Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/oI4pILbRPOF82vKYGORAIfZ2eFQ.roa
File: oI4pILbRPOF82vKYGORAIfZ2eFQ.roa (raw, json)
Hash identifier: /LHBkiqPB+aVC253FMtgHCJn7XfcP8W39zBIU09wbAA=
Subject key identifier: A0:8E:29:20:B6:D1:3C:E1:7C:DA:F2:98:18:E4:40:21:F6:76:78:54
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 0185A5D5193058CE5163D14E8EC9D572621B
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/oI4pILbRPOF82vKYGORAIfZ2eFQ.roa
Signing time: Thu 12 Jan 2023 11:54:44 +0000
ROA not before: Thu 12 Jan 2023 11:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 46.244.108.0/22 maxlen: 24
46.244.114.0/23 maxlen: 24
46.244.18.0/23 maxlen: 24
92.240.144.0/22 maxlen: 24
46.244.97.0/24 maxlen: 24
92.240.151.0/24 maxlen: 24
92.240.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Mar 2023 09:50:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:d5:19:30:58:ce:51:63:d1:4e:8e:c9:d5:72:62:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 12 11:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a08e2920b6d13ce17cdaf29818e44021f6767854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4d:14:c1:5b:b1:07:1c:ee:e0:26:94:a6:94:
93:bf:df:d8:3c:5c:98:b3:67:cb:60:ef:55:3e:6a:
c9:d4:d2:a9:66:a4:52:27:8f:00:bc:27:f0:65:c8:
fa:39:24:e1:7a:a4:11:b2:39:7a:0b:87:6f:98:f2:
69:d5:67:65:a8:96:6d:9d:b9:9e:2d:ab:08:05:ec:
24:34:ab:46:aa:da:c1:f6:49:80:32:9b:8f:4d:a7:
e5:a2:ea:e8:3a:89:c3:1b:13:3d:c0:b6:c4:7a:d6:
4b:85:87:ac:2f:d2:c2:ca:cd:ec:e5:30:59:0a:d9:
93:93:9f:49:5b:90:be:fa:b9:ab:11:47:c7:0a:a8:
0a:1e:26:af:90:7a:b9:11:0f:fe:b6:72:b4:15:55:
a1:37:2c:32:4c:72:13:f6:f9:e8:17:ad:3e:38:92:
b3:e0:2f:fe:4e:bb:09:91:06:a4:2b:65:71:0e:66:
8d:3b:68:bc:ce:69:f0:b0:6e:bc:6f:46:2e:18:76:
30:10:7f:3c:38:9f:0c:50:dc:e2:d2:f4:7e:0b:f8:
19:01:62:ca:54:ca:e8:f9:1e:87:43:eb:46:bf:46:
19:35:d7:31:d2:01:0b:4c:2d:08:18:6d:8b:63:c7:
41:d8:5c:b5:5b:20:6c:4d:33:b4:cb:92:19:ad:98:
d4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:8E:29:20:B6:D1:3C:E1:7C:DA:F2:98:18:E4:40:21:F6:76:78:54
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/oI4pILbRPOF82vKYGORAIfZ2eFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.18.0/23
46.244.97.0/24
46.244.108.0/22
46.244.114.0/23
92.240.144.0/22
92.240.149.0/24
92.240.151.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:bc:ee:df:bc:ea:23:9e:7e:fd:3c:ce:e0:e1:fa:9b:ce:eb:
ab:ab:62:5f:62:b8:2f:51:50:b3:3a:e1:63:5d:fc:06:66:d6:
33:69:da:99:fb:81:95:e9:e2:41:91:4a:02:c1:d6:64:f2:44:
11:9a:8e:b1:00:f7:32:6f:86:9a:dc:69:e8:76:c0:70:11:ac:
72:0b:12:0b:99:fb:11:03:46:db:ba:eb:fe:7c:97:e9:8a:5a:
82:e2:5d:e8:49:0e:37:bd:3b:7f:bb:7f:60:86:e9:d0:84:4e:
15:83:1e:96:6b:c8:f2:93:ac:fa:8c:a4:7d:3d:26:19:40:d3:
d8:a2:9a:03:21:47:3a:a3:10:a0:80:f6:65:70:e6:c9:2d:b4:
08:34:d3:b4:4f:38:2d:d6:c0:83:07:29:c4:8e:1d:fe:ab:05:
ff:e8:63:18:72:ee:61:41:ba:08:26:1d:70:c3:03:a3:eb:75:
b8:e7:05:97:4f:7d:5c:b1:d9:c1:e1:9e:92:17:fd:08:8f:28:
a5:4f:34:33:59:31:a5:74:95:88:7f:5b:b6:ef:b7:4b:d2:3b:
2e:51:dc:a1:92:42:70:d7:13:e1:57:fe:d0:43:9a:07:62:25:
6a:af:4b:a7:d8:52:36:88:31:ca:b5:74:70:71:01:7b:42:3d:
f5:40:92:36
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWl1RkwWM5RY9FOjsnVcmIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjMwMTEyMTE1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDhlMjkyMGI2ZDEzY2UxN2NkYWYyOTgxOGU0NDAyMWY2NzY3ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr00UwVuxBxzu4CaUppSTv9/YPFyY
s2fLYO9VPmrJ1NKpZqRSJ48AvCfwZcj6OSTheqQRsjl6C4dvmPJp1WdlqJZtnbme
LasIBewkNKtGqtrB9kmAMpuPTaflouroOonDGxM9wLbEetZLhYesL9LCys3s5TBZ
CtmTk59JW5C++rmrEUfHCqgKHiavkHq5EQ/+tnK0FVWhNywyTHIT9vnoF60+OJKz
4C/+TrsJkQakK2VxDmaNO2i8zmnwsG68b0YuGHYwEH88OJ8MUNzi0vR+C/gZAWLK
VMro+R6HQ+tGv0YZNdcx0gELTC0IGG2LY8dB2Fy1WyBsTTO0y5IZrZjUPQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKCOKSC20TzhfNrymBjkQCH2dnhUMB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvb0k0cElMYlJQT0Y4MnZLWUdPUkFJZloyZUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLvQSAwQA
LvRhAwQCLvRsAwQBLvRyAwQCXPCQAwQAXPCVAwQAXPCXMA0GCSqGSIb3DQEBCwUA
A4IBAQCavO7fvOojnn79PM7g4fqbzuurq2JfYrgvUVCzOuFjXfwGZtYzadqZ+4GV
6eJBkUoCwdZk8kQRmo6xAPcyb4aa3GnodsBwEaxyCxILmfsRA0bbuuv+fJfpilqC
4l3oSQ43vTt/u39ghunQhE4Vgx6Wa8jyk6z6jKR9PSYZQNPYopoDIUc6oxCggPZl
cObJLbQINNO0Tzgt1sCDBynEjh3+qwX/6GMYcu5hQboIJh1wwwOj63W45wWXT31c
sdnB4Z6SF/0IjyilTzQzWTGldJWIf1u277dL0jsuUdyhkkJw1xPhV/7QQ5oHYiVq
r0un2FI2iDHKtXRwcQF7Qj31QJI2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:04 2024 by rpki-client on console-ams.rpki-client.org