Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/S4DlGqJOvrR5tNKBrvMiJ4bXliQ.roa
File: S4DlGqJOvrR5tNKBrvMiJ4bXliQ.roa (raw, json)
Hash identifier: yOVLZn0GwynXfEophyfOOGKo2qzVnvf1DVSajdvnU2Q=
Subject key identifier: 4B:80:E5:1A:A2:4E:BE:B4:79:B4:D2:81:AE:F3:22:27:86:D7:96:24
Certificate issuer: /CN=92319bcd9b09a984b070e2ef588ffcfa8b73c8a2
Certificate serial: 01872F059BD52FF11393A4A570742677D137
Authority key identifier: 92:31:9B:CD:9B:09:A9:84:B0:70:E2:EF:58:8F:FC:FA:8B:73:C8:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjGbzZsJqYSwcOLvWI_8-otzyKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/S4DlGqJOvrR5tNKBrvMiJ4bXliQ.roa
Signing time: Wed 29 Mar 2023 20:18:29 +0000
ROA not before: Wed 29 Mar 2023 20:18:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62597
IP address blocks: 185.103.34.0/24 maxlen: 24
185.103.33.0/24 maxlen: 24
185.103.32.0/22 maxlen: 24
2a00:edc0:1f0::/44 maxlen: 44
2a00:edc0:100::/44 maxlen: 48
2a00:edc0:1003::/48 maxlen: 48
2a00:edc0:1001::/48 maxlen: 48
2a00:edc0:1002::/48 maxlen: 48
2a00:edc0:1005::/48 maxlen: 48
2a00:edc0::/32 maxlen: 32
2a00:edc0:1010::/48 maxlen: 48
2a00:edc0:1000::/48 maxlen: 48
2a00:edc0:6259::/48 maxlen: 48
2a00:edc0:1004::/48 maxlen: 48
2a00:edc0:10f::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2f:05:9b:d5:2f:f1:13:93:a4:a5:70:74:26:77:d1:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92319bcd9b09a984b070e2ef588ffcfa8b73c8a2
Validity
Not Before: Mar 29 20:18:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b80e51aa24ebeb479b4d281aef3222786d79624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:95:a5:e0:41:3a:c7:0a:ff:e2:de:a5:58:d8:
fb:03:5c:15:bd:51:22:ca:5d:ff:09:6d:b3:99:a3:
11:8c:46:a2:f7:30:f4:1f:d8:a3:c7:db:59:18:fd:
76:19:9e:27:b2:7e:9c:df:3f:a8:80:56:9e:fa:f9:
fb:30:43:d5:0c:2a:9d:96:d2:ad:d5:31:ca:9b:99:
56:0f:d8:03:89:b8:fc:00:b6:5e:5f:ee:22:7f:58:
09:1a:ec:f7:b8:3e:14:42:fa:cb:f7:12:c5:70:f1:
ff:62:f8:26:c0:08:94:40:ed:9f:a3:5f:9c:a8:c4:
b9:2f:21:45:1c:96:31:02:50:2f:38:64:82:03:43:
06:30:b4:68:09:4b:aa:ee:e3:8d:c2:21:78:63:42:
b6:6a:df:16:ff:2d:b7:71:39:cb:b1:b1:a1:86:1d:
c3:02:fb:95:c2:d9:ec:c1:70:5b:b7:12:9b:92:4f:
64:e4:31:59:ae:7e:48:eb:46:f5:49:c2:7b:fe:32:
a8:e4:ea:28:64:0a:79:f4:5c:6d:47:bd:aa:ab:0a:
ac:1f:a1:a9:40:15:24:64:f9:96:b9:8c:e4:e7:11:
ad:31:a8:8e:de:47:c7:c2:78:28:ec:b6:42:13:9c:
c8:22:5d:c0:0d:68:f6:8e:be:ac:c2:68:dd:09:cc:
23:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:80:E5:1A:A2:4E:BE:B4:79:B4:D2:81:AE:F3:22:27:86:D7:96:24
X509v3 Authority Key Identifier:
keyid:92:31:9B:CD:9B:09:A9:84:B0:70:E2:EF:58:8F:FC:FA:8B:73:C8:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjGbzZsJqYSwcOLvWI_8-otzyKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/S4DlGqJOvrR5tNKBrvMiJ4bXliQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/kjGbzZsJqYSwcOLvWI_8-otzyKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.32.0/22
