Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/p1Ds6e9so1mSWzaA7RB92Mxpojg.roa
File: p1Ds6e9so1mSWzaA7RB92Mxpojg.roa (raw, json)
Hash identifier: fSKFSMWstxpNbmUfWhqtaIpeOs6pkDGIbYhgmiPA+xk=
Subject key identifier: A7:50:EC:E9:EF:6C:A3:59:92:5B:36:80:ED:10:7D:D8:CC:69:A2:38
Certificate issuer: /CN=b57ab718b4acb3a679c5db8fcee7294ed6be2bd0
Certificate serial: 018A5F2B8E3CB30DD2D82E3F633301AD0274
Authority key identifier: B5:7A:B7:18:B4:AC:B3:A6:79:C5:DB:8F:CE:E7:29:4E:D6:BE:2B:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tXq3GLSss6Z5xduPzucpTta-K9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/p1Ds6e9so1mSWzaA7RB92Mxpojg.roa
Signing time: Mon 04 Sep 2023 07:50:04 +0000
ROA not before: Mon 04 Sep 2023 07:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43853
IP address blocks: 131.117.176.0/21 maxlen: 21
185.183.56.0/22 maxlen: 22
46.22.112.0/20 maxlen: 20
2a0b:680::/29 maxlen: 29
2a02:2a48::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:2b:8e:3c:b3:0d:d2:d8:2e:3f:63:33:01:ad:02:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b57ab718b4acb3a679c5db8fcee7294ed6be2bd0
Validity
Not Before: Sep 4 07:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a750ece9ef6ca359925b3680ed107dd8cc69a238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b0:3a:2d:ea:4a:42:19:31:e4:99:ea:b5:51:
3c:9d:ff:15:59:c7:2c:87:64:63:cf:69:c9:ce:33:
d6:88:b0:13:51:13:e6:33:24:c7:f7:47:33:26:0c:
ff:75:e6:30:99:a6:99:b5:90:0d:1d:93:f9:24:de:
e9:30:c2:c3:cb:ed:d8:3d:97:8c:39:33:47:1c:60:
be:2d:f7:9b:05:9e:d8:85:73:53:a2:78:ca:92:35:
02:30:a5:46:44:5b:73:29:9d:1b:74:c9:f9:8f:92:
dc:55:48:7f:24:20:ba:f6:bd:99:ad:aa:f0:9c:4a:
67:09:66:fb:95:5b:79:26:66:36:fe:54:e8:41:d6:
91:c5:15:d3:95:43:67:5b:68:b3:c2:b3:b4:0f:85:
05:96:a2:11:4f:c8:88:90:9f:1f:06:31:a6:16:b8:
7a:26:99:2e:a1:f1:8d:74:56:69:70:32:86:02:ba:
f7:51:29:df:38:1b:b2:f5:ff:57:1f:82:0e:0c:d7:
58:14:36:c6:04:48:e7:af:de:5a:73:71:93:46:2e:
c4:da:f8:67:d5:58:27:bc:47:fb:28:41:93:31:26:
a5:08:b9:da:fd:a5:d4:a8:93:fb:26:25:e2:f5:f4:
0b:10:95:69:bf:e1:92:09:4f:62:d0:4d:2d:69:97:
40:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:50:EC:E9:EF:6C:A3:59:92:5B:36:80:ED:10:7D:D8:CC:69:A2:38
X509v3 Authority Key Identifier:
keyid:B5:7A:B7:18:B4:AC:B3:A6:79:C5:DB:8F:CE:E7:29:4E:D6:BE:2B:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tXq3GLSss6Z5xduPzucpTta-K9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/p1Ds6e9so1mSWzaA7RB92Mxpojg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/tXq3GLSss6Z5xduPzucpTta-K9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.112.0/20
131.117.176.0/21
185.183.56.0/22
IPv6:
