Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/1OJnn-zVnYRpbQ45mhd1Ily-rG4.roa
File: 1OJnn-zVnYRpbQ45mhd1Ily-rG4.roa (raw, json)
Hash identifier: 669QCwMymCJdVKG/PDgZnJMTytlokrjiL6fIsD/a2nA=
Subject key identifier: D4:E2:67:9F:EC:D5:9D:84:69:6D:0E:39:9A:17:75:22:5C:BE:AC:6E
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 018D55275CC1F650F94693E500AE16B74591
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/1OJnn-zVnYRpbQ45mhd1Ily-rG4.roa
Signing time: Mon 29 Jan 2024 12:17:39 +0000
ROA not before: Mon 29 Jan 2024 12:17:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51759
IP address blocks: 46.36.96.0/23 maxlen: 23
46.36.96.0/24 maxlen: 24
46.36.97.0/24 maxlen: 24
46.36.100.0/24 maxlen: 24
46.36.102.0/23 maxlen: 23
46.36.102.0/24 maxlen: 24
46.36.103.0/24 maxlen: 24
46.36.104.0/22 maxlen: 22
46.36.104.0/24 maxlen: 24
46.36.105.0/24 maxlen: 24
46.36.106.0/24 maxlen: 24
46.36.107.0/24 maxlen: 24
46.36.108.0/23 maxlen: 23
46.36.108.0/24 maxlen: 24
46.36.109.0/24 maxlen: 24
46.36.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 12:25:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:27:5c:c1:f6:50:f9:46:93:e5:00:ae:16:b7:45:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Jan 29 12:17:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4e2679fecd59d84696d0e399a1775225cbeac6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a7:bf:c0:53:3b:44:fc:0d:33:c5:c1:33:8d:
27:95:31:61:11:4c:de:9e:91:0b:2a:d5:7b:b0:b9:
8e:d0:bf:6c:41:ee:d5:b0:0d:2e:dd:3f:5d:9d:1e:
70:84:99:b8:0d:bf:95:c1:fa:a6:d8:0b:5d:87:10:
e9:c2:55:84:9c:b8:95:83:8f:f1:ce:ae:02:2d:f3:
d1:4c:e1:e7:40:67:f4:0b:4e:3f:7b:59:e4:b0:9c:
4c:d9:d6:91:58:25:cc:bb:17:6d:76:6d:02:3e:10:
a6:9b:74:53:31:ad:81:01:e5:4f:c2:c8:89:90:7b:
7c:8b:fa:66:35:52:9e:8e:51:8d:ee:c0:ec:8c:42:
22:bf:01:ba:5f:ee:5e:4b:07:6c:5e:cb:9c:09:1a:
fc:f4:54:8c:f4:26:95:3a:a6:e2:d0:6c:3b:79:23:
e2:df:49:94:16:f2:7c:8d:a6:e5:b8:5b:7e:5c:24:
bd:16:04:b7:4d:af:3e:a4:bd:71:bd:96:3f:29:e5:
a2:0c:9f:a0:c0:d1:8a:1d:a1:bf:a1:5e:36:44:e3:
ea:2a:4e:f8:e6:fe:9e:d9:2f:be:75:8c:47:c1:c2:
db:8a:85:5a:e4:c7:a4:db:bd:fa:50:be:56:72:4e:
79:d9:36:97:ba:f1:05:76:cb:7e:be:63:65:0a:a3:
d3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E2:67:9F:EC:D5:9D:84:69:6D:0E:39:9A:17:75:22:5C:BE:AC:6E
