Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4KayAgAExgnTzW96LpJGGQri-s4.roa
File: 4KayAgAExgnTzW96LpJGGQri-s4.roa (raw, json)
Hash identifier: bQEEAUUWXiHUlTybVKLYrjkFmQfU8/pIG7aOXp019UM=
Subject key identifier: E0:A6:B2:02:00:04:C6:09:D3:CD:6F:7A:2E:92:46:19:0A:E2:FA:CE
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0191275B60F376DB04E7795F1CE3C75473FA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4KayAgAExgnTzW96LpJGGQri-s4.roa
Signing time: Tue 06 Aug 2024 11:03:05 +0000
ROA not before: Tue 06 Aug 2024 11:03:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 176.125.248.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 17:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:5b:60:f3:76:db:04:e7:79:5f:1c:e3:c7:54:73:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 6 11:03:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0a6b2020004c609d3cd6f7a2e9246190ae2face
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2a:28:88:21:4b:f9:e5:13:23:74:3b:f1:4e:
e6:13:9e:b8:c9:8c:04:e5:32:9d:d7:fc:a0:12:98:
dc:64:02:4c:76:50:2a:e9:de:c2:4d:65:9a:91:b5:
d8:34:54:d0:41:1b:cb:17:27:a5:e8:2c:e3:f0:93:
7d:8b:e8:f2:75:02:33:59:21:a7:c7:6a:ee:e5:95:
d6:6a:65:dc:85:c8:1a:4d:8f:42:70:9b:13:b8:61:
34:71:fd:ee:e5:65:67:43:85:ed:19:75:59:a2:4a:
7e:7f:30:9e:98:70:37:f6:1a:10:bd:9b:75:a1:8e:
fe:a0:f7:8b:5b:b2:fe:c4:59:58:90:12:c9:b3:0c:
37:bd:9f:38:ad:22:ea:64:c4:45:22:0c:0b:54:d5:
19:f8:3a:e4:ec:42:4b:dd:16:be:1e:ff:73:cb:fc:
fb:0c:ea:1f:da:f9:51:70:36:c8:7d:96:96:06:36:
08:83:e3:2f:08:62:e4:30:2d:51:1c:a9:19:7a:86:
a5:0f:c5:21:8f:35:d4:be:af:d7:0d:73:e4:22:09:
73:36:8a:a0:94:27:5e:2a:55:4d:ce:48:c7:e7:71:
01:b9:c0:23:da:1d:5c:1b:bc:5c:20:1f:ff:2c:d4:
d4:27:d5:19:7b:fd:96:e0:40:a0:30:90:23:90:2d:
41:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A6:B2:02:00:04:C6:09:D3:CD:6F:7A:2E:92:46:19:0A:E2:FA:CE
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4KayAgAExgnTzW96LpJGGQri-s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.214.102.0/24
185.218.20.0/24
185.225.0.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
99:8f:c7:7d:d5:03:20:2b:55:24:ba:d7:a6:85:1e:3e:bd:47:
4a:d9:61:2d:f0:1c:07:cb:39:a8:8c:0b:ba:70:df:2b:5b:b1:
ad:52:2e:c5:42:41:9b:3a:21:0a:ce:7c:99:3c:09:82:8b:3b:
72:64:38:58:d3:7f:ef:07:04:d1:08:e6:e3:61:e2:62:04:51:
7f:bf:7c:58:2c:16:3b:5d:18:52:ca:90:9e:44:08:f9:09:fa:
21:53:dc:3d:7f:95:08:57:e9:01:93:ec:bf:28:4e:41:2e:e5:
1b:6c:7c:52:8e:44:04:06:a6:8e:61:c1:02:1e:c2:92:89:1c:
9d:0c:69:3b:22:fc:dd:6c:58:f8:a1:43:23:55:aa:9a:05:c4:
0b:6d:07:db:3e:30:46:45:59:7c:93:bb:72:88:27:37:77:f0:
17:d3:9b:9e:bf:c3:40:1e:6c:c3:b1:44:b5:c6:30:2d:90:bd:
12:44:05:cb:8f:7d:db:db:5d:54:9d:31:98:5a:d1:79:fd:ae:
55:71:68:7b:ee:a8:65:5c:cb:47:61:24:9e:86:ed:27:b3:45:
5b:15:9d:9f:e5:db:58:c1:2f:b2:b6:4d:f3:68:d1:aa:92:85:
5a:61:69:f9:b6:77:fc:b6:49:b0:1e:fa:12:47:2e:ab:00:00:
12:07:b3:4e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZEnW2DzdtsE53lfHOPHVHP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwODA2MTEwMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGE2YjIwMjAwMDRjNjA5ZDNjZDZmN2EyZTkyNDYxOTBhZTJmYWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyooiCFL+eUTI3Q78U7mE564yYwE
5TKd1/ygEpjcZAJMdlAq6d7CTWWakbXYNFTQQRvLFyel6Czj8JN9i+jydQIzWSGn
x2ru5ZXWamXchcgaTY9CcJsTuGE0cf3u5WVnQ4XtGXVZokp+fzCemHA39hoQvZt1
oY7+oPeLW7L+xFlYkBLJsww3vZ84rSLqZMRFIgwLVNUZ+Drk7EJL3Ra+Hv9zy/z7
DOof2vlRcDbIfZaWBjYIg+MvCGLkMC1RHKkZeoalD8UhjzXUvq/XDXPkIglzNoqg
lCdeKlVNzkjH53EBucAj2h1cG7xcIB//LNTUJ9UZe/2W4ECgMJAjkC1BnQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOCmsgIABMYJ081vei6SRhkK4vrOMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNEtheUFnQUV4Z25Uelc5NkxwSkdHUXJpLXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAsH34AwQA
udLoAwQAudZmAwQAudoUAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQCZ
j8d91QMgK1UkutemhR4+vUdK2WEt8BwHyzmojAu6cN8rW7GtUi7FQkGbOiEKznyZ
PAmCiztyZDhY03/vBwTRCObjYeJiBFF/v3xYLBY7XRhSypCeRAj5CfohU9w9f5UI
V+kBk+y/KE5BLuUbbHxSjkQEBqaOYcECHsKSiRydDGk7IvzdbFj4oUMjVaqaBcQL
bQfbPjBGRVl8k7tyiCc3d/AX05uev8NAHmzDsUS1xjAtkL0SRAXLj33b211UnTGY
WtF5/a5VcWh77qhlXMtHYSSehu0ns0VbFZ2f5dtYwS+ytk3zaNGqkoVaYWn5tnf8
tkmwHvoSRy6rAAASB7NO
-----END CERTIFICATE-----
Generated at Fri Aug 30 19:52:41 2024 by rpki-client on console-ams.rpki-client.org