Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/668345-f5bc-4a3f-b6ff-10df49f65616/1/I2QWobvuEX1tAVdquedPQRepn3M.roa
File: I2QWobvuEX1tAVdquedPQRepn3M.roa (raw, json)
Hash identifier: +DHJX87u3/+szGTISKVr0wphtubA5g7DRQLz0wDa9zg=
Subject key identifier: 23:64:16:A1:BB:EE:11:7D:6D:01:57:6A:B9:E7:4F:41:17:A9:9F:73
Certificate issuer: /CN=a2f974efb50e729c9e015a8bc2b6c2b0619dfc84
Certificate serial: 018570E7683FD39B76F57EEDCC16A3486316
Authority key identifier: A2:F9:74:EF:B5:0E:72:9C:9E:01:5A:8B:C2:B6:C2:B0:61:9D:FC:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ovl077UOcpyeAVqLwrbCsGGd_IQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/668345-f5bc-4a3f-b6ff-10df49f65616/1/I2QWobvuEX1tAVdquedPQRepn3M.roa
Signing time: Mon 02 Jan 2023 05:14:51 +0000
ROA not before: Mon 02 Jan 2023 05:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39480
IP address blocks: 46.182.72.0/21 maxlen: 21
195.225.204.0/23 maxlen: 23
195.225.206.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:68:3f:d3:9b:76:f5:7e:ed:cc:16:a3:48:63:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2f974efb50e729c9e015a8bc2b6c2b0619dfc84
Validity
Not Before: Jan 2 05:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=236416a1bbee117d6d01576ab9e74f4117a99f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e4:3d:97:d2:5d:57:16:e2:f3:2c:29:34:bc:
a8:16:5d:83:f6:f0:8b:5c:55:b2:86:84:19:b8:28:
a3:0a:36:68:0b:01:c7:b1:3c:bb:98:8f:72:9c:75:
af:02:fe:31:7a:16:1a:8a:9a:97:9e:c2:ea:6a:39:
54:ab:e5:75:bf:12:8e:67:0b:d3:24:62:eb:9a:79:
75:90:4e:24:8b:10:7d:65:53:88:5a:4c:c9:5b:16:
23:94:8b:72:33:ef:51:8e:6e:50:4f:11:f3:f3:c0:
34:0c:87:16:5d:bc:96:7d:95:d5:b4:56:85:4d:0a:
ce:89:2d:ee:ad:ce:b7:e2:98:83:26:35:58:f4:81:
75:a6:a8:19:13:28:a9:c1:7f:dd:42:47:cc:84:8d:
9c:2d:79:de:8b:00:ef:bd:dd:e2:a8:ed:f8:fc:49:
bb:5a:4d:73:35:78:b4:5b:a0:b4:7b:88:64:89:ae:
2c:ac:d5:61:76:b0:ec:24:23:fb:0d:cb:da:e2:b6:
b8:ed:46:44:b7:df:79:7d:77:41:c5:f7:a2:f6:1b:
58:76:92:b8:5e:52:92:eb:26:3a:98:25:be:a4:cb:
49:8b:4f:d2:1d:28:a4:a6:d8:c9:de:59:6f:26:e4:
e2:6c:90:cc:f7:19:e6:8c:25:bf:b4:5d:ea:2f:1d:
b1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:64:16:A1:BB:EE:11:7D:6D:01:57:6A:B9:E7:4F:41:17:A9:9F:73
X509v3 Authority Key Identifier:
keyid:A2:F9:74:EF:B5:0E:72:9C:9E:01:5A:8B:C2:B6:C2:B0:61:9D:FC:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ovl077UOcpyeAVqLwrbCsGGd_IQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/668345-f5bc-4a3f-b6ff-10df49f65616/1/I2QWobvuEX1tAVdquedPQRepn3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/668345-f5bc-4a3f-b6ff-10df49f65616/1/ovl077UOcpyeAVqLwrbCsGGd_IQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.72.0/21
