Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4IRsIPM9wyGDipENWyOokZlOA1k.roa
File: 4IRsIPM9wyGDipENWyOokZlOA1k.roa (raw, json)
Hash identifier: k6hSX5YU+6WVPDAPq+vh4GMfFRriPuirQEUEzLomb2k=
Subject key identifier: E0:84:6C:20:F3:3D:C3:21:83:8A:91:0D:5B:23:A8:91:99:4E:03:59
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C5405DC4A10D66C3303EB048A492328
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4IRsIPM9wyGDipENWyOokZlOA1k.roa
Signing time: Sun 01 Jan 2023 07:55:23 +0000
ROA not before: Sun 01 Jan 2023 07:55:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134526
IP address blocks: 188.116.18.0/24 maxlen: 32
45.138.109.0/24 maxlen: 32
185.236.80.0/24 maxlen: 32
194.49.108.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:05:dc:4a:10:d6:6c:33:03:eb:04:8a:49:23:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0846c20f33dc321838a910d5b23a891994e0359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a4:31:f4:b4:02:98:9f:ef:54:da:18:ed:af:
32:cf:67:28:75:2a:13:98:b5:a5:79:a1:8b:31:00:
eb:8f:06:21:89:e4:db:d7:79:ec:3f:55:18:5e:70:
bf:4a:68:75:37:39:75:8f:14:e3:f9:1a:4b:a2:5b:
49:9f:e5:94:8f:c1:d6:72:4c:b0:ee:85:cc:e1:88:
50:29:70:09:ad:6b:57:5b:2b:d2:ce:c8:b0:85:c6:
42:ca:b4:a8:13:5a:65:5c:7f:79:67:b7:56:2a:39:
b5:66:3b:e5:71:c7:ea:0f:4f:dd:ac:75:b2:f1:55:
84:ea:ca:b8:bc:eb:dd:a6:ec:f3:e2:6c:25:ae:83:
ee:43:20:4d:4b:9a:d9:3d:f6:54:45:7a:57:d4:c2:
3f:c0:89:33:7d:4f:5f:b7:2f:4c:1e:59:ec:ef:79:
b8:de:b0:55:02:7c:2d:12:e2:ce:7a:f5:8d:16:33:
45:a3:db:41:93:8b:c2:ab:c4:8b:c7:ca:30:6a:62:
86:23:d4:6b:24:46:bd:08:e8:69:48:41:a0:c3:4f:
97:8d:06:1d:c4:e2:6e:0d:e5:66:8e:4b:06:ce:f2:
b8:eb:14:28:aa:54:bc:89:45:f5:b3:73:62:42:c0:
ea:4c:85:35:ed:4e:18:62:ba:c3:e3:5e:97:c7:38:
53:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:84:6C:20:F3:3D:C3:21:83:8A:91:0D:5B:23:A8:91:99:4E:03:59
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4IRsIPM9wyGDipENWyOokZlOA1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.109.0/24
185.236.80.0/24
188.116.18.0/24
194.49.108.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ec:4a:f9:a4:2c:f7:73:35:18:41:76:2c:3b:9b:72:2e:d3:
9d:64:0f:be:ca:41:60:7a:a3:1a:38:a6:32:01:ed:6d:e3:52:
6c:54:32:a6:75:0a:c2:ed:65:d7:2b:52:a4:b3:26:91:f5:81:
0d:54:9a:86:e3:b0:a9:51:9b:84:fb:ab:11:e9:82:38:e9:22:
dd:52:df:0d:86:e4:2c:b5:5c:ef:b7:ad:99:7b:4e:55:8c:1a:
d9:6d:fb:25:37:e8:73:73:15:19:31:fe:b7:dd:de:55:5d:72:
06:5a:56:96:71:55:e3:1e:71:25:79:52:a2:1f:78:c7:93:6c:
be:94:93:a5:61:a0:f4:26:86:2f:16:bc:d8:78:ef:49:e9:91:
72:10:57:b6:eb:3b:5a:72:48:a1:39:0c:ac:07:49:20:97:f0:
f2:7b:2d:a4:6f:9e:86:0e:67:d9:eb:83:92:06:eb:7d:a8:73:
68:a0:fb:6d:72:67:f5:e4:31:47:0d:d3:82:fc:b6:f9:1e:9f:
37:e9:d9:ea:3b:2b:87:96:24:27:21:24:f4:80:49:9d:bb:fe:
5b:b8:6d:44:5a:eb:a9:8b:83:88:ab:ff:66:b8:34:d2:06:bc:
9c:8a:9c:36:38:b2:c6:67:3a:55:3d:67:6d:41:45:99:5a:ac:
37:5a:ab:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsVAXcShDWbDMD6wSKSSMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDg0NmMyMGYzM2RjMzIxODM4YTkxMGQ1YjIzYTg5MTk5NGUwMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6Qx9LQCmJ/vVNoY7a8yz2codSoT
mLWleaGLMQDrjwYhieTb13nsP1UYXnC/Smh1Nzl1jxTj+RpLoltJn+WUj8HWckyw
7oXM4YhQKXAJrWtXWyvSzsiwhcZCyrSoE1plXH95Z7dWKjm1ZjvlccfqD0/drHWy
8VWE6sq4vOvdpuzz4mwlroPuQyBNS5rZPfZURXpX1MI/wIkzfU9fty9MHlns73m4
3rBVAnwtEuLOevWNFjNFo9tBk4vCq8SLx8owamKGI9RrJEa9COhpSEGgw0+XjQYd
xOJuDeVmjksGzvK46xQoqlS8iUX1s3NiQsDqTIU17U4YYrrD416XxzhT7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOCEbCDzPcMhg4qRDVsjqJGZTgNZMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNElSc0lQTTl3eUdEaXBFTld5T29rWmxPQTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYptAwQA
uexQAwQAvHQSAwQAwjFsMA0GCSqGSIb3DQEBCwUAA4IBAQAm7Er5pCz3czUYQXYs
O5tyLtOdZA++ykFgeqMaOKYyAe1t41JsVDKmdQrC7WXXK1KksyaR9YENVJqG47Cp
UZuE+6sR6YI46SLdUt8NhuQstVzvt62Ze05VjBrZbfslN+hzcxUZMf633d5VXXIG
WlaWcVXjHnEleVKiH3jHk2y+lJOlYaD0JoYvFrzYeO9J6ZFyEFe26ztackihOQys
B0kgl/Dyey2kb56GDmfZ64OSBut9qHNooPttcmf15DFHDdOC/Lb5Hp836dnqOyuH
liQnIST0gEmdu/5buG1EWuupi4OIq/9muDTSBrycipw2OLLGZzpVPWdtQUWZWqw3
Wqsv
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org