Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/U9ZgqL8yVKjnr2ljxz-PYVNkQCc.roa
File: U9ZgqL8yVKjnr2ljxz-PYVNkQCc.roa (raw, json)
Hash identifier: SAE08UfrAAgFq3KsvegwyY81Q9kyNurNCDXv/7vMthU=
Subject key identifier: 53:D6:60:A8:BF:32:54:A8:E7:AF:69:63:C7:3F:8F:61:53:64:40:27
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCF1BB36A9ED58CACBF61B6F68EF835DB
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/U9ZgqL8yVKjnr2ljxz-PYVNkQCc.roa
Signing time: Wed 03 Jan 2024 11:35:48 +0000
ROA not before: Wed 03 Jan 2024 11:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.251.8.0/23 maxlen: 24
46.249.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 16:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:1b:b3:6a:9e:d5:8c:ac:bf:61:b6:f6:8e:f8:35:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 3 11:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53d660a8bf3254a8e7af6963c73f8f6153644027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0c:c7:de:ab:e7:09:8a:01:5a:9d:f0:c6:82:
b8:c5:cb:99:c8:b1:1e:20:de:5c:95:8f:7f:44:80:
8a:5f:20:53:88:59:0f:ec:1a:02:2b:c6:9a:5a:66:
16:09:6b:f6:a0:01:51:4c:cc:cb:ee:c8:f3:65:4c:
6e:a1:b1:5b:77:ac:4c:2c:f5:cf:4c:c0:34:5b:49:
81:7b:97:e9:af:1f:1f:45:ef:b8:82:1b:42:fc:7b:
aa:25:d0:bd:3f:60:5f:47:42:3e:b5:4a:ad:2a:bb:
0c:3f:99:5a:91:bc:8a:ff:65:b4:7b:1a:65:fa:c6:
7e:9a:eb:cd:c5:51:61:6a:77:5d:8d:48:0d:7c:ae:
54:93:69:44:14:75:9c:5e:c6:cc:41:d0:7b:30:a5:
6e:ce:a3:e7:dd:25:c9:d2:24:24:99:c2:d0:c9:f3:
7f:45:b5:2c:9c:4b:ef:66:a8:1a:fe:c5:27:55:c0:
98:e7:bf:55:f4:97:02:a7:83:8f:33:f9:09:17:f4:
d9:f3:6a:ca:8c:e4:de:7b:ee:ca:dd:f6:9c:53:bc:
2a:07:48:ef:5a:21:9c:34:8a:64:38:b1:5b:cd:5e:
f4:61:63:17:dc:30:c3:82:51:5a:b1:22:f8:1d:71:
1f:83:35:76:74:da:a2:3a:24:7f:4a:71:0b:5a:26:
02:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D6:60:A8:BF:32:54:A8:E7:AF:69:63:C7:3F:8F:61:53:64:40:27
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/U9ZgqL8yVKjnr2ljxz-PYVNkQCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.112.0/22
89.251.8.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:21:40:16:ed:61:bb:f6:2f:a5:6d:7d:f2:74:16:f0:66:31:
9c:ad:48:c7:13:7a:90:2e:44:dc:e6:c5:82:6b:ed:3e:b4:9f:
14:27:ea:d8:ae:30:fa:f8:39:e8:31:ba:1d:6f:ca:55:5f:8b:
84:61:67:97:8d:8b:8f:18:17:29:44:ef:bd:21:2a:6f:a3:ed:
fd:e3:a3:ad:4e:0f:b1:4b:d7:1d:ee:44:f1:f7:c0:53:73:9d:
ce:e4:46:da:c7:07:ab:67:cb:d5:7b:2b:76:9a:a4:01:f8:9c:
8d:ff:22:50:87:1d:58:96:b6:f6:dd:3f:d0:f7:1f:0f:f8:59:
e6:a7:b6:94:6d:1c:05:5f:08:94:04:6e:cd:60:b3:fe:87:73:
31:a5:de:1e:a8:15:4b:9c:dc:7f:c7:09:3b:2b:f8:18:61:08:
18:4b:3c:1f:19:f4:f3:bb:cf:a8:be:81:29:50:ef:de:e8:7c:
30:b4:d4:c9:bf:3f:2f:2c:7d:b6:c0:b9:4c:59:f1:53:c8:65:
57:82:38:66:10:72:a7:40:9e:09:7f:c2:22:cc:92:7e:8a:c8:
51:43:c3:53:67:63:32:af:7a:6b:b4:5c:7f:91:df:bb:59:eb:
98:12:8c:d0:b6:62:92:99:18:b2:ea:fd:82:83:0d:9e:b0:5e:
16:86:dd:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzPG7NqntWMrL9htvaO+DXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAzMTEzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Q2NjBhOGJmMzI1NGE4ZTdhZjY5NjNjNzNmOGY2MTUzNjQ0MDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgzH3qvnCYoBWp3wxoK4xcuZyLEe
IN5clY9/RICKXyBTiFkP7BoCK8aaWmYWCWv2oAFRTMzL7sjzZUxuobFbd6xMLPXP
TMA0W0mBe5fprx8fRe+4ghtC/HuqJdC9P2BfR0I+tUqtKrsMP5lakbyK/2W0expl
+sZ+muvNxVFhanddjUgNfK5Uk2lEFHWcXsbMQdB7MKVuzqPn3SXJ0iQkmcLQyfN/
RbUsnEvvZqga/sUnVcCY579V9JcCp4OPM/kJF/TZ82rKjOTee+7K3facU7wqB0jv
WiGcNIpkOLFbzV70YWMX3DDDglFasSL4HXEfgzV2dNqiOiR/SnELWiYC3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFPWYKi/MlSo569pY8c/j2FTZEAnMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvVTlaZ3FMOHlWS2pucjJsanh6LVBZVk5rUUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLvlwAwQB
WfsIMA0GCSqGSIb3DQEBCwUAA4IBAQCtIUAW7WG79i+lbX3ydBbwZjGcrUjHE3qQ
LkTc5sWCa+0+tJ8UJ+rYrjD6+DnoMbodb8pVX4uEYWeXjYuPGBcpRO+9ISpvo+39
46OtTg+xS9cd7kTx98BTc53O5EbaxwerZ8vVeyt2mqQB+JyN/yJQhx1Ylrb23T/Q
9x8P+Fnmp7aUbRwFXwiUBG7NYLP+h3Mxpd4eqBVLnNx/xwk7K/gYYQgYSzwfGfTz
u8+ovoEpUO/e6HwwtNTJvz8vLH22wLlMWfFTyGVXgjhmEHKnQJ4Jf8IizJJ+ishR
Q8NTZ2Myr3prtFx/kd+7WeuYEozQtmKSmRiy6v2Cgw2esF4Wht1S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org