Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/1P4Ghgk4e1KHoXLIGRU-MPvnE6o.roa
File: 1P4Ghgk4e1KHoXLIGRU-MPvnE6o.roa (raw, json)
Hash identifier: arHYJlqm89UrY4L5ixpn3SFRWFgoqLB2qmGSpB9bLYU=
Subject key identifier: D4:FE:06:86:09:38:7B:52:87:A1:72:C8:19:15:3E:30:FB:E7:13:AA
Certificate issuer: /CN=c4064476c2c47f778474a14816c1e06a40813e5c
Certificate serial: 01856EF41E60B051C135656D802336A0D913
Authority key identifier: C4:06:44:76:C2:C4:7F:77:84:74:A1:48:16:C1:E0:6A:40:81:3E:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xAZEdsLEf3eEdKFIFsHgakCBPlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/1P4Ghgk4e1KHoXLIGRU-MPvnE6o.roa
Signing time: Sun 01 Jan 2023 20:09:30 +0000
ROA not before: Sun 01 Jan 2023 20:09:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15725
IP address blocks: 185.98.236.0/22 maxlen: 24
217.17.192.0/20 maxlen: 24
2001:4bd8::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:1e:60:b0:51:c1:35:65:6d:80:23:36:a0:d9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4064476c2c47f778474a14816c1e06a40813e5c
Validity
Not Before: Jan 1 20:09:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4fe068609387b5287a172c819153e30fbe713aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4a:37:04:1b:1d:91:08:4e:27:b7:a9:c0:f7:
ab:e7:11:c3:e6:9f:5b:21:7f:78:37:4d:9f:24:c6:
af:04:23:f1:c9:b4:73:3d:d1:56:65:e5:aa:c7:79:
1e:25:7e:1d:3f:66:59:7c:ee:b9:6c:7a:d7:a4:0e:
d8:1c:96:70:ea:e2:e0:19:5b:13:79:89:83:7a:b0:
24:0a:9e:cd:ef:8b:d2:0b:5d:c2:34:b8:72:ca:07:
e4:e0:98:ef:dd:e4:a6:3b:07:28:57:66:b1:0f:8c:
b2:9e:45:8b:c8:d1:40:71:cb:a6:62:be:cd:9e:7b:
5a:c6:a2:be:a1:db:2f:f2:7f:90:53:21:f8:cb:7e:
0e:d0:bf:f1:d1:17:06:fb:43:72:99:29:ce:00:29:
13:7f:cd:70:67:2a:07:6f:24:51:f3:58:8f:8e:b7:
fe:2b:37:92:18:e5:d5:58:b3:8c:61:8d:93:40:89:
43:27:4a:4a:af:f5:51:ab:2d:b1:f4:6b:1f:01:fb:
b8:42:aa:13:55:a0:a5:26:96:a7:3e:ca:bd:1c:26:
6f:32:d5:04:38:00:1c:a8:46:eb:13:17:92:95:36:
e4:b3:9c:2d:2d:19:6a:4a:12:b3:ea:ee:c8:08:c4:
4f:fa:86:f2:66:3d:aa:21:ae:28:10:61:4f:83:8c:
44:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:FE:06:86:09:38:7B:52:87:A1:72:C8:19:15:3E:30:FB:E7:13:AA
X509v3 Authority Key Identifier:
keyid:C4:06:44:76:C2:C4:7F:77:84:74:A1:48:16:C1:E0:6A:40:81:3E:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAZEdsLEf3eEdKFIFsHgakCBPlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/1P4Ghgk4e1KHoXLIGRU-MPvnE6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/9a7df7-18ba-41f7-880a-746777e21c5b/1/xAZEdsLEf3eEdKFIFsHgakCBPlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.236.0/22
217.17.192.0/20
IPv6:
