Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/4CTHZhDCkHrKYGs49LT0mxzGeYM.roa
File: 4CTHZhDCkHrKYGs49LT0mxzGeYM.roa (raw, json)
Hash identifier: 7U6HuIy9ODz/ItuWvezYm2cHfBhwbI1j/ZgSHX6yw/c=
Subject key identifier: E0:24:C7:66:10:C2:90:7A:CA:60:6B:38:F4:B4:F4:9B:1C:C6:79:83
Certificate issuer: /CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Certificate serial: 01856F9DE9996305859500D7A13ABFEB7000
Authority key identifier: 63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/4CTHZhDCkHrKYGs49LT0mxzGeYM.roa
Signing time: Sun 01 Jan 2023 23:14:57 +0000
ROA not before: Sun 01 Jan 2023 23:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202208
IP address blocks: 193.111.226.0/24 maxlen: 24
193.111.229.0/24 maxlen: 24
193.111.168.0/24 maxlen: 24
193.111.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:e9:99:63:05:85:95:00:d7:a1:3a:bf:eb:70:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b
Validity
Not Before: Jan 1 23:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e024c76610c2907aca606b38f4b4f49b1cc67983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:08:07:ee:a8:76:9a:8a:3f:e7:7b:3f:9c:aa:
41:a5:19:ed:3c:2a:90:ba:b7:6e:3a:f8:26:c0:53:
dc:6f:94:5f:19:41:74:82:ae:99:52:ce:0f:a5:30:
10:dd:c9:8b:aa:58:f9:40:bc:95:f3:21:99:45:48:
8e:b5:51:47:ab:3b:ce:5f:2e:17:e2:9b:4d:86:d6:
25:61:ce:f7:cf:ed:e9:05:e8:2f:d2:cf:a3:fa:c7:
d4:b1:a7:42:c7:6b:20:e7:d7:d0:52:c7:de:01:24:
84:45:a5:3c:1d:68:46:bf:c4:ec:e7:cb:1d:32:79:
44:e3:29:b7:d6:ec:2b:1f:f8:25:26:5b:1e:b4:ad:
23:10:37:62:23:ce:c5:3e:99:07:1e:60:ba:5f:35:
82:4d:a6:21:60:a3:f3:38:b5:3d:86:c6:ad:34:01:
22:a8:f8:39:d4:9e:a1:9a:24:a8:49:3a:f3:5e:a5:
0c:98:26:de:2c:cc:ca:bd:ac:9c:4b:4f:58:68:81:
b2:4b:f6:ae:df:75:0b:5b:eb:6c:ba:5d:82:fa:97:
ea:b5:8e:7c:6c:90:30:db:9a:c5:fb:06:d2:39:5c:
55:9b:ae:a0:cc:b1:54:b0:23:75:9c:af:e9:46:17:
53:19:b1:9a:f7:93:e0:e4:b2:77:d6:f5:fa:76:49:
52:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:24:C7:66:10:C2:90:7A:CA:60:6B:38:F4:B4:F4:9B:1C:C6:79:83
X509v3 Authority Key Identifier:
keyid:63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/4CTHZhDCkHrKYGs49LT0mxzGeYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.168.0/24
193.111.174.0/24
193.111.226.0/24
193.111.229.0/24
Signature Algorithm: sha256WithRSAEncryption
e2:d1:ec:21:c2:a4:f9:ed:ae:79:3f:73:bb:d9:ac:f2:b6:2d:
1e:e0:66:25:6f:fc:03:4c:cb:b3:74:b0:71:41:4f:4e:91:25:
b5:34:07:fc:c4:2e:9c:34:c1:fb:49:16:74:cb:f6:66:80:26:
dd:13:b4:f6:0a:3a:ac:c6:3b:6e:61:51:a3:56:f6:05:ca:ff:
d3:0a:8e:22:9b:6f:cc:01:0a:56:45:99:92:6b:7f:9f:e0:0f:
cc:12:76:4b:1f:0b:66:e2:57:85:5d:be:e4:0c:05:58:77:ef:
f4:de:8c:4e:29:26:8b:17:d4:06:1b:7f:cf:97:cd:08:e9:89:
24:5c:05:f3:6d:5f:ed:39:5f:82:60:4a:3b:64:ab:6a:d5:80:
e9:50:08:c1:a2:11:99:86:66:82:f8:e7:6b:11:65:5f:05:b4:
32:dc:de:c7:2f:b3:0c:43:88:19:33:04:15:23:e7:0a:f9:48:
9b:22:be:49:c8:52:79:f1:3e:48:11:45:6d:13:c5:34:b0:72:
03:2d:d5:be:2d:c8:b4:22:41:4f:b2:07:fd:7e:22:46:3f:54:
23:c8:fe:1a:6c:62:39:f5:15:69:a9:a1:ee:d9:63:4d:a6:0a:
82:a0:11:90:4b:a3:a0:9b:3e:42:23:92:b7:d5:ad:0a:aa:1d:
39:db:ff:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvnemZYwWFlQDXoTq/63AAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzM2I2ODk1ZmU0OTkzMzk3YjY2MjMyYmIwYTJkM2UzYzYy
NWNjMWIwHhcNMjMwMTAxMjMxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI0Yzc2NjEwYzI5MDdhY2E2MDZiMzhmNGI0ZjQ5YjFjYzY3OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAgH7qh2moo/53s/nKpBpRntPCqQ
urduOvgmwFPcb5RfGUF0gq6ZUs4PpTAQ3cmLqlj5QLyV8yGZRUiOtVFHqzvOXy4X
4ptNhtYlYc73z+3pBegv0s+j+sfUsadCx2sg59fQUsfeASSERaU8HWhGv8Ts58sd
MnlE4ym31uwrH/glJlsetK0jEDdiI87FPpkHHmC6XzWCTaYhYKPzOLU9hsatNAEi
qPg51J6hmiSoSTrzXqUMmCbeLMzKvaycS09YaIGyS/au33ULW+tsul2C+pfqtY58
bJAw25rF+wbSOVxVm66gzLFUsCN1nK/pRhdTGbGa95Pg5LJ31vX6dklSbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOAkx2YQwpB6ymBrOPS09JscxnmDMB8GA1UdIwQY
MBaAFGM7aJX+SZM5e2YjK7Ci0+PGJcwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUt
NzBiODg3MWI4ZTIwLzEvNENUSFpoRENrSHJLWUdzNDlMVDBteHpHZVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUtNzBiODg3MWI4ZTIw
LzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwW+oAwQA
wW+uAwQAwW/iAwQAwW/lMA0GCSqGSIb3DQEBCwUAA4IBAQDi0ewhwqT57a55P3O7
2azyti0e4GYlb/wDTMuzdLBxQU9OkSW1NAf8xC6cNMH7SRZ0y/ZmgCbdE7T2Cjqs
xjtuYVGjVvYFyv/TCo4im2/MAQpWRZmSa3+f4A/MEnZLHwtm4leFXb7kDAVYd+/0
3oxOKSaLF9QGG3/Pl80I6YkkXAXzbV/tOV+CYEo7ZKtq1YDpUAjBohGZhmaC+Odr
EWVfBbQy3N7HL7MMQ4gZMwQVI+cK+UibIr5JyFJ58T5IEUVtE8U0sHIDLdW+Lci0
IkFPsgf9fiJGP1QjyP4abGI59RVpqaHu2WNNpgqCoBGQS6Ogmz5CI5K31a0Kqh05
2/8G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org