Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/4v9NTvgCEiL6OzRLU2ilTKDKO7k.roa
File: 4v9NTvgCEiL6OzRLU2ilTKDKO7k.roa (raw, json)
Hash identifier: dQArPCi4C7J8QV7olIaWnysJc7lkMb5nczHoRtFrDyw=
Subject key identifier: E2:FF:4D:4E:F8:02:12:22:FA:3B:34:4B:53:68:A5:4C:A0:CA:3B:B9
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737ADCF22661241FDE48DA71EABF1647
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/4v9NTvgCEiL6OzRLU2ilTKDKO7k.roa
Signing time: Mon 02 Jan 2023 17:15:09 +0000
ROA not before: Mon 02 Jan 2023 17:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212949
IP address blocks: 217.61.88.0/21 maxlen: 24
167.160.8.0/23 maxlen: 24
167.160.6.0/23 maxlen: 24
167.160.22.0/23 maxlen: 24
167.160.24.0/23 maxlen: 24
185.19.24.0/22 maxlen: 24
89.33.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:dc:f2:26:61:24:1f:de:48:da:71:ea:bf:16:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2ff4d4ef8021222fa3b344b5368a54ca0ca3bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:1c:16:e8:63:99:19:dd:90:3a:85:a5:fa:
c6:2a:2b:6b:d2:68:d1:80:66:40:43:91:16:f2:de:
58:ba:f1:7f:fe:d1:2a:cc:46:4b:1a:4f:72:65:46:
db:e9:f6:00:a3:cd:1d:a3:6d:8f:7d:40:9b:01:64:
99:d3:e8:38:46:80:4e:26:29:0b:1e:a0:a6:99:7c:
39:24:dd:88:06:a9:42:bf:a1:ad:48:1d:44:e0:8c:
db:eb:15:1b:bf:e4:1f:1d:71:68:af:d3:d2:dc:e6:
40:9b:78:ea:47:ec:c5:62:24:a9:bf:3f:48:d8:78:
1c:56:91:29:e7:e0:b2:dc:1c:c2:f1:71:cd:b6:33:
68:3c:80:a3:3a:aa:e0:a1:28:5e:c8:0a:25:d8:92:
0c:b5:ff:6a:96:d1:3e:10:13:c0:0d:40:fb:30:2d:
d2:95:d8:74:4c:3c:c7:62:3b:32:39:d6:4b:54:7e:
a5:c0:49:31:a6:45:96:06:df:43:18:bb:ec:27:d5:
bb:8f:02:d8:50:9a:2a:7e:d6:57:4b:4d:bb:9c:86:
ea:08:0a:13:8c:7b:bd:c0:86:bc:83:eb:be:44:f3:
04:81:37:3b:f1:42:84:28:40:05:31:c4:5a:60:bc:
54:bd:37:b7:7c:71:f6:99:49:ed:51:46:b2:d2:7e:
63:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FF:4D:4E:F8:02:12:22:FA:3B:34:4B:53:68:A5:4C:A0:CA:3B:B9
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/4v9NTvgCEiL6OzRLU2ilTKDKO7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.108.0/22
167.160.6.0-167.160.9.255
167.160.22.0-167.160.25.255
185.19.24.0/22
217.61.88.0/21
Signature Algorithm: sha256WithRSAEncryption
15:bb:fa:5a:97:25:ca:a8:46:d6:44:40:bf:14:cb:2e:c8:99:
3b:fe:81:76:ad:1b:74:83:e2:3b:8c:ef:49:57:dc:98:1f:eb:
23:d2:53:1f:fb:fd:e6:ee:93:c3:6e:52:c2:0b:66:9c:64:b5:
64:d5:4a:9a:c5:35:8a:9c:8b:7f:e7:22:ee:93:dc:b3:7b:02:
59:59:1d:c4:8c:68:33:53:6a:89:0d:67:18:2d:8c:b9:af:a1:
bd:5e:52:49:2b:21:11:da:e8:2f:61:b8:e1:a0:4f:4e:9a:72:
b5:a6:1f:52:e7:7b:10:c3:ed:85:bf:f6:02:3f:ce:0a:3f:d4:
5c:43:0b:20:36:d9:ba:03:09:87:73:37:0a:2d:aa:37:63:65:
48:b7:f4:02:21:3b:34:d0:54:e7:4c:05:3a:55:b2:2e:b0:fc:
df:9b:05:7f:19:e8:ad:cb:22:ef:af:5d:59:5b:24:48:0c:87:
ce:22:e2:67:f2:79:ec:b5:f1:6f:24:28:e2:be:46:f1:4f:68:
1a:27:80:a8:9e:47:88:d7:74:91:ae:e6:c7:fc:1d:53:43:04:
5e:99:8e:f2:59:ad:cc:3b:03:75:b8:d2:68:59:46:97:c8:09:
b8:97:9b:9e:a6:72:70:96:b9:e4:17:4d:23:3e:b5:cd:74:09:
11:06:47:b6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVzetzyJmEkH95I2nHqvxZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmZmNGQ0ZWY4MDIxMjIyZmEzYjM0NGI1MzY4YTU0Y2EwY2EzYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+AcFuhjmRndkDqFpfrGKitr0mjR
gGZAQ5EW8t5YuvF//tEqzEZLGk9yZUbb6fYAo80do22PfUCbAWSZ0+g4RoBOJikL
HqCmmXw5JN2IBqlCv6GtSB1E4Izb6xUbv+QfHXFor9PS3OZAm3jqR+zFYiSpvz9I
2HgcVpEp5+Cy3BzC8XHNtjNoPICjOqrgoSheyAol2JIMtf9qltE+EBPADUD7MC3S
ldh0TDzHYjsyOdZLVH6lwEkxpkWWBt9DGLvsJ9W7jwLYUJoqftZXS027nIbqCAoT
jHu9wIa8g+u+RPMEgTc78UKEKEAFMcRaYLxUvTe3fHH2mUntUUay0n5jwwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOL/TU74AhIi+js0S1NopUygyju5MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvNHY5TlR2Z0NFaUw2T3pSTFUyaWxUS0RLTzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCWSFsMAwD
BAGnoAYDBAGnoAgwDAMEAaegFgMEAaegGAMEArkTGAMEA9k9WDANBgkqhkiG9w0B
AQsFAAOCAQEAFbv6WpclyqhG1kRAvxTLLsiZO/6Bdq0bdIPiO4zvSVfcmB/rI9JT
H/v95u6Tw25SwgtmnGS1ZNVKmsU1ipyLf+ci7pPcs3sCWVkdxIxoM1NqiQ1nGC2M
ua+hvV5SSSshEdroL2G44aBPTppytaYfUud7EMPthb/2Aj/OCj/UXEMLIDbZugMJ
h3M3Ci2qN2NlSLf0AiE7NNBU50wFOlWyLrD835sFfxnorcsi769dWVskSAyHziLi
Z/J57LXxbyQo4r5G8U9oGieAqJ5HiNd0ka7mx/wdU0MEXpmO8lmtzDsDdbjSaFlG
l8gJuJebnqZycJa55BdNIz61zXQJEQZHtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org