Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/iPRBGmqgVGT0ML0hDNgJz14nRTM.roa
File: iPRBGmqgVGT0ML0hDNgJz14nRTM.roa (raw, json)
Hash identifier: l6YmB7tBUnCfqgJpHfRGonjb+6j7vdaUVEXvAbI87dI=
Subject key identifier: 88:F4:41:1A:6A:A0:54:64:F4:30:BD:21:0C:D8:09:CF:5E:27:45:33
Certificate issuer: /CN=12a657f3424c8dd55215af853b93307c366c538a
Certificate serial: 018BF6C70B79AD90731125293FBD26883A9B
Authority key identifier: 12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/iPRBGmqgVGT0ML0hDNgJz14nRTM.roa
Signing time: Wed 22 Nov 2023 11:25:21 +0000
ROA not before: Wed 22 Nov 2023 11:25:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211995
IP address blocks: 46.28.237.0/24 maxlen: 24
185.233.35.0/24 maxlen: 24
213.142.158.0/24 maxlen: 24
185.77.3.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
185.136.207.0/24 maxlen: 24
2a10:d880::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:c7:0b:79:ad:90:73:11:25:29:3f:bd:26:88:3a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12a657f3424c8dd55215af853b93307c366c538a
Validity
Not Before: Nov 22 11:25:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88f4411a6aa05464f430bd210cd809cf5e274533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ea:2a:1b:5d:49:5e:c9:36:8f:a9:13:90:bb:
1c:29:2d:9b:67:3c:4a:c9:a9:a5:b7:e9:25:63:bc:
1d:07:3e:25:c2:a6:b7:a1:6e:ea:2d:98:04:4e:74:
ce:3f:17:12:b6:7c:27:97:06:6a:c5:31:91:f2:8e:
bf:79:31:a3:70:63:0c:88:8f:7c:ad:c2:ae:5e:14:
1b:f5:2d:9b:39:9d:2c:9f:38:87:8b:38:8f:4f:3c:
84:69:27:5c:86:1a:88:89:79:3e:74:d7:42:31:30:
78:72:e1:ec:73:29:07:d9:f9:05:8f:19:d3:f7:e3:
c9:1e:78:75:04:e0:b5:0f:72:d0:9f:b3:fe:80:14:
d0:1b:b7:33:7b:0d:d0:f4:92:8b:74:cf:a2:33:7b:
83:ee:fa:bd:2b:f2:98:45:0b:62:9a:b0:a0:71:3a:
86:f1:f0:11:8b:f6:69:93:b9:de:b3:2f:56:86:0a:
f3:da:c9:d6:97:2b:a2:b1:88:14:d6:c5:d7:2c:53:
50:98:37:86:b0:2b:20:53:57:29:be:b8:d6:55:4d:
ca:b4:a0:30:d6:a5:a4:b7:2f:bd:34:df:c1:f9:ef:
e8:25:ad:d9:60:2d:15:9e:4e:7b:bd:06:cf:10:a4:
ce:c1:3b:1f:23:04:91:25:20:b6:4e:b0:ed:fc:46:
50:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F4:41:1A:6A:A0:54:64:F4:30:BD:21:0C:D8:09:CF:5E:27:45:33
X509v3 Authority Key Identifier:
keyid:12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/iPRBGmqgVGT0ML0hDNgJz14nRTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.237.0/24
93.114.130.0/24
185.77.3.0/24
185.136.207.0/24
185.233.35.0/24
213.142.158.0/24
IPv6:
2a10:d880::/29
