Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/4XQWx7ZBCJsuUdUF07r5cMusp-4.roa
File: 4XQWx7ZBCJsuUdUF07r5cMusp-4.roa (raw, json)
Hash identifier: FcwQCRV3VczAcHbZhRl4EKGJwhqatF5mVWZH/zhpM24=
Subject key identifier: E1:74:16:C7:B6:41:08:9B:2E:51:D5:05:D3:BA:F9:70:CB:AC:A7:EE
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018CC9BB0953AF3EC2E85C6B7841D76A86EC
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/4XQWx7ZBCJsuUdUF07r5cMusp-4.roa
Signing time: Tue 02 Jan 2024 10:32:07 +0000
ROA not before: Tue 02 Jan 2024 10:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31122
IP address blocks: 78.137.128.0/18 maxlen: 18
93.92.8.0/21 maxlen: 21
92.51.192.0/18 maxlen: 18
91.142.96.0/20 maxlen: 20
84.203.0.0/16 maxlen: 16
185.53.32.0/24 maxlen: 24
185.53.35.0/24 maxlen: 24
83.147.128.0/18 maxlen: 18
212.126.32.0/19 maxlen: 19
46.183.104.0/23 maxlen: 23
212.126.60.0/22 maxlen: 22
185.233.176.0/22 maxlen: 22
94.247.48.0/21 maxlen: 21
92.51.208.0/20 maxlen: 20
185.182.72.0/22 maxlen: 22
185.242.236.0/23 maxlen: 23
185.47.144.0/22 maxlen: 22
89.234.64.0/18 maxlen: 18
176.52.216.0/22 maxlen: 22
176.52.220.0/23 maxlen: 23
80.93.16.0/20 maxlen: 20
185.205.228.0/22 maxlen: 22
217.78.0.0/20 maxlen: 20
37.46.16.0/21 maxlen: 21
2a0a:e780::/29 maxlen: 30
2001:1bb8::/32 maxlen: 32
2a00:15b8:400::/40 maxlen: 40
2a00:15b8::/32 maxlen: 32
2a02:220::/32 maxlen: 32
2a01:258::/32 maxlen: 32
2a01:8aa0::/32 maxlen: 32
2a0b:bc0::/29 maxlen: 30
Validation: Failed, certificate revoked on Fri 02 Feb 2024 10:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:09:53:af:3e:c2:e8:5c:6b:78:41:d7:6a:86:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jan 2 10:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e17416c7b641089b2e51d505d3baf970cbaca7ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2c:27:9f:3e:b8:55:81:d3:74:2e:85:a6:14:
d5:33:49:44:d8:f7:68:b0:2c:ce:0b:30:6f:27:8e:
31:c8:f1:d0:76:25:07:35:a6:28:56:28:31:37:fb:
88:09:06:cd:0d:e1:94:80:55:c4:23:de:ef:c1:98:
06:8d:44:c4:b6:95:3e:c7:d3:92:2f:62:c9:02:1d:
51:e5:5a:0e:9c:f5:07:e9:09:cf:41:03:01:30:c4:
c8:12:b9:d7:af:c9:d1:7f:ec:bd:8f:04:fe:cc:a8:
8f:0d:3d:88:ed:9b:fc:ce:13:a8:9c:72:2b:f5:55:
3d:01:f7:c9:27:2b:96:f3:07:7c:30:47:fb:ce:a0:
78:7e:54:5e:1d:05:11:78:b1:f4:f2:91:2c:39:59:
6b:fd:47:c8:63:91:c5:fb:e1:f4:e0:27:10:06:26:
bf:bf:b7:67:55:3d:57:9d:ce:50:4e:3f:93:3a:af:
03:b8:5e:b2:2e:6a:4f:a0:2f:92:43:27:1e:a6:ed:
52:75:9c:4a:0d:29:ff:6b:f2:95:df:84:14:89:0f:
b2:a8:f7:10:86:bc:bf:3e:d0:5f:11:86:3e:46:5b:
11:c6:11:c9:94:04:37:f0:0a:2f:76:21:59:eb:b9:
9f:2d:a0:af:ef:b5:c0:5a:04:47:9d:1a:2c:79:05:
64:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:74:16:C7:B6:41:08:9B:2E:51:D5:05:D3:BA:F9:70:CB:AC:A7:EE
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/4XQWx7ZBCJsuUdUF07r5cMusp-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/21
46.183.104.0/23
