Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Vr1cMnCJOKi47sAjLE4Hj2itNGA.roa
File: Vr1cMnCJOKi47sAjLE4Hj2itNGA.roa (raw, json)
Hash identifier: bDl3On6YlJIk2dSPqEwjgCYCahmmwzpoCnFYpuIqZJE=
Subject key identifier: 56:BD:5C:32:70:89:38:A8:B8:EE:C0:23:2C:4E:07:8F:68:AD:34:60
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018BE1785533D8DA6543E3D089221C5E9BF5
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Vr1cMnCJOKi47sAjLE4Hj2itNGA.roa
Signing time: Sat 18 Nov 2023 08:07:21 +0000
ROA not before: Sat 18 Nov 2023 08:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57175
IP address blocks: 188.253.0.0/23 maxlen: 24
82.115.8.0/23 maxlen: 24
46.249.108.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e1:78:55:33:d8:da:65:43:e3:d0:89:22:1c:5e:9b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 18 08:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56bd5c32708938a8b8eec0232c4e078f68ad3460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e1:df:9d:e9:78:ce:16:fe:8a:fe:6b:fc:a4:
cd:8e:04:e9:29:a7:15:c8:da:a4:1f:68:d4:97:d7:
e8:fc:22:f0:df:a5:9a:9d:a2:48:80:66:94:a3:c9:
f7:03:40:d4:03:17:1d:45:89:f0:0c:ac:41:15:b0:
5d:1c:95:7c:91:50:59:19:35:43:cb:10:c5:01:a2:
71:a8:2a:03:ee:e4:5c:01:87:8f:db:34:53:75:06:
cc:5d:bf:f0:08:89:20:4b:15:0b:57:7b:a7:af:69:
b3:0a:d8:68:4f:45:ec:af:44:3a:1c:ed:db:47:eb:
e2:f1:ae:d6:ac:99:8d:3b:7e:fe:43:45:77:72:c9:
c0:b5:71:c8:9d:c7:db:e7:d8:b4:5a:7a:f9:46:d6:
f5:01:bf:5f:98:64:d3:54:d6:71:22:ef:5b:9a:e4:
1e:38:ab:1e:12:c5:ac:2e:a3:c6:44:e5:00:a5:18:
45:83:57:b6:db:bc:88:5c:86:99:23:11:45:56:02:
25:23:ff:9c:e5:9e:ff:b8:5a:22:b4:f4:2b:27:88:
fc:9e:4b:15:da:6b:ea:95:a1:0e:e5:c9:dc:ae:1c:
e2:c7:88:d4:3b:c8:b4:1c:12:94:64:cf:1a:e3:af:
81:51:2f:f8:6e:99:c2:9b:76:56:c4:e1:ee:5d:a6:
d8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BD:5C:32:70:89:38:A8:B8:EE:C0:23:2C:4E:07:8F:68:AD:34:60
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Vr1cMnCJOKi47sAjLE4Hj2itNGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.108.0/23
82.115.8.0/23
188.253.0.0/23
Signature Algorithm: sha256WithRSAEncryption
88:28:24:27:82:8b:94:ad:51:0d:8f:07:ef:ab:2f:cd:f8:74:
e3:b0:e8:24:8a:91:d9:62:4d:97:72:79:e0:cf:8e:32:3e:a7:
fe:72:32:6f:6b:36:96:8b:0b:27:1a:42:a3:fa:9f:fd:c6:d6:
9b:dc:4b:87:78:c2:5b:41:56:e0:f7:da:56:68:fc:8f:00:88:
09:2d:1a:60:2e:58:d5:3b:05:2a:cc:5f:0e:83:79:12:9a:c4:
c3:a8:7e:00:e8:9f:54:e1:28:76:2c:06:bc:99:b3:8a:67:68:
98:43:30:69:3b:aa:8a:63:f6:6f:8a:79:8d:a9:06:20:70:eb:
ee:f2:97:0f:00:ab:50:2e:80:af:36:4d:af:18:5b:95:58:c2:
8b:95:07:9c:ab:1f:9c:a6:31:45:0a:7d:69:07:cb:05:76:af:
47:0f:e0:e8:dd:1a:0e:d1:2e:f4:45:c0:6f:36:e6:3c:b4:7a:
17:39:3e:00:48:7f:ae:e0:b4:79:2f:21:6f:e0:ec:2a:b3:2b:
cd:f2:20:89:c6:b5:a2:cb:3c:83:81:24:d6:8a:c0:6d:24:21:
90:4d:3e:c3:6a:5b:10:71:11:46:ed:3d:91:93:df:04:5a:08:
ec:21:61:74:79:c4:5c:48:d0:cb:2b:08:ca:ef:6b:b0:20:2a:
b7:b0:3e:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvheFUz2NplQ+PQiSIcXpv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMTE4MDgwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmJkNWMzMjcwODkzOGE4YjhlZWMwMjMyYzRlMDc4ZjY4YWQzNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOHfnel4zhb+iv5r/KTNjgTpKacV
yNqkH2jUl9fo/CLw36WanaJIgGaUo8n3A0DUAxcdRYnwDKxBFbBdHJV8kVBZGTVD
yxDFAaJxqCoD7uRcAYeP2zRTdQbMXb/wCIkgSxULV3unr2mzCthoT0Xsr0Q6HO3b
R+vi8a7WrJmNO37+Q0V3csnAtXHIncfb59i0Wnr5Rtb1Ab9fmGTTVNZxIu9bmuQe
OKseEsWsLqPGROUApRhFg1e227yIXIaZIxFFVgIlI/+c5Z7/uFoitPQrJ4j8nksV
2mvqlaEO5cncrhzix4jUO8i0HBKUZM8a46+BUS/4bpnCm3ZWxOHuXabYiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFa9XDJwiTiouO7AIyxOB49orTRgMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvVnIxY01uQ0pPS2k0N3NBakxFNEhqMml0TkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLvlsAwQB
UnMIAwQBvP0AMA0GCSqGSIb3DQEBCwUAA4IBAQCIKCQngouUrVENjwfvqy/N+HTj
sOgkipHZYk2Xcnngz44yPqf+cjJvazaWiwsnGkKj+p/9xtab3EuHeMJbQVbg99pW
aPyPAIgJLRpgLljVOwUqzF8Og3kSmsTDqH4A6J9U4Sh2LAa8mbOKZ2iYQzBpO6qK
Y/ZvinmNqQYgcOvu8pcPAKtQLoCvNk2vGFuVWMKLlQecqx+cpjFFCn1pB8sFdq9H
D+Do3RoO0S70RcBvNuY8tHoXOT4ASH+u4LR5LyFv4OwqsyvN8iCJxrWiyzyDgSTW
isBtJCGQTT7DalsQcRFG7T2Rk98EWgjsIWF0ecRcSNDLKwjK72uwICq3sD5t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org