Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4OpEC6aOUhRQUDzsMx54rSqojUQ.roa
File: 4OpEC6aOUhRQUDzsMx54rSqojUQ.roa (raw, json)
Hash identifier: R2/yMbIiJgPrOF5fQksfAzIF/6aRFIJZXte3yDc3DHY=
Subject key identifier: E0:EA:44:0B:A6:8E:52:14:50:50:3C:EC:33:1E:78:AD:2A:A8:8D:44
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018BD80A164CC37DD48446E335BF4D5E18E6
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4OpEC6aOUhRQUDzsMx54rSqojUQ.roa
Signing time: Thu 16 Nov 2023 12:10:21 +0000
ROA not before: Thu 16 Nov 2023 12:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202973
IP address blocks: 185.106.92.0/24 maxlen: 24
194.36.177.0/24 maxlen: 24
82.115.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:0a:16:4c:c3:7d:d4:84:46:e3:35:bf:4d:5e:18:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 16 12:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0ea440ba68e521450503cec331e78ad2aa88d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:18:82:31:6a:90:d9:b0:22:16:1f:d0:4e:d6:
98:3b:90:92:5f:07:2c:ea:6e:68:6e:17:37:66:73:
eb:4b:76:5e:b8:5d:00:82:88:38:ce:87:fc:35:5a:
be:87:e3:5d:3c:34:46:44:08:93:f0:85:fd:c0:e5:
26:d5:65:bf:b0:ea:fa:70:b2:c5:e2:7e:0e:d8:65:
e1:04:d2:28:ce:72:5e:72:1a:47:11:b6:22:dd:10:
37:06:9a:1f:d1:b5:a3:fa:1d:e0:bb:17:b4:7d:0f:
26:a8:de:34:d7:4c:43:6a:c2:cc:62:d3:c2:7e:23:
a9:b4:a0:cc:d0:cc:2b:30:ef:d0:ae:cc:13:09:2b:
f3:f0:cb:e8:7c:6c:ac:b6:73:d5:95:ce:81:bb:e5:
56:29:37:99:53:9e:ea:3b:5b:76:ac:45:34:00:b6:
08:b1:b0:34:a4:cf:94:7d:10:58:b1:70:82:1e:76:
35:6d:c2:e2:1d:0b:df:6b:b7:86:58:06:57:09:7b:
c9:3d:b7:fa:6d:6a:54:87:be:21:c5:c5:6b:2c:8e:
bb:ba:cd:f5:3e:80:93:d2:db:2f:34:cb:7e:df:f9:
cc:df:c0:c4:68:6a:d3:91:22:70:f8:a2:bf:78:b0:
32:42:95:e9:23:b5:76:f7:47:80:a5:5e:96:fb:17:
78:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:EA:44:0B:A6:8E:52:14:50:50:3C:EC:33:1E:78:AD:2A:A8:8D:44
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4OpEC6aOUhRQUDzsMx54rSqojUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.223.0/24
185.106.92.0/24
194.36.177.0/24
Signature Algorithm: sha256WithRSAEncryption
97:4d:84:69:06:d8:80:64:2d:61:2d:01:f5:82:db:b5:a2:62:
b6:57:98:ce:b3:30:2f:18:c2:bb:4f:bc:d5:8d:5c:fa:ef:ba:
a6:46:93:92:dc:dc:ee:32:bc:d4:8c:b0:67:5b:f8:46:20:0c:
f8:41:64:0f:e6:e6:c8:d8:cc:d9:01:31:a0:67:23:5a:4f:a1:
50:c9:d5:5f:fa:c9:7e:35:07:97:e3:91:3e:a0:7c:20:b1:74:
93:fc:a4:55:48:24:5f:d6:ab:00:a0:cd:b8:ee:52:56:2b:c4:
0b:ee:96:77:7e:02:48:9c:98:44:ec:2c:f8:d6:fc:16:a8:e5:
af:e4:8d:52:7a:a5:bc:82:7f:a5:8a:55:5b:c7:91:a9:ec:57:
aa:28:e7:23:b1:ba:45:75:49:9c:36:a8:78:56:82:b2:88:f1:
13:33:b3:8b:df:01:80:99:66:cf:45:07:e8:6d:4d:30:18:6a:
1b:b8:43:a3:56:5d:95:ec:f7:b1:27:a2:c2:7e:ad:e8:61:c3:
c6:dd:6b:ec:65:c3:58:75:cb:f3:2a:d1:54:41:6e:6d:5b:4f:
5b:8f:59:5d:e7:f5:35:8b:02:7b:e6:dc:32:cd:de:85:21:cc:
f5:c0:d6:0a:57:98:b1:50:b5:f9:2c:2d:a1:af:d8:88:f1:7b:
6b:39:b5:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvYChZMw33UhEbjNb9NXhjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMTE2MTIxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGVhNDQwYmE2OGU1MjE0NTA1MDNjZWMzMzFlNzhhZDJhYTg4ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBiCMWqQ2bAiFh/QTtaYO5CSXwcs
6m5obhc3ZnPrS3ZeuF0Agog4zof8NVq+h+NdPDRGRAiT8IX9wOUm1WW/sOr6cLLF
4n4O2GXhBNIoznJechpHEbYi3RA3Bpof0bWj+h3guxe0fQ8mqN4010xDasLMYtPC
fiOptKDM0MwrMO/QrswTCSvz8MvofGystnPVlc6Bu+VWKTeZU57qO1t2rEU0ALYI
sbA0pM+UfRBYsXCCHnY1bcLiHQvfa7eGWAZXCXvJPbf6bWpUh74hxcVrLI67us31
PoCT0tsvNMt+3/nM38DEaGrTkSJw+KK/eLAyQpXpI7V290eApV6W+xd4HwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFODqRAumjlIUUFA87DMeeK0qqI1EMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvNE9wRUM2YU9VaFJRVUR6c014NTRyU3FvalVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUnPfAwQA
uWpcAwQAwiSxMA0GCSqGSIb3DQEBCwUAA4IBAQCXTYRpBtiAZC1hLQH1gtu1omK2
V5jOszAvGMK7T7zVjVz677qmRpOS3NzuMrzUjLBnW/hGIAz4QWQP5ubI2MzZATGg
ZyNaT6FQydVf+sl+NQeX45E+oHwgsXST/KRVSCRf1qsAoM247lJWK8QL7pZ3fgJI
nJhE7Cz41vwWqOWv5I1SeqW8gn+lilVbx5Gp7FeqKOcjsbpFdUmcNqh4VoKyiPET
M7OL3wGAmWbPRQfobU0wGGobuEOjVl2V7PexJ6LCfq3oYcPG3WvsZcNYdcvzKtFU
QW5tW09bj1ld5/U1iwJ75twyzd6FIcz1wNYKV5ixULX5LC2hr9iI8XtrObW+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org