Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/1Nm7vE54YjL3Eu4wK9yTx1eSrr0.roa
File: 1Nm7vE54YjL3Eu4wK9yTx1eSrr0.roa (raw, json)
Hash identifier: iZTyRgvQWLT1Ope9xqn9HLazFBNH8eDxJ6OhieXX2DU=
Subject key identifier: D4:D9:BB:BC:4E:78:62:32:F7:12:EE:30:2B:DC:93:C7:57:92:AE:BD
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018AFFB284F9955A753A004A2F88D3DDCEA8
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/1Nm7vE54YjL3Eu4wK9yTx1eSrr0.roa
Signing time: Thu 05 Oct 2023 11:56:44 +0000
ROA not before: Thu 05 Oct 2023 11:56:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44881
IP address blocks: 46.161.12.0/23 maxlen: 23
5.8.56.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
37.139.48.0/23 maxlen: 23
5.188.222.0/24 maxlen: 24
146.185.244.0/23 maxlen: 23
91.243.62.0/23 maxlen: 23
46.161.42.0/24 maxlen: 24
5.8.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:b2:84:f9:95:5a:75:3a:00:4a:2f:88:d3:dd:ce:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Oct 5 11:56:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4d9bbbc4e786232f712ee302bdc93c75792aebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:7e:37:54:af:dc:34:6e:94:ff:69:7b:4e:
a0:a8:77:c9:b9:24:f5:ca:62:7a:18:8e:1a:b3:d2:
bf:f4:39:d3:7c:a9:54:83:67:69:20:56:30:d1:da:
17:61:4c:b0:34:27:9b:9b:c6:2b:a3:5a:a0:a1:fb:
f0:d4:bf:c9:ef:65:8d:de:c3:e0:7e:8a:c3:b1:31:
12:8c:af:e8:da:c6:3e:a8:24:f2:00:33:1a:8b:ed:
e3:86:ff:a3:74:3d:ca:83:6c:6f:90:a6:19:68:d6:
65:51:b2:1a:59:c8:1f:e3:84:3a:30:cd:21:5c:5b:
4d:cd:59:68:41:04:66:a8:89:07:ba:be:82:a6:0a:
96:a9:02:e5:01:16:41:1c:9c:98:e9:7c:f1:01:70:
3c:c2:cd:1d:5e:8f:a6:78:f4:45:dc:9c:a5:76:a0:
15:b1:ca:be:1a:04:f2:1b:21:f7:d9:e7:6a:15:01:
4d:51:3d:17:04:28:43:6f:06:b4:6d:e1:6a:33:34:
96:12:29:ce:2c:e1:04:e6:fc:ea:ff:94:c9:fe:84:
07:8e:ec:43:71:5c:de:14:fd:74:d1:92:4d:73:16:
2b:dd:0b:61:e4:23:e2:b2:4e:53:0d:11:09:55:a6:
d0:fe:33:4c:5a:49:30:60:da:5b:1b:a4:49:03:02:
05:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D9:BB:BC:4E:78:62:32:F7:12:EE:30:2B:DC:93:C7:57:92:AE:BD
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/1Nm7vE54YjL3Eu4wK9yTx1eSrr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.19.0/24
5.8.56.0/23
5.188.222.0/24
37.139.48.0/23
46.161.12.0/23
46.161.20.0/22
46.161.42.0/24
91.243.62.0/23
146.185.244.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:df:ae:19:c7:38:7d:5a:cc:bb:7d:3f:70:6d:b0:bc:c4:6f:
9d:df:6e:04:78:29:c5:c5:ca:e4:02:a9:26:d7:9b:29:f1:ae:
bc:ca:9f:a6:8e:08:e4:91:b7:1b:0a:e0:b1:b2:db:8a:a8:8c:
01:3e:a9:60:53:8d:50:47:37:9b:88:ae:4e:72:d0:f7:15:55:
be:c7:bc:b0:74:a9:92:ef:17:f6:5f:55:60:fe:48:19:a8:2e:
f9:a9:0a:ab:a8:64:c0:e1:27:28:45:a7:17:0f:9c:51:6a:1b:
a4:2e:b0:7a:5d:4f:82:2b:bb:9b:0a:fb:79:87:d5:d5:b2:5a:
24:a2:bb:ca:1b:55:4f:41:ca:10:95:84:ca:64:9d:e7:e8:88:
06:90:fb:f1:f1:de:8e:be:f2:96:23:cf:3d:97:1d:ca:9d:89:
f5:79:27:b2:7b:2d:58:83:70:53:f7:14:fb:b8:53:e0:6f:5e:
d2:22:d5:c7:e6:53:b5:2a:ac:0f:9d:db:3d:6d:6c:e6:1a:60:
c0:24:c9:60:bf:c3:34:8f:7f:1c:2e:8b:2d:86:ed:93:9a:08:
11:67:06:b4:57:44:b4:9a:df:b5:49:ec:4b:48:81:4d:a0:00:
4b:3e:ec:88:d9:ae:26:99:aa:a7:f0:01:a0:fb:2c:fb:47:cc:
ab:fe:2c:50
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYr/soT5lVp1OgBKL4jT3c6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMxMDA1MTE1NjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQ5YmJiYzRlNzg2MjMyZjcxMmVlMzAyYmRjOTNjNzU3OTJhZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbB+N1Sv3DRulP9pe06gqHfJuST1
ymJ6GI4as9K/9DnTfKlUg2dpIFYw0doXYUywNCebm8Yro1qgofvw1L/J72WN3sPg
forDsTESjK/o2sY+qCTyADMai+3jhv+jdD3Kg2xvkKYZaNZlUbIaWcgf44Q6MM0h
XFtNzVloQQRmqIkHur6CpgqWqQLlARZBHJyY6XzxAXA8ws0dXo+mePRF3JyldqAV
scq+GgTyGyH32edqFQFNUT0XBChDbwa0beFqMzSWEinOLOEE5vzq/5TJ/oQHjuxD
cVzeFP100ZJNcxYr3Qth5CPisk5TDREJVabQ/jNMWkkwYNpbG6RJAwIFgwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNTZu7xOeGIy9xLuMCvck8dXkq69MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvMU5tN3ZFNTRZakwzRXU0d0s5eVR4MWVTcnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABQgTAwQB
BQg4AwQABbzeAwQBJYswAwQBLqEMAwQCLqEUAwQALqEqAwQBW/M+AwQBkrn0MA0G
CSqGSIb3DQEBCwUAA4IBAQCo364Zxzh9Wsy7fT9wbbC8xG+d324EeCnFxcrkAqkm
15sp8a68yp+mjgjkkbcbCuCxstuKqIwBPqlgU41QRzebiK5OctD3FVW+x7ywdKmS
7xf2X1Vg/kgZqC75qQqrqGTA4ScoRacXD5xRahukLrB6XU+CK7ubCvt5h9XVslok
orvKG1VPQcoQlYTKZJ3n6IgGkPvx8d6OvvKWI889lx3KnYn1eSeyey1Yg3BT9xT7
uFPgb17SItXH5lO1KqwPnds9bWzmGmDAJMlgv8M0j38cLosthu2TmggRZwa0V0S0
mt+1SexLSIFNoABLPuyI2a4mmaqn8AGg+yz7R8yr/ixQ
-----END CERTIFICATE-----
Generated at Wed Dec 20 01:30:05 2023 by rpki-client on console-fra.rpki-client.org