2a02:2a48::/32
2a0b:680::/29
Signature Algorithm: sha256WithRSAEncryption
3b:29:09:f5:f6:70:3b:a6:3a:ba:00:33:e0:d8:6d:30:d7:f9:
8a:84:8c:1f:ae:2a:8e:87:4d:11:e5:af:95:02:b9:6b:bc:65:
37:ba:50:24:20:cc:b4:0e:7a:05:ef:91:99:09:cd:15:aa:fc:
ed:41:d8:77:29:7d:85:70:74:6a:f2:25:0c:30:87:4d:91:8d:
b7:50:4e:c6:1e:00:37:ff:b2:0f:f7:a0:28:78:a5:a5:36:3e:
d7:00:05:d5:25:fc:38:c6:fc:d1:b1:f9:06:aa:c6:1a:72:ea:
5b:c6:28:04:a8:62:ef:65:49:04:8b:2f:f5:a7:b5:6c:8d:82:
50:8c:74:71:af:8a:90:e8:90:e0:d3:c5:27:b0:5a:2e:10:f9:
82:19:13:c7:35:a8:41:8e:62:56:48:f3:78:88:dc:9d:81:44:
14:67:b1:77:0d:7d:ab:de:29:a3:27:a5:62:87:bc:0c:7d:34:
45:6a:a8:7b:33:b9:0b:4c:e3:32:cd:2e:f9:1b:2d:45:13:a7:
75:a7:39:8a:9b:13:f1:dc:db:e6:eb:d7:69:d7:51:08:e8:c4:
8a:95:ab:df:75:4b:58:0c:91:ab:4f:35:c6:eb:27:d5:df:e6:
b3:03:70:73:31:ef:ee:e5:3d:4f:de:26:f1:8e:d0:cb:d9:16:
db:78:20:a5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYpfK448sw3S2C4/YzMBrQJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1N2FiNzE4YjRhY2IzYTY3OWM1ZGI4ZmNlZTcyOTRlZDZi
ZTJiZDAwHhcNMjMwOTA0MDc1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzUwZWNlOWVmNmNhMzU5OTI1YjM2ODBlZDEwN2RkOGNjNjlhMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobA6LepKQhkx5JnqtVE8nf8VWccs
h2Rjz2nJzjPWiLATURPmMyTH90czJgz/deYwmaaZtZANHZP5JN7pMMLDy+3YPZeM
OTNHHGC+LfebBZ7YhXNTonjKkjUCMKVGRFtzKZ0bdMn5j5LcVUh/JCC69r2Zrarw
nEpnCWb7lVt5JmY2/lToQdaRxRXTlUNnW2izwrO0D4UFlqIRT8iIkJ8fBjGmFrh6
JpkuofGNdFZpcDKGArr3USnfOBuy9f9XH4IODNdYFDbGBEjnr95ac3GTRi7E2vhn
1VgnvEf7KEGTMSalCLna/aXUqJP7JiXi9fQLEJVpv+GSCU9i0E0taZdAMwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKdQ7OnvbKNZkls2gO0QfdjMaaI4MB8GA1UdIwQY
MBaAFLV6txi0rLOmecXbj87nKU7WvivQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFhxM0dMU3NzNlo1eGR1UHp1Y3BUdGEtSzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9iYTFiZTMtNzk2ZS00NWM4LThiNzYt
YzcwMGVhMDNjMjI3LzEvcDFEczZlOXNvMW1TV3phQTdSQjkyTXhwb2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9iYTFiZTMtNzk2ZS00NWM4LThiNzYtYzcwMGVhMDNjMjI3
LzEvdFhxM0dMU3NzNlo1eGR1UHp1Y3BUdGEtSzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQELhZwAwQD
g3WwAwQCubc4MBQEAgACMA4DBQAqAipIAwUDKgsGgDANBgkqhkiG9w0BAQsFAAOC
AQEAOykJ9fZwO6Y6ugAz4NhtMNf5ioSMH64qjodNEeWvlQK5a7xlN7pQJCDMtA56
Be+RmQnNFar87UHYdyl9hXB0avIlDDCHTZGNt1BOxh4AN/+yD/egKHilpTY+1wAF
1SX8OMb80bH5BqrGGnLqW8YoBKhi72VJBIsv9ae1bI2CUIx0ca+KkOiQ4NPFJ7Ba
LhD5ghkTxzWoQY5iVkjzeIjcnYFEFGexdw19q94poyelYoe8DH00RWqoezO5C0zj
Ms0u+RstRROndac5ipsT8dzb5uvXaddRCOjEipWr33VLWAyRq081xusn1d/mswNw
czHv7uU9T94m8Y7Qy9kW23ggpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:38 2024 by rpki-client on console-ams.rpki-client.org