Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/4lfEXHuLGP6TMZMzgl0ULk9N0ic.roa
File: 4lfEXHuLGP6TMZMzgl0ULk9N0ic.roa (raw, json)
Hash identifier: 5lUJeqGo5uipCHDRU2MYzuakhVzxIxU/pVxr+SPwZ0Y=
Subject key identifier: E2:57:C4:5C:7B:8B:18:FE:93:31:93:33:82:5D:14:2E:4F:4D:D2:27
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 018AAF02A5C891851BF7E94539F131E12201
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/4lfEXHuLGP6TMZMzgl0ULk9N0ic.roa
Signing time: Tue 19 Sep 2023 19:55:00 +0000
ROA not before: Tue 19 Sep 2023 19:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206564
IP address blocks: 82.98.80.0/24 maxlen: 32
212.19.40.0/24 maxlen: 32
82.98.90.0/24 maxlen: 24
82.98.91.0/24 maxlen: 32
212.19.48.0/24 maxlen: 32
213.83.48.0/24 maxlen: 32
212.19.47.0/24 maxlen: 32
213.83.52.0/24 maxlen: 24
212.19.61.0/24 maxlen: 24
82.98.105.0/24 maxlen: 32
82.98.126.0/24 maxlen: 24
82.98.127.0/24 maxlen: 24
213.83.1.0/24 maxlen: 32
213.83.5.0/24 maxlen: 32
213.83.17.0/24 maxlen: 32
82.98.67.0/24 maxlen: 32
82.98.78.0/24 maxlen: 32
82.98.74.0/24 maxlen: 32
2a02:2e0:417::/48 maxlen: 48
2a02:2e0:cd4d::/48 maxlen: 48
2a02:2e0:3e8::/48 maxlen: 128
2a02:2e0:1::/48 maxlen: 48
2a02:2e0:41c::/48 maxlen: 128
2a02:2e0:a::/48 maxlen: 48
2a02:2e0:3e5::/48 maxlen: 128
2a02:2e0:fffe::/48 maxlen: 128
2a02:2e0:41b::/48 maxlen: 128
2a02:2e0:3f5::/48 maxlen: 128
2a02:2e0:3ee::/48 maxlen: 128
2a02:2e0:cd4e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:af:02:a5:c8:91:85:1b:f7:e9:45:39:f1:31:e1:22:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Sep 19 19:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e257c45c7b8b18fe93319333825d142e4f4dd227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:52:88:53:04:b7:12:13:26:3a:8c:b0:7e:28:
a8:f8:07:86:19:2a:68:01:1c:2b:01:84:c3:37:a1:
12:93:3f:7c:71:0a:d6:93:00:1d:18:28:97:e6:40:
0d:61:cb:37:b4:2f:bd:5b:0e:ca:f7:06:b6:a1:e2:
d4:ed:2a:8d:64:4c:c3:ca:41:ec:1d:9b:2d:ac:22:
8b:d5:4e:5c:8c:93:e8:19:d3:33:41:f1:bf:b3:f0:
b8:f1:3c:ca:29:94:ab:a7:27:60:18:cb:a3:a7:62:
cf:f4:f9:47:54:46:5d:c5:bd:ac:86:1d:c6:13:00:
4f:28:05:b7:f1:69:da:2c:a3:05:76:0c:d7:13:ef:
26:8d:f0:a1:78:28:e1:fe:42:a0:2d:9d:38:e4:40:
b7:ea:92:cf:42:13:9a:f6:d9:ec:4a:2f:b2:be:70:
a2:89:79:e5:ff:68:e3:e7:54:93:a5:9c:88:1e:e0:
ce:95:9e:f9:10:29:29:fd:ea:4d:a9:77:c8:77:e4:
a2:29:2d:08:50:4c:01:3e:3e:92:d2:3a:0d:17:ed:
ce:df:a0:b7:1e:11:65:c5:23:f2:40:7b:26:b9:1a:
0a:eb:78:aa:87:38:b7:28:05:ba:0a:59:13:68:83:
11:e7:f6:93:ab:a9:58:2d:c2:d0:cd:4e:d2:84:de:
15:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:57:C4:5C:7B:8B:18:FE:93:31:93:33:82:5D:14:2E:4F:4D:D2:27
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/4lfEXHuLGP6TMZMzgl0ULk9N0ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.67.0/24
82.98.74.0/24
82.98.78.0/24
82.98.80.0/24
82.98.90.0/23
82.98.105.0/24
82.98.126.0/23
212.19.40.0/24