Signature Algorithm: sha256WithRSAEncryption
28:9c:80:89:39:62:6b:18:93:88:ac:cd:ba:34:7b:23:84:6f:
d2:a6:3b:2b:0e:34:9d:c9:fa:a3:27:05:4f:60:a9:68:37:29:
f1:05:14:69:f8:6f:b9:24:db:9f:72:e9:be:be:92:42:50:da:
68:cd:28:04:7d:27:a5:0c:2e:34:7a:5d:fb:4e:f1:e0:5a:45:
a4:e1:3c:e1:ce:f6:c8:37:60:e2:3f:bc:64:a2:58:6a:63:65:
16:95:6a:2f:e7:31:54:59:b5:d0:b5:49:12:16:93:05:65:d1:
29:b9:84:c0:f1:ae:b2:b2:6b:d3:b5:fe:38:a4:cb:76:1a:52:
52:a1:bc:9f:bd:54:73:db:df:82:59:74:bf:ab:86:75:35:9c:
82:ea:2a:1e:2c:38:64:1c:6d:b9:4f:07:15:8b:b0:1d:2d:6e:
0e:23:8a:dd:f4:e5:e1:2c:6b:82:f0:a4:68:dd:03:fc:8e:42:
b3:c5:07:09:cf:4a:4a:f7:b1:32:38:79:bf:08:0e:80:f8:53:
66:fd:a9:34:a7:3f:09:a5:53:5f:e8:8f:8b:22:c4:27:69:5f:
2d:4f:9f:5b:ef:95:a5:fd:e1:ce:db:a1:27:81:ce:30:b2:6a:
ca:4a:08:c1:b7:a7:0a:9a:2c:4b:e2:73:2f:7d:7f:c4:30:97:
2c:f0:75:14
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYv2xwt5rZBzESUpP70miDqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYTY1N2YzNDI0YzhkZDU1MjE1YWY4NTNiOTMzMDdjMzY2
YzUzOGEwHhcNMjMxMTIyMTEyNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY0NDExYTZhYTA1NDY0ZjQzMGJkMjEwY2Q4MDljZjVlMjc0NTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleoqG11JXsk2j6kTkLscKS2bZzxK
yamlt+klY7wdBz4lwqa3oW7qLZgETnTOPxcStnwnlwZqxTGR8o6/eTGjcGMMiI98
rcKuXhQb9S2bOZ0snziHiziPTzyEaSdchhqIiXk+dNdCMTB4cuHscykH2fkFjxnT
9+PJHnh1BOC1D3LQn7P+gBTQG7czew3Q9JKLdM+iM3uD7vq9K/KYRQtimrCgcTqG
8fARi/Zpk7nesy9Whgrz2snWlyuisYgU1sXXLFNQmDeGsCsgU1cpvrjWVU3KtKAw
1qWkty+9NN/B+e/oJa3ZYC0Vnk57vQbPEKTOwTsfIwSRJSC2TrDt/EZQPQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIj0QRpqoFRk9DC9IQzYCc9eJ0UzMB8GA1UdIwQY
MBaAFBKmV/NCTI3VUhWvhTuTMHw2bFOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMt
MDVmMDkzMzg1YWM4LzEvaVBSQkdtcWdWR1QwTUwwaEROZ0p6MTRuUlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMtMDVmMDkzMzg1YWM4
LzEvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALhztAwQA
XXKCAwQAuU0DAwQAuYjPAwQAuekjAwQA1Y6eMA0EAgACMAcDBQMqENiAMA0GCSqG
SIb3DQEBCwUAA4IBAQAonICJOWJrGJOIrM26NHsjhG/SpjsrDjSdyfqjJwVPYKlo
NynxBRRp+G+5JNufcum+vpJCUNpozSgEfSelDC40el37TvHgWkWk4TzhzvbIN2Di
P7xkolhqY2UWlWov5zFUWbXQtUkSFpMFZdEpuYTA8a6ysmvTtf44pMt2GlJSobyf
vVRz29+CWXS/q4Z1NZyC6ioeLDhkHG25TwcVi7AdLW4OI4rd9OXhLGuC8KRo3QP8
jkKzxQcJz0pK97EyOHm/CA6A+FNm/ak0pz8JpVNf6I+LIsQnaV8tT59b75Wl/eHO
26Engc4wsmrKSgjBt6cKmixL4nMvfX/EMJcs8HUU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:12 2024 by rpki-client on console-ams.rpki-client.org