Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/inkQX5cLFhirIg03g9qL1kBZkNI.roa
File: inkQX5cLFhirIg03g9qL1kBZkNI.roa (raw, json)
Hash identifier: zgyMnFgA30a+4eot79S9rlCWzQrcAuQK4zGpiRQVJFU=
Subject key identifier: 8A:79:10:5F:97:0B:16:18:AB:22:0D:37:83:DA:8B:D6:40:59:90:D2
Certificate issuer: /CN=12a657f3424c8dd55215af853b93307c366c538a
Certificate serial: 018A971C03E9B2A2B1558629D1FEBBB3A650
Authority key identifier: 12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/inkQX5cLFhirIg03g9qL1kBZkNI.roa
Signing time: Fri 15 Sep 2023 04:31:50 +0000
ROA not before: Fri 15 Sep 2023 04:31:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211995
IP address blocks: 46.28.237.0/24 maxlen: 24
185.233.35.0/24 maxlen: 24
185.77.3.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
185.136.207.0/24 maxlen: 24
2a10:d880::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 22 Nov 2023 11:25:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:97:1c:03:e9:b2:a2:b1:55:86:29:d1:fe:bb:b3:a6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12a657f3424c8dd55215af853b93307c366c538a
Validity
Not Before: Sep 15 04:31:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a79105f970b1618ab220d3783da8bd6405990d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:32:d4:33:05:5c:cc:fb:70:cb:6f:43:e2:fc:
60:53:45:69:07:89:92:1e:c1:1d:fb:ee:6e:66:32:
e7:87:89:e3:2c:6d:b5:47:29:57:06:9b:29:b7:ee:
18:95:1d:ca:b1:d3:c0:60:c4:4b:74:e9:7d:12:79:
d0:78:30:b2:8f:e7:e4:fb:30:3a:c8:af:ae:32:a9:
1b:37:b7:b6:86:75:b5:6d:11:67:a9:97:20:7a:80:
8b:a1:2c:93:1d:6e:36:0b:fd:9a:6b:b1:16:2e:8a:
4d:94:88:4f:64:1e:4a:03:6b:3a:e6:bd:31:3f:5d:
6a:3c:4a:b4:2f:a9:12:68:ed:1e:6f:ca:1b:1a:24:
f6:70:2c:c1:34:03:a3:79:ab:44:b4:2f:26:3d:de:
53:03:b0:e7:42:09:e0:a4:21:5f:37:7e:9a:04:67:
14:b7:31:80:12:cd:f5:79:14:cc:4b:35:52:08:68:
c4:53:c4:6c:68:fc:de:5f:79:92:19:d4:08:35:9c:
b4:e1:e2:c1:90:da:25:55:a9:32:d3:c0:21:a8:d6:
47:ce:dc:8a:50:22:22:83:f9:4f:bc:f6:eb:96:49:
02:0c:26:e0:06:27:84:15:a8:91:44:89:93:8c:ea:
16:bd:4c:03:60:34:3e:40:a8:ee:c6:7a:5f:a7:0c:
54:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:79:10:5F:97:0B:16:18:AB:22:0D:37:83:DA:8B:D6:40:59:90:D2
X509v3 Authority Key Identifier:
keyid:12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/inkQX5cLFhirIg03g9qL1kBZkNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.237.0/24
93.114.130.0/24
185.77.3.0/24
185.136.207.0/24
185.233.35.0/24
IPv6:
2a10:d880::/29
