Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/4TZxwQqBUlXhpBu9R7kBihbR_ok.roa
File: 4TZxwQqBUlXhpBu9R7kBihbR_ok.roa (raw, json)
Hash identifier: ATVbjeYmCgxDr/SZWRNTyD5UE6TsiB5LVDY2sZ5b4yk=
Subject key identifier: E1:36:71:C1:0A:81:52:55:E1:A4:1B:BD:47:B9:01:8A:16:D1:FE:89
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 0192D7744F813F99CC81821BACABD1DA7128
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/4TZxwQqBUlXhpBu9R7kBihbR_ok.roa
Signing time: Tue 29 Oct 2024 08:46:16 +0000
ROA not before: Tue 29 Oct 2024 08:46:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44407
IP address blocks: 37.140.224.0/21 maxlen: 21
45.81.80.0/22 maxlen: 22
45.87.56.0/22 maxlen: 22
45.132.248.0/22 maxlen: 24
45.148.108.0/22 maxlen: 22
45.156.228.0/22 maxlen: 22
46.247.224.0/19 maxlen: 19
79.132.144.0/20 maxlen: 20
80.240.160.0/20 maxlen: 20
85.112.192.0/19 maxlen: 19
86.105.88.0/21 maxlen: 21
86.107.248.0/21 maxlen: 21
89.35.208.0/21 maxlen: 21
89.43.156.0/22 maxlen: 24
185.16.48.0/22 maxlen: 22
185.176.176.0/22 maxlen: 22
185.181.152.0/22 maxlen: 22
185.183.60.0/22 maxlen: 22
185.183.64.0/22 maxlen: 22
185.183.252.0/22 maxlen: 22
185.184.4.0/22 maxlen: 22
185.198.224.0/22 maxlen: 22
185.204.252.0/22 maxlen: 22
185.209.140.0/22 maxlen: 22
185.223.148.0/22 maxlen: 22
185.243.120.0/22 maxlen: 22
194.36.192.0/22 maxlen: 22
195.123.7.0/24 maxlen: 24
195.177.108.0/22 maxlen: 22
217.26.192.0/20 maxlen: 20
2001:4000::/32 maxlen: 32
2a0a:1c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 05 Nov 2024 09:32:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:74:4f:81:3f:99:cc:81:82:1b:ac:ab:d1:da:71:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Oct 29 08:46:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e13671c10a815255e1a41bbd47b9018a16d1fe89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c9:50:9e:eb:77:fc:46:fb:39:a9:28:47:08:
3a:e2:86:a8:66:56:e3:b8:18:ee:f9:5b:17:66:a3:
76:64:62:10:c8:9b:ee:4a:70:ee:60:23:6b:55:16:
4a:14:68:7d:fc:92:06:e8:83:64:14:9e:3e:f5:fc:
01:8f:aa:06:dc:5a:94:25:c3:f0:c3:0a:a8:52:54:
b0:24:2b:4d:01:bc:19:ea:30:dd:2c:e8:d8:5b:41:
20:54:90:43:39:b9:81:25:bf:bf:fe:ca:da:7a:05:
c0:33:7a:3d:72:1c:5d:25:04:f6:dc:52:c7:40:3f:
fc:ca:e3:21:08:65:ec:71:cb:67:e9:b5:b0:b8:1b:
60:00:1b:3b:d5:f8:19:11:ea:2c:ff:af:8d:0a:7f:
bf:eb:15:f9:b7:f8:18:34:10:1b:b9:cc:c7:69:6f:
d5:4b:a2:21:b5:2d:29:ad:f1:69:60:58:63:aa:d6:
d4:82:5b:d4:71:ff:35:01:a3:42:91:cd:9c:05:8b:
ec:22:77:9d:ed:a1:22:2f:bc:97:fc:a8:c5:31:21:
37:8a:ed:08:9b:7d:af:53:44:40:90:d5:53:a2:8b:
e8:ef:a0:36:cb:38:48:84:6a:00:f5:85:09:2c:2c:
7c:4e:3e:4f:d2:21:11:58:2b:78:19:c4:f0:c0:d2:
2d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:36:71:C1:0A:81:52:55:E1:A4:1B:BD:47:B9:01:8A:16:D1:FE:89
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/4TZxwQqBUlXhpBu9R7kBihbR_ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.224.0/21
45.81.80.0/22
45.87.56.0/22
45.132.248.0/22
