on console-ams.rpki-client.org