Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6c0563-6a1c-4432-a58d-3b64cc336c79/1/NwWlUlmbd0UL0WFT1SnvopRr3rM.roa
File: NwWlUlmbd0UL0WFT1SnvopRr3rM.roa (raw, json)
Hash identifier: yZTx7SzpgChXw7iNfxNn1ZPEgNTWN4ECgURJdY1GxTg=
Subject key identifier: 37:05:A5:52:59:9B:77:45:0B:D1:61:53:D5:29:EF:A2:94:6B:DE:B3
Certificate issuer: /CN=e0a00292c2a1062bb32980a3c443fff383a41002
Certificate serial: 0185ED4F94119970E458E7510D64004958D8
Authority key identifier: E0:A0:02:92:C2:A1:06:2B:B3:29:80:A3:C4:43:FF:F3:83:A4:10:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4KACksKhBiuzKYCjxEP_84OkEAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/6c0563-6a1c-4432-a58d-3b64cc336c79/1/NwWlUlmbd0UL0WFT1SnvopRr3rM.roa
Signing time: Thu 26 Jan 2023 09:01:33 +0000
ROA not before: Thu 26 Jan 2023 09:01:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34047
IP address blocks: 91.211.172.0/22 maxlen: 22
46.151.40.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:4f:94:11:99:70:e4:58:e7:51:0d:64:00:49:58:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0a00292c2a1062bb32980a3c443fff383a41002
Validity
Not Before: Jan 26 09:01:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3705a552599b77450bd16153d529efa2946bdeb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:06:6d:47:52:d6:fa:ca:64:28:bd:89:cf:39:
8e:f1:b0:3c:a3:4f:33:f4:b0:64:83:e0:c6:27:64:
40:94:37:78:f9:36:b2:8d:36:56:75:62:4f:4f:bf:
c0:03:7a:77:3b:8f:a0:2c:f0:87:8a:ea:aa:ba:74:
fe:82:a4:bd:1f:8c:f7:ad:18:47:e3:c8:72:53:d5:
8c:9b:c0:1a:bf:3e:5c:9b:21:cd:a5:93:d4:64:cc:
c6:39:07:bd:75:b3:75:87:3d:34:84:ed:28:40:c1:
e7:09:86:91:87:c3:08:5d:27:b6:d4:b3:f9:af:1d:
be:09:de:d2:e9:9f:d1:f8:aa:3b:eb:2f:c8:13:fb:
e0:bd:a6:9a:2d:37:ad:e9:d9:a5:40:2d:b9:58:e5:
fd:a6:c3:04:3a:b7:b7:84:2c:d3:e8:b7:49:25:df:
7c:aa:92:8f:2d:17:f7:3a:c0:ae:dd:e4:48:37:f7:
72:d4:75:65:cd:5c:2b:08:88:1b:ce:ea:a2:f1:b3:
c1:be:c0:5f:4d:18:b3:26:b7:a1:87:9e:3e:49:6a:
30:dd:5a:ff:fa:d9:bb:06:42:03:76:65:2d:37:79:
bb:bc:26:9f:3b:15:5c:02:d3:43:b3:db:79:22:42:
c6:2a:fe:0f:6e:ef:96:8c:27:af:53:d3:e0:1f:03:
c3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:05:A5:52:59:9B:77:45:0B:D1:61:53:D5:29:EF:A2:94:6B:DE:B3
X509v3 Authority Key Identifier:
keyid:E0:A0:02:92:C2:A1:06:2B:B3:29:80:A3:C4:43:FF:F3:83:A4:10:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KACksKhBiuzKYCjxEP_84OkEAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6c0563-6a1c-4432-a58d-3b64cc336c79/1/NwWlUlmbd0UL0WFT1SnvopRr3rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6c0563-6a1c-4432-a58d-3b64cc336c79/1/4KACksKhBiuzKYCjxEP_84OkEAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.40.0/21
