Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/s9Hat8wV5N_V60KLbpUAb1G7D4A.roa
File: s9Hat8wV5N_V60KLbpUAb1G7D4A.roa (raw, json)
Hash identifier: ITJTCIrJYdXXsmydIvCCn/OX/akmWLd3m19iR67ppJc=
Subject key identifier: B3:D1:DA:B7:CC:15:E4:DF:D5:EB:42:8B:6E:95:00:6F:51:BB:0F:80
Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Certificate serial: 01880056D4147E1D600AE58E3384EF36F7A6
Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/s9Hat8wV5N_V60KLbpUAb1G7D4A.roa
Signing time: Tue 09 May 2023 11:47:50 +0000
ROA not before: Tue 09 May 2023 11:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44430
IP address blocks: 46.16.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:00:56:d4:14:7e:1d:60:0a:e5:8e:33:84:ef:36:f7:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Validity
Not Before: May 9 11:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3d1dab7cc15e4dfd5eb428b6e95006f51bb0f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5e:35:5c:16:5a:ff:3d:ab:02:bb:b5:55:4a:
4e:ed:dd:d8:8b:d4:3a:b6:bc:b3:85:16:67:3b:b3:
0c:d4:23:0c:cb:98:48:1e:46:d5:99:7f:75:79:13:
a8:9a:45:9f:3e:ff:0c:0a:7b:e9:89:ca:d7:5a:19:
37:03:4f:68:5b:31:21:d3:20:b9:7f:8a:39:de:d5:
30:a9:c4:44:20:33:a8:22:73:b2:30:3e:ce:b1:54:
bd:3d:2b:6d:5c:ed:13:0e:a2:3a:17:f9:81:f8:b6:
32:f3:23:c5:8b:2c:22:f8:cc:7c:40:39:93:78:51:
b5:2b:29:b9:06:cf:1b:0f:c8:77:85:89:b5:27:b6:
d5:f9:d1:ef:1b:4d:9f:2e:d6:ad:22:91:b1:ad:06:
07:31:c2:39:85:b2:f9:d1:3d:e1:e8:a2:5d:c0:d1:
0d:7a:61:0b:b8:37:5e:df:cd:a0:9f:50:0f:4b:be:
64:8a:54:2d:f7:50:c1:ef:df:60:bb:cc:8c:5a:0c:
40:df:c1:f6:5c:5d:24:ee:4c:44:94:6d:4e:ac:62:
02:eb:6a:2f:6f:f5:16:a8:5d:94:e1:74:3a:f2:ed:
b2:ce:29:d0:4d:2c:6f:fc:67:a8:3d:89:02:23:74:
be:7f:0d:dc:b1:59:63:79:59:59:af:ad:fb:b4:d6:
28:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D1:DA:B7:CC:15:E4:DF:D5:EB:42:8B:6E:95:00:6F:51:BB:0F:80
X509v3 Authority Key Identifier:
keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/s9Hat8wV5N_V60KLbpUAb1G7D4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.120.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:00:68:ca:62:b1:97:08:17:16:8d:3a:94:45:cd:f6:1e:cb:
66:f9:29:59:e8:df:aa:72:cf:02:a5:58:47:44:fb:29:e4:6d:
02:91:1a:f6:ad:7e:c6:43:4a:43:36:b8:34:2d:96:e2:75:82:
1d:2d:a3:84:78:55:c6:fa:7e:3b:f0:96:fa:ea:43:d3:b3:40:
dd:e1:3e:5d:18:c2:df:95:c5:77:a1:54:ef:70:b1:0c:f0:cc:
26:2e:2e:2a:37:52:11:a9:4b:e8:d4:ee:13:9d:cf:8b:8e:9d:
21:c1:4d:ce:c4:06:18:07:d4:99:f9:51:89:e3:94:ba:84:89:
21:50:d4:2d:82:37:71:45:81:f7:06:84:71:3f:fc:af:9e:3f:
96:c9:96:e2:84:af:b4:db:f5:2b:07:38:e8:f6:82:c7:30:fa:
45:8b:86:82:43:64:69:5b:35:73:60:05:45:70:b5:23:c0:83:
35:46:c6:18:e1:2b:71:7c:62:87:21:f7:5c:c9:bc:73:b8:7d:
ae:b5:8e:cd:f6:6d:fe:bf:a1:17:44:72:49:55:dc:ee:db:2a:
96:c8:e4:e5:5d:0f:96:07:14:52:c7:fb:72:5b:2d:af:12:aa:
4b:2f:c7:ef:45:af:50:25:41:ef:82:07:ed:a9:8c:2d:af:28:
70:4a:dc:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgAVtQUfh1gCuWOM4TvNvemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm
MGRmYzYwHhcNMjMwNTA5MTE0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2QxZGFiN2NjMTVlNGRmZDVlYjQyOGI2ZTk1MDA2ZjUxYmIwZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F41XBZa/z2rAru1VUpO7d3Yi9Q6
tryzhRZnO7MM1CMMy5hIHkbVmX91eROomkWfPv8MCnvpicrXWhk3A09oWzEh0yC5
f4o53tUwqcREIDOoInOyMD7OsVS9PSttXO0TDqI6F/mB+LYy8yPFiywi+Mx8QDmT
eFG1Kym5Bs8bD8h3hYm1J7bV+dHvG02fLtatIpGxrQYHMcI5hbL50T3h6KJdwNEN
emELuDde382gn1APS75kilQt91DB799gu8yMWgxA38H2XF0k7kxElG1OrGIC62ov
b/UWqF2U4XQ68u2yzinQTSxv/GeoPYkCI3S+fw3csVljeVlZr637tNYogQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPR2rfMFeTf1etCi26VAG9Ruw+AMB8GA1UdIwQY
MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt
M2FlYmM5ZjgxN2NlLzEvczlIYXQ4d1Y1Tl9WNjBLTGJwVUFiMUc3RDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl
LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhB4MA0G
CSqGSIb3DQEBCwUAA4IBAQBaAGjKYrGXCBcWjTqURc32Hstm+SlZ6N+qcs8CpVhH
RPsp5G0CkRr2rX7GQ0pDNrg0LZbidYIdLaOEeFXG+n478Jb66kPTs0Dd4T5dGMLf
lcV3oVTvcLEM8MwmLi4qN1IRqUvo1O4Tnc+Ljp0hwU3OxAYYB9SZ+VGJ45S6hIkh
UNQtgjdxRYH3BoRxP/yvnj+WyZbihK+02/UrBzjo9oLHMPpFi4aCQ2RpWzVzYAVF
cLUjwIM1RsYY4StxfGKHIfdcybxzuH2utY7N9m3+v6EXRHJJVdzu2yqWyOTlXQ+W
BxRSx/tyWy2vEqpLL8fvRa9QJUHvggftqYwtryhwStz+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:23 2024 by rpki-client on console-fra.rpki-client.org