Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/4kzMK4tieSKcz-JguuMGdP1sRtM.roa
File: 4kzMK4tieSKcz-JguuMGdP1sRtM.roa (raw, json)
Hash identifier: Hnvr41bntZdtEvEylokZAksGuM+rb+UFrSB9LY6LCFI=
Subject key identifier: E2:4C:CC:2B:8B:62:79:22:9C:CF:E2:60:BA:E3:06:74:FD:6C:46:D3
Certificate issuer: /CN=cb424b40c1f84084f8d40f2b9dcbe1e1f916af3e
Certificate serial: 018EE5D862E44DC07248F7BC8F3678414C87
Authority key identifier: CB:42:4B:40:C1:F8:40:84:F8:D4:0F:2B:9D:CB:E1:E1:F9:16:AF:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y0JLQMH4QIT41A8rncvh4fkWrz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/4kzMK4tieSKcz-JguuMGdP1sRtM.roa
Signing time: Tue 16 Apr 2024 07:39:07 +0000
ROA not before: Tue 16 Apr 2024 07:39:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202710
IP address blocks: 185.9.139.0/24 maxlen: 24
2a0c:b600::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Apr 2024 21:40:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e5:d8:62:e4:4d:c0:72:48:f7:bc:8f:36:78:41:4c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb424b40c1f84084f8d40f2b9dcbe1e1f916af3e
Validity
Not Before: Apr 16 07:39:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e24ccc2b8b6279229ccfe260bae30674fd6c46d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:76:39:76:ea:be:9a:a6:c5:4d:0f:52:5e:5b:
3c:d0:14:51:9d:c6:65:35:f6:15:45:7c:1c:7d:0a:
1d:9c:7e:81:7d:63:62:47:bd:9f:51:8b:9f:0d:55:
9d:f3:9f:4f:80:a1:76:82:ea:e4:13:a6:c7:f8:59:
e2:75:87:d5:0d:7e:f0:99:45:06:15:d6:de:5d:12:
f3:35:43:88:6b:87:d8:2b:b0:39:b8:eb:1a:bf:72:
f8:c1:ef:f5:55:f1:12:36:35:54:89:3c:7f:8c:55:
f0:c5:e0:cf:3e:82:cb:45:a6:df:3b:82:4f:0e:6f:
40:42:6b:dc:6c:a8:28:03:b9:d1:a2:a7:6b:41:02:
61:35:6e:73:66:42:b8:a6:0e:cf:a3:c6:b6:92:7f:
a0:ab:d7:ef:9b:ae:df:b7:e0:8b:c4:e8:cb:e8:5a:
8a:dc:96:05:3b:26:36:9b:da:d5:ee:69:7e:8d:b4:
06:76:85:05:3f:49:eb:89:e5:f3:b3:ce:ea:a8:3f:
1e:66:69:ac:15:c6:2d:c4:64:fc:f7:93:76:58:95:
ef:24:cc:a1:fc:e5:ef:20:f6:d2:33:1e:d9:15:9f:
f7:8b:7f:3e:44:74:76:85:3e:aa:72:81:47:43:2f:
2a:09:e3:a2:b8:8e:2f:b2:b3:5c:ac:95:05:e2:a5:
96:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4C:CC:2B:8B:62:79:22:9C:CF:E2:60:BA:E3:06:74:FD:6C:46:D3
X509v3 Authority Key Identifier:
keyid:CB:42:4B:40:C1:F8:40:84:F8:D4:0F:2B:9D:CB:E1:E1:F9:16:AF:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y0JLQMH4QIT41A8rncvh4fkWrz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/4kzMK4tieSKcz-JguuMGdP1sRtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/51bfd9-7ffb-4159-9ed5-3a5fecacd49a/1/y0JLQMH4QIT41A8rncvh4fkWrz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.139.0/24
