Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/ap4zVBbhxV9Rp9lXsbu7v5bVEpQ.roa
File: ap4zVBbhxV9Rp9lXsbu7v5bVEpQ.roa (raw, json)
Hash identifier: s5UuIQo6cnQDFXoIw9GpvVSPjQwc75jLT5u/KaxmCrQ=
Subject key identifier: 6A:9E:33:54:16:E1:C5:5F:51:A7:D9:57:B1:BB:BB:BF:96:D5:12:94
Certificate issuer: /CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Certificate serial: 018C35EB2FA2A1E246E8656F4CB10E015F60
Authority key identifier: 4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/ap4zVBbhxV9Rp9lXsbu7v5bVEpQ.roa
Signing time: Mon 04 Dec 2023 17:40:54 +0000
ROA not before: Mon 04 Dec 2023 17:40:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48707
IP address blocks: 185.238.137.0/24 maxlen: 24
195.2.208.0/24 maxlen: 24
195.2.209.0/24 maxlen: 24
185.253.212.0/24 maxlen: 24
185.253.213.0/24 maxlen: 24
185.253.214.0/24 maxlen: 24
185.253.215.0/24 maxlen: 24
91.230.202.0/24 maxlen: 24
91.230.203.0/24 maxlen: 24
91.230.204.0/24 maxlen: 24
91.230.205.0/24 maxlen: 24
91.230.200.0/24 maxlen: 24
91.230.201.0/24 maxlen: 24
185.237.30.0/24 maxlen: 24
185.237.31.0/24 maxlen: 24
185.237.28.0/24 maxlen: 24
185.237.29.0/24 maxlen: 24
2a0c:b40::/48 maxlen: 48
2a0c:b40:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Dec 2023 19:43:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:eb:2f:a2:a1:e2:46:e8:65:6f:4c:b1:0e:01:5f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Validity
Not Before: Dec 4 17:40:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a9e335416e1c55f51a7d957b1bbbbbf96d51294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2b:a8:41:49:1b:31:67:27:a8:8c:db:ff:a6:
e1:6e:8e:3f:b1:90:dc:3d:e8:a7:e3:d4:1b:3b:d7:
aa:f7:23:74:d7:25:02:06:af:ea:37:c4:cb:4f:6c:
f2:01:6c:f1:a7:b3:65:37:e6:6e:8a:a6:06:5e:76:
9a:cc:18:53:6e:31:7b:95:d6:98:d4:0c:01:f4:87:
f0:07:ec:26:c7:fc:94:e8:6a:7a:54:6a:e9:3a:b2:
ce:14:f2:6f:03:8d:78:de:27:d3:f3:05:ec:b4:3d:
b4:30:5c:c4:38:b3:dc:4d:7e:5d:a1:45:43:1a:97:
bc:e3:20:dd:68:76:29:c5:3e:98:64:6f:5e:b9:67:
93:e9:79:82:01:0b:84:41:7c:09:cf:66:61:44:91:
7b:4e:df:65:d9:24:d5:80:76:ca:07:eb:6d:32:75:
99:19:5f:11:90:b2:80:f2:06:0c:18:c0:66:2e:18:
09:b2:ab:35:0c:5c:39:6c:e3:c9:6c:a5:73:9f:23:
f7:24:c3:ed:b0:a4:7f:85:fa:60:6a:75:a3:cb:ac:
ad:f8:1f:16:2d:76:2a:6b:db:aa:32:b8:6f:5d:d6:
c2:af:d5:84:12:fe:03:e1:c9:21:2b:31:87:ad:33:
d1:d5:45:17:48:b5:7c:a5:1f:77:cf:e4:75:23:77:
6c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9E:33:54:16:E1:C5:5F:51:A7:D9:57:B1:BB:BB:BF:96:D5:12:94
X509v3 Authority Key Identifier:
keyid:4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/ap4zVBbhxV9Rp9lXsbu7v5bVEpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.200.0-91.230.205.255
