Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/4fJB0gxEcBP3EOykfrQvpr4xhr0.roa
File: 4fJB0gxEcBP3EOykfrQvpr4xhr0.roa (raw, json)
Hash identifier: +f7LkPDIxZqY1bweNVYnp4DI6hWTNUxDhYBnnODJhDU=
Subject key identifier: E1:F2:41:D2:0C:44:70:13:F7:10:EC:A4:7E:B4:2F:A6:BE:31:86:BD
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 0192D769549F00556044C777B4EDEBAE0A04
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/4fJB0gxEcBP3EOykfrQvpr4xhr0.roa
Signing time: Tue 29 Oct 2024 08:34:16 +0000
ROA not before: Tue 29 Oct 2024 08:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/16 maxlen: 24
89.63.0.0/20 maxlen: 20
89.63.16.0/20 maxlen: 20
185.35.12.0/22 maxlen: 22
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 21 Nov 2024 11:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:69:54:9f:00:55:60:44:c7:77:b4:ed:eb:ae:0a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Oct 29 08:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1f241d20c447013f710eca47eb42fa6be3186bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1f:50:ed:b6:8a:43:5a:81:fc:b6:64:75:01:
e4:25:8f:6a:72:4f:a9:d8:9d:3f:25:fd:27:3c:30:
b5:13:cc:72:55:95:46:50:9e:44:bb:c6:11:3a:22:
12:46:cd:79:dd:21:29:04:74:a5:df:cc:69:18:bc:
d1:96:dd:c2:12:c0:73:72:a9:1e:d0:00:2a:a9:9e:
0b:ec:c9:cb:f7:f5:30:9d:80:dc:83:cd:f4:07:1e:
33:92:3f:e3:14:ab:b7:8f:23:cb:51:e2:f1:01:13:
86:2e:08:c2:b5:e3:ba:5b:a4:a4:d1:42:c5:9a:47:
f9:6b:6d:6d:9b:cc:f8:76:ef:ac:c5:de:13:ed:c1:
3f:a9:be:f4:fd:c4:6a:3c:ce:f5:b6:a4:4f:7b:02:
2a:2f:7a:7c:3e:dc:b1:03:fa:95:24:61:b5:ea:95:
88:9f:05:d0:69:d8:ba:09:93:f8:0d:f7:f9:9d:1e:
69:54:6b:ef:c0:30:f5:fe:ad:e8:b7:bf:ad:c8:ef:
c4:5c:8a:8d:c8:45:d6:04:b4:6d:ce:ef:6c:78:fc:
f9:e9:70:49:90:c6:e6:1f:a4:ff:47:d0:26:ec:0b:
89:c4:a2:92:f7:46:5a:7f:b5:25:9f:a4:6d:73:b0:
a7:46:da:4e:74:66:77:bb:71:99:95:d3:4b:fe:f8:
2b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F2:41:D2:0C:44:70:13:F7:10:EC:A4:7E:B4:2F:A6:BE:31:86:BD
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/4fJB0gxEcBP3EOykfrQvpr4xhr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/16
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
24:be:b0:88:a1:a4:b9:cf:26:7f:c5:9d:35:e4:ce:94:0b:93:
2b:ff:9d:c1:0a:4e:46:69:e6:75:cc:6b:e3:47:b3:d6:d8:f2:
ba:64:b8:7c:d8:94:7e:1a:48:bf:50:73:2f:8f:52:eb:a0:e2:
48:1b:6c:e4:2d:4a:cd:31:29:86:f8:e7:b8:14:b7:8f:b9:aa:
9e:1c:76:db:8b:38:af:7a:be:52:4b:25:ad:1d:65:7b:d0:e1:
7a:f3:72:36:1c:c5:0a:ff:b1:6e:1c:92:ac:ed:a0:51:e4:ef:
3c:30:e0:0b:f9:34:31:92:d9:91:9c:13:43:31:68:05:48:81:
ac:ba:49:fe:d7:d7:c2:7d:08:95:97:6a:28:30:de:65:b4:3b:
05:b1:7b:74:4c:f7:83:c3:da:a0:55:66:69:86:4b:60:5d:b1:
33:d8:5d:5f:65:cb:10:4c:e1:d3:e2:ee:1c:ab:7d:fc:d9:7b:
05:c6:78:a8:be:53:51:23:1f:ad:27:f1:b7:16:e7:04:c9:8d:
7b:fe:30:93:8c:7c:4b:77:33:49:27:15:c5:0e:df:b2:aa:2f:
54:85:b7:bf:6f:17:94:71:3d:7f:a7:33:50:ae:f8:b2:49:35:
50:7d:cf:f6:cd:6d:93:37:41:ad:75:b1:4e:e4:39:b1:d6:52:
83:80:55:8f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZLXaVSfAFVgRMd3tO3rrgoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjQxMDI5MDgzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWYyNDFkMjBjNDQ3MDEzZjcxMGVjYTQ3ZWI0MmZhNmJlMzE4NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxx9Q7baKQ1qB/LZkdQHkJY9qck+p
2J0/Jf0nPDC1E8xyVZVGUJ5Eu8YROiISRs153SEpBHSl38xpGLzRlt3CEsBzcqke
0AAqqZ4L7MnL9/UwnYDcg830Bx4zkj/jFKu3jyPLUeLxAROGLgjCteO6W6Sk0ULF
mkf5a21tm8z4du+sxd4T7cE/qb70/cRqPM71tqRPewIqL3p8PtyxA/qVJGG16pWI
nwXQadi6CZP4Dff5nR5pVGvvwDD1/q3ot7+tyO/EXIqNyEXWBLRtzu9sePz56XBJ
kMbmH6T/R9Am7AuJxKKS90Zaf7Uln6Rtc7CnRtpOdGZ3u3GZldNL/vgrDwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOHyQdIMRHAT9xDspH60L6a+MYa9MB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvNGZKQjBneEVjQlAzRU95a2ZyUXZwcjR4aHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwMAWT8DBAK5
IwwwDAMEB8MEgAMEBMMEoDAMAwQDwwS4AwQDwwTQMA0EAgACMAcDBQMqANygMA0G
CSqGSIb3DQEBCwUAA4IBAQAkvrCIoaS5zyZ/xZ015M6UC5Mr/53BCk5GaeZ1zGvj
R7PW2PK6ZLh82JR+Gki/UHMvj1LroOJIG2zkLUrNMSmG+Oe4FLePuaqeHHbbiziv
er5SSyWtHWV70OF683I2HMUK/7FuHJKs7aBR5O88MOAL+TQxktmRnBNDMWgFSIGs
ukn+19fCfQiVl2ooMN5ltDsFsXt0TPeDw9qgVWZphktgXbEz2F1fZcsQTOHT4u4c
q3382XsFxniovlNRIx+tJ/G3FucEyY17/jCTjHxLdzNJJxXFDt+yqi9Uhbe/bxeU
cT1/pzNQrviySTVQfc/2zW2TN0GtdbFO5Dmx1lKDgFWP
-----END CERTIFICATE-----
Generated at Tue May 13 23:23:39 2025 by rpki-client