Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/4Z7rSN9LXWs2u2HjQgcKpsgjcJU.roa
File: 4Z7rSN9LXWs2u2HjQgcKpsgjcJU.roa (raw, json)
Hash identifier: OdyeAJqNCU6STiiUSa6MZyTIufAn6yWHrjLQLicL8tc=
Subject key identifier: E1:9E:EB:48:DF:4B:5D:6B:36:BB:61:E3:42:07:0A:A6:C8:23:70:95
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0185723A340D4B63D8927F931A49307159A3
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/4Z7rSN9LXWs2u2HjQgcKpsgjcJU.roa
Signing time: Mon 02 Jan 2023 11:24:54 +0000
ROA not before: Mon 02 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28685
IP address blocks: 145.128.160.0/19 maxlen: 19
145.131.160.0/19 maxlen: 19
145.131.64.0/18 maxlen: 18
145.128.192.0/19 maxlen: 19
145.131.192.0/18 maxlen: 18
145.128.224.0/19 maxlen: 19
145.128.128.0/19 maxlen: 19
145.131.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:34:0d:4b:63:d8:92:7f:93:1a:49:30:71:59:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e19eeb48df4b5d6b36bb61e342070aa6c8237095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:11:9a:f5:bf:2e:03:e9:5c:ba:30:9d:3f:77:
5a:af:13:6c:62:89:a5:dc:5c:1c:38:40:8c:a5:fc:
2d:ac:4a:16:b9:1b:5e:62:8c:e0:60:4e:13:43:7a:
c8:75:9c:08:93:45:d8:ad:ba:dd:dc:6c:15:c6:09:
bf:2f:22:5d:42:27:54:8e:2e:5b:4f:f8:1a:d1:94:
d3:1c:8e:90:35:c1:6f:73:c9:4b:e4:9d:aa:9d:78:
dc:81:94:ad:af:11:02:a7:9a:9e:4d:ae:6f:5e:ad:
6b:83:81:70:f2:04:3d:1d:79:c2:55:2c:b9:5a:27:
d4:89:43:40:fa:24:2e:f5:72:4d:be:77:e2:21:f1:
df:bd:63:a8:1b:b9:ee:9b:42:56:ef:2a:5c:dd:12:
70:fc:5c:10:77:62:eb:2c:83:ac:b6:00:fa:66:b1:
a5:a8:02:8c:41:19:be:02:ba:58:86:65:39:fa:80:
ee:fd:a5:41:69:93:b7:35:29:c7:5a:aa:55:8d:9c:
a3:24:a5:a4:c7:a2:86:9b:12:dc:db:76:fa:c4:a5:
1e:16:6f:dd:97:a8:85:18:4f:2e:c6:80:22:6c:54:
8e:c5:e2:3e:76:21:32:79:58:74:4a:b9:84:13:e5:
52:6c:81:d5:fa:36:16:c1:62:ea:20:86:82:67:92:
16:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9E:EB:48:DF:4B:5D:6B:36:BB:61:E3:42:07:0A:A6:C8:23:70:95
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/4Z7rSN9LXWs2u2HjQgcKpsgjcJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.128.128.0/17
145.131.64.0-145.131.255.255
Signature Algorithm: sha256WithRSAEncryption
8b:3b:15:b3:7c:81:40:65:d3:ab:d0:4e:c1:b6:c7:3d:08:e2:
f5:15:82:1f:b8:d4:a3:a4:e5:ad:e3:c6:8b:ca:b8:e2:72:91:
53:b4:f0:6b:60:76:e4:37:f1:64:c7:11:d4:ab:3d:12:cd:99:
1b:8a:92:a9:84:2f:6d:06:e9:18:f8:f2:5e:2b:21:e4:8e:72:
93:e7:16:ca:ed:6f:a9:49:8f:0f:69:47:88:83:bc:48:b3:f1:
72:bf:f5:72:11:70:a5:b4:6c:8c:01:b0:9c:34:3e:e3:e7:a4:
5c:21:81:12:26:81:28:42:81:e9:58:f2:2f:58:20:b1:80:ba:
73:74:0c:2c:4d:dd:6e:0b:db:e7:d0:75:f8:8f:ac:09:b0:89:
af:bc:e3:f0:44:65:d2:25:ec:31:90:85:be:ca:6d:d7:16:4a:
09:6f:dd:c8:33:bb:67:57:a6:d6:39:53:96:e2:ca:8a:93:4b:
77:8d:82:c6:1f:54:5e:41:6a:a6:8a:b4:c9:30:54:a4:9e:51:
24:1b:00:4d:29:25:28:a7:28:61:6f:9c:a1:a0:93:1b:51:4c:
74:2d:ee:65:e9:c3:2f:a0:5a:72:a7:b1:02:e6:ef:5b:e7:48:
42:ee:99:18:85:19:f3:e9:bc:59:47:2a:89:88:e4:e1:60:31:
5e:26:c4:1b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVyOjQNS2PYkn+TGkkwcVmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTllZWI0OGRmNGI1ZDZiMzZiYjYxZTM0MjA3MGFhNmM4MjM3MDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRGa9b8uA+lcujCdP3darxNsYoml
3FwcOECMpfwtrEoWuRteYozgYE4TQ3rIdZwIk0XYrbrd3GwVxgm/LyJdQidUji5b
T/ga0ZTTHI6QNcFvc8lL5J2qnXjcgZStrxECp5qeTa5vXq1rg4Fw8gQ9HXnCVSy5
WifUiUNA+iQu9XJNvnfiIfHfvWOoG7num0JW7ypc3RJw/FwQd2LrLIOstgD6ZrGl
qAKMQRm+ArpYhmU5+oDu/aVBaZO3NSnHWqpVjZyjJKWkx6KGmxLc23b6xKUeFm/d
l6iFGE8uxoAibFSOxeI+diEyeVh0SrmEE+VSbIHV+jYWwWLqIIaCZ5IWpQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOGe60jfS11rNrth40IHCqbII3CVMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvNFo3clNOOUxYV3MydTJIalFnY0twc2dqY0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQHkYCAMAsD
BAaRg0ADAwKRgDANBgkqhkiG9w0BAQsFAAOCAQEAizsVs3yBQGXTq9BOwbbHPQji
9RWCH7jUo6TlrePGi8q44nKRU7Twa2B25DfxZMcR1Ks9Es2ZG4qSqYQvbQbpGPjy
Xish5I5yk+cWyu1vqUmPD2lHiIO8SLPxcr/1chFwpbRsjAGwnDQ+4+ekXCGBEiaB
KEKB6VjyL1ggsYC6c3QMLE3dbgvb59B1+I+sCbCJr7zj8ERl0iXsMZCFvspt1xZK
CW/dyDO7Z1em1jlTluLKipNLd42Cxh9UXkFqpoq0yTBUpJ5RJBsATSklKKcoYW+c
oaCTG1FMdC3uZenDL6BacqexAubvW+dIQu6ZGIUZ8+m8WUcqiYjk4WAxXibEGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org