Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/lnYNaY3jMFJgNy5ynLPcFD4bY08.roa
File: lnYNaY3jMFJgNy5ynLPcFD4bY08.roa (raw, json)
Hash identifier: D22f1UMNX5RAOtyg4rfTmWQcXjWeeJu7cYM66PpZmqc=
Subject key identifier: 96:76:0D:69:8D:E3:30:52:60:37:2E:72:9C:B3:DC:14:3E:1B:63:4F
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018A83459EE55AD820C69D45F9352BD6796C
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/lnYNaY3jMFJgNy5ynLPcFD4bY08.roa
Signing time: Mon 11 Sep 2023 08:04:52 +0000
ROA not before: Mon 11 Sep 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44881
IP address blocks: 46.161.12.0/23 maxlen: 23
5.8.56.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
37.139.48.0/23 maxlen: 23
146.185.244.0/23 maxlen: 23
91.243.62.0/23 maxlen: 23
5.8.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Oct 2023 07:09:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:45:9e:e5:5a:d8:20:c6:9d:45:f9:35:2b:d6:79:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Sep 11 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96760d698de3305260372e729cb3dc143e1b634f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:24:b8:6f:0a:e9:2e:7b:9f:2a:f3:43:f8:d5:
6c:fe:02:89:43:c6:4b:90:44:e0:09:69:8f:15:a5:
94:6e:2a:86:b8:5d:76:48:0b:43:7a:3b:4e:0a:74:
2f:0e:ca:f8:7c:35:2c:6d:7f:21:dc:8c:89:6f:f9:
d3:39:69:a6:42:00:9e:91:54:c4:60:81:96:4b:fd:
b9:03:a4:83:87:c8:81:ce:39:70:fc:14:88:98:30:
4a:fa:5e:23:54:f5:1f:03:5c:0c:e4:18:d3:5f:7c:
7c:03:89:33:ca:20:78:ad:15:d5:ef:62:c4:a7:2e:
71:d7:fb:87:33:c5:d1:a5:e6:dc:f4:ca:9b:91:de:
a2:94:0c:ed:63:c6:b9:34:70:1d:90:16:8b:ea:59:
a9:4f:37:b8:5a:60:ed:cb:c3:cf:f8:ac:e7:bb:ed:
34:32:80:b6:b8:e5:41:2e:21:cf:20:fb:84:48:8f:
32:0c:cb:43:65:81:94:08:74:c9:91:91:61:d9:c9:
46:3d:bf:3a:fe:0a:e1:f1:10:fe:dc:8d:15:d5:b6:
df:93:b6:f5:8f:ea:0d:ba:ba:13:78:43:5e:98:30:
b1:d2:9b:e6:b6:2d:7b:c7:1f:6c:fa:ac:e6:97:9e:
d5:1e:7d:26:64:80:c2:c0:77:ce:36:d6:28:43:a3:
3a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:76:0D:69:8D:E3:30:52:60:37:2E:72:9C:B3:DC:14:3E:1B:63:4F
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/lnYNaY3jMFJgNy5ynLPcFD4bY08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.19.0/24
5.8.56.0/23
37.139.48.0/23
46.161.12.0/23
46.161.20.0/22
91.243.62.0/23
146.185.244.0/23
Signature Algorithm: sha256WithRSAEncryption
57:0d:65:04:74:c5:9b:7d:79:84:e9:76:d8:66:c0:af:f6:bb:
de:cf:7d:df:0d:bc:ed:91:2f:d1:ef:41:f0:a2:65:7f:80:2f:
a0:4e:ed:eb:76:7a:d0:a0:fa:b8:77:22:c4:b7:8a:62:4d:5c:
b4:c6:4d:e6:6b:d3:90:19:58:2c:0f:ff:40:4a:f9:9b:9b:bb:
2b:1e:46:f8:30:14:29:6f:aa:92:52:1c:cd:55:53:72:f0:4a:
f9:5b:99:21:ad:d2:e4:19:56:79:5e:95:a1:e3:db:6d:ea:97:
b3:e6:57:02:a3:01:f0:63:38:92:81:a0:87:1c:56:50:ad:e3:
e2:dc:9a:97:70:4d:4b:a5:13:ea:9c:d4:c2:fd:66:0b:03:a7:
ea:da:b5:20:0d:d0:61:ea:e3:44:9d:41:c8:de:49:cc:49:bf:
9b:0a:95:de:15:8d:63:66:c0:b9:22:da:1d:ed:0a:ab:1b:4a:
16:38:28:fb:fc:dc:e4:ee:27:58:43:52:95:aa:ad:cf:d2:ae:
17:9f:af:5b:ed:b2:6c:81:24:fd:79:9e:e8:33:5e:fa:64:5a:
a0:54:a3:db:1e:a4:f4:fe:b6:08:32:e6:f9:11:a6:6a:f1:be:
e8:21:f5:57:14:6b:c7:1d:2d:80:94:e2:b8:c9:c1:1f:17:ba:
f7:df:29:48
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYqDRZ7lWtggxp1F+TUr1nlsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwOTExMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njc2MGQ2OThkZTMzMDUyNjAzNzJlNzI5Y2IzZGMxNDNlMWI2MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiS4bwrpLnufKvND+NVs/gKJQ8ZL
kETgCWmPFaWUbiqGuF12SAtDejtOCnQvDsr4fDUsbX8h3IyJb/nTOWmmQgCekVTE
YIGWS/25A6SDh8iBzjlw/BSImDBK+l4jVPUfA1wM5BjTX3x8A4kzyiB4rRXV72LE
py5x1/uHM8XRpebc9Mqbkd6ilAztY8a5NHAdkBaL6lmpTze4WmDty8PP+Kznu+00
MoC2uOVBLiHPIPuESI8yDMtDZYGUCHTJkZFh2clGPb86/grh8RD+3I0V1bbfk7b1
j+oNuroTeENemDCx0pvmti17xx9s+qzml57VHn0mZIDCwHfONtYoQ6M6aQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJZ2DWmN4zBSYDcucpyz3BQ+G2NPMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvbG5ZTmFZM2pNRkpnTnk1eW5MUGNGRDRiWTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABQgTAwQB
BQg4AwQBJYswAwQBLqEMAwQCLqEUAwQBW/M+AwQBkrn0MA0GCSqGSIb3DQEBCwUA
A4IBAQBXDWUEdMWbfXmE6XbYZsCv9rvez33fDbztkS/R70HwomV/gC+gTu3rdnrQ
oPq4dyLEt4piTVy0xk3ma9OQGVgsD/9ASvmbm7srHkb4MBQpb6qSUhzNVVNy8Er5
W5khrdLkGVZ5XpWh49tt6pez5lcCowHwYziSgaCHHFZQrePi3JqXcE1LpRPqnNTC
/WYLA6fq2rUgDdBh6uNEnUHI3knMSb+bCpXeFY1jZsC5Itod7QqrG0oWOCj7/Nzk
7idYQ1KVqq3P0q4Xn69b7bJsgST9eZ7oM176ZFqgVKPbHqT0/rYIMub5EaZq8b7o
IfVXFGvHHS2AlOK4ycEfF7r33ylI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org