45.148.108.0/22
45.156.228.0/22
46.247.224.0/19
79.132.144.0/20
80.240.160.0/20
85.112.192.0/19
86.105.88.0/21
86.107.248.0/21
89.35.208.0/21
89.43.156.0/22
185.16.48.0/22
185.176.176.0/22
185.181.152.0/22
185.183.60.0-185.183.67.255
185.183.252.0/22
185.184.4.0/22
185.198.224.0/22
185.204.252.0/22
185.209.140.0/22
185.223.148.0/22
185.243.120.0/22
194.36.192.0/22
195.123.7.0/24
195.177.108.0/22
217.26.192.0/20
IPv6:
2001:4000::/32
2a0a:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
53:d9:a8:2d:7d:d6:4b:f4:a7:05:a9:db:17:26:3a:52:8c:73:
f2:f2:07:76:41:88:99:db:90:01:90:03:53:b7:1c:01:e7:dd:
83:0f:1a:47:af:73:81:6a:2b:93:27:75:28:2c:03:18:62:11:
04:d7:f8:95:ab:0d:88:72:a1:6e:1b:a1:8a:06:bc:9c:fa:ee:
95:8f:9e:88:e0:a8:1f:a5:66:2f:22:68:fe:69:1a:fe:ab:1d:
9f:f8:be:17:24:7a:65:bb:06:7e:88:46:6f:6d:ca:47:cd:b5:
15:66:92:bf:38:79:35:32:b7:c0:7a:45:45:79:bd:eb:61:66:
b9:3a:97:7d:bc:31:c1:54:75:61:56:32:f6:9b:57:c8:ce:67:
d0:aa:fc:58:aa:a7:e7:90:db:f8:10:43:b8:de:bb:a5:7c:fd:
fc:71:ce:fa:6d:4b:d9:ca:3d:c6:70:de:0c:e8:c1:ce:fe:16:
9c:d9:16:a0:b0:ee:db:ab:34:71:05:91:29:d1:aa:43:f6:e9:
83:07:66:30:42:35:18:43:10:72:5a:34:69:9f:f0:09:d9:42:
a8:6a:82:f2:09:85:10:cd:c6:76:42:06:8f:41:4a:51:50:cf:
51:17:e9:f1:7b:03:b9:94:92:3c:b6:f0:ff:b7:e2:df:de:69:
1e:07:86:9e
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAZLXdE+BP5nMgYIbrKvR2nEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjQxMDI5MDg0NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTM2NzFjMTBhODE1MjU1ZTFhNDFiYmQ0N2I5MDE4YTE2ZDFmZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MlQnut3/Eb7OakoRwg64oaoZlbj
uBju+VsXZqN2ZGIQyJvuSnDuYCNrVRZKFGh9/JIG6INkFJ4+9fwBj6oG3FqUJcPw
wwqoUlSwJCtNAbwZ6jDdLOjYW0EgVJBDObmBJb+//sraegXAM3o9chxdJQT23FLH
QD/8yuMhCGXscctn6bWwuBtgABs71fgZEeos/6+NCn+/6xX5t/gYNBAbuczHaW/V
S6IhtS0prfFpYFhjqtbUglvUcf81AaNCkc2cBYvsIned7aEiL7yX/KjFMSE3iu0I
m32vU0RAkNVToovo76A2yzhIhGoA9YUJLCx8Tj5P0iERWCt4GcTwwNItZwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFOE2ccEKgVJV4aQbvUe5AYoW0f6JMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvNFRaeHdRcUJVbFhocEJ1OVI3a0JpaGJSX29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCBvQQCAAEwgbYDBAMl
jOADBAItUVADBAItVzgDBAIthPgDBAItlGwDBAItnOQDBAUu9+ADBARPhJADBARQ
8KADBAVVcMADBANWaVgDBANWa/gDBANZI9ADBAJZK5wDBAK5EDADBAK5sLADBAK5
tZgwDAMEArm3PAMEArm3QAMEArm3/AMEArm4BAMEArnG4AMEArnM/AMEArnRjAME
ArnflAMEArnzeAMEAsIkwAMEAMN7BwMEAsOxbAMEBNkawDAUBAIAAjAOAwUAIAFA
AAMFAyoKHIAwDQYJKoZIhvcNAQELBQADggEBAFPZqC191kv0pwWp2xcmOlKMc/Ly
B3ZBiJnbkAGQA1O3HAHn3YMPGkevc4FqK5MndSgsAxhiEQTX+JWrDYhyoW4boYoG
vJz67pWPnojgqB+lZi8iaP5pGv6rHZ/4vhckemW7Bn6IRm9tykfNtRVmkr84eTUy
t8B6RUV5vethZrk6l328McFUdWFWMvabV8jOZ9Cq/Fiqp+eQ2/gQQ7jeu6V8/fxx
zvptS9nKPcZw3gzowc7+FpzZFqCw7turNHEFkSnRqkP26YMHZjBCNRhDEHJaNGmf
8AnZQqhqgvIJhRDNxnZCBo9BSlFQz1EX6fF7A7mUkjy28P+34t/eaR4Hhp4=
-----END CERTIFICATE-----
Generated at Tue Nov 5 12:42:51 2024 by rpki-client on console-ams.rpki-client.org