Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/UJdF62HCd5Nb8_pVfxNJWvOTp-M.roa
File: UJdF62HCd5Nb8_pVfxNJWvOTp-M.roa (raw, json)
Hash identifier: +7OnwUZxxP1Mw50zINtVqT5+/N34fGSms5t9T8qqjg0=
Subject key identifier: 50:97:45:EB:61:C2:77:93:5B:F3:FA:55:7F:13:49:5A:F3:93:A7:E3
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8EB9A655CEE8868048452F17865F9B0
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/UJdF62HCd5Nb8_pVfxNJWvOTp-M.roa
Signing time: Thu 16 Nov 2023 16:16:40 +0000
ROA not before: Thu 16 Nov 2023 16:16:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1273
IP address blocks: 46.190.137.0/24 maxlen: 24
46.108.0.0/16 maxlen: 24
46.190.254.0/24 maxlen: 24
85.205.0.0/16 maxlen: 24
62.213.128.0/23 maxlen: 24
62.213.156.0/22 maxlen: 24
46.190.128.0/17 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 10:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:eb:9a:65:5c:ee:88:68:04:84:52:f1:78:65:f9:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 16:16:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=509745eb61c277935bf3fa557f13495af393a7e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7f:81:d8:92:72:26:f7:7c:69:33:b9:0b:43:
43:a5:12:c1:28:d9:e1:0b:30:86:cd:91:97:2f:9c:
aa:90:3b:a6:08:5e:00:45:82:7d:c8:8f:f9:28:69:
1a:9f:94:78:4d:3b:f6:00:fc:1e:7c:21:a8:09:2e:
3c:37:f5:17:4b:0b:94:c0:5c:5c:90:28:d0:5e:7d:
07:e4:9e:95:65:50:46:b9:a7:23:30:01:4e:a2:23:
49:46:a8:f7:8c:9d:42:d5:ab:ef:49:58:40:3e:5f:
81:6f:0b:ee:40:d9:99:34:a7:a6:39:93:64:26:64:
b8:3f:13:87:eb:66:f7:a8:f9:58:df:01:4d:26:b7:
71:5a:ce:28:31:65:7a:06:cc:98:61:23:69:84:32:
e9:c6:f0:d4:df:a1:4b:15:f6:bf:73:50:e7:49:f5:
e8:e7:08:4e:41:83:3f:d1:01:f2:d6:ae:1e:7f:c4:
0f:ca:1f:f4:68:fc:48:6d:5b:3f:0d:93:1a:95:a5:
db:54:f9:b8:19:5c:ec:5d:cb:4b:ec:3d:4a:f5:c7:
27:33:f3:d4:52:bf:8d:34:f0:ac:d8:a9:99:e6:bd:
90:74:c5:71:ba:01:6c:2d:15:24:97:d5:35:b5:49:
b0:e8:fa:0f:5a:f9:df:47:cd:60:22:78:de:3e:98:
ca:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:97:45:EB:61:C2:77:93:5B:F3:FA:55:7F:13:49:5A:F3:93:A7:E3
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/UJdF62HCd5Nb8_pVfxNJWvOTp-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.108.0.0/16
46.190.128.0/17
62.213.128.0/23
62.213.156.0/22
85.205.0.0/16
195.233.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:52:97:96:7a:4f:09:8b:0f:72:56:c5:b2:6f:32:16:88:5f:
a8:ef:2a:a6:1a:cb:91:55:98:7f:f0:ab:1e:e4:9d:cc:84:92:
af:18:a4:bd:74:67:bf:7e:ad:1f:87:a8:d5:e6:c0:a9:f7:0c:
ce:4d:da:7d:1e:95:80:29:82:7f:8a:d6:4f:50:64:e1:d8:a9:
c9:be:eb:35:f9:fc:35:b6:31:f9:26:17:c2:52:1c:51:66:b9:
51:2e:0e:71:f1:a3:be:b4:c1:7e:fe:54:4e:33:b7:2c:52:59:
d6:af:dd:a5:35:0b:55:f0:1b:06:8e:05:c1:44:c3:a1:e0:92:
e2:34:9a:6c:56:af:ff:d5:a0:73:bf:0a:db:d6:6b:72:28:6a:
55:4b:ec:d0:7b:52:48:ff:c7:4f:6d:e2:b3:d0:9e:82:51:4f:
50:6d:a7:85:22:6a:f2:1a:df:b6:18:3e:2c:c5:3b:2e:75:bf:
88:23:80:14:4f:81:a1:66:a4:99:7c:ae:1c:86:53:2c:b0:ff:
59:24:95:54:8f:d8:7e:40:aa:96:75:13:69:7c:31:58:4b:fd:
3c:1f:53:6b:3f:b9:fa:56:9c:03:90:b0:c4:52:a8:0c:b2:95:
77:d9:b0:b4:af:b6:b3:00:42:5d:3c:ea:77:7d:62:91:80:4a:
db:d1:8b:e1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvY65plXO6IaASEUvF4ZfmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTYxNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDk3NDVlYjYxYzI3NzkzNWJmM2ZhNTU3ZjEzNDk1YWYzOTNhN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3+B2JJyJvd8aTO5C0NDpRLBKNnh
CzCGzZGXL5yqkDumCF4ARYJ9yI/5KGkan5R4TTv2APwefCGoCS48N/UXSwuUwFxc
kCjQXn0H5J6VZVBGuacjMAFOoiNJRqj3jJ1C1avvSVhAPl+BbwvuQNmZNKemOZNk
JmS4PxOH62b3qPlY3wFNJrdxWs4oMWV6BsyYYSNphDLpxvDU36FLFfa/c1DnSfXo
5whOQYM/0QHy1q4ef8QPyh/0aPxIbVs/DZMalaXbVPm4GVzsXctL7D1K9ccnM/PU
Ur+NNPCs2KmZ5r2QdMVxugFsLRUkl9U1tUmw6PoPWvnfR81gInjePpjKgQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFCXRethwneTW/P6VX8TSVrzk6fjMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvVUpkRjYySENkNU5iOF9wVmZ4TkpXdk9UcC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwMALmwDBAcu
voADBAE+1YADBAI+1ZwDAwBVzQMDAMPpMA0GCSqGSIb3DQEBCwUAA4IBAQASUpeW
ek8Jiw9yVsWybzIWiF+o7yqmGsuRVZh/8Kse5J3MhJKvGKS9dGe/fq0fh6jV5sCp
9wzOTdp9HpWAKYJ/itZPUGTh2KnJvus1+fw1tjH5JhfCUhxRZrlRLg5x8aO+tMF+
/lROM7csUlnWr92lNQtV8BsGjgXBRMOh4JLiNJpsVq//1aBzvwrb1mtyKGpVS+zQ
e1JI/8dPbeKz0J6CUU9QbaeFImryGt+2GD4sxTsudb+II4AUT4GhZqSZfK4chlMs
sP9ZJJVUj9h+QKqWdRNpfDFYS/08H1NrP7n6VpwDkLDEUqgMspV32bC0r7azAEJd
POp3fWKRgErb0Yvh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:21 2024 by rpki-client on console-ams.rpki-client.org