IPv6:
2a0c:b600::/29
Signature Algorithm: sha256WithRSAEncryption
1d:1b:2a:23:33:ab:b0:4a:a5:e7:3e:50:b4:56:b3:d1:c3:4c:
cd:1a:f6:5a:bf:16:c6:08:c7:28:42:c9:e4:ef:33:e0:c4:2c:
66:55:96:2c:c6:86:08:ce:99:72:15:dc:a0:5c:ca:45:d3:4c:
de:5d:a1:27:26:31:11:eb:79:7d:d0:82:55:b9:44:2c:1e:7d:
4a:31:98:91:3e:77:85:a2:4b:c9:83:bd:c7:e9:5c:46:22:55:
54:08:34:14:df:33:83:a3:b7:79:71:2e:55:ba:fb:4b:94:54:
0c:22:ef:15:a4:f0:9b:55:96:e6:1d:ba:1e:51:28:a5:3f:02:
9e:0a:0d:a9:18:d5:6a:a4:ea:39:a1:99:f3:7b:4d:ce:71:59:
27:ca:71:26:0b:a5:09:c0:4c:cc:40:15:b5:48:6d:63:d4:4a:
7d:08:0e:b2:14:fd:5c:fa:bf:2b:50:0f:c9:e6:c9:79:02:42:
1c:03:8c:97:93:3a:71:5e:b3:63:02:f7:0f:73:c6:f3:2b:9b:
1d:1d:b8:78:c9:f0:fc:71:b2:0f:a0:e7:71:59:f3:64:04:35:
b1:cd:c0:77:22:ce:1c:da:6b:26:f9:b5:a0:93:0d:42:43:9f:
6b:e2:50:22:9d:64:34:9f:3f:08:94:44:72:8a:e5:ad:80:a7:
6b:13:4f:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7l2GLkTcBySPe8jzZ4QUyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNDI0YjQwYzFmODQwODRmOGQ0MGYyYjlkY2JlMWUxZjkx
NmFmM2UwHhcNMjQwNDE2MDczOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjRjY2MyYjhiNjI3OTIyOWNjZmUyNjBiYWUzMDY3NGZkNmM0NmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHY5duq+mqbFTQ9SXls80BRRncZl
NfYVRXwcfQodnH6BfWNiR72fUYufDVWd859PgKF2gurkE6bH+FnidYfVDX7wmUUG
FdbeXRLzNUOIa4fYK7A5uOsav3L4we/1VfESNjVUiTx/jFXwxeDPPoLLRabfO4JP
Dm9AQmvcbKgoA7nRoqdrQQJhNW5zZkK4pg7Po8a2kn+gq9fvm67ft+CLxOjL6FqK
3JYFOyY2m9rV7ml+jbQGdoUFP0nrieXzs87qqD8eZmmsFcYtxGT895N2WJXvJMyh
/OXvIPbSMx7ZFZ/3i38+RHR2hT6qcoFHQy8qCeOiuI4vsrNcrJUF4qWW5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOJMzCuLYnkinM/iYLrjBnT9bEbTMB8GA1UdIwQY
MBaAFMtCS0DB+ECE+NQPK53L4eH5Fq8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTBKTFFNSDRRSVQ0MUE4cm5jdmg0ZmtXcno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81MWJmZDktN2ZmYi00MTU5LTllZDUt
M2E1ZmVjYWNkNDlhLzEvNGt6TUs0dGllU0tjei1KZ3V1TUdkUDFzUnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81MWJmZDktN2ZmYi00MTU5LTllZDUtM2E1ZmVjYWNkNDlh
LzEveTBKTFFNSDRRSVQ0MUE4cm5jdmg0ZmtXcno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuQmLMA0E
AgACMAcDBQMqDLYAMA0GCSqGSIb3DQEBCwUAA4IBAQAdGyojM6uwSqXnPlC0VrPR
w0zNGvZavxbGCMcoQsnk7zPgxCxmVZYsxoYIzplyFdygXMpF00zeXaEnJjER63l9
0IJVuUQsHn1KMZiRPneFokvJg73H6VxGIlVUCDQU3zODo7d5cS5VuvtLlFQMIu8V
pPCbVZbmHboeUSilPwKeCg2pGNVqpOo5oZnze03OcVknynEmC6UJwEzMQBW1SG1j
1Ep9CA6yFP1c+r8rUA/J5sl5AkIcA4yXkzpxXrNjAvcPc8bzK5sdHbh4yfD8cbIP
oOdxWfNkBDWxzcB3Is4c2msm+bWgkw1CQ59r4lAinWQ0nz8IlERyiuWtgKdrE0+9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:20 2024 by rpki-client on console-ams.rpki-client.org