212.19.47.0-212.19.48.255
212.19.61.0/24
213.83.1.0/24
213.83.5.0/24
213.83.17.0/24
213.83.48.0/24
213.83.52.0/24
IPv6:
2a02:2e0:1::/48
2a02:2e0:a::/48
2a02:2e0:3e5::/48
2a02:2e0:3e8::/48
2a02:2e0:3ee::/48
2a02:2e0:3f5::/48
2a02:2e0:417::/48
2a02:2e0:41b::-2a02:2e0:41c:ffff:ffff:ffff:ffff:ffff
2a02:2e0:cd4d::-2a02:2e0:cd4e:ffff:ffff:ffff:ffff:ffff
2a02:2e0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
3e:ee:05:b4:63:ef:a3:35:c6:7c:50:55:65:58:d1:17:41:81:
f1:e6:48:2a:9f:2d:31:fd:d1:ff:04:ce:3a:f5:9d:00:c4:76:
25:9c:66:ca:d8:84:82:05:97:20:96:2e:df:11:ec:39:de:b6:
9c:a9:0f:e8:ce:b8:1f:dd:f5:1d:0d:a1:de:10:02:65:25:99:
8a:12:3c:d7:49:25:60:91:c7:3a:f5:d8:1b:9e:db:af:66:8a:
34:d4:4e:c0:b8:60:c3:de:d1:8e:8f:7c:da:c8:15:68:ce:cf:
9b:8c:2a:8a:66:83:2d:68:60:98:37:0c:d3:32:35:ab:01:a7:
af:46:99:fd:92:0d:b2:65:d2:8e:bd:7a:5f:86:50:d8:d4:8a:
58:66:60:fa:2e:aa:ef:5b:c0:01:ba:24:ff:4e:04:c8:6f:0f:
33:14:8a:be:70:a6:31:ff:7b:f2:96:ac:be:b0:cf:0e:5b:07:
4d:fe:38:ec:77:bb:a7:e5:7b:fb:e2:4f:7f:c6:4d:02:51:3d:
96:e9:57:85:90:ce:ad:80:2c:fd:16:7d:36:0c:c5:bc:28:f3:
70:37:10:67:b6:d3:bc:e9:67:bc:6b:50:76:f8:75:84:fc:a0:
fe:83:e1:43:56:29:09:81:db:1c:68:2b:ed:6a:5c:bf:6f:5e:
4a:d3:3b:23
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYqvAqXIkYUb9+lFOfEx4SIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjMwOTE5MTk1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjU3YzQ1YzdiOGIxOGZlOTMzMTkzMzM4MjVkMTQyZTRmNGRkMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlKIUwS3EhMmOoywfiio+AeGGSpo
ARwrAYTDN6ESkz98cQrWkwAdGCiX5kANYcs3tC+9Ww7K9wa2oeLU7SqNZEzDykHs
HZstrCKL1U5cjJPoGdMzQfG/s/C48TzKKZSrpydgGMujp2LP9PlHVEZdxb2shh3G
EwBPKAW38WnaLKMFdgzXE+8mjfCheCjh/kKgLZ045EC36pLPQhOa9tnsSi+yvnCi
iXnl/2jj51STpZyIHuDOlZ75ECkp/epNqXfId+SiKS0IUEwBPj6S0joNF+3O36C3
HhFlxSPyQHsmuRoK63iqhzi3KAW6ClkTaIMR5/aTq6lYLcLQzU7ShN4V9wIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFOJXxFx7ixj+kzGTM4JdFC5PTdInMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvNGxmRVhIdUxHUDZUTVpNemdsMFVMazlOMGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jBoBAIAATBiAwQAUmJD
AwQAUmJKAwQAUmJOAwQAUmJQAwQBUmJaAwQAUmJpAwQBUmJ+AwQA1BMoMAwDBADU
Ey8DBADUEzADBADUEz0DBADVUwEDBADVUwUDBADVUxEDBADVUzADBADVUzQwdgQC
AAIwcAMHACoCAuAAAQMHACoCAuAACgMHACoCAuAD5QMHACoCAuAD6AMHACoCAuAD
7gMHACoCAuAD9QMHACoCAuAEFzASAwcAKgIC4AQbAwcAKgIC4AQcMBIDBwAqAgLg
zU0DBwAqAgLgzU4DBwAqAgLg//4wDQYJKoZIhvcNAQELBQADggEBAD7uBbRj76M1
xnxQVWVY0RdBgfHmSCqfLTH90f8Ezjr1nQDEdiWcZsrYhIIFlyCWLt8R7Dnetpyp
D+jOuB/d9R0Nod4QAmUlmYoSPNdJJWCRxzr12Bue269mijTUTsC4YMPe0Y6PfNrI
FWjOz5uMKopmgy1oYJg3DNMyNasBp69Gmf2SDbJl0o69el+GUNjUilhmYPouqu9b
wAG6JP9OBMhvDzMUir5wpjH/e/KWrL6wzw5bB03+OOx3u6fle/viT3/GTQJRPZbp
V4WQzq2ALP0WfTYMxbwo83A3EGe207zpZ7xrUHb4dYT8oP6D4UNWKQmB2xxoK+1q
XL9vXkrTOyM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:33 2024 by rpki-client on console-fra.rpki-client.org