Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/JEY6m0q8wqhS81vR8jgyxq_U9Oc.roa
File: JEY6m0q8wqhS81vR8jgyxq_U9Oc.roa (raw, json)
Hash identifier: iXoMTzZPfL/Hn1Z+ZcJtm5RfqDHv4aTFzI8JyF4phpc=
Subject key identifier: 24:46:3A:9B:4A:BC:C2:A8:52:F3:5B:D1:F2:38:32:C6:AF:D4:F4:E7
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 018E37B7EF25EA49D2A23E934EEBCF5ED605
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/JEY6m0q8wqhS81vR8jgyxq_U9Oc.roa
Signing time: Wed 13 Mar 2024 12:09:44 +0000
ROA not before: Wed 13 Mar 2024 12:09:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51759
IP address blocks: 46.36.96.0/24 maxlen: 24
46.36.103.0/24 maxlen: 24
46.36.104.0/24 maxlen: 24
46.36.105.0/24 maxlen: 24
46.36.107.0/24 maxlen: 24
46.36.108.0/23 maxlen: 23
46.36.108.0/24 maxlen: 24
46.36.109.0/24 maxlen: 24
46.36.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 May 2024 09:37:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:b7:ef:25:ea:49:d2:a2:3e:93:4e:eb:cf:5e:d6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Mar 13 12:09:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24463a9b4abcc2a852f35bd1f23832c6afd4f4e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:32:d7:29:86:d7:c7:b6:12:71:b1:8d:c1:41:
3f:df:bd:f1:f2:49:0a:f7:1b:7e:0a:9b:94:8b:4a:
6e:fa:cb:0a:73:aa:1d:ba:85:58:53:1a:33:6a:43:
89:bd:2b:90:a2:02:0d:48:33:3d:95:60:ec:47:67:
f5:67:50:0a:43:02:1b:c1:5b:7b:80:ad:d0:63:b5:
2c:46:67:43:4b:0f:f5:d6:38:97:fa:e4:41:bc:02:
5a:7f:e9:15:23:cb:a8:ca:fc:35:8b:ad:9a:e3:79:
4f:dc:87:c7:4d:5a:ad:f1:ea:e4:e7:cd:84:7f:48:
59:c8:cd:f4:fd:df:04:ae:fe:75:5c:bf:5d:1c:43:
41:83:32:c6:f5:ad:b1:47:da:14:59:39:60:a1:93:
18:dc:91:2f:39:75:f6:e8:c6:96:e6:24:ac:18:40:
99:d6:3f:48:01:0e:e3:1e:4d:be:78:f3:c8:aa:81:
7a:fd:37:c0:22:c5:be:90:20:e4:39:25:42:da:27:
9d:f6:c7:8e:7b:4b:41:51:1a:2a:c5:b2:29:39:0f:
ec:2e:1f:8a:b3:6c:d1:eb:94:6c:7a:5b:d6:91:98:
a1:e9:b4:d9:df:07:8d:c4:b9:b6:ba:15:8f:c5:85:
d3:07:f7:42:7c:9a:f4:78:63:28:4e:83:82:71:39:
0f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:46:3A:9B:4A:BC:C2:A8:52:F3:5B:D1:F2:38:32:C6:AF:D4:F4:E7
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/JEY6m0q8wqhS81vR8jgyxq_U9Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.96.0/24
46.36.103.0-46.36.105.255
46.36.107.0-46.36.110.255
Signature Algorithm: sha256WithRSAEncryption
7e:ea:31:6e:23:09:3b:f4:a1:12:fb:6d:5f:b4:03:1f:76:99:
06:8c:f9:24:75:74:07:04:27:13:79:5d:15:f7:c8:77:c6:e6:
f2:4a:ce:79:3a:f3:c1:8a:70:85:09:7a:ae:16:4c:fc:51:06:
d9:5f:50:3f:28:9f:f3:29:44:df:38:3f:cb:df:11:7b:70:0c:
f5:29:0a:ff:10:73:a3:38:95:a7:3b:80:59:a5:6b:70:dc:b8:
8c:50:62:59:58:39:94:ca:24:68:f6:fd:d6:ea:97:3b:18:9c:
4a:e7:25:74:d8:5f:fe:17:f2:73:61:e9:ab:68:7d:e2:a5:45:
53:0b:82:9f:d9:24:1b:2e:60:c9:f1:64:40:b4:e4:b6:d1:53:
39:91:76:c3:fb:25:1c:95:a1:9e:63:53:73:d1:12:94:12:e3:
3c:36:df:5d:d5:61:4a:a5:9f:b9:86:d8:3f:db:54:0c:02:ff:
66:8e:05:36:44:12:51:ad:58:ff:fc:c2:f1:e4:7f:61:fc:d9:
f4:a9:18:bc:c6:d1:67:11:ea:8a:d1:fa:f8:8f:4b:47:37:3e:
12:93:1c:34:52:cf:43:a9:80:1e:60:ba:e0:f9:4d:16:9a:cd:
9c:8f:2e:6f:8d:e6:3e:2a:e2:26:8c:da:fc:13:a0:48:98:fd:
31:f7:a6:25
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY43t+8l6knSoj6TTuvPXtYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjQwMzEzMTIwOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ2M2E5YjRhYmNjMmE4NTJmMzViZDFmMjM4MzJjNmFmZDRmNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzLXKYbXx7YScbGNwUE/373x8kkK
9xt+CpuUi0pu+ssKc6oduoVYUxozakOJvSuQogINSDM9lWDsR2f1Z1AKQwIbwVt7
gK3QY7UsRmdDSw/11jiX+uRBvAJaf+kVI8uoyvw1i62a43lP3IfHTVqt8erk582E
f0hZyM30/d8Erv51XL9dHENBgzLG9a2xR9oUWTlgoZMY3JEvOXX26MaW5iSsGECZ
1j9IAQ7jHk2+ePPIqoF6/TfAIsW+kCDkOSVC2ied9seOe0tBURoqxbIpOQ/sLh+K
s2zR65RselvWkZih6bTZ3weNxLm2uhWPxYXTB/dCfJr0eGMoToOCcTkPDwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCRGOptKvMKoUvNb0fI4Msav1PTnMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvSkVZNm0wcTh3cWhTODF2UjhqZ3l4cV9VOU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQALiRgMAwD
BAAuJGcDBAEuJGgwDAMEAC4kawMEAC4kbjANBgkqhkiG9w0BAQsFAAOCAQEAfuox
biMJO/ShEvttX7QDH3aZBoz5JHV0BwQnE3ldFffId8bm8krOeTrzwYpwhQl6rhZM
/FEG2V9QPyif8ylE3zg/y98Re3AM9SkK/xBzoziVpzuAWaVrcNy4jFBiWVg5lMok
aPb91uqXOxicSucldNhf/hfyc2Hpq2h94qVFUwuCn9kkGy5gyfFkQLTkttFTOZF2
w/slHJWhnmNTc9ESlBLjPDbfXdVhSqWfuYbYP9tUDAL/Zo4FNkQSUa1Y//zC8eR/
YfzZ9KkYvMbRZxHqitH6+I9LRzc+EpMcNFLPQ6mAHmC64PlNFprNnI8ub43mPiri
Joza/BOgSJj9MfemJQ==
-----END CERTIFICATE-----
Generated at Sat May 25 10:43:16 2024 by rpki-client on console-fra.rpki-client.org