Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/18022c-2d9d-4380-a15b-96a601bb6ba8/1/JG3PD3kfTQIzNRY1LUbk0_lIn2k.roa
File: JG3PD3kfTQIzNRY1LUbk0_lIn2k.roa (raw, json)
Hash identifier: ck+UVeorBYXV5DEaGvxdwbfiaN1B6wrcg5RS8cOu/F0=
Subject key identifier: 24:6D:CF:0F:79:1F:4D:02:33:35:16:35:2D:46:E4:D3:F9:48:9F:69
Certificate issuer: /CN=8a8fa992bc0a61db2cbe786e1c59d360cce54486
Certificate serial: 018A2CCF5323EF0934CEC790A8321B1C9FEB
Authority key identifier: 8A:8F:A9:92:BC:0A:61:DB:2C:BE:78:6E:1C:59:D3:60:CC:E5:44:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/io-pkrwKYdssvnhuHFnTYMzlRIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/18022c-2d9d-4380-a15b-96a601bb6ba8/1/JG3PD3kfTQIzNRY1LUbk0_lIn2k.roa
Signing time: Fri 25 Aug 2023 13:08:19 +0000
ROA not before: Fri 25 Aug 2023 13:08:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50473
IP address blocks: 46.151.152.0/21 maxlen: 21
46.151.155.0/24 maxlen: 24
185.21.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 28 Aug 2023 08:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:cf:53:23:ef:09:34:ce:c7:90:a8:32:1b:1c:9f:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a8fa992bc0a61db2cbe786e1c59d360cce54486
Validity
Not Before: Aug 25 13:08:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=246dcf0f791f4d02333516352d46e4d3f9489f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e8:5f:3a:bf:27:06:bf:0d:22:a6:34:1c:3b:
10:d0:0b:34:38:c2:d8:a6:d9:ff:d3:59:94:49:d6:
f8:13:b7:28:1f:ab:5b:f6:b2:17:ff:64:56:07:39:
8e:bc:ba:11:3a:6c:0b:84:6a:9e:28:a5:43:9b:27:
19:47:a1:7f:b3:35:21:be:59:b4:8b:6b:21:91:7b:
4e:77:45:18:87:b0:2a:a8:c5:dc:26:42:5c:d4:00:
ae:10:87:4c:36:f0:95:b0:d1:69:23:66:72:0e:12:
25:1e:bd:1b:42:19:89:3d:b6:74:da:67:38:3b:9c:
54:ea:f7:26:68:06:b8:65:9e:d6:c0:fc:a1:94:b4:
ed:a4:86:9f:57:3e:03:ce:77:cc:c8:6a:e0:10:60:
b4:fe:8c:d3:6f:dc:55:fb:f1:9a:26:d6:d9:4a:16:
2c:85:ed:b6:62:0f:c5:89:b4:08:ab:90:0d:71:3a:
90:d0:b7:28:d8:1d:fd:5d:48:89:01:ff:52:dd:6e:
21:58:d5:5f:2b:d5:c7:b1:ab:a8:ac:69:2e:ea:4c:
14:c1:5e:d8:29:17:3e:98:3b:62:06:17:9b:bf:30:
1c:14:5f:37:fa:c0:da:50:1a:33:f0:5f:53:5e:57:
01:84:6a:63:b1:06:0b:dd:60:71:2e:f6:37:cf:a2:
27:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6D:CF:0F:79:1F:4D:02:33:35:16:35:2D:46:E4:D3:F9:48:9F:69
X509v3 Authority Key Identifier:
keyid:8A:8F:A9:92:BC:0A:61:DB:2C:BE:78:6E:1C:59:D3:60:CC:E5:44:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/io-pkrwKYdssvnhuHFnTYMzlRIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/18022c-2d9d-4380-a15b-96a601bb6ba8/1/JG3PD3kfTQIzNRY1LUbk0_lIn2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/18022c-2d9d-4380-a15b-96a601bb6ba8/1/io-pkrwKYdssvnhuHFnTYMzlRIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.152.0/21
