Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3bd7d2-2415-431c-b97d-d85853688b43/1/jY4vyOgIzMuj2W6LxSBBt__69QE.roa
File: jY4vyOgIzMuj2W6LxSBBt__69QE.roa (raw, json)
Hash identifier: p1JAg2yKuCZCbVPD0wsoJu4mp9zsvnCtQoD/5XF6l9g=
Subject key identifier: 8D:8E:2F:C8:E8:08:CC:CB:A3:D9:6E:8B:C5:20:41:B7:FF:FA:F5:01
Certificate issuer: /CN=303aae37bf3ebf95f14bad8647d3d58ef6e783b2
Certificate serial: 01856D93FBC84F6389C17EC266EE573A3290
Authority key identifier: 30:3A:AE:37:BF:3E:BF:95:F1:4B:AD:86:47:D3:D5:8E:F6:E7:83:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MDquN78-v5XxS62GR9PVjvbng7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/3bd7d2-2415-431c-b97d-d85853688b43/1/jY4vyOgIzMuj2W6LxSBBt__69QE.roa
Signing time: Sun 01 Jan 2023 13:44:52 +0000
ROA not before: Sun 01 Jan 2023 13:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49463
IP address blocks: 46.21.112.0/24 maxlen: 24
46.21.114.0/24 maxlen: 24
46.21.116.0/24 maxlen: 24
46.21.112.0/20 maxlen: 24
46.21.127.0/24 maxlen: 24
185.7.160.0/22 maxlen: 24
31.216.16.0/20 maxlen: 24
5.179.120.0/21 maxlen: 24
2a02:27d0::/32 maxlen: 48
2a02:27d0:1671::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:fb:c8:4f:63:89:c1:7e:c2:66:ee:57:3a:32:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=303aae37bf3ebf95f14bad8647d3d58ef6e783b2
Validity
Not Before: Jan 1 13:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d8e2fc8e808cccba3d96e8bc52041b7fffaf501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c1:5a:24:55:71:4e:21:c2:82:1f:f5:84:df:
0f:3c:de:3a:14:35:35:81:b7:f9:51:94:4b:48:2a:
cf:46:e8:2c:12:ea:b5:0c:ee:21:3c:fb:b9:64:97:
8f:61:09:f3:ca:d7:18:a3:fa:6a:0f:33:3b:01:22:
77:b3:90:a9:42:d3:84:9e:fb:bc:81:80:08:9b:f6:
6a:80:24:e8:54:f2:b3:1b:f5:26:bc:89:b1:03:00:
4b:c0:d2:23:be:bf:79:ab:3c:dc:de:1a:85:68:cb:
4c:96:d1:4f:28:a7:c6:b2:63:91:fb:49:d2:ae:5f:
0b:4d:3b:7c:61:4b:95:93:15:eb:ca:30:ce:6f:b1:
54:b5:4f:d4:d7:12:54:1d:66:2d:53:76:08:e4:e4:
3d:67:63:41:6a:a1:5b:48:47:66:77:af:f3:2e:0d:
84:45:4f:07:30:f6:9b:8a:61:9d:5f:8b:c7:d7:0c:
80:a1:18:75:9e:a8:f9:dd:58:01:84:83:7c:76:d7:
13:dd:03:14:8e:fc:a8:c8:1e:25:ff:52:04:9f:d6:
32:8c:da:b9:9e:7b:81:70:d9:1d:0f:ef:d2:ac:bb:
ba:d7:bd:ad:63:0a:71:fb:76:be:81:5b:0a:48:15:
e3:a4:32:11:ac:33:21:06:a9:e8:60:af:b5:97:2c:
74:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8E:2F:C8:E8:08:CC:CB:A3:D9:6E:8B:C5:20:41:B7:FF:FA:F5:01
X509v3 Authority Key Identifier:
keyid:30:3A:AE:37:BF:3E:BF:95:F1:4B:AD:86:47:D3:D5:8E:F6:E7:83:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDquN78-v5XxS62GR9PVjvbng7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3bd7d2-2415-431c-b97d-d85853688b43/1/jY4vyOgIzMuj2W6LxSBBt__69QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3bd7d2-2415-431c-b97d-d85853688b43/1/MDquN78-v5XxS62GR9PVjvbng7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.120.0/21
