Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/4MUa8BQXCTc9DUxuN7nqatCKwIE.roa
File: 4MUa8BQXCTc9DUxuN7nqatCKwIE.roa (raw, json)
Hash identifier: Jok8v5me9GVjZHYRjIqTvdce25cGQhSvyc1PGhC6hBY=
Subject key identifier: E0:C5:1A:F0:14:17:09:37:3D:0D:4C:6E:37:B9:EA:6A:D0:8A:C0:81
Certificate issuer: /CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Certificate serial: 0185718C3C58D4C037F76527F65582DC269C
Authority key identifier: 79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/4MUa8BQXCTc9DUxuN7nqatCKwIE.roa
Signing time: Mon 02 Jan 2023 08:14:53 +0000
ROA not before: Mon 02 Jan 2023 08:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41678
IP address blocks: 89.185.129.0/24 maxlen: 24
89.185.128.0/21 maxlen: 21
194.46.152.0/22 maxlen: 22
89.185.136.0/21 maxlen: 21
89.185.144.0/20 maxlen: 20
89.185.143.0/24 maxlen: 24
194.46.160.0/24 maxlen: 24
194.46.164.0/22 maxlen: 22
89.185.154.0/24 maxlen: 24
89.185.157.0/24 maxlen: 24
212.108.64.0/20 maxlen: 20
212.108.77.0/24 maxlen: 24
194.46.0.0/19 maxlen: 19
212.108.94.0/24 maxlen: 24
212.108.92.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 May 2023 07:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:3c:58:d4:c0:37:f7:65:27:f6:55:82:dc:26:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Validity
Not Before: Jan 2 08:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0c51af0141709373d0d4c6e37b9ea6ad08ac081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d9:9e:c6:ac:f4:84:a6:e4:46:e4:64:71:6b:
f9:b3:7a:69:0e:33:0e:0e:72:70:c0:a9:06:8d:7d:
d9:de:ac:6c:02:57:da:0c:f8:c7:55:3d:30:af:78:
e5:5a:5e:8d:4e:ee:85:6e:cb:5a:6e:75:f5:a5:1a:
0d:77:0c:a4:45:8f:80:b9:ad:66:3b:bd:7c:e6:9c:
04:09:82:2e:7e:cc:64:21:84:0d:54:6e:b6:60:84:
c1:5c:85:79:a3:0b:b9:1f:56:b7:a2:99:a8:44:f3:
69:88:96:1f:de:e2:ed:c5:28:96:c1:58:2b:9f:55:
b5:81:5d:56:8c:93:8d:c0:d6:3e:3e:88:08:ff:34:
ba:2f:93:33:04:9a:f8:a6:f4:9a:7b:b5:15:46:e8:
d4:a4:d7:ed:04:2b:5d:e8:a1:1e:f4:19:30:24:aa:
da:86:66:28:c7:9e:2e:55:0c:86:c1:2b:11:3b:98:
e9:e4:86:86:08:48:7c:d8:01:f6:d8:7a:64:0c:c7:
a0:0e:6d:7f:86:ae:65:c1:74:8b:6c:95:eb:89:cf:
62:31:9e:36:83:ea:b0:38:c2:d6:5c:b8:25:00:35:
52:a8:81:3a:72:1e:ed:61:01:3d:b4:9d:a2:64:ad:
34:06:74:ad:18:f0:4c:fa:24:61:ad:85:cd:70:be:
27:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C5:1A:F0:14:17:09:37:3D:0D:4C:6E:37:B9:EA:6A:D0:8A:C0:81
X509v3 Authority Key Identifier:
keyid:79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/4MUa8BQXCTc9DUxuN7nqatCKwIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.128.0/19