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/1OJnn-zVnYRpbQ45mhd1Ily-rG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.96.0/23
46.36.100.0/24
46.36.102.0-46.36.110.255
Signature Algorithm: sha256WithRSAEncryption
2e:a9:24:35:38:6e:b5:1f:63:e4:2c:64:db:38:9e:56:e5:fc:
96:5b:58:bd:54:da:7b:4e:e7:42:65:60:cd:41:49:94:4b:c4:
08:72:aa:c6:ef:37:21:60:de:c9:cd:db:59:03:f4:8a:73:de:
69:ee:c1:91:26:df:c8:0a:45:52:b6:16:7d:02:03:90:86:a7:
a4:ec:94:5b:5c:db:eb:01:45:29:9e:78:f8:4f:64:56:06:90:
73:f9:3e:81:a9:55:d7:3e:8e:37:f5:41:91:3e:a2:a2:ee:1d:
90:53:d9:68:03:b1:6b:7b:b0:9e:66:ce:bf:78:0c:70:e2:7b:
8e:81:19:af:ab:a9:d8:a0:01:2e:4d:c4:29:13:28:e3:46:32:
04:d5:be:92:03:38:45:e6:57:b6:6c:12:c5:b7:95:86:01:c0:
77:c3:55:ec:c5:23:d7:1a:eb:d8:95:c5:c6:23:a8:50:82:de:
ad:70:8b:5a:2d:89:6a:06:33:f7:7a:a0:07:0e:c9:c8:62:56:
32:5d:04:62:90:37:fa:68:b7:30:34:13:c9:ec:fd:9f:ef:e0:
6c:79:cd:ce:59:8f:47:44:96:52:17:ce:0e:94:ff:e9:13:3b:
9c:1b:89:1e:dc:d9:6f:8a:4c:10:98:42:ec:8b:bb:ab:15:38:
fd:43:c7:a8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY1VJ1zB9lD5RpPlAK4Wt0WRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjQwMTI5MTIxNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGUyNjc5ZmVjZDU5ZDg0Njk2ZDBlMzk5YTE3NzUyMjVjYmVhYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6e/wFM7RPwNM8XBM40nlTFhEUze
npELKtV7sLmO0L9sQe7VsA0u3T9dnR5whJm4Db+Vwfqm2AtdhxDpwlWEnLiVg4/x
zq4CLfPRTOHnQGf0C04/e1nksJxM2daRWCXMuxdtdm0CPhCmm3RTMa2BAeVPwsiJ
kHt8i/pmNVKejlGN7sDsjEIivwG6X+5eSwdsXsucCRr89FSM9CaVOqbi0Gw7eSPi
30mUFvJ8jabluFt+XCS9FgS3Ta8+pL1xvZY/KeWiDJ+gwNGKHaG/oV42ROPqKk74
5v6e2S++dYxHwcLbioVa5Mek2736UL5Wck552TaXuvEFdst+vmNlCqPTiQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNTiZ5/s1Z2EaW0OOZoXdSJcvqxuMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMU9Kbm4telZuWVJwYlE0NW1oZDFJbHktckc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLiRgAwQA
LiRkMAwDBAEuJGYDBAAuJG4wDQYJKoZIhvcNAQELBQADggEBAC6pJDU4brUfY+Qs
ZNs4nlbl/JZbWL1U2ntO50JlYM1BSZRLxAhyqsbvNyFg3snN21kD9Ipz3mnuwZEm
38gKRVK2Fn0CA5CGp6TslFtc2+sBRSmeePhPZFYGkHP5PoGpVdc+jjf1QZE+oqLu
HZBT2WgDsWt7sJ5mzr94DHDie46BGa+rqdigAS5NxCkTKONGMgTVvpIDOEXmV7Zs
EsW3lYYBwHfDVezFI9ca69iVxcYjqFCC3q1wi1otiWoGM/d6oAcOychiVjJdBGKQ
N/potzA0E8ns/Z/v4Gx5zc5Zj0dEllIXzg6U/+kTO5wbiR7c2W+KTBCYQuyLu6sV
OP1Dx6g=
-----END CERTIFICATE-----
Generated at Mon Feb 5 17:24:25 2024 by rpki-client on console-fra.rpki-client.org