Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hz71BjEksBdM_sigprugafrABXI.roa
File: hz71BjEksBdM_sigprugafrABXI.roa (raw, json)
Hash identifier: xtAuJsy09dkkdwzq1pLAd27Kvp+gW2p+oSYJnN0+5g0=
Subject key identifier: 87:3E:F5:06:31:24:B0:17:4C:FE:C8:A0:A6:BB:A0:69:FA:C0:05:72
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC801281D115F8B7532E2A9359BAE0174
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hz71BjEksBdM_sigprugafrABXI.roa
Signing time: Tue 02 Jan 2024 02:29:28 +0000
ROA not before: Tue 02 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34702
IP address blocks: 46.19.201.0/24 maxlen: 24
185.176.116.0/24 maxlen: 24
46.19.207.0/24 maxlen: 24
185.176.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 14:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:28:1d:11:5f:8b:75:32:e2:a9:35:9b:ae:01:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=873ef5063124b0174cfec8a0a6bba069fac00572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e3:5f:f3:9d:7f:7b:00:09:d7:2d:88:0e:3a:
ad:2f:7f:4d:58:2f:c6:9c:62:7f:21:4c:dd:04:6f:
9f:b8:4a:71:0e:df:4c:67:50:ff:37:91:3e:e4:43:
2d:a2:ce:50:78:2c:b9:79:ea:f4:ec:d6:28:1b:88:
85:98:f4:32:81:5c:ba:f5:5f:25:36:59:15:e8:79:
e5:e2:fd:52:85:95:16:eb:5e:0e:74:c3:7b:c9:5f:
5e:99:56:18:d0:a9:ed:6b:82:93:b2:ec:76:1f:97:
19:40:d8:af:18:08:1d:f2:df:9b:22:86:af:97:57:
41:92:2b:8e:88:a7:8d:ad:5b:83:96:0f:e1:02:0a:
92:28:f4:20:e1:c4:17:13:69:d0:06:7b:1d:0f:a2:
78:9e:e8:62:ad:2f:4b:e1:26:af:e8:e6:ac:84:3b:
33:6f:21:15:6d:d8:c4:db:8f:91:b4:6a:fd:31:fa:
53:59:f2:e3:71:e5:0b:40:5b:7c:9b:f1:7e:12:dc:
9f:26:e2:05:f7:ec:bc:e3:92:fe:14:d1:52:56:86:
ba:85:f0:05:bf:fa:b7:f7:38:1d:de:a9:e5:02:9a:
99:f5:60:6a:4b:b1:80:0a:f9:94:cf:20:f7:2f:31:
34:1b:3b:01:d5:96:64:13:da:39:17:de:f8:b7:b6:
b1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3E:F5:06:31:24:B0:17:4C:FE:C8:A0:A6:BB:A0:69:FA:C0:05:72
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hz71BjEksBdM_sigprugafrABXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.201.0/24
46.19.207.0/24
185.176.116.0/24
185.176.119.0/24
Signature Algorithm: sha256WithRSAEncryption
46:62:58:96:fb:22:2d:a3:46:29:0e:52:bf:6f:58:b1:d4:77:
7a:76:9c:6d:7b:72:ac:35:3f:dc:27:c0:05:5c:ab:70:b3:8c:
45:70:ba:dd:81:0c:6d:f4:c4:88:07:60:fb:b9:c3:b6:81:b4:
42:ce:93:04:14:ed:f4:bd:82:9a:dc:59:d5:02:01:9b:6a:3b:
12:85:3d:e2:48:f4:6d:67:d3:3b:dc:68:69:9e:1d:25:06:92:
52:33:21:07:7c:a6:97:ed:57:46:a8:5a:d9:65:84:bf:bb:49:
ef:c6:b5:78:a0:c2:23:f7:ba:66:8c:3e:c9:36:b1:93:42:d1:
5a:87:a6:4a:5b:d6:99:9d:b0:d6:ea:00:e4:2d:31:de:33:bb:
e0:09:8f:b2:25:79:32:89:e4:0f:be:8a:d5:4b:3f:20:4d:44:
03:4c:a7:d8:8b:1e:29:76:4a:7e:b9:fc:78:77:b1:93:d9:55:
94:3c:c8:06:09:31:de:d1:36:e9:6d:04:ba:c7:ff:c8:52:3f:
91:e8:af:8d:17:c7:73:0f:6a:9d:a2:19:92:4e:52:0b:f7:60:
09:25:2d:bb:11:71:72:86:7f:5b:06:1a:6f:d1:ee:4f:88:62:
90:05:73:ce:af:e3:88:dd:45:43:bc:ec:46:8b:6d:a3:98:59:
9c:48:90:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIASgdEV+LdTLiqTWbrgF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzNlZjUwNjMxMjRiMDE3NGNmZWM4YTBhNmJiYTA2OWZhYzAwNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuNf851/ewAJ1y2IDjqtL39NWC/G
nGJ/IUzdBG+fuEpxDt9MZ1D/N5E+5EMtos5QeCy5eer07NYoG4iFmPQygVy69V8l
NlkV6Hnl4v1ShZUW614OdMN7yV9emVYY0Knta4KTsux2H5cZQNivGAgd8t+bIoav
l1dBkiuOiKeNrVuDlg/hAgqSKPQg4cQXE2nQBnsdD6J4nuhirS9L4Sav6OashDsz
byEVbdjE24+RtGr9MfpTWfLjceULQFt8m/F+EtyfJuIF9+y845L+FNFSVoa6hfAF
v/q39zgd3qnlApqZ9WBqS7GACvmUzyD3LzE0GzsB1ZZkE9o5F974t7axvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIc+9QYxJLAXTP7IoKa7oGn6wAVyMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaHo3MUJqRWtzQmRNX3NpZ3BydWdhZnJBQlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALhPJAwQA
LhPPAwQAubB0AwQAubB3MA0GCSqGSIb3DQEBCwUAA4IBAQBGYliW+yIto0YpDlK/
b1ix1Hd6dpxte3KsNT/cJ8AFXKtws4xFcLrdgQxt9MSIB2D7ucO2gbRCzpMEFO30
vYKa3FnVAgGbajsShT3iSPRtZ9M73Ghpnh0lBpJSMyEHfKaX7VdGqFrZZYS/u0nv
xrV4oMIj97pmjD7JNrGTQtFah6ZKW9aZnbDW6gDkLTHeM7vgCY+yJXkyieQPvorV
Sz8gTUQDTKfYix4pdkp+ufx4d7GT2VWUPMgGCTHe0TbpbQS6x//IUj+R6K+NF8dz
D2qdohmSTlIL92AJJS27EXFyhn9bBhpv0e5PiGKQBXPOr+OI3UVDvOxGi22jmFmc
SJDN
-----END CERTIFICATE-----
Generated at Mon Jan 29 19:44:57 2024 by rpki-client on console-ams.rpki-client.org