Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/4DsYEvGFi0y52ihMwmkbDg77Bg8.roa
File: 4DsYEvGFi0y52ihMwmkbDg77Bg8.roa (raw, json)
Hash identifier: /MalB8+YnwJr6/IolhSCDq45I/ky0NRi9m8YZB/vRnc=
Subject key identifier: E0:3B:18:12:F1:85:8B:4C:B9:DA:28:4C:C2:69:1B:0E:0E:FB:06:0F
Certificate issuer: /CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Certificate serial: 018CC26D171BA8E975859F210D11E450AE30
Authority key identifier: A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/4DsYEvGFi0y52ihMwmkbDg77Bg8.roa
Signing time: Mon 01 Jan 2024 00:29:38 +0000
ROA not before: Mon 01 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21245
IP address blocks: 146.19.176.0/24 maxlen: 24
185.235.10.0/24 maxlen: 24
185.230.17.0/24 maxlen: 24
185.230.16.0/24 maxlen: 24
185.230.19.0/24 maxlen: 24
185.21.183.0/24 maxlen: 24
185.21.182.0/24 maxlen: 24
185.21.181.0/24 maxlen: 24
185.21.180.0/24 maxlen: 24
31.3.3.0/24 maxlen: 24
31.3.2.0/24 maxlen: 24
31.3.1.0/24 maxlen: 24
31.3.0.0/24 maxlen: 24
31.3.4.0/24 maxlen: 24
31.3.6.0/24 maxlen: 24
31.3.5.0/24 maxlen: 24
31.3.7.0/24 maxlen: 24
185.241.63.0/24 maxlen: 24
185.87.172.0/24 maxlen: 24
185.87.175.0/24 maxlen: 24
185.87.174.0/24 maxlen: 24
185.87.173.0/24 maxlen: 24
185.22.160.0/24 maxlen: 24
185.22.163.0/24 maxlen: 24
185.22.162.0/24 maxlen: 24
185.22.161.0/24 maxlen: 24
2a03:3f00::/48 maxlen: 48
2a03:3f00:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 12 Aug 2024 14:53:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:17:1b:a8:e9:75:85:9f:21:0d:11:e4:50:ae:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Validity
Not Before: Jan 1 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e03b1812f1858b4cb9da284cc2691b0e0efb060f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a0:de:9f:5b:c1:8d:f2:83:80:ae:03:c6:e7:
99:47:87:fd:37:68:ba:36:a1:22:0d:60:ec:ee:8b:
06:f6:29:8a:ac:18:39:d5:ec:80:47:e2:bc:f2:57:
de:d2:d1:e4:e0:99:af:17:32:04:4a:d4:82:64:28:
5e:f6:7c:a2:83:b7:88:78:b3:ab:28:0b:fe:15:42:
f5:48:d7:ff:f2:36:b4:61:3c:05:36:e2:2f:28:5d:
ef:dd:3c:1a:c7:9b:96:0c:0d:7b:6d:b2:f3:50:98:
0d:38:f3:1b:f8:67:db:be:41:eb:a5:0c:d3:9e:dc:
64:9d:12:6b:c3:f8:e9:13:78:f7:f1:d7:f8:6d:d5:
4d:e8:39:d7:d3:e1:d4:82:26:61:2d:ec:7a:40:f3:
df:34:38:4d:28:88:c7:31:1e:21:3b:53:23:7f:a2:
67:ab:36:39:08:72:67:c5:0e:ee:e5:79:56:fc:16:
a2:b4:a9:e4:af:59:8d:2f:ff:66:0e:b6:00:4a:b6:
52:8e:63:50:a9:85:dd:4f:b5:cf:a2:7b:ed:bd:3b:
2e:51:09:ca:dc:06:fa:a8:84:97:8c:1b:b0:42:ff:
c1:62:55:13:83:c0:a8:83:62:2a:99:42:52:8c:9a:
b8:dc:16:fe:db:70:96:32:22:53:89:6f:87:57:f7:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3B:18:12:F1:85:8B:4C:B9:DA:28:4C:C2:69:1B:0E:0E:FB:06:0F
X509v3 Authority Key Identifier:
