Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/l4bxz8u2xdD0twWI_ILTxK1f4ME.roa
File: l4bxz8u2xdD0twWI_ILTxK1f4ME.roa (raw, json)
Hash identifier: Kl46/0HGeKFQT+imblP2cmUgc2hn14mkmWbuXk7xAds=
Subject key identifier: 97:86:F1:CF:CB:B6:C5:D0:F4:B7:05:88:FC:82:D3:C4:AD:5F:E0:C1
Certificate issuer: /CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Certificate serial: 01872325404BD1E7101A7102EE3CC3CB0B21
Authority key identifier: C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/l4bxz8u2xdD0twWI_ILTxK1f4ME.roa
Signing time: Mon 27 Mar 2023 12:57:36 +0000
ROA not before: Mon 27 Mar 2023 12:57:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42707
IP address blocks: 84.39.204.0/22 maxlen: 23
77.75.48.0/22 maxlen: 23
185.245.88.0/22 maxlen: 23
91.189.224.0/21 maxlen: 22
193.33.134.0/23 maxlen: 24
185.252.124.0/22 maxlen: 23
185.254.48.0/22 maxlen: 23
91.195.64.0/22 maxlen: 23
185.148.28.0/22 maxlen: 23
185.250.136.0/22 maxlen: 23
193.36.164.0/22 maxlen: 23
185.247.44.0/22 maxlen: 23
185.247.48.0/22 maxlen: 23
185.248.228.0/22 maxlen: 23
5.45.32.0/22 maxlen: 23
5.206.208.0/20 maxlen: 21
185.233.212.0/22 maxlen: 23
185.236.4.0/22 maxlen: 23
185.229.80.0/22 maxlen: 23
185.231.24.0/21 maxlen: 22
185.231.24.0/22 maxlen: 23
185.231.28.0/22 maxlen: 23
83.143.76.0/22 maxlen: 24
109.207.72.0/22 maxlen: 23
5.57.248.0/21 maxlen: 22
195.42.224.0/22 maxlen: 23
195.42.228.0/23 maxlen: 24
194.49.88.0/22 maxlen: 23
2a00:5140::/32 maxlen: 32
2a00:5141::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:25:40:4b:d1:e7:10:1a:71:02:ee:3c:c3:cb:0b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Validity
Not Before: Mar 27 12:57:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9786f1cfcbb6c5d0f4b70588fc82d3c4ad5fe0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c1:4a:95:80:cc:43:f2:ed:ef:ae:54:d6:dc:
18:7e:46:e9:80:2a:b9:cc:dd:60:22:bc:c2:10:3c:
59:4c:d7:23:ab:28:83:d8:b9:f9:2f:83:cd:b3:a5:
9d:c4:88:ae:31:5c:3f:22:3f:f8:6e:27:85:b6:25:
85:9d:b7:9a:ff:09:9a:76:1b:54:b8:3d:94:93:ec:
64:24:fe:64:e5:d8:e7:d9:6f:7b:69:d4:9f:be:64:
27:07:9c:35:2c:14:29:f3:0f:c2:87:96:41:44:9e:
42:e8:68:c8:d0:de:f5:12:24:1b:c4:07:ab:8b:17:
6a:ee:38:bb:85:eb:3f:c3:ab:8b:7e:e4:4e:61:f1:
1b:af:98:c2:9d:1a:23:eb:ae:a0:e9:a3:63:4a:e2:
b2:84:ec:2b:9a:7d:6f:23:99:b0:76:b6:82:28:1b:
c5:3c:1a:2e:ad:ae:44:6c:cb:87:ff:82:bc:11:00:
32:ad:53:1e:1d:9b:90:3f:4a:6a:f1:46:a9:52:6a:
48:b0:d8:e8:83:f8:1b:83:ee:48:8b:39:66:11:70:
ea:0e:a3:a9:16:bd:c2:5a:17:e7:b7:25:ea:3f:0c:
24:61:1b:78:1b:91:2d:c6:d5:83:3d:f1:2b:ae:8f:
2f:32:00:cc:07:1a:73:d1:4c:fc:49:c9:3f:59:e3:
34:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:86:F1:CF:CB:B6:C5:D0:F4:B7:05:88:FC:82:D3:C4:AD:5F:E0:C1
X509v3 Authority Key Identifier:
keyid:C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/l4bxz8u2xdD0twWI_ILTxK1f4ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/waGQUEttntnBgJaEBCWxHXsi3_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.32.0/22
5.57.248.0/21
5.206.208.0/20
77.75.48.0/22
