Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/4YdMv2GCh8Yqpy8oSjXd3cV70O4.roa
File: 4YdMv2GCh8Yqpy8oSjXd3cV70O4.roa (raw, json)
Hash identifier: 7YX0gbKzRdog4yg7U/Hin7giE0o8ThFALoa9Dh/Z1c8=
Subject key identifier: E1:87:4C:BF:61:82:87:C6:2A:A7:2F:28:4A:35:DD:DD:C5:7B:D0:EE
Certificate issuer: /CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Certificate serial: 018CC64AED9C75CCE4968D515D98CF3B9140
Authority key identifier: 41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/4YdMv2GCh8Yqpy8oSjXd3cV70O4.roa
Signing time: Mon 01 Jan 2024 18:30:48 +0000
ROA not before: Mon 01 Jan 2024 18:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29014
IP address blocks: 195.177.233.0/24 maxlen: 24
195.177.232.0/23 maxlen: 24
193.41.116.0/23 maxlen: 24
45.139.156.0/22 maxlen: 24
93.92.130.0/23 maxlen: 23
93.92.132.0/24 maxlen: 24
93.92.128.0/23 maxlen: 23
93.92.128.0/21 maxlen: 24
93.92.134.0/23 maxlen: 23
93.92.133.0/24 maxlen: 24
185.8.8.0/24 maxlen: 24
185.8.8.0/22 maxlen: 24
85.158.0.0/24 maxlen: 24
85.158.0.0/22 maxlen: 24
85.158.4.0/23 maxlen: 23
85.158.7.0/24 maxlen: 24
85.158.6.0/24 maxlen: 24
194.126.239.0/24 maxlen: 24
2a00:12e8:f111::/48 maxlen: 48
2a00:12e8:600::/40 maxlen: 40
2a00:12e8::/40 maxlen: 40
2a00:12e8:500::/40 maxlen: 40
2a00:12e8:400::/40 maxlen: 40
2a00:12e8:100::/40 maxlen: 40
2a00:12e8:300::/40 maxlen: 40
2a00:12e8::/32 maxlen: 40
2a00:12e8:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 19 Feb 2024 13:18:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ed:9c:75:cc:e4:96:8d:51:5d:98:cf:3b:91:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Validity
Not Before: Jan 1 18:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1874cbf618287c62aa72f284a35ddddc57bd0ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e1:66:d0:38:4c:42:db:1e:14:a2:77:d0:fe:
c1:2f:e1:f9:50:47:4d:a3:4c:28:e4:63:01:dd:f3:
8d:83:bf:cf:01:a3:ae:ad:b1:0a:ab:2d:39:81:5c:
df:78:8c:f9:97:f0:a7:90:ea:5c:d2:8b:f4:67:f2:
fc:82:77:fa:00:2c:91:40:17:fd:f9:18:54:53:e7:
25:64:5b:4f:38:6c:e1:2e:72:bf:3a:44:48:7c:1b:
94:c0:50:ac:cf:c8:4b:11:64:f8:20:77:bb:0b:f2:
d9:d1:b5:e6:c2:51:11:50:a3:88:d8:b7:b4:53:4c:
18:7c:a9:65:f7:56:bc:13:f5:44:7c:1f:24:6a:3c:
04:68:4e:39:18:ed:98:f6:eb:bc:5b:93:b1:67:77:
9e:af:9d:7d:7f:15:5d:60:a7:2a:c6:84:f6:f3:46:
90:dd:1f:63:20:f8:ff:5c:be:ce:40:48:7c:c1:fb:
c8:bb:cc:84:cb:86:17:5d:2d:9a:5f:e9:ec:3e:d0:
83:46:80:2f:5c:be:0a:1c:c6:cc:ff:11:af:76:02:
42:f3:c7:f6:25:46:cf:cf:42:33:26:c4:30:78:26:
00:62:34:4a:ff:02:51:9b:28:39:3b:a6:03:37:95:
54:36:22:99:de:1b:ef:44:bf:72:f0:8d:b7:c8:fa:
27:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:87:4C:BF:61:82:87:C6:2A:A7:2F:28:4A:35:DD:DD:C5:7B:D0:EE
X509v3 Authority Key Identifier:
keyid:41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/4YdMv2GCh8Yqpy8oSjXd3cV70O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/QbjC83vY1-BOdphaTO1FWddlHEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.156.0/22
85.158.0.0/21
93.92.128.0/21
185.8.8.0/22
193.41.116.0/23
194.126.239.0/24
195.177.232.0/23
IPv6:
2a00:12e8::/32
Signature Algorithm: sha256WithRSAEncryption
d3:b4:ee:06:f7:0b:56:1c:a8:17:44:5a:42:3e:71:32:0c:87:
6c:9f:73:51:d0:47:40:e6:bf:54:98:64:9c:02:54:61:86:de:
58:94:94:e2:32:a8:7a:21:d4:00:76:9b:d5:e5:8e:4f:1d:e7:
de:b7:e5:dd:fa:ef:7f:bc:44:74:9e:4b:73:24:5c:49:8c:70:
81:4c:cb:42:83:a9:76:db:1e:da:36:a0:94:ed:9c:fc:79:6e:
14:8e:2c:e2:2f:7c:8d:53:e5:61:ed:20:77:ab:59:e7:7a:c0:
1d:0d:5a:4d:28:f2:8a:14:58:15:ef:34:0d:36:79:3b:ed:62:
c4:fd:76:7c:f5:2a:4a:8a:58:f2:3d:3a:6b:53:b8:3a:30:62:
c9:c5:48:2c:19:ae:93:86:81:25:a7:79:ad:ad:3c:dd:64:40:
49:17:53:09:cf:7c:9d:ef:2f:07:bc:ce:69:69:9a:d9:b8:b1:
d8:85:58:44:11:af:41:90:3c:e0:fb:5e:c4:28:cc:04:aa:42:
bc:0e:83:6f:62:f3:72:05:c3:93:b1:ff:b2:9f:ac:cf:f7:56:
6d:3d:34:cf:34:04:06:f9:04:36:05:71:fe:d6:5c:c4:ee:0a:
32:ec:26:ba:c2:3c:d7:59:c0:ca:97:ce:5c:6b:a0:3e:38:40:
16:57:0c:ce
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzGSu2cdczklo1RXZjPO5FAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYjhjMmYzN2JkOGQ3ZTA0ZTc2OTg1YTRjZWQ0NTU5ZDc2
NTFjNDMwHhcNMjQwMTAxMTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg3NGNiZjYxODI4N2M2MmFhNzJmMjg0YTM1ZGRkZGM1N2JkMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneFm0DhMQtseFKJ30P7BL+H5UEdN
o0wo5GMB3fONg7/PAaOurbEKqy05gVzfeIz5l/CnkOpc0ov0Z/L8gnf6ACyRQBf9
+RhUU+clZFtPOGzhLnK/OkRIfBuUwFCsz8hLEWT4IHe7C/LZ0bXmwlERUKOI2Le0
U0wYfKll91a8E/VEfB8kajwEaE45GO2Y9uu8W5OxZ3eer519fxVdYKcqxoT280aQ
3R9jIPj/XL7OQEh8wfvIu8yEy4YXXS2aX+nsPtCDRoAvXL4KHMbM/xGvdgJC88f2
JUbPz0IzJsQweCYAYjRK/wJRmyg5O6YDN5VUNiKZ3hvvRL9y8I23yPonowIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOGHTL9hgofGKqcvKEo13d3Fe9DuMB8GA1UdIwQY
MBaAFEG4wvN72NfgTnaYWkztRVnXZRxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjIt
MjgxOGY2NTc4ZDFiLzEvNFlkTXYyR0NoOFlxcHk4b1NqWGQzY1Y3ME80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjItMjgxOGY2NTc4ZDFi
LzEvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLYucAwQD
VZ4AAwQDXVyAAwQCuQgIAwQBwSl0AwQAwn7vAwQBw7HoMA0EAgACMAcDBQAqABLo
MA0GCSqGSIb3DQEBCwUAA4IBAQDTtO4G9wtWHKgXRFpCPnEyDIdsn3NR0EdA5r9U
mGScAlRhht5YlJTiMqh6IdQAdpvV5Y5PHefet+Xd+u9/vER0nktzJFxJjHCBTMtC
g6l22x7aNqCU7Zz8eW4UjiziL3yNU+Vh7SB3q1nnesAdDVpNKPKKFFgV7zQNNnk7
7WLE/XZ89SpKiljyPTprU7g6MGLJxUgsGa6ThoElp3mtrTzdZEBJF1MJz3yd7y8H
vM5paZrZuLHYhVhEEa9BkDzg+17EKMwEqkK8DoNvYvNyBcOTsf+yn6zP91ZtPTTP
NAQG+QQ2BXH+1lzE7goy7Ca6wjzXWcDKl85ca6A+OEAWVwzO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:48 2024 by rpki-client on console-ams.rpki-client.org