2001:4bd8::/29
Signature Algorithm: sha256WithRSAEncryption
47:d3:30:95:c8:3a:dd:ac:75:f7:18:68:14:05:8c:8b:4a:52:
74:f8:44:a3:cd:45:21:c8:5d:e6:cd:23:c8:83:13:71:86:e4:
67:2c:aa:c9:2c:ed:1a:a5:43:cf:34:73:4f:f8:7f:c0:e8:c0:
bf:90:58:67:02:b0:ef:1d:e4:87:99:95:92:c2:ee:87:9d:f1:
bb:e8:81:58:cf:c5:4f:e6:aa:58:fb:08:f0:cd:79:ab:2d:bf:
7c:56:95:f9:c1:9a:1a:db:f0:9d:b0:79:58:db:95:a8:6f:83:
23:91:9c:ec:ba:d4:cc:db:b7:6b:12:73:28:fc:ea:96:0e:9e:
7f:2e:90:cf:cd:b5:58:8f:da:72:ab:d2:a5:34:1c:1b:33:ae:
7a:7b:0b:75:91:56:4e:a7:da:54:94:04:cb:64:7f:26:60:95:
c0:94:e2:4b:83:a1:e5:dd:2a:02:a7:ac:d7:39:77:26:a2:71:
1f:a7:c1:b4:89:28:28:1b:d7:9b:c7:d4:f3:86:4c:72:09:eb:
6c:6d:65:25:10:f7:1b:ce:f3:69:61:49:3a:fa:b3:7f:b4:dc:
4e:37:1c:10:75:cf:57:0b:fd:31:3f:8d:94:18:7f:26:52:03:
07:a2:cb:53:e4:c9:34:1f:7c:9a:ec:1e:b3:82:3f:c5:de:29:
71:f8:9d:6e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVu9B5gsFHBNWVtgCM2oNkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MDY0NDc2YzJjNDdmNzc4NDc0YTE0ODE2YzFlMDZhNDA4
MTNlNWMwHhcNMjMwMTAxMjAwOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGZlMDY4NjA5Mzg3YjUyODdhMTcyYzgxOTE1M2UzMGZiZTcxM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUo3BBsdkQhOJ7epwPer5xHD5p9b
IX94N02fJMavBCPxybRzPdFWZeWqx3keJX4dP2ZZfO65bHrXpA7YHJZw6uLgGVsT
eYmDerAkCp7N74vSC13CNLhyygfk4Jjv3eSmOwcoV2axD4yynkWLyNFAccumYr7N
nntaxqK+odsv8n+QUyH4y34O0L/x0RcG+0NymSnOACkTf81wZyoHbyRR81iPjrf+
KzeSGOXVWLOMYY2TQIlDJ0pKr/VRqy2x9GsfAfu4QqoTVaClJpanPsq9HCZvMtUE
OAAcqEbrExeSlTbks5wtLRlqShKz6u7ICMRP+obyZj2qIa4oEGFPg4xEAwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNT+BoYJOHtSh6FyyBkVPjD75xOqMB8GA1UdIwQY
MBaAFMQGRHbCxH93hHShSBbB4GpAgT5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFaRWRzTEVmM2VFZEtGSUZzSGdha0NCUGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC85YTdkZjctMThiYS00MWY3LTg4MGEt
NzQ2Nzc3ZTIxYzViLzEvMVA0R2hnazRlMUtIb1hMSUdSVS1NUHZuRTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC85YTdkZjctMThiYS00MWY3LTg4MGEtNzQ2Nzc3ZTIxYzVi
LzEveEFaRWRzTEVmM2VFZEtGSUZzSGdha0NCUGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWLsAwQE
2RHAMA0EAgACMAcDBQMgAUvYMA0GCSqGSIb3DQEBCwUAA4IBAQBH0zCVyDrdrHX3
GGgUBYyLSlJ0+ESjzUUhyF3mzSPIgxNxhuRnLKrJLO0apUPPNHNP+H/A6MC/kFhn
ArDvHeSHmZWSwu6HnfG76IFYz8VP5qpY+wjwzXmrLb98VpX5wZoa2/CdsHlY25Wo
b4MjkZzsutTM27drEnMo/OqWDp5/LpDPzbVYj9pyq9KlNBwbM656ewt1kVZOp9pU
lATLZH8mYJXAlOJLg6Hl3SoCp6zXOXcmonEfp8G0iSgoG9ebx9TzhkxyCetsbWUl
EPcbzvNpYUk6+rN/tNxONxwQdc9XC/0xP42UGH8mUgMHostT5Mk0H3ya7B6zgj/F
3ilx+J1u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:13 2024 by rpki-client on console-ams.rpki-client.org