Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RkG0tWuRVmP-vX_KyptApzxTKuY.roa
File: RkG0tWuRVmP-vX_KyptApzxTKuY.roa (raw, json)
Hash identifier: H4YOeg+r+LtizkhIxSy5TaUsxVKjGiERnGCjURKynnM=
Subject key identifier: 46:41:B4:B5:6B:91:56:63:FE:BD:7F:CA:CA:9B:40:A7:3C:53:2A:E6
Certificate issuer: /CN=4540daa4c245a4725f38041402b6bffded15ea78
Certificate serial: 0189F6001630E5F5D22BC44E42C250806C62
Authority key identifier: 45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RkG0tWuRVmP-vX_KyptApzxTKuY.roa
Signing time: Mon 14 Aug 2023 21:42:28 +0000
ROA not before: Mon 14 Aug 2023 21:42:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201746
IP address blocks: 217.61.224.0/22 maxlen: 24
185.49.168.0/22 maxlen: 24
2a01:9f20::/37 maxlen: 37
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f6:00:16:30:e5:f5:d2:2b:c4:4e:42:c2:50:80:6c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4540daa4c245a4725f38041402b6bffded15ea78
Validity
Not Before: Aug 14 21:42:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4641b4b56b915663febd7fcaca9b40a73c532ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d4:cb:8e:1e:2a:35:99:6c:e5:a7:3a:99:6a:
fe:88:3e:90:21:81:94:41:0b:89:87:e8:a7:2f:b3:
b5:8f:22:78:33:46:a3:74:f1:6d:73:c4:0f:c0:20:
1b:73:c2:49:3e:4b:92:45:95:21:e1:cd:ab:31:35:
c1:e5:0e:45:48:13:db:c6:ea:8a:cb:84:ef:67:e1:
70:79:41:6b:59:86:65:3a:17:44:bf:16:6e:f2:41:
81:48:58:96:97:ad:f3:ea:f1:c5:a5:e3:82:dc:24:
96:95:7f:e5:43:50:5a:37:36:39:dd:38:09:51:35:
91:03:6b:e8:ff:52:e2:1f:81:ec:53:06:4f:b9:b5:
47:f6:d5:6e:45:c4:65:60:fd:05:4c:56:ab:83:4a:
35:9f:23:ef:1a:fd:5a:a6:c1:d4:ad:56:64:83:1c:
94:32:d8:f5:8a:25:6d:c5:4c:ed:12:f8:20:0a:5b:
5b:e7:e0:fd:00:d3:db:43:d6:40:21:57:f3:33:5a:
4e:5b:35:3d:64:ea:5b:8b:eb:c9:e4:5c:27:0e:12:
41:7c:d8:44:2b:1a:26:10:27:7f:89:8a:bd:f5:27:
5c:23:9e:99:48:50:f5:46:c1:6e:3f:a8:ee:da:c7:
6d:36:b9:96:c2:b6:05:9b:1a:01:0b:60:d5:a6:0e:
5a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:41:B4:B5:6B:91:56:63:FE:BD:7F:CA:CA:9B:40:A7:3C:53:2A:E6
X509v3 Authority Key Identifier:
keyid:45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RkG0tWuRVmP-vX_KyptApzxTKuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.168.0/22
217.61.224.0/22
IPv6:
2a01:9f20::/37
Signature Algorithm: sha256WithRSAEncryption
2b:bb:e8:19:03:55:64:c8:b4:2a:70:d3:f2:5e:dc:ad:b2:3d:
da:ff:81:7e:a0:af:85:e0:75:8b:44:69:e1:b0:02:3c:cd:9c:
79:a2:eb:a0:88:7d:25:61:9b:da:91:b3:ad:5f:8f:c4:5f:1a:
46:1b:9a:ab:83:83:a3:c8:59:6f:46:4f:8d:5b:61:df:ec:6c:
e0:9e:96:ae:52:05:a7:35:bd:a2:bc:dc:d3:53:e1:5d:b9:96:
72:e5:e3:23:ad:75:dd:ee:62:f9:ba:ce:0e:fa:ef:a4:7c:17:
6c:0a:1f:25:c1:c1:1c:12:e2:71:04:32:b3:34:b4:82:a0:74:
e7:b9:bf:5a:93:ac:40:3b:76:19:03:9e:24:55:20:e7:d7:b0:
a8:12:31:c7:14:24:f5:ab:c0:68:c8:3c:47:ce:d9:f6:9b:53:
2e:19:f9:dd:8a:72:d2:27:aa:67:2b:26:ee:91:e0:c4:46:6d:
cb:1e:3c:48:22:f0:cb:84:ce:a1:ec:b4:36:7f:d4:fc:64:ee:
0f:16:81:e5:f5:c4:9b:98:23:72:75:e6:2c:7e:8a:d5:d7:11:
90:53:e0:b8:1a:b3:2f:8f:cc:5b:f2:bf:09:e9:6d:58:97:ed:
7d:65:2e:49:2c:a2:af:54:3b:63:3b:78:a0:6d:92:7b:bf:0b:
9d:ca:9f:3f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYn2ABYw5fXSK8ROQsJQgGxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDBkYWE0YzI0NWE0NzI1ZjM4MDQxNDAyYjZiZmZkZWQx
NWVhNzgwHhcNMjMwODE0MjE0MjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjQxYjRiNTZiOTE1NjYzZmViZDdmY2FjYTliNDBhNzNjNTMyYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9TLjh4qNZls5ac6mWr+iD6QIYGU
QQuJh+inL7O1jyJ4M0ajdPFtc8QPwCAbc8JJPkuSRZUh4c2rMTXB5Q5FSBPbxuqK
y4TvZ+FweUFrWYZlOhdEvxZu8kGBSFiWl63z6vHFpeOC3CSWlX/lQ1BaNzY53TgJ
UTWRA2vo/1LiH4HsUwZPubVH9tVuRcRlYP0FTFarg0o1nyPvGv1apsHUrVZkgxyU
Mtj1iiVtxUztEvggCltb5+D9ANPbQ9ZAIVfzM1pOWzU9ZOpbi+vJ5FwnDhJBfNhE
KxomECd/iYq99SdcI56ZSFD1RsFuP6ju2sdtNrmWwrYFmxoBC2DVpg5adQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEZBtLVrkVZj/r1/ysqbQKc8UyrmMB8GA1UdIwQY
MBaAFEVA2qTCRaRyXzgEFAK2v/3tFep4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2Et
ZDI1YWFhODA0MTQ1LzEvUmtHMHRXdVJWbVAtdlhfS3lwdEFwenhUS3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2EtZDI1YWFhODA0MTQ1
LzEvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuTGoAwQC
2T3gMA4EAgACMAgDBgMqAZ8gADANBgkqhkiG9w0BAQsFAAOCAQEAK7voGQNVZMi0
KnDT8l7crbI92v+BfqCvheB1i0Rp4bACPM2ceaLroIh9JWGb2pGzrV+PxF8aRhua
q4ODo8hZb0ZPjVth3+xs4J6WrlIFpzW9orzc01PhXbmWcuXjI6113e5i+brODvrv
pHwXbAofJcHBHBLicQQyszS0gqB057m/WpOsQDt2GQOeJFUg59ewqBIxxxQk9avA
aMg8R87Z9ptTLhn53Ypy0ieqZysm7pHgxEZtyx48SCLwy4TOoey0Nn/U/GTuDxaB
5fXEm5gjcnXmLH6K1dcRkFPguBqzL4/MW/K/CeltWJftfWUuSSyir1Q7Yzt4oG2S
e78LncqfPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:21 2024 by rpki-client on console-ams.rpki-client.org