194.46.0.0/19
194.46.152.0/22
194.46.160.0/24
194.46.164.0/22
212.108.64.0/20
212.108.92.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:bc:10:b7:37:24:1c:91:0e:0e:5a:91:7b:cc:64:32:6f:29:
2d:73:00:07:fa:35:0e:ad:65:9c:0c:94:a3:0a:11:87:b9:ed:
70:59:28:a0:d0:6d:0a:d7:36:52:99:01:60:ec:1d:ea:d5:6b:
de:5b:54:12:ed:a3:da:37:bc:86:39:c6:74:06:21:94:97:4d:
be:ad:09:66:67:37:92:cc:7e:f6:de:e5:20:70:d5:a4:7a:72:
cd:bf:6e:dd:08:1a:66:0b:e8:51:b7:1c:1d:0f:07:23:ce:de:
aa:78:ef:45:2f:93:0e:e7:55:f2:2d:10:e2:bf:df:33:fe:d0:
bf:d7:0c:f3:d3:29:85:bf:7e:bb:39:54:13:5c:02:91:22:60:
ba:6c:56:d3:1e:6e:47:e8:65:f8:3e:36:5c:f4:48:0f:44:1e:
33:5c:a0:fc:db:46:94:0c:b0:d0:fb:cf:77:43:dc:fc:de:24:
ee:4f:b8:e8:d0:b6:fe:75:80:61:1e:9f:37:39:74:cc:b9:a5:
bb:10:00:4a:b8:d3:4c:43:ed:4c:11:8e:a5:9e:57:de:52:e5:
b1:b3:3c:c6:b9:5d:42:68:af:10:b4:4a:5a:23:b0:0a:c4:da:
b7:83:59:2b:e4:e1:66:55:d1:e4:49:47:ac:99:e2:c0:00:20:
94:27:b7:9c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVxjDxY1MA392Un9lWC3CacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5N2E0OGNjMTNlMjAwZTJkM2YzOGFmODMzMThkMWJjYWY2
ZjYzMzEwHhcNMjMwMTAyMDgxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM1MWFmMDE0MTcwOTM3M2QwZDRjNmUzN2I5ZWE2YWQwOGFjMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNmexqz0hKbkRuRkcWv5s3ppDjMO
DnJwwKkGjX3Z3qxsAlfaDPjHVT0wr3jlWl6NTu6FbstabnX1pRoNdwykRY+Aua1m
O7185pwECYIufsxkIYQNVG62YITBXIV5owu5H1a3opmoRPNpiJYf3uLtxSiWwVgr
n1W1gV1WjJONwNY+PogI/zS6L5MzBJr4pvSae7UVRujUpNftBCtd6KEe9BkwJKra
hmYox54uVQyGwSsRO5jp5IaGCEh82AH22HpkDMegDm1/hq5lwXSLbJXric9iMZ42
g+qwOMLWXLglADVSqIE6ch7tYQE9tJ2iZK00BnStGPBM+iRhrYXNcL4nLwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFODFGvAUFwk3PQ1Mbje56mrQisCBMB8GA1UdIwQY
MBaAFHl6SMwT4gDi0/OK+DMY0byvb2MxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEt
N2Q3ZjRiNjM0ODQ5LzEvNE1VYThCUVhDVGM5RFV4dU43bnFhdENLd0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEtN2Q3ZjRiNjM0ODQ5
LzEvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFWbmAAwQF
wi4AAwQCwi6YAwQAwi6gAwQCwi6kAwQE1GxAAwQC1GxcMA0GCSqGSIb3DQEBCwUA
A4IBAQAdvBC3NyQckQ4OWpF7zGQybyktcwAH+jUOrWWcDJSjChGHue1wWSig0G0K
1zZSmQFg7B3q1WveW1QS7aPaN7yGOcZ0BiGUl02+rQlmZzeSzH723uUgcNWkenLN
v27dCBpmC+hRtxwdDwcjzt6qeO9FL5MO51XyLRDiv98z/tC/1wzz0ymFv367OVQT
XAKRImC6bFbTHm5H6GX4PjZc9EgPRB4zXKD820aUDLDQ+893Q9z83iTuT7jo0Lb+
dYBhHp83OXTMuaW7EABKuNNMQ+1MEY6lnlfeUuWxszzGuV1CaK8QtEpaI7AKxNq3
g1kr5OFmVdHkSUesmeLAACCUJ7ec
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:10 2024 by rpki-client on console-fra.rpki-client.org