Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_LdnSAPz7Rd4xpQhXPzUtNV02PI.roa
File: _LdnSAPz7Rd4xpQhXPzUtNV02PI.roa (raw, json)
Hash identifier: pJkGZ3WME17sNKeCpwmeds2iOMH9iPj13suVfqjwJRE=
Subject key identifier: FC:B7:67:48:03:F3:ED:17:78:C6:94:21:5C:FC:D4:B4:D5:74:D8:F2
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D52EE4ABC4DBE3E90AC83703651F2
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_LdnSAPz7Rd4xpQhXPzUtNV02PI.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34295
IP address blocks: 46.10.217.0/24 maxlen: 24
62.176.118.0/24 maxlen: 24
87.126.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 14:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:52:ee:4a:bc:4d:be:3e:90:ac:83:70:36:51:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcb7674803f3ed1778c694215cfcd4b4d574d8f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3c:80:b0:bc:c0:a0:13:23:97:9d:1d:f8:8d:
3a:32:36:aa:93:c0:f3:3c:be:c2:06:e7:6a:0f:a9:
4e:c4:a1:3e:73:90:d0:52:03:eb:7a:c8:62:3d:62:
bf:bb:08:63:01:06:28:62:fa:c3:69:d6:9e:6d:45:
e3:28:0f:f0:9c:d2:e2:e2:72:c8:08:0f:c9:f0:6b:
05:f6:97:72:b1:5e:b6:db:cf:f4:fb:33:1e:e6:e5:
db:02:53:ac:4f:2f:0d:68:66:ec:7d:11:65:26:30:
83:e0:49:60:b3:a8:1e:de:3e:49:37:30:03:1e:e1:
d6:2f:e9:19:4e:0f:47:17:1e:70:60:d1:d1:9e:a6:
0f:a7:fe:c2:92:9a:9e:a8:62:6f:2f:46:81:62:06:
4f:9f:17:22:46:84:a6:58:eb:d5:d8:c9:0e:78:81:
d2:2c:76:59:58:b3:2c:56:51:be:01:31:5a:66:37:
b0:d2:41:b1:46:25:47:6d:54:03:5f:42:67:e2:f7:
73:80:52:d0:e1:2d:fc:e7:bd:d4:9c:06:72:b5:46:
44:18:6d:30:dd:7b:3f:ee:82:30:13:11:ea:8d:bd:
df:ea:3b:5d:9b:fe:bd:75:59:42:18:ef:23:0c:fe:
86:bf:fc:f2:15:9b:54:87:ed:c3:57:33:9a:44:a6:
61:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:B7:67:48:03:F3:ED:17:78:C6:94:21:5C:FC:D4:B4:D5:74:D8:F2
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_LdnSAPz7Rd4xpQhXPzUtNV02PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.10.217.0/24
62.176.118.0/24
87.126.120.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:89:e4:43:6e:63:e3:b9:ae:0f:49:f6:5f:69:57:f5:80:85:
d2:ca:e2:b0:56:1f:1c:34:e0:92:9a:83:91:f4:60:ea:72:5a:
af:29:c0:53:91:e6:a1:a8:b4:5c:31:b6:0a:45:5c:e1:5e:6b:
ed:99:a2:49:88:7e:25:e3:d8:50:a7:25:0a:f1:42:93:93:1c:
95:aa:8a:fd:24:00:7e:86:20:d9:cf:8b:b0:ef:83:87:ab:e6:
25:d5:d0:1a:ee:4a:6c:39:ac:b0:0f:e9:31:28:7d:52:73:25:
b7:bf:f6:9e:85:37:44:8b:91:1d:38:e0:9a:5c:1b:c6:a6:21:
42:48:30:f6:af:36:4f:4e:d6:10:2d:c6:d6:3d:4d:33:ab:8b:
61:5e:d2:a2:e7:b3:b0:05:aa:96:b1:7d:ad:8c:da:ab:a7:f3:
fb:ef:d9:7a:6f:ae:0f:f2:36:ac:4f:a0:a3:ac:4a:f7:83:d1:
07:eb:64:ab:91:7c:a6:c5:49:2e:07:76:6c:d5:c8:db:09:96:
15:93:6a:51:aa:e5:90:ac:15:31:26:56:c2:45:20:dd:f7:c5:
f2:4b:78:a6:56:5a:1b:45:a5:d3:0d:6b:d3:3f:c5:2d:2d:e7:
08:8c:98:6a:bf:ad:54:a1:ec:ff:7a:b7:51:33:59:47:bc:ab:
2d:f7:fd:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbVLuSrxNvj6QrINwNlHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2I3Njc0ODAzZjNlZDE3NzhjNjk0MjE1Y2ZjZDRiNGQ1NzRkOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTyAsLzAoBMjl50d+I06Mjaqk8Dz
PL7CBudqD6lOxKE+c5DQUgPreshiPWK/uwhjAQYoYvrDadaebUXjKA/wnNLi4nLI
CA/J8GsF9pdysV6228/0+zMe5uXbAlOsTy8NaGbsfRFlJjCD4Elgs6ge3j5JNzAD
HuHWL+kZTg9HFx5wYNHRnqYPp/7CkpqeqGJvL0aBYgZPnxciRoSmWOvV2MkOeIHS
LHZZWLMsVlG+ATFaZjew0kGxRiVHbVQDX0Jn4vdzgFLQ4S38573UnAZytUZEGG0w
3Xs/7oIwExHqjb3f6jtdm/69dVlCGO8jDP6Gv/zyFZtUh+3DVzOaRKZhuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPy3Z0gD8+0XeMaUIVz81LTVdNjyMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvX0xkblNBUHo3UmQ0eHBRaFhQelV0TlYwMlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALgrZAwQA
PrB2AwQCV354MA0GCSqGSIb3DQEBCwUAA4IBAQA8ieRDbmPjua4PSfZfaVf1gIXS
yuKwVh8cNOCSmoOR9GDqclqvKcBTkeahqLRcMbYKRVzhXmvtmaJJiH4l49hQpyUK
8UKTkxyVqor9JAB+hiDZz4uw74OHq+Yl1dAa7kpsOaywD+kxKH1ScyW3v/aehTdE
i5EdOOCaXBvGpiFCSDD2rzZPTtYQLcbWPU0zq4thXtKi57OwBaqWsX2tjNqrp/P7
79l6b64P8jasT6CjrEr3g9EH62SrkXymxUkuB3Zs1cjbCZYVk2pRquWQrBUxJlbC
RSDd98XyS3imVlobRaXTDWvTP8UtLecIjJhqv61Uoez/erdRM1lHvKst9/1a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:05 2024 by rpki-client on console-fra.rpki-client.org