Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/4BZRPAcjbKmzIdxdYQxaUgNZUG4.roa
File: 4BZRPAcjbKmzIdxdYQxaUgNZUG4.roa (raw, json)
Hash identifier: hnE1E66844mqWIF61x4kJxcvwYhKL4SWAFV4o0BetiU=
Subject key identifier: E0:16:51:3C:07:23:6C:A9:B3:21:DC:5D:61:0C:5A:52:03:59:50:6E
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 01942067FF0734A047D5AC20F3F2676AB8DF
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/4BZRPAcjbKmzIdxdYQxaUgNZUG4.roa
Signing time: Wed 01 Jan 2025 05:47:53 +0000
ROA not before: Wed 01 Jan 2025 05:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8426
IP address blocks: 31.3.136.0/21 maxlen: 21
46.18.128.0/21 maxlen: 21
62.240.224.0/19 maxlen: 19
79.99.32.0/21 maxlen: 21
89.185.32.0/19 maxlen: 19
91.208.181.0/24 maxlen: 24
94.198.144.0/21 maxlen: 21
95.131.136.0/21 maxlen: 24
146.185.40.0/21 maxlen: 24
185.7.36.0/22 maxlen: 24
185.29.40.0/22 maxlen: 22
185.88.104.0/22 maxlen: 22
185.93.36.0/22 maxlen: 22
194.146.172.0/22 maxlen: 22
212.43.192.0/18 maxlen: 18
2001:a70::/32 maxlen: 32
2a01:4580::/29 maxlen: 29
2a02:1f8::/32 maxlen: 32
2a02:c70::/32 maxlen: 32
2a02:2328::/32 maxlen: 32
2a03:7300::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Feb 2025 10:19:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ff:07:34:a0:47:d5:ac:20:f3:f2:67:6a:b8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Jan 1 05:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e016513c07236ca9b321dc5d610c5a520359506e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:04:c3:21:c1:24:0e:f1:9c:fa:c5:2f:86:58:
4a:f8:92:f7:f1:a8:8a:44:53:0c:c2:58:c0:f9:64:
ef:85:97:4e:e1:06:c3:1a:f2:e0:7f:fc:84:a8:7a:
65:ed:dd:a8:cd:ab:fe:a0:9e:95:23:67:57:e6:f6:
b7:1b:13:4b:1a:c7:9f:5e:2d:b9:65:e3:20:d8:13:
65:03:06:a9:c6:01:b5:a5:2f:9c:e5:1d:13:8d:46:
4d:38:fa:0f:a9:59:48:d8:8d:d9:b2:2d:4f:0f:18:
ea:c9:7e:24:60:19:7b:48:d1:ad:29:39:f1:3e:3a:
dd:da:f3:67:ce:a7:55:16:fe:68:0c:c6:17:0b:1e:
f9:7d:ec:7e:7c:13:c6:f5:dd:47:5e:93:5d:bd:b3:
c8:96:6d:b3:40:61:84:b8:2f:8a:62:aa:01:8a:f3:
0b:e4:40:c9:15:f6:4a:9c:8d:85:d3:61:3a:7d:2d:
49:82:20:94:47:b0:2c:f6:a1:5a:3a:7c:ae:45:ea:
ff:20:22:47:e9:82:eb:61:f3:03:68:86:31:ca:de:
78:86:af:39:a5:4f:c6:4c:f8:0c:6c:4f:fd:07:b6:
5e:a4:f0:b3:22:2b:5d:b0:ea:62:5b:9b:d7:94:7e:
5f:ff:3d:ab:a8:60:94:92:46:d6:b8:61:b6:60:e1:
21:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:16:51:3C:07:23:6C:A9:B3:21:DC:5D:61:0C:5A:52:03:59:50:6E
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/4BZRPAcjbKmzIdxdYQxaUgNZUG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.136.0/21
46.18.128.0/21
62.240.224.0/19
79.99.32.0/21