78.137.128.0/18
80.93.16.0/20
83.147.128.0/18
84.203.0.0/16
89.234.64.0/18
91.142.96.0/20
92.51.192.0/18
93.92.8.0/21
94.247.48.0/21
176.52.216.0-176.52.221.255
185.47.144.0/22
185.53.32.0/24
185.53.35.0/24
185.182.72.0/22
185.205.228.0/22
185.233.176.0/22
185.242.236.0/23
212.126.32.0/19
217.78.0.0/20
IPv6:
2001:1bb8::/32
2a00:15b8::/32
2a01:258::/32
2a01:8aa0::/32
2a02:220::/32
2a0a:e780::/29
2a0b:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
06:26:ff:e1:c2:c5:cf:ad:15:14:81:38:e9:4e:23:1d:73:2a:
8a:d8:4b:92:dd:c1:b2:a0:1e:12:1c:4e:d7:5a:ce:89:a0:d5:
f1:f3:f1:48:da:9c:b6:65:20:f5:04:81:2a:9e:b0:e6:54:00:
df:eb:ac:04:32:da:38:d7:91:19:f4:66:57:d9:54:09:76:cc:
79:b3:68:d9:2d:22:39:2a:eb:57:40:96:9a:04:ec:f2:d7:6c:
70:2c:d8:07:ee:07:23:a5:f6:ca:4a:e9:81:9d:a4:21:41:29:
7d:2b:22:76:b4:bb:aa:d0:ea:81:88:0a:d8:2a:69:5b:51:a2:
b5:1f:ff:13:70:e6:ca:50:ff:77:48:c4:86:62:51:16:d6:a1:
2e:4b:6d:e4:d2:cc:c7:c2:1a:e8:60:ff:1c:f0:94:49:5a:9b:
b1:8f:b7:61:33:ab:5a:8e:00:7c:27:c1:8d:22:71:62:ce:15:
89:20:37:fd:30:ee:ab:f1:30:c2:6d:de:6d:9a:6a:b4:41:d5:
11:a5:68:d4:53:03:fc:f8:f4:4b:0b:74:f5:5d:31:73:da:42:
cf:a0:b5:3e:f8:d5:80:fd:af:c2:a0:41:b4:72:ec:4c:4e:d7:
6f:89:81:af:c1:c3:61:b1:e1:cc:33:49:04:41:3f:e6:3d:7f:
14:af:19:4e
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAYzJuwlTrz7C6FxreEHXaobsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjQwMTAyMTAzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTc0MTZjN2I2NDEwODliMmU1MWQ1MDVkM2JhZjk3MGNiYWNhN2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiwnnz64VYHTdC6FphTVM0lE2Pdo
sCzOCzBvJ44xyPHQdiUHNaYoVigxN/uICQbNDeGUgFXEI97vwZgGjUTEtpU+x9OS
L2LJAh1R5VoOnPUH6QnPQQMBMMTIErnXr8nRf+y9jwT+zKiPDT2I7Zv8zhOonHIr
9VU9AffJJyuW8wd8MEf7zqB4flReHQUReLH08pEsOVlr/UfIY5HF++H04CcQBia/
v7dnVT1Xnc5QTj+TOq8DuF6yLmpPoC+SQycepu1SdZxKDSn/a/KV34QUiQ+yqPcQ
hry/PtBfEYY+RlsRxhHJlAQ38AovdiFZ67mfLaCv77XAWgRHnRoseQVkuQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFOF0Fse2QQibLlHVBdO6+XDLrKfuMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvNFhRV3g3WkJDSnN1VWRVRjA3cjVjTXVzcC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBjAQCAAEwgYUDBAMl
LhADBAEut2gDBAZOiYADBARQXRADBAZTk4ADAwBUywMEBlnqQAMEBFuOYAMEBlwz
wAMEA11cCAMEA173MDAMAwQDsDTYAwQBsDTcAwQCuS+QAwQAuTUgAwQAuTUjAwQC
ubZIAwQCuc3kAwQCuemwAwQBufLsAwQF1H4gAwQE2U4AMDcEAgACMDEDBQAgARu4
AwUAKgAVuAMFACoBAlgDBQAqAYqgAwUAKgICIAMFAyoK54ADBQMqCwvAMA0GCSqG
SIb3DQEBCwUAA4IBAQAGJv/hwsXPrRUUgTjpTiMdcyqK2EuS3cGyoB4SHE7XWs6J
oNXx8/FI2py2ZSD1BIEqnrDmVADf66wEMto415EZ9GZX2VQJdsx5s2jZLSI5KutX
QJaaBOzy12xwLNgH7gcjpfbKSumBnaQhQSl9KyJ2tLuq0OqBiArYKmlbUaK1H/8T
cObKUP93SMSGYlEW1qEuS23k0szHwhroYP8c8JRJWpuxj7dhM6tajgB8J8GNInFi
zhWJIDf9MO6r8TDCbd5tmmq0QdURpWjUUwP8+PRLC3T1XTFz2kLPoLU++NWA/a/C
oEG0cuxMTtdviYGvwcNhseHMM0kEQT/mPX8UrxlO
-----END CERTIFICATE-----
Generated at Fri Feb 2 14:46:20 2024 by rpki-client on console-fra.rpki-client.org