Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/2LYTCAFnhPLy-fNpPAo2ZrwCEUg.roa
File: 2LYTCAFnhPLy-fNpPAo2ZrwCEUg.roa (raw, json)
Hash identifier: /Yw692jgiEZ5PZr3bzQBrAoypBByW7uLC6cHEpJ3Eis=
Subject key identifier: D8:B6:13:08:01:67:84:F2:F2:F9:F3:69:3C:0A:36:66:BC:02:11:48
Certificate issuer: /CN=fc0487a04f5aa442be519a17cb2bb22d783df23b
Certificate serial: 01856F6FFFE43F44C7B52DE64105CEEEC8DD
Authority key identifier: FC:04:87:A0:4F:5A:A4:42:BE:51:9A:17:CB:2B:B2:2D:78:3D:F2:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ASHoE9apEK-UZoXyyuyLXg98js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/2LYTCAFnhPLy-fNpPAo2ZrwCEUg.roa
Signing time: Sun 01 Jan 2023 22:24:49 +0000
ROA not before: Sun 01 Jan 2023 22:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44764
IP address blocks: 78.41.120.0/21 maxlen: 21
46.29.216.0/21 maxlen: 21
92.42.64.0/21 maxlen: 21
185.46.132.0/22 maxlen: 22
2a00:1400::/32 maxlen: 32
2a00:13e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:ff:e4:3f:44:c7:b5:2d:e6:41:05:ce:ee:c8:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc0487a04f5aa442be519a17cb2bb22d783df23b
Validity
Not Before: Jan 1 22:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8b61308016784f2f2f9f3693c0a3666bc021148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d2:73:68:80:8a:4d:bc:0a:0b:13:99:12:a4:
36:07:23:a5:49:49:51:0a:27:c6:4f:6d:40:37:d5:
0c:e1:ae:48:b3:83:c3:a0:fa:c8:ca:9d:70:2a:d3:
87:6b:c2:ed:df:2b:21:8d:f5:b3:0c:67:8e:48:ef:
b1:39:d7:3c:dd:83:ee:d2:4b:82:b2:52:6b:2d:6c:
6a:ed:5a:b6:d4:27:70:4b:b4:3f:4e:7a:a7:a0:7a:
6c:66:2b:11:1a:35:0a:0e:2a:e1:6e:6c:b0:05:87:
1e:72:46:80:a2:be:4e:63:5f:61:3d:84:de:0d:0c:
d3:91:5b:8d:88:4e:81:2d:7e:03:c7:11:86:34:11:
de:65:e3:cb:e5:75:72:23:83:37:db:b0:49:e8:e4:
5b:8a:b3:96:98:a7:9f:4b:8e:dc:56:e6:81:cb:af:
f1:8a:56:5e:69:c7:c7:94:a0:c0:3d:69:44:54:da:
34:02:ca:73:d8:2c:42:54:20:d9:75:eb:cf:32:f4:
8d:24:ce:da:20:6b:d9:8b:90:dd:2e:b6:97:67:fd:
11:de:88:27:cb:d7:b3:b9:bf:7e:41:cd:02:29:15:
1c:11:9f:dd:ed:ea:10:76:11:f8:2c:46:23:e2:fc:
05:51:4d:b8:7a:f0:9a:8e:f9:d0:ff:dd:45:8a:be:
89:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B6:13:08:01:67:84:F2:F2:F9:F3:69:3C:0A:36:66:BC:02:11:48
X509v3 Authority Key Identifier:
keyid:FC:04:87:A0:4F:5A:A4:42:BE:51:9A:17:CB:2B:B2:2D:78:3D:F2:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ASHoE9apEK-UZoXyyuyLXg98js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/2LYTCAFnhPLy-fNpPAo2ZrwCEUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/_ASHoE9apEK-UZoXyyuyLXg98js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.216.0/21
78.41.120.0/21
92.42.64.0/21
185.46.132.0/22