Signature Algorithm: sha256WithRSAEncryption
9d:71:61:b5:61:ba:de:ab:0d:a4:7f:be:89:19:d5:b4:aa:99:
dd:0d:6f:a0:7c:12:95:6c:35:3e:c9:9e:99:30:a2:31:9b:b0:
95:78:b3:0c:12:a2:7e:91:59:46:d4:79:37:99:f7:73:52:1c:
18:32:27:61:38:f8:df:6a:f0:ce:00:64:78:2c:33:9f:7d:6d:
b0:24:bd:3d:af:d5:f6:35:1e:81:ac:04:2b:9e:c4:ad:b0:e9:
45:14:2f:ac:c7:cf:b5:4d:0a:7c:73:91:75:45:5f:b5:85:72:
e4:9a:bb:ab:80:70:3c:8d:5f:ee:93:33:fb:d1:09:48:8c:ac:
af:44:ca:56:d9:19:46:36:c4:df:2b:f8:a7:06:ec:9e:d9:4e:
55:78:5b:48:33:72:2c:b7:c3:4f:07:42:88:da:72:ee:0c:31:
75:68:a8:76:5a:be:8b:28:de:95:a6:43:f6:15:7c:1c:f9:0c:
38:19:4d:ce:10:bb:6b:7a:a7:a6:10:a1:8e:cb:d5:a6:a1:10:
04:79:43:c6:55:6c:ea:9f:b5:e9:c0:d7:e2:40:d1:f1:fa:bb:
ed:94:42:f0:5a:46:a9:9f:9f:3d:19:81:f0:d5:bc:03:e8:31:
57:30:2c:d1:6d:5d:84:8a:ce:5b:60:b9:a7:09:b9:f0:57:be:
80:1e:13:bd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYqXHAPpsqKxVYYp0f67s6ZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYTY1N2YzNDI0YzhkZDU1MjE1YWY4NTNiOTMzMDdjMzY2
YzUzOGEwHhcNMjMwOTE1MDQzMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTc5MTA1Zjk3MGIxNjE4YWIyMjBkMzc4M2RhOGJkNjQwNTk5MGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDLUMwVczPtwy29D4vxgU0VpB4mS
HsEd++5uZjLnh4njLG21RylXBpspt+4YlR3KsdPAYMRLdOl9EnnQeDCyj+fk+zA6
yK+uMqkbN7e2hnW1bRFnqZcgeoCLoSyTHW42C/2aa7EWLopNlIhPZB5KA2s65r0x
P11qPEq0L6kSaO0eb8obGiT2cCzBNAOjeatEtC8mPd5TA7DnQgngpCFfN36aBGcU
tzGAEs31eRTMSzVSCGjEU8RsaPzeX3mSGdQINZy04eLBkNolVaky08AhqNZHztyK
UCIig/lPvPbrlkkCDCbgBieEFaiRRImTjOoWvUwDYDQ+QKjuxnpfpwxUiwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIp5EF+XCxYYqyINN4Pai9ZAWZDSMB8GA1UdIwQY
MBaAFBKmV/NCTI3VUhWvhTuTMHw2bFOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMt
MDVmMDkzMzg1YWM4LzEvaW5rUVg1Y0xGaGlySWcwM2c5cUwxa0Jaa05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMtMDVmMDkzMzg1YWM4
LzEvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALhztAwQA
XXKCAwQAuU0DAwQAuYjPAwQAuekjMA0EAgACMAcDBQMqENiAMA0GCSqGSIb3DQEB
CwUAA4IBAQCdcWG1Ybreqw2kf76JGdW0qpndDW+gfBKVbDU+yZ6ZMKIxm7CVeLMM
EqJ+kVlG1Hk3mfdzUhwYMidhOPjfavDOAGR4LDOffW2wJL09r9X2NR6BrAQrnsSt
sOlFFC+sx8+1TQp8c5F1RV+1hXLkmrurgHA8jV/ukzP70QlIjKyvRMpW2RlGNsTf
K/inBuye2U5VeFtIM3Ist8NPB0KI2nLuDDF1aKh2Wr6LKN6VpkP2FXwc+Qw4GU3O
ELtreqemEKGOy9WmoRAEeUPGVWzqn7XpwNfiQNHx+rvtlELwWkapn589GYHw1bwD
6DFXMCzRbV2Eis5bYLmnCbnwV76AHhO9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:53 2024 by rpki-client on console-fra.rpki-client.org