83.143.76.0/22
84.39.204.0/22
91.189.224.0/21
91.195.64.0/22
109.207.72.0/22
185.148.28.0/22
185.229.80.0/22
185.231.24.0/21
185.233.212.0/22
185.236.4.0/22
185.245.88.0/22
185.247.44.0-185.247.51.255
185.248.228.0/22
185.250.136.0/22
185.252.124.0/22
185.254.48.0/22
193.33.134.0/23
193.36.164.0/22
194.49.88.0/22
195.42.224.0-195.42.229.255
IPv6:
2a00:5140::/31
Signature Algorithm: sha256WithRSAEncryption
ad:96:46:a0:25:aa:c7:35:c9:dc:65:0e:7b:44:82:87:21:cd:
df:8b:68:ff:92:bc:97:1d:aa:f9:95:15:1f:2f:4d:55:eb:b6:
e5:6e:7d:bd:d8:34:04:2f:60:3c:81:54:20:5d:2b:29:e0:58:
c3:57:7e:80:71:c6:4b:16:2e:48:15:49:7d:8d:cd:c4:02:f3:
c2:af:80:c5:64:df:d6:f0:31:2e:a0:ea:47:30:17:bf:4a:d4:
20:9c:e8:9d:77:14:32:47:ad:62:d8:4f:3f:b2:0d:84:2c:0c:
c2:2c:e3:c8:c4:f1:42:93:c3:b9:7c:fe:44:32:b0:1e:3f:dc:
84:83:3b:86:7d:61:13:35:a3:c2:74:d2:10:79:f0:91:eb:76:
c7:50:5a:c5:6b:78:9d:84:e9:ad:99:5e:9d:2b:55:5f:53:c1:
1c:07:a8:33:f4:5b:d3:f1:37:4c:9f:3e:88:df:ea:85:9e:4c:
f2:32:f4:74:f3:f7:22:c1:d8:07:19:fe:0e:ba:c5:20:54:f0:
7b:ba:18:ab:f0:81:e2:e8:80:c3:db:6e:bc:0d:fe:2b:b1:be:
8c:26:9e:b6:94:e9:bd:c8:34:0b:63:95:5f:bc:dd:d6:79:df:
62:5a:74:b8:8e:48:b8:19:46:27:b8:bd:b9:6a:2d:db:e3:dd:
b9:f6:cc:32
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYcjJUBL0ecQGnEC7jzDywshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYTE5MDUwNGI2ZDllZDljMTgwOTY4NDA0MjViMTFkN2Iy
MmRmZjQwHhcNMjMwMzI3MTI1NzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzg2ZjFjZmNiYjZjNWQwZjRiNzA1ODhmYzgyZDNjNGFkNWZlMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMFKlYDMQ/Lt765U1twYfkbpgCq5
zN1gIrzCEDxZTNcjqyiD2Ln5L4PNs6WdxIiuMVw/Ij/4bieFtiWFnbea/wmadhtU
uD2Uk+xkJP5k5djn2W97adSfvmQnB5w1LBQp8w/Ch5ZBRJ5C6GjI0N71EiQbxAer
ixdq7ji7hes/w6uLfuROYfEbr5jCnRoj666g6aNjSuKyhOwrmn1vI5mwdraCKBvF
PBoura5EbMuH/4K8EQAyrVMeHZuQP0pq8UapUmpIsNjog/gbg+5IizlmEXDqDqOp
Fr3CWhfntyXqPwwkYRt4G5EtxtWDPfErro8vMgDMBxpz0Uz8Sck/WeM0nQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFJeG8c/LtsXQ9LcFiPyC08StX+DBMB8GA1UdIwQY
MBaAFMGhkFBLbZ7ZwYCWhAQlsR17It/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYt
MGI4MzhhNTk5NjYyLzEvbDRieHo4dTJ4ZEQwdHdXSV9JTFR4SzFmNE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYtMGI4MzhhNTk5NjYy
LzEvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBpwQCAAEwgaADBAIF
LSADBAMFOfgDBAQFztADBAJNSzADBAJTj0wDBAJUJ8wDBANbveADBAJbw0ADBAJt
z0gDBAK5lBwDBAK55VADBAO55xgDBAK56dQDBAK57AQDBAK59VgwDAMEArn3LAME
Arn3MAMEArn45AMEArn6iAMEArn8fAMEArn+MAMEAcEhhgMEAsEkpAMEAsIxWDAM
AwQFwyrgAwQBwyrkMA0EAgACMAcDBQEqAFFAMA0GCSqGSIb3DQEBCwUAA4IBAQCt
lkagJarHNcncZQ57RIKHIc3fi2j/kryXHar5lRUfL01V67blbn292DQEL2A8gVQg
XSsp4FjDV36AccZLFi5IFUl9jc3EAvPCr4DFZN/W8DEuoOpHMBe/StQgnOiddxQy
R61i2E8/sg2ELAzCLOPIxPFCk8O5fP5EMrAeP9yEgzuGfWETNaPCdNIQefCR63bH
UFrFa3idhOmtmV6dK1VfU8EcB6gz9FvT8TdMnz6I3+qFnkzyMvR08/ciwdgHGf4O
usUgVPB7uhir8IHi6IDD2268Df4rsb6MJp62lOm9yDQLY5VfvN3Wed9iWnS4jki4
GUYnuL25ai3b49259swy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:40 2024 by rpki-client on console-fra.rpki-client.org