Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/4lSVMQ7bbcJrXUIMz5hbt25dWjk.roa
File: 4lSVMQ7bbcJrXUIMz5hbt25dWjk.roa (raw, json)
Hash identifier: 0uvO34t7UNXYRjlIsbGbMi8n5kyqKZwXej4h0UviPgk=
Subject key identifier: E2:54:95:31:0E:DB:6D:C2:6B:5D:42:0C:CF:98:5B:B7:6E:5D:5A:39
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018A21BBA40CDB88B39DD1F5E34E56A9B4CA
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/4lSVMQ7bbcJrXUIMz5hbt25dWjk.roa
Signing time: Wed 23 Aug 2023 09:30:59 +0000
ROA not before: Wed 23 Aug 2023 09:30:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41736
IP address blocks: 185.47.144.0/22 maxlen: 23
91.142.96.0/20 maxlen: 21
Validation: Failed, certificate revoked on Fri 01 Sep 2023 08:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:bb:a4:0c:db:88:b3:9d:d1:f5:e3:4e:56:a9:b4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Aug 23 09:30:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e25495310edb6dc26b5d420ccf985bb76e5d5a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:39:e0:82:da:28:9a:54:51:87:b4:95:81:4f:
1c:fa:90:ef:8f:75:d3:68:31:06:3e:55:83:bd:73:
5f:d3:ab:2e:a1:3f:a3:a2:c4:10:b3:db:f3:38:6d:
2d:a5:31:f6:e8:07:11:c1:25:97:2f:22:95:71:86:
fb:42:9f:8e:d5:97:a9:ee:ad:3d:d4:4f:62:fb:86:
7b:e4:65:a1:e6:11:43:09:12:14:4e:da:8a:e4:14:
cb:98:c2:2a:6f:fd:fb:3e:c6:16:3e:c1:d7:cc:40:
18:97:62:1e:fb:49:eb:df:da:09:46:8b:a0:ab:41:
4f:3d:97:e5:7a:9b:78:7b:e1:a4:ff:f7:9f:e2:91:
7d:8b:d0:c6:c9:a9:05:e5:4d:c3:6b:b2:57:66:8b:
d7:be:fa:ea:ff:02:e1:cf:26:33:36:c7:75:ed:dc:
69:1d:fa:9a:92:a4:76:9d:82:9f:b7:75:4a:61:87:
b4:ae:f8:01:1c:3b:49:a1:aa:50:66:2e:a6:08:25:
1a:76:92:1d:8b:d3:71:5e:8a:86:76:bf:09:65:c2:
3c:12:1c:a4:f8:32:5b:77:5a:04:30:ff:ba:97:de:
8d:d5:24:10:3b:49:81:a7:ab:e4:e5:19:65:72:04:
c2:76:40:16:64:dd:4a:ce:12:06:06:35:ca:a7:17:
91:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:54:95:31:0E:DB:6D:C2:6B:5D:42:0C:CF:98:5B:B7:6E:5D:5A:39
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/4lSVMQ7bbcJrXUIMz5hbt25dWjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.96.0/20
185.47.144.0/22
Signature Algorithm: sha256WithRSAEncryption
62:52:86:b9:2c:03:d9:64:62:a2:6b:bd:8d:e1:3c:b2:8c:77:
bc:fd:dd:48:ab:4a:fa:64:50:e2:1a:29:34:11:71:b7:33:5a:
e4:9b:c4:bd:1e:14:b8:c5:8d:f9:7e:e2:dd:74:7b:7a:5f:91:
cf:1d:6c:4b:a2:b5:6b:f3:af:40:29:3e:b3:7b:65:35:8f:73:
52:46:4f:38:e6:9f:59:5f:7b:6a:ec:e4:63:e3:36:50:9e:f4:
23:9a:fc:54:03:6b:da:59:72:09:44:f6:dc:62:62:f1:79:83:
6f:a5:ff:fd:7f:88:2e:ac:66:c3:e7:e9:4c:46:49:e4:28:07:
52:32:98:a0:d2:2e:b3:0c:4a:28:b5:7b:51:11:b2:fb:38:ee:
55:22:4f:2c:dc:18:c5:4b:4c:cf:0a:b2:e2:b9:f0:27:c1:a6:
98:07:5c:b2:2a:b0:11:0a:52:c4:59:7f:2c:a9:f7:9e:80:80:
10:50:ee:93:c1:a8:aa:35:8c:79:64:48:e1:12:d2:d5:6b:ad:
f3:f2:2f:dc:c5:8d:90:69:5c:24:11:3b:40:fe:46:4a:31:a2:
42:5f:4a:b3:e0:56:bc:ee:2d:fd:2c:52:50:c7:1d:24:b4:53:
54:eb:f5:7a:5d:46:af:41:fa:6b:d5:c8:cd:82:7d:f4:75:46:
db:c0:60:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYohu6QM24izndH1405WqbTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwODIzMDkzMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjU0OTUzMTBlZGI2ZGMyNmI1ZDQyMGNjZjk4NWJiNzZlNWQ1YTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDnggtoomlRRh7SVgU8c+pDvj3XT
aDEGPlWDvXNf06suoT+josQQs9vzOG0tpTH26AcRwSWXLyKVcYb7Qp+O1Zep7q09
1E9i+4Z75GWh5hFDCRIUTtqK5BTLmMIqb/37PsYWPsHXzEAYl2Ie+0nr39oJRoug
q0FPPZflept4e+Gk//ef4pF9i9DGyakF5U3Da7JXZovXvvrq/wLhzyYzNsd17dxp
HfqakqR2nYKft3VKYYe0rvgBHDtJoapQZi6mCCUadpIdi9NxXoqGdr8JZcI8Ehyk
+DJbd1oEMP+6l96N1SQQO0mBp6vk5RllcgTCdkAWZN1KzhIGBjXKpxeR9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOJUlTEO223Ca11CDM+YW7duXVo5MB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvNGxTVk1RN2JiY0pyWFVJTXo1aGJ0MjVkV2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEW45gAwQC
uS+QMA0GCSqGSIb3DQEBCwUAA4IBAQBiUoa5LAPZZGKia72N4TyyjHe8/d1Iq0r6
ZFDiGik0EXG3M1rkm8S9HhS4xY35fuLddHt6X5HPHWxLorVr869AKT6ze2U1j3NS
Rk845p9ZX3tq7ORj4zZQnvQjmvxUA2vaWXIJRPbcYmLxeYNvpf/9f4gurGbD5+lM
RknkKAdSMpig0i6zDEootXtREbL7OO5VIk8s3BjFS0zPCrLiufAnwaaYB1yyKrAR
ClLEWX8sqfeegIAQUO6TwaiqNYx5ZEjhEtLVa63z8i/cxY2QaVwkETtA/kZKMaJC
X0qz4Fa87i39LFJQxx0ktFNU6/V6XUavQfpr1cjNgn30dUbbwGD7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:05 2024 by rpki-client on console-ams.rpki-client.org