Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/T0D28Q58aOx75MPrDulNsBZR418.roa
File: T0D28Q58aOx75MPrDulNsBZR418.roa (raw, json)
Hash identifier: hEJSkDBYFtPkT2iGoL8nx2AX647Y2N3Bc5QaKCrwjnA=
Subject key identifier: 4F:40:F6:F1:0E:7C:68:EC:7B:E4:C3:EB:0E:E9:4D:B0:16:51:E3:5F
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018CC2DAEE61413556C1B1E72037EF9D9669
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/T0D28Q58aOx75MPrDulNsBZR418.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45031
IP address blocks: 91.206.142.0/23 maxlen: 23
185.80.92.0/22 maxlen: 24
91.220.49.0/24 maxlen: 24
128.127.64.0/21 maxlen: 24
195.225.133.0/24 maxlen: 24
178.250.168.0/21 maxlen: 24
93.90.176.0/20 maxlen: 24
195.42.120.0/23 maxlen: 24
37.218.248.0/21 maxlen: 24
84.254.120.0/24 maxlen: 24
188.64.44.0/23 maxlen: 24
188.64.40.0/22 maxlen: 24
193.25.114.0/23 maxlen: 23
192.162.84.0/22 maxlen: 24
195.34.82.0/23 maxlen: 24
5.44.108.0/22 maxlen: 24
91.226.88.0/22 maxlen: 22
195.110.42.0/23 maxlen: 24
89.22.96.0/19 maxlen: 19
81.88.16.0/21 maxlen: 21
194.116.186.0/23 maxlen: 24
81.88.24.0/22 maxlen: 22
89.22.106.0/24 maxlen: 24
5.44.96.0/22 maxlen: 22
2a00:fa40::/32 maxlen: 32
2a02:a60::/32 maxlen: 64
2a00:5300::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Jun 2024 13:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ee:61:41:35:56:c1:b1:e7:20:37:ef:9d:96:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f40f6f10e7c68ec7be4c3eb0ee94db01651e35f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:16:d4:9c:d6:7d:94:70:51:47:da:78:a2:b8:
ad:fc:c3:76:c2:26:72:b0:07:90:e1:9a:af:05:64:
67:c5:ec:c6:70:7d:f2:1d:76:56:90:27:c0:29:5a:
d0:ce:b7:68:cc:95:d7:a6:87:47:af:bc:f6:fa:a4:
a2:3c:b8:d3:9e:61:eb:74:59:67:f9:ea:ac:4a:c0:
fd:d3:a7:5b:7b:d4:67:6f:f0:bc:bd:3d:15:28:6f:
14:c5:0b:e0:eb:c7:08:4e:3a:8b:e3:9a:ae:4f:97:
0b:60:14:65:7b:a8:9c:97:e2:8b:73:48:c4:08:d1:
68:9d:58:21:2b:7c:9e:48:14:a5:8a:71:4a:62:d0:
26:fe:1d:87:92:a8:02:36:6d:7b:15:bd:9c:4a:6b:
34:26:0a:72:f3:1f:77:20:d7:a3:8b:c9:59:e3:eb:
62:fe:b1:c6:b0:18:c0:51:bd:90:ec:fa:5d:c9:1b:
70:e9:a1:0e:12:12:b5:17:46:a5:17:4e:84:8f:b3:
e9:63:ba:4f:63:3a:fa:77:fb:95:52:af:f0:9b:13:
51:43:5f:65:56:21:a2:67:b4:0b:b6:3c:57:16:98:
42:b2:02:e9:37:1a:c8:85:00:02:65:31:47:56:d1:
57:9d:f8:5a:da:62:93:37:59:e6:1a:3d:99:9d:34:
cc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:40:F6:F1:0E:7C:68:EC:7B:E4:C3:EB:0E:E9:4D:B0:16:51:E3:5F
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/T0D28Q58aOx75MPrDulNsBZR418.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.96.0/22
5.44.108.0/22
37.218.248.0/21
81.88.16.0-81.88.27.255
84.254.120.0/24
89.22.96.0/19
