Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/_4JGN26cBe-GRASmBpILK0qYJAo.roa
File: _4JGN26cBe-GRASmBpILK0qYJAo.roa (raw, json)
Hash identifier: R7wLQJRX9ze5dVSz5CiEtbCDEemHBIwa9qMk9QGodQg=
Subject key identifier: FF:82:46:37:6E:9C:05:EF:86:44:04:A6:06:92:0B:2B:4A:98:24:0A
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 01856D81981B0E00FDD0B01A84EAB78BF92D
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/_4JGN26cBe-GRASmBpILK0qYJAo.roa
Signing time: Sun 01 Jan 2023 13:24:47 +0000
ROA not before: Sun 01 Jan 2023 13:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8426
IP address blocks: 185.7.36.0/22 maxlen: 22
62.240.224.0/19 maxlen: 19
194.146.172.0/22 maxlen: 22
31.3.136.0/21 maxlen: 21
94.198.144.0/21 maxlen: 21
89.185.32.0/19 maxlen: 19
212.43.192.0/18 maxlen: 18
46.18.128.0/21 maxlen: 21
185.88.104.0/22 maxlen: 22
185.93.36.0/22 maxlen: 22
185.29.40.0/22 maxlen: 22
79.99.32.0/21 maxlen: 21
2a02:2328::/32 maxlen: 32
2a03:7300::/32 maxlen: 32
2a01:4580::/29 maxlen: 29
2001:a70::/32 maxlen: 32
2a02:1f8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:98:1b:0e:00:fd:d0:b0:1a:84:ea:b7:8b:f9:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Jan 1 13:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff8246376e9c05ef864404a606920b2b4a98240a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:35:79:76:ce:e9:46:95:c0:e6:09:e3:81:ad:
42:bb:66:d0:bf:b2:d8:92:16:de:78:93:fe:ab:24:
61:bf:be:5c:e9:8a:d8:5d:73:b8:15:b4:c4:5f:4c:
6b:9a:f0:df:8a:91:2e:78:96:0a:f7:bd:3d:86:67:
42:15:a6:12:8e:e2:d2:eb:be:47:bd:b3:8d:0f:ef:
ca:47:39:16:c1:b4:0b:3a:e2:22:c9:7f:e7:61:ea:
c7:4a:d3:5f:a8:53:46:c1:7f:74:19:81:96:9d:68:
81:b2:e5:c7:92:32:9c:b2:fd:a7:e3:f0:65:02:29:
bb:74:c3:0c:b8:66:62:51:2a:b9:4d:64:f2:d6:65:
ac:48:55:30:44:b4:2f:7b:d2:a9:01:8d:c4:ea:f4:
7c:ea:f7:74:db:71:3f:b1:62:59:b5:04:ab:03:52:
d0:ed:d4:c7:57:b9:c3:c7:e8:ef:19:77:0a:3f:6c:
4e:ce:74:c5:8e:d4:b9:c2:96:42:0b:a7:d7:a8:7a:
85:be:86:c4:97:a5:13:dd:80:16:7b:39:ad:9b:6e:
55:d5:ea:4b:87:cc:e2:62:7c:60:93:5c:f3:a3:64:
b1:16:47:55:46:06:32:86:fc:eb:f7:34:63:99:83:
e1:bd:31:ab:71:47:f2:76:de:96:b8:97:92:19:05:
ee:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:82:46:37:6E:9C:05:EF:86:44:04:A6:06:92:0B:2B:4A:98:24:0A
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/_4JGN26cBe-GRASmBpILK0qYJAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.136.0/21
46.18.128.0/21
62.240.224.0/19
79.99.32.0/21
89.185.32.0/19
94.198.144.0/21
185.7.36.0/22
185.29.40.0/22
