Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hE7JtnasZ96LdOEjgtemGx4WpIg.roa
File: hE7JtnasZ96LdOEjgtemGx4WpIg.roa (raw, json)
Hash identifier: Sd62klWdAIpT0mztqob6epHL7bQIs4lr8JmWz4q0tno=
Subject key identifier: 84:4E:C9:B6:76:AC:67:DE:8B:74:E1:23:82:D7:A6:1B:1E:16:A4:88
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018D45BF464E64B1FE3615AFE22D6D18B346
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hE7JtnasZ96LdOEjgtemGx4WpIg.roa
Signing time: Fri 26 Jan 2024 12:29:39 +0000
ROA not before: Fri 26 Jan 2024 12:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42849
IP address blocks: 46.19.201.0/24 maxlen: 24
80.81.61.0/24 maxlen: 24
83.223.138.0/24 maxlen: 24
85.254.41.0/24 maxlen: 24
85.254.127.0/24 maxlen: 24
193.200.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 15:12:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:bf:46:4e:64:b1:fe:36:15:af:e2:2d:6d:18:b3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 26 12:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=844ec9b676ac67de8b74e12382d7a61b1e16a488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:97:9e:d3:a9:08:e0:00:0d:51:b3:b5:10:65:
71:c6:e6:ac:48:60:6a:06:d2:6d:48:e6:ea:4b:03:
f4:e1:56:8c:3e:f4:fa:ae:36:06:f3:5a:16:dc:75:
0f:a5:4e:42:f6:07:c7:1f:26:a6:14:97:c2:d3:47:
40:6b:a9:7c:31:e1:cf:a6:c7:08:62:ca:92:c9:29:
e1:7f:11:7f:c4:b2:d8:05:72:45:a7:27:b2:06:c8:
cc:a9:3e:82:c6:2d:d6:c9:ec:c6:4a:63:55:17:e5:
46:02:b8:ef:42:4c:9a:cd:64:32:da:0d:ef:4d:99:
e8:62:62:28:d9:45:bc:e7:d0:ac:35:b5:71:90:ae:
6e:78:bc:23:7d:95:92:58:10:21:05:eb:10:12:d7:
ef:9a:68:6d:4b:c3:47:bf:61:8f:d7:cf:1b:f8:8f:
b4:4f:9d:f3:c4:e9:ec:c0:90:28:11:f3:e3:07:20:
71:cd:95:a3:1d:a5:e6:5a:b9:25:ce:1b:bd:cd:e0:
4c:36:fd:ed:96:f7:ea:01:e6:f6:bc:7c:40:f5:2b:
d3:e6:dd:5c:f3:23:dd:0a:01:bc:9c:e2:b3:e2:b1:
73:1d:6d:68:e9:65:d5:6b:61:76:1a:4a:b3:85:ba:
54:08:59:f1:24:ff:94:73:02:43:3b:f7:20:81:b9:
c0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4E:C9:B6:76:AC:67:DE:8B:74:E1:23:82:D7:A6:1B:1E:16:A4:88
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hE7JtnasZ96LdOEjgtemGx4WpIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.201.0/24
80.81.61.0/24
83.223.138.0/24
85.254.41.0/24
85.254.127.0/24
193.200.131.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:d5:34:1a:db:5b:f1:ba:68:c7:4a:aa:5e:91:60:e2:51:c0:
26:ce:ae:16:0d:28:ee:e0:46:57:44:05:4f:ed:2d:1a:a7:4d:
7f:f1:cb:f9:49:82:06:f3:aa:df:12:19:f2:1c:01:fe:fa:0c:
14:c4:7b:fc:db:87:87:9c:bd:4d:bd:0a:c4:84:ba:60:bb:bb:
b1:f5:2b:0d:40:84:c5:fb:75:3d:0b:b3:2b:10:da:07:d3:0f:
9b:e9:bf:d9:ad:4c:58:bf:52:d5:86:6b:03:4c:36:68:ea:27:
37:36:af:cd:c3:07:dd:22:c1:e1:01:81:8f:cd:93:96:90:8c:
d7:8a:d6:60:10:2b:81:72:44:db:16:f8:87:c7:8b:2f:71:5a:
c6:97:5d:73:f9:5d:74:ac:56:44:66:fd:c8:86:d8:ed:8a:ad:
cd:d6:65:1c:47:ff:74:29:95:7d:70:7d:fd:6f:0a:f2:00:7f:
60:4e:bb:21:40:ec:af:0d:2c:9d:41:05:dd:65:51:92:8d:1b:
e0:c5:4b:e5:47:df:49:3a:eb:a7:f5:9a:78:80:d8:c6:95:31:
21:0b:99:bd:62:a2:bf:97:95:97:28:2d:e7:34:2b:9c:e5:76:
a3:08:f0:67:eb:c4:92:86:46:de:77:8d:bb:b1:7e:0b:80:d2:
59:f2:ac:d2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY1Fv0ZOZLH+NhWv4i1tGLNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTI2MTIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDRlYzliNjc2YWM2N2RlOGI3NGUxMjM4MmQ3YTYxYjFlMTZhNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5ee06kI4AANUbO1EGVxxuasSGBq
BtJtSObqSwP04VaMPvT6rjYG81oW3HUPpU5C9gfHHyamFJfC00dAa6l8MeHPpscI
YsqSySnhfxF/xLLYBXJFpyeyBsjMqT6Cxi3WyezGSmNVF+VGArjvQkyazWQy2g3v
TZnoYmIo2UW859CsNbVxkK5ueLwjfZWSWBAhBesQEtfvmmhtS8NHv2GP188b+I+0
T53zxOnswJAoEfPjByBxzZWjHaXmWrklzhu9zeBMNv3tlvfqAeb2vHxA9SvT5t1c
8yPdCgG8nOKz4rFzHW1o6WXVa2F2GkqzhbpUCFnxJP+UcwJDO/cggbnAwwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIROybZ2rGfei3ThI4LXphseFqSIMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaEU3SnRuYXNaOTZMZE9Famd0ZW1HeDRXcElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALhPJAwQA
UFE9AwQAU9+KAwQAVf4pAwQAVf5/AwQAwciDMA0GCSqGSIb3DQEBCwUAA4IBAQB9
1TQa21vxumjHSqpekWDiUcAmzq4WDSju4EZXRAVP7S0ap01/8cv5SYIG86rfEhny
HAH++gwUxHv824eHnL1NvQrEhLpgu7ux9SsNQITF+3U9C7MrENoH0w+b6b/ZrUxY
v1LVhmsDTDZo6ic3Nq/NwwfdIsHhAYGPzZOWkIzXitZgECuBckTbFviHx4svcVrG
l11z+V10rFZEZv3Ihtjtiq3N1mUcR/90KZV9cH39bwryAH9gTrshQOyvDSydQQXd
ZVGSjRvgxUvlR99JOuun9Zp4gNjGlTEhC5m9YqK/l5WXKC3nNCuc5XajCPBn68SS
hkbed427sX4LgNJZ8qzS
-----END CERTIFICATE-----
Generated at Fri Jan 26 18:26:13 2024 by rpki-client on console-fra.rpki-client.org