91.211.172.0/22
Signature Algorithm: sha256WithRSAEncryption
81:97:69:b2:82:2d:95:c8:57:6d:3c:e1:c6:f7:9b:ee:67:e4:
a4:81:ae:75:ec:7b:40:12:af:2c:af:50:7c:e8:11:bf:72:12:
80:76:e2:08:27:bc:7b:75:06:fc:c4:1b:60:8a:66:81:95:c3:
05:e6:80:40:3c:18:f1:80:6b:31:29:bc:e1:f8:0b:50:2e:42:
84:dc:ac:23:2e:7a:5d:9a:94:7d:57:78:21:84:da:5d:0a:1f:
2c:bb:19:a6:b2:94:09:99:13:3b:5e:be:05:d1:49:b1:33:a7:
3c:7d:12:32:4d:15:29:4d:7b:35:3d:3d:8a:3d:d4:25:05:53:
de:54:24:dd:59:ed:0e:74:8b:71:43:b2:c6:6a:37:98:14:8f:
51:62:7e:ef:c5:86:a8:b9:cc:1e:ff:82:a5:fa:90:be:9e:8a:
14:24:71:09:51:95:26:a5:21:13:8e:52:22:92:ed:14:ea:8d:
4b:32:d6:e5:1a:54:52:0a:da:ee:2d:54:8f:c4:93:0b:f3:c5:
17:73:69:74:8b:be:75:5f:47:ae:25:6c:bd:ca:b7:1b:9c:79:
c9:a5:95:9c:7c:f6:cc:9c:76:aa:f0:de:6d:39:df:75:54:40:
97:09:a7:db:53:5b:18:ad:fa:3b:2a:a6:1a:81:f0:b0:70:d5:
84:8d:d6:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXtT5QRmXDkWOdRDWQASVjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTAwMjkyYzJhMTA2MmJiMzI5ODBhM2M0NDNmZmYzODNh
NDEwMDIwHhcNMjMwMTI2MDkwMTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzA1YTU1MjU5OWI3NzQ1MGJkMTYxNTNkNTI5ZWZhMjk0NmJkZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwZtR1LW+spkKL2JzzmO8bA8o08z
9LBkg+DGJ2RAlDd4+TayjTZWdWJPT7/AA3p3O4+gLPCHiuqqunT+gqS9H4z3rRhH
48hyU9WMm8Aavz5cmyHNpZPUZMzGOQe9dbN1hz00hO0oQMHnCYaRh8MIXSe21LP5
rx2+Cd7S6Z/R+Ko76y/IE/vgvaaaLTet6dmlQC25WOX9psMEOre3hCzT6LdJJd98
qpKPLRf3OsCu3eRIN/dy1HVlzVwrCIgbzuqi8bPBvsBfTRizJrehh54+SWow3Vr/
+tm7BkIDdmUtN3m7vCafOxVcAtNDs9t5IkLGKv4Pbu+WjCevU9PgHwPD3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDcFpVJZm3dFC9FhU9Up76KUa96zMB8GA1UdIwQY
MBaAFOCgApLCoQYrsymAo8RD//ODpBACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtBQ2tzS2hCaXV6S1lDanhFUF84NE9rRUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82YzA1NjMtNmExYy00NDMyLWE1OGQt
M2I2NGNjMzM2Yzc5LzEvTndXbFVsbWJkMFVMMFdGVDFTbnZvcFJyM3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82YzA1NjMtNmExYy00NDMyLWE1OGQtM2I2NGNjMzM2Yzc5
LzEvNEtBQ2tzS2hCaXV6S1lDanhFUF84NE9rRUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLpcoAwQC
W9OsMA0GCSqGSIb3DQEBCwUAA4IBAQCBl2mygi2VyFdtPOHG95vuZ+Skga517HtA
Eq8sr1B86BG/chKAduIIJ7x7dQb8xBtgimaBlcMF5oBAPBjxgGsxKbzh+AtQLkKE
3KwjLnpdmpR9V3ghhNpdCh8suxmmspQJmRM7Xr4F0UmxM6c8fRIyTRUpTXs1PT2K
PdQlBVPeVCTdWe0OdItxQ7LGajeYFI9RYn7vxYaoucwe/4Kl+pC+nooUJHEJUZUm
pSETjlIiku0U6o1LMtblGlRSCtruLVSPxJML88UXc2l0i751X0euJWy9yrcbnHnJ
pZWcfPbMnHaq8N5tOd91VECXCafbU1sYrfo7KqYagfCwcNWEjdZH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org