89.185.32.0/19
91.208.181.0/24
94.198.144.0/21
95.131.136.0/21
146.185.40.0/21
185.7.36.0/22
185.29.40.0/22
185.88.104.0/22
185.93.36.0/22
194.146.172.0/22
212.43.192.0/18
IPv6:
2001:a70::/32
2a01:4580::/29
2a02:1f8::/32
2a02:c70::/32
2a02:2328::/32
2a03:7300::/32
Signature Algorithm: sha256WithRSAEncryption
5a:3c:ca:af:1b:54:3e:ce:6c:a4:c2:d7:0e:7a:d8:c2:56:27:
b1:33:58:3a:28:98:ad:68:50:04:7e:86:70:1b:b2:da:29:0e:
44:a7:ab:00:31:0a:31:aa:de:48:8d:a9:43:e9:e5:bb:62:cd:
83:23:80:e8:11:08:a3:0c:f6:33:b1:4a:c2:a2:3e:64:14:e9:
02:2c:9e:14:18:af:f3:fe:13:7b:83:1d:ef:fa:0e:58:9d:71:
98:f7:2d:f2:73:6f:fb:7b:5f:8e:05:51:e1:6f:8f:59:53:37:
bd:9d:c2:87:42:43:a3:fa:d2:2b:10:26:59:e0:e3:5f:7d:b4:
ba:9b:ad:b0:a5:07:e0:fd:43:fc:9a:6e:5b:ca:c6:e7:7d:b1:
a2:45:6b:bd:1c:a2:83:b0:b6:64:cf:f6:eb:71:5e:30:31:eb:
da:e7:ef:d0:8f:60:2e:f2:9b:13:d9:1b:17:81:41:06:80:6c:
33:7f:65:c5:fa:84:6f:dd:ea:0d:f6:ec:0e:be:71:d7:67:21:
e9:17:96:a1:eb:ea:e5:b0:04:c4:8e:39:dc:d4:73:5f:8d:cd:
94:c7:bd:94:1e:b7:b6:f2:96:60:ca:d6:64:14:2e:e5:1c:d4:
90:4b:f4:fe:d4:70:6d:5d:7a:ca:37:ed:01:1c:b5:61:22:0b:
cc:a7:f5:12
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZQgZ/8HNKBH1awg8/JnarjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjUwMTAxMDU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDE2NTEzYzA3MjM2Y2E5YjMyMWRjNWQ2MTBjNWE1MjAzNTk1MDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQTDIcEkDvGc+sUvhlhK+JL38aiK
RFMMwljA+WTvhZdO4QbDGvLgf/yEqHpl7d2ozav+oJ6VI2dX5va3GxNLGsefXi25
ZeMg2BNlAwapxgG1pS+c5R0TjUZNOPoPqVlI2I3Zsi1PDxjqyX4kYBl7SNGtKTnx
Pjrd2vNnzqdVFv5oDMYXCx75fex+fBPG9d1HXpNdvbPIlm2zQGGEuC+KYqoBivML
5EDJFfZKnI2F02E6fS1JgiCUR7As9qFaOnyuRer/ICJH6YLrYfMDaIYxyt54hq85
pU/GTPgMbE/9B7ZepPCzIitdsOpiW5vXlH5f/z2rqGCUkkbWuGG2YOEhEQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFOAWUTwHI2ypsyHcXWEMWlIDWVBuMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvNEJaUlBBY2piS216SWR4ZFlReGFVZ05aVUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDBgBAIAATBaAwQDHwOI
AwQDLhKAAwQFPvDgAwQDT2MgAwQFWbkgAwQAW9C1AwQDXsaQAwQDX4OIAwQDkrko
AwQCuQckAwQCuR0oAwQCuVhoAwQCuV0kAwQCwpKsAwQG1CvAMDAEAgACMCoDBQAg
AQpwAwUDKgFFgAMFACoCAfgDBQAqAgxwAwUAKgIjKAMFACoDcwAwDQYJKoZIhvcN
AQELBQADggEBAFo8yq8bVD7ObKTC1w562MJWJ7EzWDoomK1oUAR+hnAbstopDkSn
qwAxCjGq3kiNqUPp5btizYMjgOgRCKMM9jOxSsKiPmQU6QIsnhQYr/P+E3uDHe/6
DlidcZj3LfJzb/t7X44FUeFvj1lTN72dwodCQ6P60isQJlng4199tLqbrbClB+D9
Q/yablvKxud9saJFa70cooOwtmTP9utxXjAx69rn79CPYC7ymxPZGxeBQQaAbDN/
ZcX6hG/d6g327A6+cddnIekXlqHr6uWwBMSOOdzUc1+NzZTHvZQet7bylmDK1mQU
LuUc1JBL9P7UcG1deso37QEctWEiC8yn9RI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:43:12 2025 by rpki-client