Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/jR4_LyG6zc7DFCSNC5Lg151A0Nk.roa
File: jR4_LyG6zc7DFCSNC5Lg151A0Nk.roa (raw, json)
Hash identifier: 8iyWsHoGgCqB8ziAmOU6xOWicST+McK2fR2hW7PHdXg=
Subject key identifier: 8D:1E:3F:2F:21:BA:CD:CE:C3:14:24:8D:0B:92:E0:D7:9D:40:D0:D9
Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Certificate serial: 01856F9DC66BCFC3E049C036AD0FAE91C344
Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/jR4_LyG6zc7DFCSNC5Lg151A0Nk.roa
Signing time: Sun 01 Jan 2023 23:14:48 +0000
ROA not before: Sun 01 Jan 2023 23:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58010
IP address blocks: 195.74.88.0/23 maxlen: 23
193.243.164.0/23 maxlen: 23
185.219.100.0/24 maxlen: 24
185.219.100.0/22 maxlen: 22
2a00:d0c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 09 Jan 2023 12:14:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c6:6b:cf:c3:e0:49:c0:36:ad:0f:ae:91:c3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Validity
Not Before: Jan 1 23:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d1e3f2f21bacdcec314248d0b92e0d79d40d0d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:41:6a:a5:a0:16:27:70:9e:cf:3b:61:cc:57:
cd:49:c0:5c:4e:f8:e0:5f:3d:80:6a:f1:52:f5:54:
ad:02:17:3f:ca:ee:52:4b:b9:05:c2:aa:63:5d:68:
46:ec:70:80:c1:21:7a:65:20:b7:78:d5:ac:06:f8:
fe:ce:98:73:df:ed:ea:54:94:57:b7:c7:6e:c3:62:
02:bb:f2:19:c5:fc:af:0b:13:f8:85:dc:2c:62:aa:
bd:fc:92:4e:33:a9:12:15:f1:f9:8f:19:bf:6b:87:
e0:ba:ae:24:96:4f:5d:27:cc:a8:80:b2:ff:a8:f8:
6d:12:25:ed:37:27:0b:ad:5b:c9:7b:29:53:24:c3:
1a:72:57:a3:fd:d1:68:f8:a5:21:de:66:0e:a3:50:
02:d2:4c:f8:87:48:51:7e:1f:21:a1:fe:f7:68:e9:
a7:63:88:d6:47:9d:6d:a3:c5:ac:26:d2:24:58:f6:
e7:2d:d2:9c:2e:04:92:f9:1e:47:19:02:49:02:3d:
dd:6c:44:10:07:fc:41:c9:d0:8f:ba:f1:09:06:2b:
12:c9:ca:21:9f:f5:db:e8:b1:70:f4:8a:50:8a:93:
c3:a5:01:d3:e7:d7:f5:3e:26:cc:15:e1:68:e6:f6:
c8:33:cf:28:f4:29:d2:5f:bb:67:03:1c:43:c0:28:
78:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1E:3F:2F:21:BA:CD:CE:C3:14:24:8D:0B:92:E0:D7:9D:40:D0:D9
X509v3 Authority Key Identifier:
keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/jR4_LyG6zc7DFCSNC5Lg151A0Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.100.0/22
193.243.164.0/23
195.74.88.0/23
IPv6:
2a00:d0c0::/32
Signature Algorithm: sha256WithRSAEncryption
b9:e7:e4:1f:09:ff:94:58:b1:6f:83:2b:6f:24:14:30:61:62:
25:ca:7e:6e:03:1c:ac:b9:a0:b9:ef:f4:95:94:9f:6c:5b:0f:
f3:71:ba:7c:a8:7c:34:ed:02:89:58:32:5c:e1:9d:e8:0e:71:
d7:3f:8f:9a:e7:21:05:b0:51:ce:ee:0b:f3:b3:89:fe:3a:8a:
aa:20:8a:02:48:a2:ce:86:dd:bc:f1:bb:c2:43:c5:76:c3:55:
15:ec:ed:9b:f3:bd:e1:e3:1a:f4:ed:dc:82:18:3d:8c:23:62:
e6:ed:ad:ad:81:92:55:72:51:a7:13:64:31:5f:91:39:bd:41:
c3:cd:3c:e5:14:9b:04:dd:bc:12:e3:cd:fd:0f:20:cd:64:c9:
24:b4:5d:97:c7:8b:93:3c:95:e1:88:83:1c:47:6a:bb:2b:24:
41:ec:31:d6:77:c8:51:b8:bf:4b:47:d6:70:87:a7:f3:e9:dc:
50:27:c7:05:1a:1b:ea:7d:95:4c:30:82:26:04:d3:38:9c:70:
e0:f0:b7:35:c1:c3:20:e2:3a:22:3f:04:f0:3e:83:59:4c:59:
35:ae:a8:02:3e:4c:d7:1c:0e:4c:4a:7c:61:f2:05:a6:bd:31:
0e:8d:54:bd:b1:b6:3e:69:c2:2e:93:53:d3:fd:c0:da:85:82:
e4:c7:6b:2c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvncZrz8PgScA2rQ+ukcNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy
NjExMjAwHhcNMjMwMTAxMjMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDFlM2YyZjIxYmFjZGNlYzMxNDI0OGQwYjkyZTBkNzlkNDBkMGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkFqpaAWJ3CezzthzFfNScBcTvjg
Xz2AavFS9VStAhc/yu5SS7kFwqpjXWhG7HCAwSF6ZSC3eNWsBvj+zphz3+3qVJRX
t8duw2ICu/IZxfyvCxP4hdwsYqq9/JJOM6kSFfH5jxm/a4fguq4klk9dJ8yogLL/
qPhtEiXtNycLrVvJeylTJMMaclej/dFo+KUh3mYOo1AC0kz4h0hRfh8hof73aOmn
Y4jWR51to8WsJtIkWPbnLdKcLgSS+R5HGQJJAj3dbEQQB/xBydCPuvEJBisSycoh
n/Xb6LFw9IpQipPDpQHT59f1PibMFeFo5vbIM88o9CnSX7tnAxxDwCh4/QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI0ePy8hus3OwxQkjQuS4NedQNDZMB8GA1UdIwQY
MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt
ZDA1Mzc0NWMyYWNjLzEvalI0X0x5RzZ6YzdERkNTTkM1TGcxNTFBME5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj
LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCudtkAwQB
wfOkAwQBw0pYMA0EAgACMAcDBQAqANDAMA0GCSqGSIb3DQEBCwUAA4IBAQC55+Qf
Cf+UWLFvgytvJBQwYWIlyn5uAxysuaC57/SVlJ9sWw/zcbp8qHw07QKJWDJc4Z3o
DnHXP4+a5yEFsFHO7gvzs4n+OoqqIIoCSKLOht288bvCQ8V2w1UV7O2b873h4xr0
7dyCGD2MI2Lm7a2tgZJVclGnE2QxX5E5vUHDzTzlFJsE3bwS4839DyDNZMkktF2X
x4uTPJXhiIMcR2q7KyRB7DHWd8hRuL9LR9Zwh6fz6dxQJ8cFGhvqfZVMMIImBNM4
nHDg8Lc1wcMg4joiPwTwPoNZTFk1rqgCPkzXHA5MSnxh8gWmvTEOjVS9sbY+acIu
k1PT/cDahYLkx2ss
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:24 2024 by rpki-client on console-ams.rpki-client.org