91.206.142.0/23
91.220.49.0/24
91.226.88.0/22
93.90.176.0/20
128.127.64.0/21
178.250.168.0/21
185.80.92.0/22
188.64.40.0-188.64.45.255
192.162.84.0/22
193.25.114.0/23
194.116.186.0/23
195.34.82.0/23
195.42.120.0/23
195.110.42.0/23
195.225.133.0/24
IPv6:
2a00:5300::/32
2a00:fa40::/32
2a02:a60::/32
Signature Algorithm: sha256WithRSAEncryption
82:ff:90:ea:6c:77:5d:90:36:a5:e3:5c:e1:5d:7a:a6:dd:7c:
3d:f2:28:14:b7:86:73:ef:e1:14:4e:30:ed:c3:2b:0f:79:96:
74:3d:19:d8:68:ea:27:35:1e:32:3e:77:c8:23:a9:ae:7b:9b:
62:9b:a7:5c:61:9e:30:f6:26:c7:31:d9:77:b8:c2:1a:06:dc:
25:e0:f7:59:85:ca:cb:ef:cb:7d:ed:32:5b:13:0f:13:01:f5:
20:27:e5:f0:b0:9e:f6:15:aa:07:32:2f:9f:08:5b:1c:93:8c:
25:7b:64:b0:2f:7e:df:60:cc:2f:2e:b8:fe:c0:1d:6f:4f:53:
ee:c1:4a:40:65:21:4e:6f:0f:f9:1d:b8:9e:e2:b6:b4:e1:95:
47:c1:f1:c0:33:b2:8e:6c:22:2b:69:ca:98:1d:96:c2:ed:14:
cd:08:07:56:43:44:45:31:c5:5b:dc:db:3e:d6:94:f8:8b:b1:
ef:84:78:85:59:a7:50:d0:65:3a:79:30:bb:95:e4:a4:90:6c:
a7:45:e4:85:f7:77:a0:f0:14:d7:34:26:2a:66:4f:2a:2e:0a:
e8:93:66:fb:e7:4a:03:b4:6c:db:c4:05:51:87:b5:8c:b0:46:
cd:cb:9b:15:58:69:2b:94:a0:75:23:0d:3c:69:5e:05:dc:7c:
51:06:9b:c6
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYzC2u5hQTVWwbHnIDfvnZZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQwZjZmMTBlN2M2OGVjN2JlNGMzZWIwZWU5NGRiMDE2NTFlMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhbUnNZ9lHBRR9p4orit/MN2wiZy
sAeQ4ZqvBWRnxezGcH3yHXZWkCfAKVrQzrdozJXXpodHr7z2+qSiPLjTnmHrdFln
+eqsSsD906dbe9Rnb/C8vT0VKG8UxQvg68cITjqL45quT5cLYBRle6icl+KLc0jE
CNFonVghK3yeSBSlinFKYtAm/h2HkqgCNm17Fb2cSms0Jgpy8x93INeji8lZ4+ti
/rHGsBjAUb2Q7PpdyRtw6aEOEhK1F0alF06Ej7PpY7pPYzr6d/uVUq/wmxNRQ19l
ViGiZ7QLtjxXFphCsgLpNxrIhQACZTFHVtFXnfha2mKTN1nmGj2ZnTTM4QIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFE9A9vEOfGjse+TD6w7pTbAWUeNfMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvVDBEMjhRNThhT3g3NU1QckR1bE5zQlpSNDE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBlQQCAAEwgY4DBAIF
LGADBAIFLGwDBAMl2vgwDAMEBFFYEAMEAlFYGAMEAFT+eAMEBVkWYAMEAVvOjgME
AFvcMQMEAlviWAMEBF1asAMEA4B/QAMEA7L6qAMEArlQXDAMAwQDvEAoAwQBvEAs
AwQCwKJUAwQBwRlyAwQBwnS6AwQBwyJSAwQBwyp4AwQBw24qAwQAw+GFMBsEAgAC
MBUDBQAqAFMAAwUAKgD6QAMFACoCCmAwDQYJKoZIhvcNAQELBQADggEBAIL/kOps
d12QNqXjXOFdeqbdfD3yKBS3hnPv4RROMO3DKw95lnQ9Gdho6ic1HjI+d8gjqa57
m2Kbp1xhnjD2Jscx2Xe4whoG3CXg91mFysvvy33tMlsTDxMB9SAn5fCwnvYVqgcy
L58IWxyTjCV7ZLAvft9gzC8uuP7AHW9PU+7BSkBlIU5vD/kduJ7itrThlUfB8cAz
so5sIitpypgdlsLtFM0IB1ZDREUxxVvc2z7WlPiLse+EeIVZp1DQZTp5MLuV5KSQ
bKdF5IX3d6DwFNc0JipmTyouCuiTZvvnSgO0bNvEBVGHtYywRs3LmxVYaSuUoHUj
DTxpXgXcfFEGm8Y=
-----END CERTIFICATE-----
Generated at Tue Jun 11 15:22:07 2024 by rpki-client on console-fra.rpki-client.org