185.88.104.0/22
185.93.36.0/22
194.146.172.0/22
212.43.192.0/18
IPv6:
2001:a70::/32
2a01:4580::/29
2a02:1f8::/32
2a02:2328::/32
2a03:7300::/32
Signature Algorithm: sha256WithRSAEncryption
1c:5b:59:6d:ea:8f:bb:61:c2:08:1a:cc:69:fb:3b:7b:17:d7:
40:51:c7:93:2a:87:bc:ab:35:2c:12:33:e3:7e:c6:a3:3e:4b:
70:b4:87:c0:16:a4:58:14:00:f2:90:69:d6:1d:5b:01:19:5f:
1f:34:9c:c8:2d:af:c8:b4:e3:67:ec:7e:50:7f:0f:66:5c:4b:
27:b3:a2:32:5f:a1:1f:5b:a5:2c:7e:91:70:43:8b:ea:78:6a:
3c:9b:a9:b5:07:26:a7:2e:59:ce:eb:17:de:ae:57:40:92:9b:
8e:e0:d8:c7:4b:3b:df:dc:af:56:29:49:ab:8f:e2:f8:c3:6b:
78:73:28:39:9f:d4:31:24:f6:36:ca:4c:1f:03:07:0a:d7:29:
a0:49:d8:2e:b6:34:68:2c:c0:f9:f6:ce:46:f7:23:13:e5:3c:
09:c5:be:9e:a0:2b:83:0b:2f:bf:b7:99:87:c6:db:3e:8f:73:
c4:37:12:d2:f6:3b:c1:c6:cf:19:97:c4:fa:65:9f:8f:53:6a:
d9:be:be:ba:76:23:db:e3:81:c9:88:31:50:1f:bc:dc:74:6c:
50:82:1a:4d:f0:52:8f:d2:b7:0d:c0:f9:50:23:4d:a1:6b:a5:
d3:e0:b2:4c:22:fd:67:0b:13:81:16:47:ef:94:63:88:df:ec:
cf:5d:54:ef
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAYVtgZgbDgD90LAahOq3i/ktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjMwMTAxMTMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjgyNDYzNzZlOWMwNWVmODY0NDA0YTYwNjkyMGIyYjRhOTgyNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTV5ds7pRpXA5gnjga1Cu2bQv7LY
khbeeJP+qyRhv75c6YrYXXO4FbTEX0xrmvDfipEueJYK9709hmdCFaYSjuLS675H
vbOND+/KRzkWwbQLOuIiyX/nYerHStNfqFNGwX90GYGWnWiBsuXHkjKcsv2n4/Bl
Aim7dMMMuGZiUSq5TWTy1mWsSFUwRLQve9KpAY3E6vR86vd023E/sWJZtQSrA1LQ
7dTHV7nDx+jvGXcKP2xOznTFjtS5wpZCC6fXqHqFvobEl6UT3YAWezmtm25V1epL
h8ziYnxgk1zzo2SxFkdVRgYyhvzr9zRjmYPhvTGrcUfydt6WuJeSGQXuiQIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFP+CRjdunAXvhkQEpgaSCytKmCQKMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvXzRKR04yNmNCZS1HUkFTbUJwSUxLMHFZSkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswTgQCAAEwSAMEAx8DiAME
Ay4SgAMEBT7w4AMEA09jIAMEBVm5IAMEA17GkAMEArkHJAMEArkdKAMEArlYaAME
ArldJAMEAsKSrAMEBtQrwDApBAIAAjAjAwUAIAEKcAMFAyoBRYADBQAqAgH4AwUA
KgIjKAMFACoDcwAwDQYJKoZIhvcNAQELBQADggEBABxbWW3qj7thwggazGn7O3sX
10BRx5Mqh7yrNSwSM+N+xqM+S3C0h8AWpFgUAPKQadYdWwEZXx80nMgtr8i042fs
flB/D2ZcSyezojJfoR9bpSx+kXBDi+p4ajybqbUHJqcuWc7rF96uV0CSm47g2MdL
O9/cr1YpSauP4vjDa3hzKDmf1DEk9jbKTB8DBwrXKaBJ2C62NGgswPn2zkb3IxPl
PAnFvp6gK4MLL7+3mYfG2z6Pc8Q3EtL2O8HGzxmXxPpln49Tatm+vrp2I9vjgcmI
MVAfvNx0bFCCGk3wUo/Stw3A+VAjTaFrpdPgskwi/WcLE4EWR++UY4jf7M9dVO8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:38 2024 by rpki-client on console-fra.rpki-client.org