31.216.16.0/20
46.21.112.0/20
185.7.160.0/22
IPv6:
2a02:27d0::/32
Signature Algorithm: sha256WithRSAEncryption
49:4b:03:29:61:2f:c5:9c:5e:dc:19:a2:f2:a3:ab:66:d0:4f:
24:d0:db:e4:df:f8:1e:77:22:63:74:71:f4:37:e9:69:69:17:
a3:df:3b:b7:39:8b:a1:cb:94:0a:d9:d6:49:86:3e:1f:d9:fa:
64:8d:63:d0:98:9c:39:5f:40:b1:a0:be:b7:52:2a:e9:68:50:
01:9f:6a:7d:14:f8:cf:04:a2:4b:a1:76:e0:3f:a7:9c:51:99:
39:4f:57:f1:ad:a0:ad:81:fc:bd:b1:9e:2b:e1:91:76:17:41:
22:20:3b:ee:a4:28:ea:b3:31:a0:38:a9:be:e1:79:4b:22:d7:
ac:3c:d2:b0:59:5b:2b:fb:4e:99:4c:17:2a:fa:fd:66:85:3f:
5f:a9:0a:0c:84:eb:88:ab:93:28:d1:d7:ea:1f:34:0e:59:fc:
58:83:b8:39:7c:4c:67:e5:26:e9:2f:e4:1e:e3:c3:d2:1a:f8:
7e:3a:47:7c:5e:f6:21:d2:de:a5:71:5e:b3:de:0f:a7:4a:bf:
54:5d:05:7e:cb:9b:c8:cf:3b:d3:fd:f9:11:a1:69:ad:d7:d8:
64:7e:a5:46:cf:99:8a:c0:94:cd:ae:fe:66:a9:3a:79:98:5a:
3e:84:77:93:11:88:62:b5:c7:13:76:9e:ce:26:6f:63:b0:ee:
65:4a:ec:27
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtk/vIT2OJwX7CZu5XOjKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwM2FhZTM3YmYzZWJmOTVmMTRiYWQ4NjQ3ZDNkNThlZjZl
NzgzYjIwHhcNMjMwMTAxMTM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDhlMmZjOGU4MDhjY2NiYTNkOTZlOGJjNTIwNDFiN2ZmZmFmNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisFaJFVxTiHCgh/1hN8PPN46FDU1
gbf5UZRLSCrPRugsEuq1DO4hPPu5ZJePYQnzytcYo/pqDzM7ASJ3s5CpQtOEnvu8
gYAIm/ZqgCToVPKzG/UmvImxAwBLwNIjvr95qzzc3hqFaMtMltFPKKfGsmOR+0nS
rl8LTTt8YUuVkxXryjDOb7FUtU/U1xJUHWYtU3YI5OQ9Z2NBaqFbSEdmd6/zLg2E
RU8HMPabimGdX4vH1wyAoRh1nqj53VgBhIN8dtcT3QMUjvyoyB4l/1IEn9YyjNq5
nnuBcNkdD+/SrLu6172tYwpx+3a+gVsKSBXjpDIRrDMhBqnoYK+1lyx0LwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFI2OL8joCMzLo9lui8UgQbf/+vUBMB8GA1UdIwQY
MBaAFDA6rje/Pr+V8UuthkfT1Y7254OyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTURxdU43OC12NVh4UzYyR1I5UFZqdmJuZzdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zYmQ3ZDItMjQxNS00MzFjLWI5N2Qt
ZDg1ODUzNjg4YjQzLzEvalk0dnlPZ0l6TXVqMlc2THhTQkJ0X182OVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zYmQ3ZDItMjQxNS00MzFjLWI5N2QtZDg1ODUzNjg4YjQz
LzEvTURxdU43OC12NVh4UzYyR1I5UFZqdmJuZzdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBbN4AwQE
H9gQAwQELhVwAwQCuQegMA0EAgACMAcDBQAqAifQMA0GCSqGSIb3DQEBCwUAA4IB
AQBJSwMpYS/FnF7cGaLyo6tm0E8k0Nvk3/gedyJjdHH0N+lpaRej3zu3OYuhy5QK
2dZJhj4f2fpkjWPQmJw5X0CxoL63UirpaFABn2p9FPjPBKJLoXbgP6ecUZk5T1fx
raCtgfy9sZ4r4ZF2F0EiIDvupCjqszGgOKm+4XlLItesPNKwWVsr+06ZTBcq+v1m
hT9fqQoMhOuIq5Mo0dfqHzQOWfxYg7g5fExn5SbpL+Qe48PSGvh+Okd8XvYh0t6l
cV6z3g+nSr9UXQV+y5vIzzvT/fkRoWmt19hkfqVGz5mKwJTNrv5mqTp5mFo+hHeT
EYhitccTdp7OJm9jsO5lSuwn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:36 2024 by rpki-client on console-fra.rpki-client.org