Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/2B0yz6IvvK27WuvvUdpPVTKjhXM.roa
File: 2B0yz6IvvK27WuvvUdpPVTKjhXM.roa (raw, json)
Hash identifier: 5a9FauiVRfcYA4T8sgO5FRQexyWrOZpQZq6mD4rKY8U=
Subject key identifier: D8:1D:32:CF:A2:2F:BC:AD:BB:5A:EB:EF:51:DA:4F:55:32:A3:85:73
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56E05FF11746EB2522D4BEF17109E10
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/2B0yz6IvvK27WuvvUdpPVTKjhXM.roa
Signing time: Mon 01 Jan 2024 14:29:31 +0000
ROA not before: Mon 01 Jan 2024 14:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44881
IP address blocks: 46.161.12.0/23 maxlen: 23
5.8.56.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
37.139.48.0/23 maxlen: 23
5.188.222.0/24 maxlen: 24
146.185.244.0/23 maxlen: 23
91.243.62.0/23 maxlen: 23
46.161.42.0/24 maxlen: 24
5.8.16.0/24 maxlen: 24
5.8.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 06:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:05:ff:11:74:6e:b2:52:2d:4b:ef:17:10:9e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d81d32cfa22fbcadbb5aebef51da4f5532a38573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1d:85:16:a4:8d:23:23:d0:4c:56:0a:e0:0c:
a2:ce:26:a3:d0:34:1e:fe:b4:78:35:c3:bd:52:66:
2e:f4:89:07:51:4e:bb:4a:7f:dd:8d:7d:20:80:fa:
7a:a6:be:f9:1e:d8:5c:aa:5a:eb:e6:21:e8:75:a3:
9f:20:ab:fa:a7:9c:da:67:4b:92:30:bc:06:cb:9c:
63:eb:80:9c:2e:db:48:fa:99:c8:64:8d:e1:c5:78:
46:af:8a:16:01:32:23:77:83:da:7f:71:6a:f0:7c:
6c:b3:a2:ac:d2:72:03:2b:14:3b:dd:1f:5f:58:97:
25:dc:a5:b0:30:b9:d8:a4:5d:a3:b3:fc:17:f4:ad:
c1:62:af:11:41:80:61:ee:96:67:23:b6:e4:bb:25:
47:39:81:b2:9d:11:57:02:7c:f0:40:0b:aa:07:45:
6b:1e:9d:01:b6:e5:cf:b6:b6:2b:c1:e6:55:57:d6:
d5:2d:a5:e3:e8:9e:60:5e:a4:fa:fe:49:17:4d:ad:
54:1d:ad:bd:4d:7d:69:b1:1a:ca:2c:2c:c0:74:33:
0f:4d:a5:0f:ee:b6:98:23:65:b3:93:2e:4e:30:fd:
5b:af:9f:17:a0:43:ec:c9:fa:5e:8f:10:ba:0e:a8:
42:49:6f:c1:76:ba:be:f0:d7:2c:a1:82:a7:ec:59:
79:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1D:32:CF:A2:2F:BC:AD:BB:5A:EB:EF:51:DA:4F:55:32:A3:85:73
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/2B0yz6IvvK27WuvvUdpPVTKjhXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.16.0/24
5.8.19.0/24
5.8.56.0/23
5.188.222.0/24
37.139.48.0/23
46.161.12.0/23
46.161.20.0/22
46.161.42.0/24
91.243.62.0/23
146.185.244.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:24:f8:4f:a7:2c:db:db:3e:ba:fe:38:68:6d:d5:49:a1:cc:
13:71:c4:92:ae:26:17:18:f9:60:25:00:2b:74:86:37:d7:05:
d4:51:85:77:29:f7:92:3f:83:47:3b:cf:f5:c3:3a:d1:04:95:
15:4f:aa:2d:50:66:14:6e:f2:81:3a:ed:1f:8d:31:77:05:4a:
bc:de:8c:62:0c:a3:47:c6:40:0d:b2:2c:4c:73:e4:cf:36:fc:
9b:44:99:ad:53:26:0c:2f:51:04:82:a7:73:b5:67:14:e8:a5:
d1:f8:6c:d2:3b:16:89:d2:ba:e8:64:23:eb:9c:cd:e9:a5:5a:
34:bc:69:c2:f6:05:97:8e:21:95:51:83:45:5b:54:c0:37:69:
65:30:f2:ba:5c:af:7b:54:9d:61:6c:f3:7c:53:c3:3c:92:40:
db:6b:41:5c:48:df:d4:c0:a7:d9:14:7f:6b:fe:7d:c0:86:04:
b9:91:e3:67:60:5e:0e:fa:05:ef:3c:89:0f:0f:65:8f:16:1b:
2a:01:43:94:a9:7a:15:9d:13:ac:8a:d4:a2:d1:3d:6b:13:f0:
0e:9c:51:5e:df:e7:1b:b9:2f:98:4d:75:39:b2:4f:87:dc:68:
82:36:e1:87:ea:c6:41:65:11:36:e4:2f:f3:67:24:39:73:fb:
30:7c:21:6f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzFbgX/EXRuslItS+8XEJ4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFkMzJjZmEyMmZiY2FkYmI1YWViZWY1MWRhNGY1NTMyYTM4NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth2FFqSNIyPQTFYK4Ayiziaj0DQe
/rR4NcO9UmYu9IkHUU67Sn/djX0ggPp6pr75Hthcqlrr5iHodaOfIKv6p5zaZ0uS
MLwGy5xj64CcLttI+pnIZI3hxXhGr4oWATIjd4Paf3Fq8Hxss6Ks0nIDKxQ73R9f
WJcl3KWwMLnYpF2js/wX9K3BYq8RQYBh7pZnI7bkuyVHOYGynRFXAnzwQAuqB0Vr
Hp0BtuXPtrYrweZVV9bVLaXj6J5gXqT6/kkXTa1UHa29TX1psRrKLCzAdDMPTaUP
7raYI2Wzky5OMP1br58XoEPsyfpejxC6DqhCSW/Bdrq+8NcsoYKn7Fl5WwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNgdMs+iL7ytu1rr71HaT1Uyo4VzMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvMkIweXo2SXZ2SzI3V3V2dlVkcFBWVEtqaFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABQgQAwQA
BQgTAwQBBQg4AwQABbzeAwQBJYswAwQBLqEMAwQCLqEUAwQALqEqAwQBW/M+AwQB
krn0MA0GCSqGSIb3DQEBCwUAA4IBAQCwJPhPpyzb2z66/jhobdVJocwTccSSriYX
GPlgJQArdIY31wXUUYV3KfeSP4NHO8/1wzrRBJUVT6otUGYUbvKBOu0fjTF3BUq8
3oxiDKNHxkANsixMc+TPNvybRJmtUyYML1EEgqdztWcU6KXR+GzSOxaJ0rroZCPr
nM3ppVo0vGnC9gWXjiGVUYNFW1TAN2llMPK6XK97VJ1hbPN8U8M8kkDba0FcSN/U
wKfZFH9r/n3AhgS5keNnYF4O+gXvPIkPD2WPFhsqAUOUqXoVnROsitSi0T1rE/AO
nFFe3+cbuS+YTXU5sk+H3GiCNuGH6sZBZRE25C/zZyQ5c/swfCFv
-----END CERTIFICATE-----
Generated at Thu Mar 14 09:18:39 2024 by rpki-client on console-ams.rpki-client.org