Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xJzS_vADNpsoEa0UBXEG9zDcEn8.roa
File: xJzS_vADNpsoEa0UBXEG9zDcEn8.roa (raw, json)
Hash identifier: 3uA/YGyd0arDehGrnA5U0xCHnicXTGzspWWuJmRYH+w=
Subject key identifier: C4:9C:D2:FE:F0:03:36:9B:28:11:AD:14:05:71:06:F7:30:DC:12:7F
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185E6AC5B6C739B9AAF366D490BF6D8F6A8
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xJzS_vADNpsoEa0UBXEG9zDcEn8.roa
Signing time: Wed 25 Jan 2023 02:05:33 +0000
ROA not before: Wed 25 Jan 2023 02:05:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 46.249.104.0/22 maxlen: 24
46.249.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 05:55:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e6:ac:5b:6c:73:9b:9a:af:36:6d:49:0b:f6:d8:f6:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 25 02:05:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c49cd2fef003369b2811ad14057106f730dc127f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9c:bf:df:f6:50:68:c8:18:35:07:64:6a:31:
cb:78:aa:3e:7a:8c:52:f3:f4:48:4f:80:c3:1b:cd:
a0:53:c4:16:2d:22:67:9e:82:3a:44:ed:78:a3:08:
88:1c:a4:6c:5f:06:9c:f4:4c:d3:dc:6f:a6:52:fb:
88:2a:02:cc:ba:d9:fe:f1:73:5a:53:be:72:c4:50:
b3:ee:1a:2f:56:4c:a6:4a:c2:9d:2f:e8:25:ff:c6:
fb:8a:38:2e:35:e4:a8:6b:6a:61:c1:00:fc:dc:d1:
7d:e0:c2:36:79:b2:1c:f7:64:b9:b7:20:c8:b4:86:
14:51:c1:f0:45:ab:c0:17:a0:9a:34:99:f6:83:52:
33:81:3b:64:43:08:bf:60:27:aa:d4:9f:40:57:6d:
32:dc:54:c1:d6:f8:59:9e:a1:cc:fe:de:ad:77:31:
5c:72:3e:af:eb:fc:24:49:3d:f5:76:43:c0:e4:b5:
b8:c4:a6:3a:8e:84:5b:cd:ab:cb:ea:09:b2:a9:7e:
7a:8b:2b:c8:4e:75:56:0e:19:ee:2b:ef:73:d5:88:
4a:c8:23:59:78:bc:60:64:ff:00:17:79:f8:b0:83:
14:0e:c6:ed:29:05:6c:76:f0:f1:83:65:d3:ec:75:
43:53:1e:1d:8f:8d:19:0f:3b:03:19:3a:1d:8e:eb:
6b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9C:D2:FE:F0:03:36:9B:28:11:AD:14:05:71:06:F7:30:DC:12:7F
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xJzS_vADNpsoEa0UBXEG9zDcEn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.104.0/22
46.249.116.0/22
Signature Algorithm: sha256WithRSAEncryption
d1:f9:68:91:91:38:08:17:a1:fb:aa:d8:f6:30:4b:54:aa:b3:
94:a4:a5:d5:f3:4c:35:56:6a:53:20:ff:09:ae:ad:4b:9c:e0:
f3:e1:36:46:7a:70:a5:a7:b5:11:a4:d6:96:89:d7:b9:da:d0:
1d:ba:17:47:46:51:6e:ff:95:a7:f1:92:a9:94:18:df:20:e4:
4b:89:eb:b2:50:d0:42:c8:35:8c:76:77:20:9b:3e:6e:21:68:
ca:15:a6:67:33:85:0e:64:6d:0b:81:a7:ad:cd:44:37:af:5c:
5d:ae:5e:a8:75:c3:2d:dc:52:e7:5d:ae:82:c2:80:9b:25:71:
70:77:4e:4b:a9:1e:0c:da:16:bb:59:96:32:2f:0e:75:2d:4d:
42:12:b0:20:77:fb:61:52:85:2d:42:3e:87:99:34:6d:a6:e8:
dd:24:d8:81:d5:08:c1:f9:8e:6a:00:1d:75:4f:44:79:36:a9:
37:7e:16:6e:54:79:f6:62:7b:b3:ac:c7:a2:5e:58:6d:92:03:
ff:73:13:30:27:d2:0d:76:f9:cd:bc:b6:d2:e0:3f:54:4e:98:
ea:a5:11:49:7c:2a:f6:fd:5c:2e:e5:52:e6:0f:60:be:53:4b:
fe:d0:36:76:f6:66:1a:1f:41:c1:cf:c6:5a:22:0e:b5:35:0f:
df:2a:47:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXmrFtsc5uarzZtSQv22PaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTI1MDIwNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDljZDJmZWYwMDMzNjliMjgxMWFkMTQwNTcxMDZmNzMwZGMxMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpy/3/ZQaMgYNQdkajHLeKo+eoxS
8/RIT4DDG82gU8QWLSJnnoI6RO14owiIHKRsXwac9EzT3G+mUvuIKgLMutn+8XNa
U75yxFCz7hovVkymSsKdL+gl/8b7ijguNeSoa2phwQD83NF94MI2ebIc92S5tyDI
tIYUUcHwRavAF6CaNJn2g1IzgTtkQwi/YCeq1J9AV20y3FTB1vhZnqHM/t6tdzFc
cj6v6/wkST31dkPA5LW4xKY6joRbzavL6gmyqX56iyvITnVWDhnuK+9z1YhKyCNZ
eLxgZP8AF3n4sIMUDsbtKQVsdvDxg2XT7HVDUx4dj40ZDzsDGTodjutrSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMSc0v7wAzabKBGtFAVxBvcw3BJ/MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEveEp6U192QUROcHNvRWEwVUJYRUc5ekRjRW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLvloAwQC
Lvl0MA0GCSqGSIb3DQEBCwUAA4IBAQDR+WiRkTgIF6H7qtj2MEtUqrOUpKXV80w1
VmpTIP8Jrq1LnODz4TZGenClp7URpNaWide52tAduhdHRlFu/5Wn8ZKplBjfIORL
ieuyUNBCyDWMdncgmz5uIWjKFaZnM4UOZG0LgaetzUQ3r1xdrl6odcMt3FLnXa6C
woCbJXFwd05LqR4M2ha7WZYyLw51LU1CErAgd/thUoUtQj6HmTRtpujdJNiB1QjB
+Y5qAB11T0R5Nqk3fhZuVHn2YnuzrMeiXlhtkgP/cxMwJ9INdvnNvLbS4D9UTpjq
pRFJfCr2/Vwu5VLmD2C+U0v+0DZ29mYaH0HBz8ZaIg61NQ/fKkdk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org