Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/AqO5gQRySSGgRHPGXbeyKkhxdbM.roa
File: AqO5gQRySSGgRHPGXbeyKkhxdbM.roa (raw, json)
Hash identifier: LUc9YEhMoIseFM1LirUvauct/Cj3Tdiu5cEHdxfKGtQ=
Subject key identifier: 02:A3:B9:81:04:72:49:21:A0:44:73:C6:5D:B7:B2:2A:48:71:75:B3
Certificate issuer: /CN=c1233861207a230564ef36f11e0157344731e3f9
Certificate serial: 018896528B09103E505257EBA957F107157D
Authority key identifier: C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/AqO5gQRySSGgRHPGXbeyKkhxdbM.roa
Signing time: Wed 07 Jun 2023 14:46:11 +0000
ROA not before: Wed 07 Jun 2023 14:46:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 46.228.131.0/24 maxlen: 24
46.228.136.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Jun 2023 11:58:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:52:8b:09:10:3e:50:52:57:eb:a9:57:f1:07:15:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1233861207a230564ef36f11e0157344731e3f9
Validity
Not Before: Jun 7 14:46:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02a3b98104724921a04473c65db7b22a487175b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:d3:93:e0:b5:eb:e5:0c:ed:96:db:80:67:
46:c0:2a:ae:16:84:72:17:dc:2a:d9:d0:38:9d:87:
0b:d1:3a:36:78:54:bf:93:14:d2:c2:f9:1a:7b:ed:
64:18:b4:a3:de:ae:5a:93:4f:94:2f:8e:dd:dd:40:
a6:e6:29:ff:5e:56:ab:fe:88:df:60:33:e6:ea:72:
27:17:95:93:f9:11:c8:c5:3d:ac:aa:3e:f0:56:46:
06:a9:0c:e2:1f:41:fa:e5:9a:4e:8c:ad:83:d4:a8:
c0:fa:3c:e0:ec:f4:73:47:92:0c:83:39:ea:80:e3:
11:b6:4c:f4:74:73:f2:75:b7:73:c1:99:b8:56:79:
b1:68:d6:a6:da:42:a2:05:f8:31:2a:50:f7:70:d8:
55:62:67:32:9d:8b:49:f1:8c:a2:f2:a0:7a:0f:6e:
e7:ba:b4:d5:4e:3b:f5:b6:9d:c6:21:81:f1:b2:c0:
8a:65:c4:db:d5:ca:9a:4c:0d:91:a0:a3:a6:86:74:
c5:b5:9a:b6:ce:ee:0f:ae:95:a5:49:c9:68:68:1a:
2f:02:29:b1:36:05:29:44:9e:90:f0:cb:b4:62:96:
b6:17:69:be:9d:79:ce:2c:67:a4:b0:7b:4a:f9:ac:
4b:57:d4:2d:72:55:56:9b:21:41:66:17:87:c3:7f:
a5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A3:B9:81:04:72:49:21:A0:44:73:C6:5D:B7:B2:2A:48:71:75:B3
X509v3 Authority Key Identifier:
keyid:C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/AqO5gQRySSGgRHPGXbeyKkhxdbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/wSM4YSB6IwVk7zbxHgFXNEcx4_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.131.0/24
46.228.136.0/23
Signature Algorithm: sha256WithRSAEncryption
73:a2:89:3a:c7:76:23:fb:73:cf:91:07:25:07:ea:91:fb:15:
00:3a:d0:8a:5f:a9:cf:5b:15:ca:2b:90:1a:e9:ad:ee:bf:1b:
5e:1d:b9:0d:d4:a1:a8:ea:5e:4a:20:80:a4:e8:eb:e1:7b:fb:
d2:e2:7c:45:2b:cc:28:89:4f:cd:c5:d4:65:f8:33:6d:cd:08:
87:b6:ea:9a:13:e9:72:e0:6a:05:17:f4:6d:b3:b6:c5:cb:7f:
cd:49:e7:3d:4f:6a:51:69:46:24:10:33:f9:55:b3:30:d8:8b:
34:40:0c:4f:00:1a:ba:7b:57:d5:33:c2:46:14:6f:86:c9:6c:
b1:77:92:2c:f9:e2:30:98:fc:08:a3:f0:64:3b:07:df:cd:39:
82:61:df:9d:1d:48:a7:16:72:d4:89:1a:f1:86:9e:1b:65:d5:
92:9f:9c:1f:d5:ad:75:db:ae:82:1e:6e:84:86:c0:a5:da:15:
ac:c8:cc:db:f5:27:a3:e5:d6:1a:4f:05:6c:f0:5f:33:17:55:
73:df:a1:c9:6b:47:cd:38:53:9b:65:97:23:c8:31:c6:b3:82:
21:d4:a6:ce:f0:f5:b1:8f:39:88:45:95:de:c5:bf:21:86:d9:
3d:08:27:ce:e7:56:5b:f5:b3:9a:97:84:f2:fd:1a:22:bd:43:
7a:6d:6c:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiWUosJED5QUlfrqVfxBxV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMjMzODYxMjA3YTIzMDU2NGVmMzZmMTFlMDE1NzM0NDcz
MWUzZjkwHhcNMjMwNjA3MTQ0NjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmEzYjk4MTA0NzI0OTIxYTA0NDczYzY1ZGI3YjIyYTQ4NzE3NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnrTk+C16+UM7ZbbgGdGwCquFoRy
F9wq2dA4nYcL0To2eFS/kxTSwvkae+1kGLSj3q5ak0+UL47d3UCm5in/Xlar/ojf
YDPm6nInF5WT+RHIxT2sqj7wVkYGqQziH0H65ZpOjK2D1KjA+jzg7PRzR5IMgznq
gOMRtkz0dHPydbdzwZm4VnmxaNam2kKiBfgxKlD3cNhVYmcynYtJ8Yyi8qB6D27n
urTVTjv1tp3GIYHxssCKZcTb1cqaTA2RoKOmhnTFtZq2zu4PrpWlScloaBovAimx
NgUpRJ6Q8Mu0Ypa2F2m+nXnOLGeksHtK+axLV9QtclVWmyFBZheHw3+lCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAKjuYEEckkhoERzxl23sipIcXWzMB8GA1UdIwQY
MBaAFMEjOGEgeiMFZO828R4BVzRHMeP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTIt
MWM3YjJiOTFkMzA4LzEvQXFPNWdRUnlTU0dnUkhQR1hiZXlLa2h4ZGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTItMWM3YjJiOTFkMzA4
LzEvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALuSDAwQB
LuSIMA0GCSqGSIb3DQEBCwUAA4IBAQBzook6x3Yj+3PPkQclB+qR+xUAOtCKX6nP
WxXKK5Aa6a3uvxteHbkN1KGo6l5KIICk6Ovhe/vS4nxFK8woiU/NxdRl+DNtzQiH
tuqaE+ly4GoFF/Rts7bFy3/NSec9T2pRaUYkEDP5VbMw2Is0QAxPABq6e1fVM8JG
FG+GyWyxd5Is+eIwmPwIo/BkOwffzTmCYd+dHUinFnLUiRrxhp4bZdWSn5wf1a11
266CHm6EhsCl2hWsyMzb9Sej5dYaTwVs8F8zF1Vz36HJa0fNOFObZZcjyDHGs4Ih
1KbO8PWxjzmIRZXexb8hhtk9CCfO51Zb9bOal4Ty/RoivUN6bWyw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:08 2024 by rpki-client on console-fra.rpki-client.org