185.237.28.0/22
185.238.137.0/24
185.253.212.0/22
195.2.208.0/23
IPv6:
2a0c:b40::/47
Signature Algorithm: sha256WithRSAEncryption
9f:71:9c:aa:be:83:e8:77:6a:d8:bb:07:25:d6:c7:3a:a6:db:
8c:62:42:fb:c3:3b:3e:ad:43:42:04:1b:9d:c8:02:29:b1:84:
60:f3:a7:57:89:fa:ba:5d:7b:43:6e:ca:44:83:31:c1:dd:97:
bd:c2:c2:a9:4b:0d:fe:27:91:90:52:ae:5e:63:47:96:58:70:
30:88:8d:3a:16:c9:51:40:49:83:08:61:20:78:91:be:38:8b:
8a:83:4f:6d:fc:24:4c:00:af:b3:62:0a:f9:3f:44:ab:b2:d8:
f9:3c:08:ec:c2:85:93:4f:8e:41:03:ff:d9:78:5d:43:ee:ca:
2a:2d:bb:6d:54:94:43:01:f0:ba:24:c1:7f:ce:48:92:5b:b3:
d5:e2:32:90:63:a9:48:75:f8:45:a8:c0:8b:f7:b5:52:08:0d:
49:0d:21:a4:16:00:81:8f:63:63:b5:e7:d6:53:a6:20:16:6b:
7b:8f:c8:db:ee:10:9e:21:9f:80:21:d3:88:83:81:ae:36:64:
d2:f3:85:7f:98:5d:db:8f:43:2a:3b:05:5b:66:2a:a2:97:95:
4e:f3:e0:ec:e5:33:cb:30:c2:c3:fb:83:16:18:e9:68:9f:40:
63:1f:42:02:ee:9d:78:d7:eb:5a:bb:f8:bc:fd:62:3b:b5:ce:
0e:80:48:44
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYw16y+ioeJG6GVvTLEOAV9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTMwMjljNWIyNjM5Y2QyOWI5ZjlkZDUyOTRjYzk0ZWY1
MmQ2YWYwHhcNMjMxMjA0MTc0MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTllMzM1NDE2ZTFjNTVmNTFhN2Q5NTdiMWJiYmJiZjk2ZDUxMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyuoQUkbMWcnqIzb/6bhbo4/sZDc
Pein49QbO9eq9yN01yUCBq/qN8TLT2zyAWzxp7NlN+ZuiqYGXnaazBhTbjF7ldaY
1AwB9IfwB+wmx/yU6Gp6VGrpOrLOFPJvA4143ifT8wXstD20MFzEOLPcTX5doUVD
Gpe84yDdaHYpxT6YZG9euWeT6XmCAQuEQXwJz2ZhRJF7Tt9l2STVgHbKB+ttMnWZ
GV8RkLKA8gYMGMBmLhgJsqs1DFw5bOPJbKVznyP3JMPtsKR/hfpganWjy6yt+B8W
LXYqa9uqMrhvXdbCr9WEEv4D4ckhKzGHrTPR1UUXSLV8pR93z+R1I3dsuQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFGqeM1QW4cVfUafZV7G7u7+W1RKUMB8GA1UdIwQY
MBaAFEyTApxbJjnNKbn53VKUzJTvUtavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYt
MTg3YjFmNzdjMWE1LzEvYXA0elZCYmh4VjlScDlsWHNidTd2NWJWRXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYtMTg3YjFmNzdjMWE1
LzEvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmMAwDBANb5sgD
BAFb5swDBAK57RwDBAC57okDBAK5/dQDBAHDAtAwDwQCAAIwCQMHASoMC0AAADAN
BgkqhkiG9w0BAQsFAAOCAQEAn3Gcqr6D6Hdq2LsHJdbHOqbbjGJC+8M7Pq1DQgQb
ncgCKbGEYPOnV4n6ul17Q27KRIMxwd2XvcLCqUsN/ieRkFKuXmNHllhwMIiNOhbJ
UUBJgwhhIHiRvjiLioNPbfwkTACvs2IK+T9Eq7LY+TwI7MKFk0+OQQP/2XhdQ+7K
Ki27bVSUQwHwuiTBf85Ikluz1eIykGOpSHX4RajAi/e1UggNSQ0hpBYAgY9jY7Xn
1lOmIBZre4/I2+4QniGfgCHTiIOBrjZk0vOFf5hd249DKjsFW2YqopeVTvPg7OUz
yzDCw/uDFhjpaJ9AYx9CAu6deNfrWrv4vP1iO7XODoBIRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:12 2024 by rpki-client on console-ams.rpki-client.org