Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/k9ZztoSpqS375UGjJ_pX7Yq9hKg.roa
File: k9ZztoSpqS375UGjJ_pX7Yq9hKg.roa (raw, json)
Hash identifier: 8L3eqFL3eIDSBXfvUSPjMn5n46lp6xTSSnJ3zT0jzLc=
Subject key identifier: 93:D6:73:B6:84:A9:A9:2D:FB:E5:41:A3:27:FA:57:ED:8A:BD:84:A8
Certificate issuer: /CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Certificate serial: 018E3827A13E0E0AC4B14B71A2953B4A60C0
Authority key identifier: 2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/k9ZztoSpqS375UGjJ_pX7Yq9hKg.roa
Signing time: Wed 13 Mar 2024 14:11:45 +0000
ROA not before: Wed 13 Mar 2024 14:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209671
IP address blocks: 46.174.140.0/22 maxlen: 24
185.104.208.0/22 maxlen: 24
2a06:3340::/29 maxlen: 32
2a09:de80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Nov 2024 21:34:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:27:a1:3e:0e:0a:c4:b1:4b:71:a2:95:3b:4a:60:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Validity
Not Before: Mar 13 14:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93d673b684a9a92dfbe541a327fa57ed8abd84a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c5:91:7b:bb:5e:5e:22:ce:78:38:19:ed:10:
11:60:1a:61:9c:9c:b4:45:fd:39:fc:c3:0e:04:68:
d0:cc:a0:f0:24:39:b0:85:73:2f:0d:b1:93:fe:25:
01:0f:96:94:3d:9d:fb:d9:c9:13:e9:87:5d:b4:73:
de:d3:a3:0b:96:c9:73:45:07:a2:91:d1:e3:ca:45:
e0:46:65:0b:ed:20:70:da:86:e5:1f:74:eb:3b:2f:
6d:9d:01:03:34:2e:44:3c:9b:f2:7c:f8:b8:bf:46:
5a:05:41:c6:60:c9:2b:30:9e:11:ee:06:ba:28:f4:
bc:47:29:a4:18:1e:4d:15:e1:cc:78:36:0a:f4:46:
40:37:c6:88:11:6f:fb:de:f3:61:4d:bd:3d:a2:74:
df:fa:fb:ff:27:4c:10:02:f5:5c:14:ef:fe:00:9e:
9f:a6:1d:7a:fd:86:e1:f5:3e:4b:d5:1e:3e:71:18:
c3:b2:63:08:5c:82:ef:f3:14:11:7e:ee:c9:65:b9:
41:1f:2f:58:0f:37:54:69:90:34:e7:70:f2:bc:8f:
2a:77:a1:b8:c8:59:bb:db:7a:df:89:39:bb:34:8a:
40:a4:30:0f:d7:68:ba:1c:a6:0e:33:b6:c9:25:22:
d5:40:b8:43:80:e4:a1:4e:c8:03:22:b9:4b:09:30:
a3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D6:73:B6:84:A9:A9:2D:FB:E5:41:A3:27:FA:57:ED:8A:BD:84:A8
X509v3 Authority Key Identifier:
keyid:2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/k9ZztoSpqS375UGjJ_pX7Yq9hKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.140.0/22
185.104.208.0/22
IPv6:
2a06:3340::/29
2a09:de80::/32
Signature Algorithm: sha256WithRSAEncryption
