Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/4VlG7pGOJ0f1cKSsY3Qzbi8JzQM.roa
File: 4VlG7pGOJ0f1cKSsY3Qzbi8JzQM.roa (raw, json)
Hash identifier: x5eC33JqveSfanYGosoz6LuDyb/ihPTRRlrgnF2aidU=
Subject key identifier: E1:59:46:EE:91:8E:27:47:F5:70:A4:AC:63:74:33:6E:2F:09:CD:03
Certificate issuer: /CN=4020199044c54c237903f656f83b2640c2d1df45
Certificate serial: 018B524B1B98EE00D5696602F47F82035AB2
Authority key identifier: 40:20:19:90:44:C5:4C:23:79:03:F6:56:F8:3B:26:40:C2:D1:DF:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCAZkETFTCN5A_ZW-DsmQMLR30U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/4VlG7pGOJ0f1cKSsY3Qzbi8JzQM.roa
Signing time: Sat 21 Oct 2023 12:52:15 +0000
ROA not before: Sat 21 Oct 2023 12:52:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49175
IP address blocks: 185.138.85.0/24 maxlen: 24
185.138.84.0/24 maxlen: 24
185.138.87.0/24 maxlen: 24
185.138.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:52:4b:1b:98:ee:00:d5:69:66:02:f4:7f:82:03:5a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4020199044c54c237903f656f83b2640c2d1df45
Validity
Not Before: Oct 21 12:52:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e15946ee918e2747f570a4ac6374336e2f09cd03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c2:99:61:d5:eb:c3:b4:42:7e:4f:60:b7:ff:
96:14:db:7b:1b:7e:cc:9a:99:06:14:e9:56:4e:fc:
60:6f:57:4a:61:c1:5c:a0:65:ff:97:44:14:e3:6f:
6e:6e:d3:a5:13:e5:b3:7d:01:ff:c4:ff:c6:2c:cf:
a0:29:34:a4:31:92:61:6a:7d:a8:99:4b:55:47:66:
f3:67:bf:6b:f3:4d:d3:6c:65:e7:3d:66:95:5f:98:
e8:14:45:f5:8c:0a:d3:99:aa:3c:1a:af:7f:8e:44:
a8:cd:72:66:92:2f:8f:34:d4:fc:35:2f:c9:47:95:
16:7e:2a:88:dc:1a:83:d2:d8:ae:3a:28:fe:0c:26:
68:78:e0:0f:46:e7:55:f2:d0:4e:38:a4:1b:47:c1:
0f:37:27:eb:c9:64:1c:b6:dc:11:ae:0e:0d:4e:c6:
11:ec:ef:c4:ed:42:f1:16:3c:1d:7e:9e:2c:21:05:
4f:d1:3a:0a:1c:18:27:a8:cb:66:e0:44:6c:1b:58:
49:c0:1c:c0:13:a7:80:26:f9:b4:d2:d0:69:3a:71:
ac:39:f1:4f:d7:4b:8e:41:36:b7:82:2f:55:d6:53:
5b:a2:20:a1:b4:21:58:d5:a2:85:f5:e2:d1:3a:d3:
80:42:f9:12:cb:4c:47:dd:d3:49:c8:1a:d0:70:56:
7f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:59:46:EE:91:8E:27:47:F5:70:A4:AC:63:74:33:6E:2F:09:CD:03
X509v3 Authority Key Identifier:
keyid:40:20:19:90:44:C5:4C:23:79:03:F6:56:F8:3B:26:40:C2:D1:DF:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCAZkETFTCN5A_ZW-DsmQMLR30U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/4VlG7pGOJ0f1cKSsY3Qzbi8JzQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/QCAZkETFTCN5A_ZW-DsmQMLR30U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.84.0/22
