Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/DD5xZcETTEx8IUAYeJJu_9WiV5A.roa
File: DD5xZcETTEx8IUAYeJJu_9WiV5A.roa (raw, json)
Hash identifier: EaX5QLjTbMyHPkTKodY8V2bR5y69Hb9Csm15A9yrht0=
Subject key identifier: 0C:3E:71:65:C1:13:4C:4C:7C:21:40:18:78:92:6E:FF:D5:A2:57:90
Certificate issuer: /CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Certificate serial: 0189D593A41E851552464F4EB11531006C41
Authority key identifier: 0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/DD5xZcETTEx8IUAYeJJu_9WiV5A.roa
Signing time: Tue 08 Aug 2023 14:36:10 +0000
ROA not before: Tue 08 Aug 2023 14:36:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 85.158.142.0/24 maxlen: 24
85.158.143.0/24 maxlen: 24
195.245.231.0/24 maxlen: 24
195.245.230.0/24 maxlen: 24
193.109.255.0/24 maxlen: 24
46.226.52.0/23 maxlen: 23
193.109.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:93:a4:1e:85:15:52:46:4f:4e:b1:15:31:00:6c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Validity
Not Before: Aug 8 14:36:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c3e7165c1134c4c7c21401878926effd5a25790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c9:78:b5:6d:a2:a1:61:8b:b9:90:0c:47:d0:
b3:3b:b7:6a:77:98:5f:e7:01:dc:2f:8f:13:cd:63:
76:26:45:d4:6b:83:41:c5:81:3d:51:73:31:66:b9:
bc:db:b6:94:74:dd:fd:cd:11:7d:89:0c:45:56:94:
2d:83:f2:36:61:3f:bc:1d:b8:ea:4c:c0:07:cf:9c:
c1:e7:0e:d3:8b:5f:1b:47:b5:6b:cb:8d:55:5f:d8:
02:1c:b6:1a:74:a1:df:52:1c:c0:e3:02:6d:66:14:
c6:ac:17:ab:61:66:e9:b7:19:e1:08:48:48:4a:4d:
70:6a:36:db:24:62:37:e4:65:ec:68:36:72:46:34:
7d:89:80:d3:d3:e8:6b:b1:f8:28:ab:27:f3:46:1b:
62:f7:a2:c4:61:56:54:77:43:39:7e:8e:43:c3:89:
75:36:6b:ef:1b:f2:44:36:49:30:b1:67:85:2d:dd:
1c:7f:90:5b:9b:19:f0:9e:c7:62:da:8b:88:9f:97:
33:e7:0e:c6:b4:83:1f:e8:0b:27:16:ba:9c:f1:ff:
f0:9f:0b:ba:33:67:3c:63:c7:56:67:da:25:cc:7e:
fc:2d:81:52:77:7f:eb:51:06:fe:61:b4:b5:17:51:
a7:b5:28:37:5e:25:1d:94:08:92:1d:53:b0:76:2d:
3f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3E:71:65:C1:13:4C:4C:7C:21:40:18:78:92:6E:FF:D5:A2:57:90
X509v3 Authority Key Identifier:
keyid:0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/DD5xZcETTEx8IUAYeJJu_9WiV5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.52.0/23
85.158.142.0/23
193.109.254.0/23
195.245.230.0/23
Signature Algorithm: sha256WithRSAEncryption
77:4e:af:b7:66:18:1d:88:fe:1a:52:06:5a:db:8b:51:bb:24:
d5:11:99:33:17:3e:6e:37:54:65:c1:90:4a:ab:e0:fa:3a:39:
ab:61:0b:71:75:c8:7c:a9:cd:27:55:ca:fa:78:fe:83:df:39:
c6:ac:0c:b7:75:f8:e7:0a:29:a2:2a:32:14:bc:8a:09:c1:67:
81:0e:38:5d:a8:7e:18:27:f1:1d:14:bd:a9:5e:e7:15:0e:fc:
41:58:c4:51:0f:3e:cd:c9:fd:dd:0d:bb:e2:3d:b0:f4:cf:c8:
01:6c:29:9a:c6:b2:ae:6e:3b:11:cb:3d:bb:66:bb:67:21:6c:
04:6c:4a:53:e8:cc:50:aa:5a:13:c6:8b:0e:02:a3:ed:2f:c9:
82:98:50:c3:6c:f6:10:b3:ee:19:3c:65:db:d5:d2:3a:6d:7a:
3c:2c:f6:cf:06:58:55:81:e0:4b:97:14:84:5f:a5:fe:63:17:
c1:f7:36:86:bc:5d:02:92:f6:45:b6:4b:4b:e1:9c:3e:05:6c:
cf:25:fd:b0:e3:1c:08:25:80:8b:16:17:3e:70:6d:cc:f6:b1:
eb:88:3b:92:aa:8f:dc:fd:e2:1b:d7:ae:d5:fe:3f:5b:cc:cf:
3a:67:d3:79:cb:07:61:1a:58:c9:81:41:98:a8:57:ea:ab:fd:
7e:eb:a4:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnVk6QehRVSRk9OsRUxAGxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWM2ZDBkZTcwY2M1MTgwNWI2M2E1ZTIzMjc2MjI1MjVk
MDc1YjEwHhcNMjMwODA4MTQzNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNlNzE2NWMxMTM0YzRjN2MyMTQwMTg3ODkyNmVmZmQ1YTI1NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcl4tW2ioWGLuZAMR9CzO7dqd5hf
5wHcL48TzWN2JkXUa4NBxYE9UXMxZrm827aUdN39zRF9iQxFVpQtg/I2YT+8Hbjq
TMAHz5zB5w7Ti18bR7Vry41VX9gCHLYadKHfUhzA4wJtZhTGrBerYWbptxnhCEhI
Sk1wajbbJGI35GXsaDZyRjR9iYDT0+hrsfgoqyfzRhti96LEYVZUd0M5fo5Dw4l1
NmvvG/JENkkwsWeFLd0cf5Bbmxnwnsdi2ouIn5cz5w7GtIMf6AsnFrqc8f/wnwu6
M2c8Y8dWZ9olzH78LYFSd3/rUQb+YbS1F1GntSg3XiUdlAiSHVOwdi0/1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAw+cWXBE0xMfCFAGHiSbv/VoleQMB8GA1UdIwQY
MBaAFAscbQ3nDMUYBbY6XiMnYiUl0HWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAt
Zjc3NGYxZWFmYmZmLzEvREQ1eFpjRVRURXg4SVVBWWVKSnVfOVdpVjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAtZjc3NGYxZWFmYmZm
LzEvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLuI0AwQB
VZ6OAwQBwW3+AwQBw/XmMA0GCSqGSIb3DQEBCwUAA4IBAQB3Tq+3ZhgdiP4aUgZa
24tRuyTVEZkzFz5uN1RlwZBKq+D6OjmrYQtxdch8qc0nVcr6eP6D3znGrAy3dfjn
CimiKjIUvIoJwWeBDjhdqH4YJ/EdFL2pXucVDvxBWMRRDz7Nyf3dDbviPbD0z8gB
bCmaxrKubjsRyz27ZrtnIWwEbEpT6MxQqloTxosOAqPtL8mCmFDDbPYQs+4ZPGXb
1dI6bXo8LPbPBlhVgeBLlxSEX6X+YxfB9zaGvF0CkvZFtktL4Zw+BWzPJf2w4xwI
JYCLFhc+cG3M9rHriDuSqo/c/eIb167V/j9bzM86Z9N5ywdhGljJgUGYqFfqq/1+
66RR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org