17:4b:60:5a:2e:f0:4f:28:33:d8:32:21:b1:94:3e:24:dc:fc:
5f:72:17:b2:28:cd:6d:61:24:8a:0e:be:89:12:69:a8:7e:e9:
ac:14:1b:50:58:dd:d3:c9:4a:8f:be:d6:40:7b:28:79:3b:bb:
f4:b2:50:c0:d9:9e:61:f1:f8:35:5b:f3:db:4f:98:2e:19:cd:
2a:d8:50:c5:2a:0d:de:24:40:db:02:27:d6:4c:ff:98:05:cd:
58:0a:47:50:8a:56:87:18:c8:12:4f:1b:9f:15:08:84:7c:6c:
be:c3:1c:cf:bf:ed:a6:6e:3c:9a:b2:08:99:b0:52:06:88:c6:
d3:78:d8:a3:7a:3c:f2:b8:1f:d5:0b:30:ad:18:9e:69:ee:90:
fd:fc:8c:af:88:2f:fd:69:ae:66:c2:0c:1b:e4:7c:ab:02:1d:
68:5f:a9:c9:75:5d:31:48:46:c9:04:8c:db:c1:ab:d5:81:8a:
4a:38:ee:62:9e:9a:2d:91:13:fd:13:b9:27:fb:50:f9:30:86:
da:bf:71:f9:5f:e2:0b:b4:34:04:7d:b7:05:a8:7f:68:4c:d5:
51:0f:8f:26:12:3b:79:8f:ba:0d:37:a6:d6:b3:80:7b:f5:80:
4a:09:91:fb:e3:4b:51:f7:62:f4:19:02:10:89:cb:c8:c5:d4:
cd:fc:d5:1a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY44J6E+DgrEsUtxopU7SmDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMmY5MzM5ZmJiOGNiMzNjNTIyNzUxYzUzMGYzYTIwYTc1
MzU0N2MwHhcNMjQwMzEzMTQxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Q2NzNiNjg0YTlhOTJkZmJlNTQxYTMyN2ZhNTdlZDhhYmQ4NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMWRe7teXiLOeDgZ7RARYBphnJy0
Rf05/MMOBGjQzKDwJDmwhXMvDbGT/iUBD5aUPZ372ckT6YddtHPe06MLlslzRQei
kdHjykXgRmUL7SBw2oblH3TrOy9tnQEDNC5EPJvyfPi4v0ZaBUHGYMkrMJ4R7ga6
KPS8RymkGB5NFeHMeDYK9EZAN8aIEW/73vNhTb09onTf+vv/J0wQAvVcFO/+AJ6f
ph16/Ybh9T5L1R4+cRjDsmMIXILv8xQRfu7JZblBHy9YDzdUaZA053DyvI8qd6G4
yFm723rfiTm7NIpApDAP12i6HKYOM7bJJSLVQLhDgOShTsgDIrlLCTCjTQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJPWc7aEqakt++VBoyf6V+2KvYSoMB8GA1UdIwQY
MBaAFC0vkzn7uMszxSJ1HFMPOiCnU1R8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgt
MWQzYTFlOWI3NTQ1LzEvazlaenRvU3BxUzM3NVVHakpfcFg3WXE5aEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgtMWQzYTFlOWI3NTQ1
LzEvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLq6MAwQC
uWjQMBQEAgACMA4DBQMqBjNAAwUAKgnegDANBgkqhkiG9w0BAQsFAAOCAQEAF0tg
Wi7wTygz2DIhsZQ+JNz8X3IXsijNbWEkig6+iRJpqH7prBQbUFjd08lKj77WQHso
eTu79LJQwNmeYfH4NVvz20+YLhnNKthQxSoN3iRA2wIn1kz/mAXNWApHUIpWhxjI
Ek8bnxUIhHxsvsMcz7/tpm48mrIImbBSBojG03jYo3o88rgf1QswrRieae6Q/fyM
r4gv/WmuZsIMG+R8qwIdaF+pyXVdMUhGyQSM28Gr1YGKSjjuYp6aLZET/RO5J/tQ
+TCG2r9x+V/iC7Q0BH23Bah/aEzVUQ+PJhI7eY+6DTem1rOAe/WASgmR++NLUfdi
9BkCEInLyMXUzfzVGg==
-----END CERTIFICATE-----
Generated at Thu Nov 7 22:52:09 2024 by rpki-client on console-fra.rpki-client.org