185.21.156.0/22
Signature Algorithm: sha256WithRSAEncryption
39:e2:73:56:fb:12:d0:5a:53:f7:ff:a7:6c:b3:04:81:b4:d3:
16:32:25:0a:0a:34:60:a0:a8:d0:48:16:c3:01:f6:9a:be:c0:
20:ec:f5:93:fc:c4:7c:ea:1a:70:69:f6:65:ff:a0:1f:a3:be:
64:db:9e:ce:c2:e8:1f:bc:80:7b:34:14:78:a4:d8:b4:b6:45:
22:b4:bf:e9:43:8a:56:cf:68:c6:ac:91:4b:59:54:5b:b0:20:
d5:96:f7:57:63:4a:40:ec:fd:d6:a2:d6:c5:e1:5c:00:1d:88:
27:23:99:a1:18:ba:7d:b1:22:9f:b0:15:ee:79:d7:5b:ab:cf:
98:39:18:0a:c4:d5:46:1f:ac:05:f3:bf:52:63:15:43:f6:4e:
ee:e4:9a:b4:cb:ec:b2:34:3b:3c:45:19:05:45:24:2a:10:da:
72:9a:47:ba:df:8d:79:67:b4:01:60:bf:99:2e:f2:cb:7d:a9:
b7:38:00:8a:04:73:c1:0e:ca:37:d8:4c:f5:48:8b:95:a2:fc:
a3:8a:e2:a7:27:6a:4f:67:c0:c8:c0:92:58:80:03:f7:31:6c:
26:ec:46:68:0f:69:a6:e7:30:b8:58:e1:da:d0:92:79:6f:21:
3d:b7:c3:ce:3f:84:7c:73:28:ff:62:27:b9:d3:89:f5:2f:1e:
38:0a:68:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYosz1Mj7wk0zseQqDIbHJ/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhOGZhOTkyYmMwYTYxZGIyY2JlNzg2ZTFjNTlkMzYwY2Nl
NTQ0ODYwHhcNMjMwODI1MTMwODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZkY2YwZjc5MWY0ZDAyMzMzNTE2MzUyZDQ2ZTRkM2Y5NDg5ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqehfOr8nBr8NIqY0HDsQ0As0OMLY
ptn/01mUSdb4E7coH6tb9rIX/2RWBzmOvLoROmwLhGqeKKVDmycZR6F/szUhvlm0
i2shkXtOd0UYh7AqqMXcJkJc1ACuEIdMNvCVsNFpI2ZyDhIlHr0bQhmJPbZ02mc4
O5xU6vcmaAa4ZZ7WwPyhlLTtpIafVz4DznfMyGrgEGC0/ozTb9xV+/GaJtbZShYs
he22Yg/FibQIq5ANcTqQ0Lco2B39XUiJAf9S3W4hWNVfK9XHsauorGku6kwUwV7Y
KRc+mDtiBhebvzAcFF83+sDaUBoz8F9TXlcBhGpjsQYL3WBxLvY3z6InzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCRtzw95H00CMzUWNS1G5NP5SJ9pMB8GA1UdIwQY
MBaAFIqPqZK8CmHbLL54bhxZ02DM5USGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW8tcGtyd0tZZHNzdm5odUhGblRZTXpsUklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8xODAyMmMtMmQ5ZC00MzgwLWExNWIt
OTZhNjAxYmI2YmE4LzEvSkczUEQza2ZUUUl6TlJZMUxVYmswX2xJbjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8xODAyMmMtMmQ5ZC00MzgwLWExNWItOTZhNjAxYmI2YmE4
LzEvaW8tcGtyd0tZZHNzdm5odUhGblRZTXpsUklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLpeYAwQC
uRWcMA0GCSqGSIb3DQEBCwUAA4IBAQA54nNW+xLQWlP3/6dsswSBtNMWMiUKCjRg
oKjQSBbDAfaavsAg7PWT/MR86hpwafZl/6Afo75k257OwugfvIB7NBR4pNi0tkUi
tL/pQ4pWz2jGrJFLWVRbsCDVlvdXY0pA7P3WotbF4VwAHYgnI5mhGLp9sSKfsBXu
eddbq8+YORgKxNVGH6wF879SYxVD9k7u5Jq0y+yyNDs8RRkFRSQqENpymke63415
Z7QBYL+ZLvLLfam3OACKBHPBDso32Ez1SIuVovyjiuKnJ2pPZ8DIwJJYgAP3MWwm
7EZoD2mm5zC4WOHa0JJ5byE9t8POP4R8cyj/Yie504n1Lx44CmhC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:04 2024 by rpki-client on console-fra.rpki-client.org