IPv6:
2a00:13e0::/32
2a00:1400::/32
Signature Algorithm: sha256WithRSAEncryption
28:b9:b8:44:77:04:f4:9e:52:d5:c8:fd:fb:1b:5a:b1:b6:7c:
5a:c8:e6:9f:98:f9:33:3c:f5:a5:19:24:89:db:87:0b:26:98:
9c:5e:e4:f6:d0:77:62:f6:c2:65:2e:92:3a:58:84:79:5c:89:
a1:be:29:59:4b:ab:86:5c:91:da:8e:2a:80:d0:e5:3d:05:9e:
29:a5:82:d7:0b:ad:7c:d9:36:52:9c:9c:12:6d:3e:31:63:73:
55:cf:61:61:68:65:dc:5d:fe:93:a4:ab:29:73:ab:da:80:7d:
8c:68:10:19:42:29:d1:1b:b3:4f:b5:24:23:ef:ab:7e:18:9e:
c3:7c:e2:54:0b:37:e9:83:7e:75:1e:ab:d0:eb:ef:d6:87:bc:
90:37:32:cb:58:39:ce:f6:6d:d7:61:85:93:37:3c:9e:c2:86:
59:bc:d2:1f:0d:bb:23:c2:08:4a:06:ff:84:6b:f1:cf:1a:0d:
56:cb:3d:3b:c0:47:79:f3:94:08:0c:3c:3a:53:48:b4:ba:ef:
52:05:1a:9b:00:aa:0d:6d:d0:2c:ff:63:14:7f:d2:19:a0:e5:
68:7f:ad:0a:a0:12:b6:4a:fe:41:20:2d:d0:da:e6:5d:f3:c5:
46:4e:e7:29:df:2c:30:1f:38:d3:df:31:e2:33:63:fe:50:7a:
c2:e0:08:b6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVvb//kP0THtS3mQQXO7sjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMDQ4N2EwNGY1YWE0NDJiZTUxOWExN2NiMmJiMjJkNzgz
ZGYyM2IwHhcNMjMwMTAxMjIyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGI2MTMwODAxNjc4NGYyZjJmOWYzNjkzYzBhMzY2NmJjMDIxMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9JzaICKTbwKCxOZEqQ2ByOlSUlR
CifGT21AN9UM4a5Is4PDoPrIyp1wKtOHa8Lt3yshjfWzDGeOSO+xOdc83YPu0kuC
slJrLWxq7Vq21CdwS7Q/TnqnoHpsZisRGjUKDirhbmywBYceckaAor5OY19hPYTe
DQzTkVuNiE6BLX4DxxGGNBHeZePL5XVyI4M327BJ6ORbirOWmKefS47cVuaBy6/x
ilZeacfHlKDAPWlEVNo0Aspz2CxCVCDZdevPMvSNJM7aIGvZi5DdLraXZ/0R3ogn
y9ezub9+Qc0CKRUcEZ/d7eoQdhH4LEYj4vwFUU24evCajvnQ/91Fir6J/wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNi2EwgBZ4Ty8vnzaTwKNma8AhFIMB8GA1UdIwQY
MBaAFPwEh6BPWqRCvlGaF8srsi14PfI7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0FTSG9FOWFwRUstVVpvWHl5dXlMWGc5OGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC83ODFhNjEtN2QwMy00YThlLTkwYmEt
MWIzYTM2ZTFhY2E4LzEvMkxZVENBRm5oUEx5LWZOcFBBbzJacndDRVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC83ODFhNjEtN2QwMy00YThlLTkwYmEtMWIzYTM2ZTFhY2E4
LzEvX0FTSG9FOWFwRUstVVpvWHl5dXlMWGc5OGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLh3YAwQD
Til4AwQDXCpAAwQCuS6EMBQEAgACMA4DBQAqABPgAwUAKgAUADANBgkqhkiG9w0B
AQsFAAOCAQEAKLm4RHcE9J5S1cj9+xtasbZ8Wsjmn5j5Mzz1pRkkiduHCyaYnF7k
9tB3YvbCZS6SOliEeVyJob4pWUurhlyR2o4qgNDlPQWeKaWC1wutfNk2UpycEm0+
MWNzVc9hYWhl3F3+k6SrKXOr2oB9jGgQGUIp0RuzT7UkI++rfhiew3ziVAs36YN+
dR6r0Ovv1oe8kDcyy1g5zvZt12GFkzc8nsKGWbzSHw27I8IISgb/hGvxzxoNVss9
O8BHefOUCAw8OlNItLrvUgUamwCqDW3QLP9jFH/SGaDlaH+tCqAStkr+QSAt0Nrm
XfPFRk7nKd8sMB84098x4jNj/lB6wuAItg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:45 2024 by rpki-client on console-ams.rpki-client.org