IPv6:
2a00:edc0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:a7:56:a6:5f:4c:16:2b:5f:43:42:da:d5:f3:2a:10:dc:cf:
54:25:81:89:9e:d5:ef:51:3e:bc:26:b7:e7:ff:be:85:28:cb:
a4:0b:a7:e7:8e:0b:6d:18:ab:df:81:20:8b:39:22:dd:7c:71:
c5:5a:31:03:29:3a:13:b8:11:8a:18:bd:eb:61:4e:94:3e:34:
c7:05:da:20:ec:60:e5:d9:6f:6c:cf:3d:0a:04:07:c1:85:df:
15:13:aa:f1:f9:f4:3b:1a:18:38:fe:2e:94:a5:85:9d:4b:c7:
17:98:b6:58:74:5d:3c:bc:fa:f0:78:ce:f8:fd:1d:96:fb:77:
fa:69:df:80:0b:11:1c:e6:11:c4:2f:20:40:ab:cc:70:19:95:
3a:4f:c4:10:5b:72:ed:b8:73:54:2b:ae:d2:62:21:1f:e4:a1:
2a:88:8c:ae:0b:35:80:4e:de:5e:6f:97:e9:86:8b:e9:e9:d8:
2f:c3:4d:39:9f:7f:df:ac:1c:46:8c:9b:60:8d:82:ee:e9:45:
6d:5f:03:f1:35:db:b9:fa:63:e1:0f:b2:ea:bc:32:75:85:d2:
fa:05:57:d5:13:03:39:e4:58:eb:4f:db:cc:d1:fd:6c:04:f0:
e1:09:67:86:66:e2:4a:f1:aa:9b:d2:f4:58:3c:17:46:ec:7f:
f1:ed:c4:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcvBZvVL/ETk6SlcHQmd9E3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzE5YmNkOWIwOWE5ODRiMDcwZTJlZjU4OGZmY2ZhOGI3
M2M4YTIwHhcNMjMwMzI5MjAxODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjgwZTUxYWEyNGViZWI0NzliNGQyODFhZWYzMjIyNzg2ZDc5NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJWl4EE6xwr/4t6lWNj7A1wVvVEi
yl3/CW2zmaMRjEai9zD0H9ijx9tZGP12GZ4nsn6c3z+ogFae+vn7MEPVDCqdltKt
1THKm5lWD9gDibj8ALZeX+4if1gJGuz3uD4UQvrL9xLFcPH/YvgmwAiUQO2fo1+c
qMS5LyFFHJYxAlAvOGSCA0MGMLRoCUuq7uONwiF4Y0K2at8W/y23cTnLsbGhhh3D
AvuVwtnswXBbtxKbkk9k5DFZrn5I60b1ScJ7/jKo5OooZAp59FxtR72qqwqsH6Gp
QBUkZPmWuYzk5xGtMaiO3kfHwngo7LZCE5zIIl3ADWj2jr6swmjdCcwj7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEuA5RqiTr60ebTSga7zIieG15YkMB8GA1UdIwQY
MBaAFJIxm82bCamEsHDi71iP/PqLc8iiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pHYnpac0pxWVN3Y09MdldJXzgtb3R6eUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9iMmIyYzYtMzVlZS00MmY1LWEyNjgt
Y2RiZWJiYzY1MmRlLzEvUzREbEdxSk92clI1dE5LQnJ2TWlKNGJYbGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9iMmIyYzYtMzVlZS00MmY1LWEyNjgtY2RiZWJiYzY1MmRl
LzEva2pHYnpac0pxWVN3Y09MdldJXzgtb3R6eUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWcgMA0E
AgACMAcDBQAqAO3AMA0GCSqGSIb3DQEBCwUAA4IBAQBup1amX0wWK19DQtrV8yoQ
3M9UJYGJntXvUT68Jrfn/76FKMukC6fnjgttGKvfgSCLOSLdfHHFWjEDKToTuBGK
GL3rYU6UPjTHBdog7GDl2W9szz0KBAfBhd8VE6rx+fQ7Ghg4/i6UpYWdS8cXmLZY
dF08vPrweM74/R2W+3f6ad+ACxEc5hHELyBAq8xwGZU6T8QQW3LtuHNUK67SYiEf
5KEqiIyuCzWATt5eb5fphovp6dgvw005n3/frBxGjJtgjYLu6UVtXwPxNdu5+mPh
D7LqvDJ1hdL6BVfVEwM55FjrT9vM0f1sBPDhCWeGZuJK8aqb0vRYPBdG7H/x7cRL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:22 2024 by rpki-client on console-ams.rpki-client.org