keyid:A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/4DsYEvGFi0y52ihMwmkbDg77Bg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.0.0/21
146.19.176.0/24
185.21.180.0/22
185.22.160.0/22
185.87.172.0/22
185.230.16.0/23
185.230.19.0/24
185.235.10.0/24
185.241.63.0/24
IPv6:
2a03:3f00::/47
Signature Algorithm: sha256WithRSAEncryption
7c:a3:5a:43:a7:a3:f4:bd:a7:f5:b3:91:7f:1c:0c:70:9d:74:
a2:f7:90:17:b3:3c:b5:1a:51:86:ca:87:03:94:fc:fd:38:1f:
0e:c1:53:18:f6:33:70:5c:2f:c1:c7:e6:bb:df:85:6a:e7:b3:
a6:8d:d6:ad:22:61:6d:5c:cd:4b:fd:b4:f3:09:3e:0c:96:ae:
a8:7a:fe:fa:ed:cf:7a:79:a6:63:d5:f4:4d:ce:0f:31:fd:82:
0f:1c:62:cc:2b:c9:dc:34:ec:e3:2e:52:a1:49:b9:8b:1b:d5:
05:5c:dc:e9:be:01:24:7d:3b:87:33:40:4a:f9:4d:92:ae:90:
05:4f:b2:64:1c:3e:79:21:9f:1b:35:a1:cd:0b:9f:db:ed:15:
98:df:ae:1f:a5:83:ac:96:29:c3:4e:0a:2b:5a:c2:44:76:69:
15:ee:85:17:c8:09:65:23:55:d0:de:5b:99:8d:bd:4f:bd:22:
e9:23:16:bb:2a:f1:0a:7f:4e:11:48:2f:86:cc:5f:8d:e1:7f:
8a:b3:4f:5b:c9:7a:29:ef:b5:05:cc:d6:eb:db:18:65:86:ee:
25:5c:e9:d5:b2:86:20:5e:50:59:43:a3:58:13:ad:f6:67:1a:
bf:70:e9:15:08:57:fb:30:77:57:8c:6d:b5:eb:59:31:83:15:
78:c7:0d:7a
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzCbRcbqOl1hZ8hDRHkUK4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjE4Zjk2YWFhMDM1NjdmMjJmYzAyYzQyYTY5MzU3MDg2
NTVhYTkwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDNiMTgxMmYxODU4YjRjYjlkYTI4NGNjMjY5MWIwZTBlZmIwNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66Den1vBjfKDgK4DxueZR4f9N2i6
NqEiDWDs7osG9imKrBg51eyAR+K88lfe0tHk4JmvFzIEStSCZChe9nyig7eIeLOr
KAv+FUL1SNf/8ja0YTwFNuIvKF3v3Twax5uWDA17bbLzUJgNOPMb+GfbvkHrpQzT
ntxknRJrw/jpE3j38df4bdVN6DnX0+HUgiZhLex6QPPfNDhNKIjHMR4hO1Mjf6Jn
qzY5CHJnxQ7u5XlW/BaitKnkr1mNL/9mDrYASrZSjmNQqYXdT7XPonvtvTsuUQnK
3Ab6qISXjBuwQv/BYlUTg8Cog2IqmUJSjJq43Bb+23CWMiJTiW+HV/dSAwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOA7GBLxhYtMudooTMJpGw4O+wYPMB8GA1UdIwQY
MBaAFKSxj5aqoDVn8i/ALEKmk1cIZVqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2Ut
YzY5NGYwZWFjYmE2LzEvNERzWUV2R0ZpMHk1MmloTXdta2JEZzc3Qmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2UtYzY5NGYwZWFjYmE2
LzEvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA8BAIAATA2AwQDHwMAAwQA
khOwAwQCuRW0AwQCuRagAwQCuVesAwQBueYQAwQAueYTAwQAuesKAwQAufE/MA8E
AgACMAkDBwEqAz8AAAAwDQYJKoZIhvcNAQELBQADggEBAHyjWkOno/S9p/WzkX8c
DHCddKL3kBezPLUaUYbKhwOU/P04Hw7BUxj2M3BcL8HH5rvfhWrns6aN1q0iYW1c
zUv9tPMJPgyWrqh6/vrtz3p5pmPV9E3ODzH9gg8cYswrydw07OMuUqFJuYsb1QVc
3Om+ASR9O4czQEr5TZKukAVPsmQcPnkhnxs1oc0Ln9vtFZjfrh+lg6yWKcNOCita
wkR2aRXuhRfICWUjVdDeW5mNvU+9IukjFrsq8Qp/ThFIL4bMX43hf4qzT1vJeinv
tQXM1uvbGGWG7iVc6dWyhiBeUFlDo1gTrfZnGr9w6RUIV/swd1eMbbXrWTGDFXjH
DXo=
-----END CERTIFICATE-----
Generated at Mon Aug 12 17:33:29 2024 by rpki-client on console-ams.rpki-client.org