Signature Algorithm: sha256WithRSAEncryption
30:46:5b:58:3c:24:97:0f:71:2e:e7:19:76:a1:83:86:b9:c0:
a8:c1:9f:c4:21:48:04:1e:c5:09:16:c1:d1:5b:9b:68:72:c5:
3e:27:5b:90:0e:3f:8c:cf:fd:51:1a:c8:e8:c2:dd:a0:0f:8b:
c7:8f:d7:b9:7a:00:30:6a:b9:50:23:a9:b1:b2:8c:c9:16:e3:
61:be:05:5c:b0:b8:6d:98:1e:59:27:d7:4d:97:7b:46:42:b9:
84:c0:2b:29:33:48:39:80:4d:66:fa:e1:51:1f:df:05:cc:4a:
f1:a6:61:20:70:d6:64:a1:c4:fc:2d:b9:4b:87:cb:db:d2:9b:
64:4f:4c:9a:73:08:69:71:e3:0d:2a:a3:cc:e5:ab:63:96:f1:
7f:c8:c3:56:ae:14:00:88:62:d3:ce:a0:0a:61:eb:21:7f:2f:
c2:ad:eb:90:ed:60:f7:5b:ab:4d:5d:7f:a5:ad:11:02:79:a8:
6e:32:3c:f2:a0:13:c1:66:42:18:6c:d4:e8:b7:12:c7:8a:6e:
55:31:fb:22:94:29:80:10:fe:01:a8:7c:c6:e7:82:36:21:3d:
ce:ad:83:5d:44:0f:eb:72:34:7d:aa:ea:da:37:45:b6:f1:12:
51:e3:b4:d5:8f:cd:58:b7:b0:9c:9b:ad:45:7e:e0:fa:d3:ac:
62:05:ff:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtSSxuY7gDVaWYC9H+CA1qyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjAxOTkwNDRjNTRjMjM3OTAzZjY1NmY4M2IyNjQwYzJk
MWRmNDUwHhcNMjMxMDIxMTI1MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTU5NDZlZTkxOGUyNzQ3ZjU3MGE0YWM2Mzc0MzM2ZTJmMDljZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsKZYdXrw7RCfk9gt/+WFNt7G37M
mpkGFOlWTvxgb1dKYcFcoGX/l0QU429ubtOlE+WzfQH/xP/GLM+gKTSkMZJhan2o
mUtVR2bzZ79r803TbGXnPWaVX5joFEX1jArTmao8Gq9/jkSozXJmki+PNNT8NS/J
R5UWfiqI3BqD0tiuOij+DCZoeOAPRudV8tBOOKQbR8EPNyfryWQcttwRrg4NTsYR
7O/E7ULxFjwdfp4sIQVP0ToKHBgnqMtm4ERsG1hJwBzAE6eAJvm00tBpOnGsOfFP
10uOQTa3gi9V1lNboiChtCFY1aKF9eLROtOAQvkSy0xH3dNJyBrQcFZ/JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFZRu6RjidH9XCkrGN0M24vCc0DMB8GA1UdIwQY
MBaAFEAgGZBExUwjeQP2Vvg7JkDC0d9FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNBWmtFVEZUQ041QV9aVy1Ec21RTUxSMzBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80YmEwZGMtNDcwMi00N2MxLWJhOWUt
NGI3NTBiYmM2MTY3LzEvNFZsRzdwR09KMGYxY0tTc1kzUXpiaThKelFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80YmEwZGMtNDcwMi00N2MxLWJhOWUtNGI3NTBiYmM2MTY3
LzEvUUNBWmtFVEZUQ041QV9aVy1Ec21RTUxSMzBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYpUMA0G
CSqGSIb3DQEBCwUAA4IBAQAwRltYPCSXD3Eu5xl2oYOGucCowZ/EIUgEHsUJFsHR
W5tocsU+J1uQDj+Mz/1RGsjowt2gD4vHj9e5egAwarlQI6mxsozJFuNhvgVcsLht
mB5ZJ9dNl3tGQrmEwCspM0g5gE1m+uFRH98FzErxpmEgcNZkocT8LblLh8vb0ptk
T0yacwhpceMNKqPM5atjlvF/yMNWrhQAiGLTzqAKYeshfy/CreuQ7WD3W6tNXX+l
rRECeahuMjzyoBPBZkIYbNTotxLHim5VMfsilCmAEP4BqHzG54I2IT3OrYNdRA/r
cjR9quraN0W28RJR47TVj81Yt7Ccm61FfuD606xiBf+X
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:42 2024 by rpki-client on console-ams.rpki-client.org