195.225.204.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:ce:6e:2e:bc:03:26:42:88:c9:0f:31:3a:86:71:bb:a0:08:
47:18:23:f1:33:ad:97:ae:74:b4:27:be:fa:93:20:64:e2:c5:
c9:ee:e3:b2:c3:06:c3:77:3d:ff:60:c2:49:8a:ac:0e:52:e1:
a9:52:f4:53:75:56:d5:a9:33:87:8e:d8:13:18:fd:78:72:79:
3a:2e:ed:e8:6c:39:88:41:2f:3b:db:c4:5a:73:39:a3:8a:44:
71:2e:55:8e:48:f5:d5:e0:1e:44:ee:ac:03:5e:14:52:ee:12:
7e:4d:19:39:d6:f5:29:81:d3:a6:89:13:42:f0:06:0c:57:f7:
5a:59:5f:69:02:a4:20:8b:88:53:97:94:4c:cc:81:06:e5:c2:
79:1d:fa:49:0a:d7:3a:13:f6:23:b2:0b:46:8a:94:ad:29:dc:
c8:b9:eb:4d:f3:62:0a:66:00:8f:9b:c6:e6:3d:63:45:90:e0:
13:2b:38:3d:3e:62:95:ed:1b:e9:9a:88:35:48:a9:db:09:a5:
e2:12:fa:86:7c:a3:18:d9:43:a4:50:a3:a9:47:7b:22:a7:a6:
bb:5e:92:e5:17:a2:dd:9f:76:bb:ae:93:cc:db:1e:87:c4:34:
1d:ce:60:ee:c7:bf:0e:b1:91:75:5c:55:02:97:bf:df:61:60:
e4:0d:30:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw52g/05t29X7tzBajSGMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZjk3NGVmYjUwZTcyOWM5ZTAxNWE4YmMyYjZjMmIwNjE5
ZGZjODQwHhcNMjMwMTAyMDUxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzY0MTZhMWJiZWUxMTdkNmQwMTU3NmFiOWU3NGY0MTE3YTk5ZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuQ9l9JdVxbi8ywpNLyoFl2D9vCL
XFWyhoQZuCijCjZoCwHHsTy7mI9ynHWvAv4xehYaipqXnsLqajlUq+V1vxKOZwvT
JGLrmnl1kE4kixB9ZVOIWkzJWxYjlItyM+9Rjm5QTxHz88A0DIcWXbyWfZXVtFaF
TQrOiS3urc634piDJjVY9IF1pqgZEyipwX/dQkfMhI2cLXneiwDvvd3iqO34/Em7
Wk1zNXi0W6C0e4hkia4srNVhdrDsJCP7Dcva4ra47UZEt995fXdBxfei9htYdpK4
XlKS6yY6mCW+pMtJi0/SHSikptjJ3llvJuTibJDM9xnmjCW/tF3qLx2xZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCNkFqG77hF9bQFXarnnT0EXqZ9zMB8GA1UdIwQY
MBaAFKL5dO+1DnKcngFai8K2wrBhnfyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3ZsMDc3VU9jcHllQVZxTHdyYkNzR0dkX0lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC82NjgzNDUtZjViYy00YTNmLWI2ZmYt
MTBkZjQ5ZjY1NjE2LzEvSTJRV29idnVFWDF0QVZkcXVlZFBRUmVwbjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC82NjgzNDUtZjViYy00YTNmLWI2ZmYtMTBkZjQ5ZjY1NjE2
LzEvb3ZsMDc3VU9jcHllQVZxTHdyYkNzR0dkX0lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLrZIAwQC
w+HMMA0GCSqGSIb3DQEBCwUAA4IBAQBPzm4uvAMmQojJDzE6hnG7oAhHGCPxM62X
rnS0J776kyBk4sXJ7uOywwbDdz3/YMJJiqwOUuGpUvRTdVbVqTOHjtgTGP14cnk6
Lu3obDmIQS8728RaczmjikRxLlWOSPXV4B5E7qwDXhRS7hJ+TRk51vUpgdOmiRNC
8AYMV/daWV9pAqQgi4hTl5RMzIEG5cJ5HfpJCtc6E/YjsgtGipStKdzIuetN82IK
ZgCPm8bmPWNFkOATKzg9PmKV7Rvpmog1SKnbCaXiEvqGfKMY2UOkUKOpR3sip6a7
XpLlF6Ldn3a7rpPM2x6HxDQdzmDux78OsZF1XFUCl7/fYWDkDTAj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:15 2024 by rpki-client on console-fra.rpki-client.org