Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/bVUe1kF4uiC4IkoGwUCkg6MRi9g.roa
File: bVUe1kF4uiC4IkoGwUCkg6MRi9g.roa (raw, json)
Hash identifier: BXnXjMKSXhrX2rDIMYASi0crwedXsQxa6LZTNIG2Twk=
Subject key identifier: 6D:55:1E:D6:41:78:BA:20:B8:22:4A:06:C1:40:A4:83:A3:11:8B:D8
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 018D9D6EFFC98695B7DA7DB6E71C322AB7A3
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/bVUe1kF4uiC4IkoGwUCkg6MRi9g.roa
Signing time: Mon 12 Feb 2024 13:08:33 +0000
ROA not before: Mon 12 Feb 2024 13:08:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51759
IP address blocks: 46.36.96.0/23 maxlen: 23
46.36.96.0/24 maxlen: 24
46.36.97.0/24 maxlen: 24
46.36.100.0/24 maxlen: 24
46.36.103.0/24 maxlen: 24
46.36.104.0/24 maxlen: 24
46.36.105.0/24 maxlen: 24
46.36.107.0/24 maxlen: 24
46.36.108.0/23 maxlen: 23
46.36.108.0/24 maxlen: 24
46.36.109.0/24 maxlen: 24
46.36.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 10:34:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:6e:ff:c9:86:95:b7:da:7d:b6:e7:1c:32:2a:b7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Feb 12 13:08:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d551ed64178ba20b8224a06c140a483a3118bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:47:df:8f:c7:56:06:50:6c:6c:bf:a7:ca:d0:
9a:ba:14:66:0b:ec:cf:26:12:84:b5:6c:9e:2e:4d:
0d:66:3e:e8:c6:31:05:33:ef:68:1d:6c:49:31:ea:
67:12:6c:87:32:76:f4:dd:dc:0f:83:8f:88:62:62:
e4:76:f1:27:11:f1:ef:ae:ea:4e:f5:bc:49:c8:1e:
5f:3a:34:30:03:47:3a:00:1e:4c:2e:7c:22:ba:ad:
4b:d1:ba:4c:84:ab:61:56:b0:71:1b:59:57:b8:20:
36:92:63:2c:23:62:da:44:cd:3e:02:11:73:2a:81:
da:e8:09:04:0e:2d:a6:6c:1d:da:f5:4f:1f:b9:61:
3e:f6:8b:59:6d:34:ae:f6:80:54:f8:7a:01:30:54:
9e:b5:6f:8e:fa:0f:be:c1:5a:8a:bc:43:e2:18:e3:
b5:61:a7:ef:de:db:10:df:d4:61:65:13:b2:dd:d2:
2a:2b:45:25:a2:6b:11:61:9f:10:13:88:dc:7a:40:
4a:a5:a6:93:7e:fb:92:fe:f6:d1:cf:6b:a2:31:21:
85:fa:c6:ab:c2:71:de:a0:4a:3d:ed:d3:90:55:9f:
ad:71:81:40:36:48:cc:47:a0:89:64:47:4e:3b:a4:
30:e0:b6:5d:43:a0:49:47:47:7d:b2:40:ea:af:5a:
fd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:55:1E:D6:41:78:BA:20:B8:22:4A:06:C1:40:A4:83:A3:11:8B:D8
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/bVUe1kF4uiC4IkoGwUCkg6MRi9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.96.0/23
46.36.100.0/24
46.36.103.0-46.36.105.255
46.36.107.0-46.36.110.255
Signature Algorithm: sha256WithRSAEncryption
31:f5:10:45:54:64:b5:b2:5d:91:02:bb:b1:3a:3b:41:d0:c5:
ce:56:c1:e9:b5:1d:16:a2:eb:60:70:04:96:a4:66:22:2b:31:
00:3b:5a:8e:71:f2:8f:63:d1:ba:41:45:82:80:71:8c:30:14:
96:7b:42:3a:44:54:e8:6d:4e:0e:cf:1c:89:c9:d9:76:39:4b:
56:f0:45:26:d1:9b:2b:e7:a1:0f:e7:9b:e5:ba:3f:19:76:1c:
80:41:91:2a:02:a5:d4:53:8c:cd:22:bf:b1:31:da:cc:91:cf:
e2:b9:c1:cf:f6:31:72:0c:c2:07:ea:cf:6f:6c:50:43:3b:fd:
fa:2f:86:3c:60:a8:0c:26:e3:c4:75:3a:90:7f:d0:27:fb:90:
90:67:91:d3:43:d4:19:66:f9:f2:31:29:e7:c3:63:db:a6:c9:
67:43:99:04:5b:68:bc:3e:5a:f7:88:0f:a8:c8:a1:47:aa:b0:
d7:54:8c:ac:b5:26:20:23:ec:fe:eb:42:95:ac:59:cf:46:c5:
90:dc:c0:bf:b4:f4:ee:41:ba:5c:55:80:ee:d7:eb:21:3c:67:
e3:ed:7a:0b:51:8d:0d:e1:45:8c:b1:d4:ce:32:62:38:99:b9:
32:a4:9d:23:ac:24:47:14:3f:cd:59:36:20:c8:53:1a:a6:ca:
39:c9:91:dd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY2dbv/JhpW32n225xwyKrejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjQwMjEyMTMwODMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDU1MWVkNjQxNzhiYTIwYjgyMjRhMDZjMTQwYTQ4M2EzMTE4YmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEffj8dWBlBsbL+nytCauhRmC+zP
JhKEtWyeLk0NZj7oxjEFM+9oHWxJMepnEmyHMnb03dwPg4+IYmLkdvEnEfHvrupO
9bxJyB5fOjQwA0c6AB5MLnwiuq1L0bpMhKthVrBxG1lXuCA2kmMsI2LaRM0+AhFz
KoHa6AkEDi2mbB3a9U8fuWE+9otZbTSu9oBU+HoBMFSetW+O+g++wVqKvEPiGOO1
Yafv3tsQ39RhZROy3dIqK0UlomsRYZ8QE4jcekBKpaaTfvuS/vbRz2uiMSGF+sar
wnHeoEo97dOQVZ+tcYFANkjMR6CJZEdOO6Qw4LZdQ6BJR0d9skDqr1r9kwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFG1VHtZBeLoguCJKBsFApIOjEYvYMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvYlZVZTFrRjR1aUM0SWtvR3dVQ2tnNk1SaTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBLiRgAwQA
LiRkMAwDBAAuJGcDBAEuJGgwDAMEAC4kawMEAC4kbjANBgkqhkiG9w0BAQsFAAOC
AQEAMfUQRVRktbJdkQK7sTo7QdDFzlbB6bUdFqLrYHAElqRmIisxADtajnHyj2PR
ukFFgoBxjDAUlntCOkRU6G1ODs8cicnZdjlLVvBFJtGbK+ehD+eb5bo/GXYcgEGR
KgKl1FOMzSK/sTHazJHP4rnBz/YxcgzCB+rPb2xQQzv9+i+GPGCoDCbjxHU6kH/Q
J/uQkGeR00PUGWb58jEp58Nj26bJZ0OZBFtovD5a94gPqMihR6qw11SMrLUmICPs
/utClaxZz0bFkNzAv7T07kG6XFWA7tfrITxn4+16C1GNDeFFjLHUzjJiOJm5MqSd
I6wkRxQ/zVk2IMhTGqbKOcmR3Q==
-----END CERTIFICATE-----
Generated at Thu Feb 15 15:57:07 2024 by rpki-client on console-ams.rpki-client.org