Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/tbJ4lctczLf6lmd0X1iXxOek3Vo.roa
File: tbJ4lctczLf6lmd0X1iXxOek3Vo.roa (raw, json)
Hash identifier: OhZZTC+MBV3T1SA1WTQ5JWDTYLB0eFt//mXBVJaahTE=
Subject key identifier: B5:B2:78:95:CB:5C:CC:B7:FA:96:67:74:5F:58:97:C4:E7:A4:DD:5A
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 0185727A1E9DA9F4219D3924E40263E606C4
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/tbJ4lctczLf6lmd0X1iXxOek3Vo.roa
Signing time: Mon 02 Jan 2023 12:34:43 +0000
ROA not before: Mon 02 Jan 2023 12:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204079
IP address blocks: 46.36.98.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:1e:9d:a9:f4:21:9d:39:24:e4:02:63:e6:06:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Jan 2 12:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5b27895cb5cccb7fa9667745f5897c4e7a4dd5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9d:6b:c5:0b:1e:0f:09:62:be:86:d2:83:d1:
ce:3a:78:cf:75:70:29:a1:f9:13:d6:96:65:a6:ab:
55:01:64:3b:5b:d6:59:1e:f4:57:5a:69:82:64:b9:
78:bf:7e:36:13:2b:32:76:4a:78:26:fb:78:18:c7:
09:d0:c4:8c:ac:6b:40:8e:b2:10:67:aa:95:30:9b:
aa:5e:b8:c4:95:5d:bd:a0:17:79:3e:76:76:0e:da:
11:bf:7f:34:f5:8f:f3:d7:4b:e8:90:40:d0:72:3f:
bd:f7:df:e5:63:e9:a6:1d:0f:7c:79:a5:7d:95:f8:
57:6c:02:d5:26:02:d3:6f:7b:b8:e6:91:7b:6b:24:
bc:e5:40:a2:49:09:af:25:87:9d:9d:e0:be:1f:26:
63:ad:6f:d1:ea:7e:9f:2e:ea:89:63:ca:c5:b3:2c:
14:fd:12:b1:f6:8d:a5:d9:89:26:55:f6:fa:22:6a:
c1:43:01:93:70:7c:5b:81:da:fb:4f:25:47:bd:41:
17:a2:15:84:20:e5:ba:65:49:69:d2:f0:c0:57:b2:
46:b0:da:e0:80:b1:89:70:6e:de:76:7d:ff:8a:a1:
c7:b4:e2:c3:d1:ad:a1:e5:cc:54:b2:f3:cb:f6:f6:
de:59:28:88:a2:5a:80:9c:ba:df:05:9e:7f:34:c5:
56:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B2:78:95:CB:5C:CC:B7:FA:96:67:74:5F:58:97:C4:E7:A4:DD:5A
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/tbJ4lctczLf6lmd0X1iXxOek3Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.98.0/24
Signature Algorithm: sha256WithRSAEncryption
48:f8:fc:c2:99:fb:99:d3:3f:86:97:39:b7:61:25:1b:28:d3:
c7:51:86:01:80:94:c7:9b:f9:e7:cf:64:30:0f:e6:a6:da:7d:
43:ba:82:72:f2:e3:7e:b0:5e:45:27:3c:4f:01:32:64:6d:48:
ad:49:45:3a:24:96:c1:7d:16:21:b2:a0:77:cb:f3:40:24:46:
ae:10:07:ce:ff:4d:ec:30:5f:00:c1:a6:52:e5:b0:61:c4:da:
98:0a:3e:c3:57:62:bf:69:25:27:8c:61:3b:a1:af:32:9e:ed:
4d:a2:5c:a9:55:2f:78:48:e8:22:1b:3a:b0:51:a6:83:0d:4a:
a1:59:f1:e6:93:d7:85:15:98:8a:41:f2:24:65:63:91:cf:56:
37:63:47:4d:ec:8a:23:57:dc:6b:5f:0b:38:d0:51:c9:0d:a6:
54:c7:00:90:90:f8:17:9a:13:28:00:fa:60:93:17:a7:6d:b9:
af:c0:3d:0f:16:21:c9:8d:af:6f:4a:d9:dc:d4:4a:97:bd:4b:
e4:6e:d9:f8:9b:11:81:bf:62:c8:0d:2d:3f:e5:04:33:86:26:
a2:97:9a:78:6f:b2:cd:65:8a:fd:01:5f:9a:9d:a8:69:a4:17:
dc:74:51:f2:f2:98:58:6c:45:c4:6b:af:5e:af:aa:d4:7d:2f:
32:f6:cd:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyeh6dqfQhnTkk5AJj5gbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjMwMTAyMTIzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWIyNzg5NWNiNWNjY2I3ZmE5NjY3NzQ1ZjU4OTdjNGU3YTRkZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp1rxQseDwlivobSg9HOOnjPdXAp
ofkT1pZlpqtVAWQ7W9ZZHvRXWmmCZLl4v342Eysydkp4Jvt4GMcJ0MSMrGtAjrIQ
Z6qVMJuqXrjElV29oBd5PnZ2DtoRv3809Y/z10vokEDQcj+999/lY+mmHQ98eaV9
lfhXbALVJgLTb3u45pF7ayS85UCiSQmvJYedneC+HyZjrW/R6n6fLuqJY8rFsywU
/RKx9o2l2YkmVfb6ImrBQwGTcHxbgdr7TyVHvUEXohWEIOW6ZUlp0vDAV7JGsNrg
gLGJcG7edn3/iqHHtOLD0a2h5cxUsvPL9vbeWSiIolqAnLrfBZ5/NMVWNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWyeJXLXMy3+pZndF9Yl8TnpN1aMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvdGJKNGxjdGN6TGY2bG1kMFgxaVh4T2VrM1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiRiMA0G
CSqGSIb3DQEBCwUAA4IBAQBI+PzCmfuZ0z+Glzm3YSUbKNPHUYYBgJTHm/nnz2Qw
D+am2n1DuoJy8uN+sF5FJzxPATJkbUitSUU6JJbBfRYhsqB3y/NAJEauEAfO/03s
MF8AwaZS5bBhxNqYCj7DV2K/aSUnjGE7oa8ynu1NolypVS94SOgiGzqwUaaDDUqh
WfHmk9eFFZiKQfIkZWORz1Y3Y0dN7IojV9xrXws40FHJDaZUxwCQkPgXmhMoAPpg
kxenbbmvwD0PFiHJja9vStnc1EqXvUvkbtn4mxGBv2LIDS0/5QQzhiail5p4b7LN
ZYr9AV+anahppBfcdFHy8phYbEXEa69er6rUfS8y9s1h
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:25 2024 by rpki-client on console-fra.rpki-client.org