Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/DhirB09NZMvxrxjaN3BGdZ9V6Kw.roa
File: DhirB09NZMvxrxjaN3BGdZ9V6Kw.roa (raw, json)
Hash identifier: jNJYgKyJOj+gLdJ2v2j5cIhn/EqQy9prGMkJC0sGPiY=
Subject key identifier: 0E:18:AB:07:4F:4D:64:CB:F1:AF:18:DA:37:70:46:75:9F:55:E8:AC
Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Certificate serial: 01856CF870EF25CDDDE76CCAE0AD576A18F1
Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/DhirB09NZMvxrxjaN3BGdZ9V6Kw.roa
Signing time: Sun 01 Jan 2023 10:54:59 +0000
ROA not before: Sun 01 Jan 2023 10:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47674
IP address blocks: 185.61.136.0/22 maxlen: 24
2a02:7a60::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:70:ef:25:cd:dd:e7:6c:ca:e0:ad:57:6a:18:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Validity
Not Before: Jan 1 10:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e18ab074f4d64cbf1af18da377046759f55e8ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:9e:7f:4a:94:49:3e:22:a0:df:cb:9b:68:
0a:c5:a8:a1:36:ee:d2:f5:83:ab:6a:6e:f5:83:58:
25:c4:78:ec:93:9a:2c:2b:78:12:f4:08:d2:f5:6c:
4e:21:c7:ab:3c:cd:36:6f:ca:77:7d:2b:87:82:01:
de:fe:ee:20:13:87:db:e1:d0:73:29:c4:83:b7:78:
5c:59:0f:9e:4d:91:58:12:98:dc:7b:57:06:4a:7c:
57:51:1d:c3:aa:a9:49:dd:96:bf:97:4e:fa:02:f0:
55:4f:44:79:7e:95:35:ad:39:7c:d0:9c:aa:b9:3c:
fc:38:cf:69:92:c7:dd:35:e9:07:a2:d6:91:6a:d2:
39:54:1f:bf:2a:32:e9:87:d8:cb:ee:28:2e:c8:71:
0c:cf:11:f2:14:b6:29:f5:e7:62:d8:9e:42:13:49:
00:54:e2:38:bd:e4:d0:5c:6b:21:b0:13:6a:9c:11:
38:d8:c4:2e:51:00:2f:4a:16:dc:58:39:89:46:b4:
50:56:5f:e0:32:31:10:4d:4e:f7:d8:21:a4:f8:d8:
a0:59:05:4b:ca:f0:ae:f0:bf:19:94:7d:3d:0b:49:
9a:1b:b1:65:2e:67:c2:a5:92:a8:36:8b:f4:ae:31:
ab:88:6d:1d:c2:65:9e:f1:27:80:a5:ad:3c:81:23:
e0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:18:AB:07:4F:4D:64:CB:F1:AF:18:DA:37:70:46:75:9F:55:E8:AC
X509v3 Authority Key Identifier:
keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/DhirB09NZMvxrxjaN3BGdZ9V6Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.136.0/22
IPv6:
2a02:7a60::/32
Signature Algorithm: sha256WithRSAEncryption
9e:5e:77:32:c1:e8:a8:ea:bb:45:ea:4c:92:33:a5:bb:1f:2c:
4c:33:b6:14:9f:f0:4d:00:21:ac:6e:6c:bf:c5:21:f4:27:e4:
e8:b8:21:2f:20:81:71:51:24:2b:33:80:47:b6:97:a1:af:da:
4e:4b:cb:3f:31:c3:7e:be:b3:fc:f4:2f:78:7c:94:07:6a:93:
3d:b6:ea:9f:35:f7:3d:17:4a:6f:e5:ba:38:f7:18:62:c5:96:
82:98:27:64:dd:a8:c4:7b:2e:7c:03:5a:e1:9c:83:0c:12:a0:
65:05:a6:32:56:05:25:ed:2f:2b:2b:e7:f7:13:5e:9c:60:be:
e4:6e:f8:f4:f1:7e:ef:3c:a6:fe:d4:6c:f7:79:4c:e9:7f:fb:
ce:63:15:a7:ba:36:03:4d:da:5a:ef:70:08:48:9c:ee:d9:49:
6d:cf:0a:5d:1c:9b:23:b4:9b:d1:e2:fe:da:2c:c6:7f:dd:6f:
ed:c7:e5:f8:ca:08:82:c5:19:09:72:dd:e9:8a:16:3d:a0:69:
73:43:b3:65:39:68:00:6d:e9:9d:d2:86:54:00:53:78:fc:98:
26:b1:85:b3:11:d1:e8:95:6c:6b:9a:13:1f:b2:59:a1:6e:e3:
55:0f:36:bc:67:73:35:5a:46:2a:fd:da:46:b2:8f:43:b1:36:
d1:ff:6f:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+HDvJc3d52zK4K1XahjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Yzk4YjJlNGEzZTA2MGRlZjQ1YWJjNjJjMGUzNDVmYWE4
MGI1ZWMwHhcNMjMwMTAxMTA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTE4YWIwNzRmNGQ2NGNiZjFhZjE4ZGEzNzcwNDY3NTlmNTVlOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1Kef0qUST4ioN/Lm2gKxaihNu7S
9YOram71g1glxHjsk5osK3gS9AjS9WxOIcerPM02b8p3fSuHggHe/u4gE4fb4dBz
KcSDt3hcWQ+eTZFYEpjce1cGSnxXUR3DqqlJ3Za/l076AvBVT0R5fpU1rTl80Jyq
uTz8OM9pksfdNekHotaRatI5VB+/KjLph9jL7iguyHEMzxHyFLYp9edi2J5CE0kA
VOI4veTQXGshsBNqnBE42MQuUQAvShbcWDmJRrRQVl/gMjEQTU732CGk+NigWQVL
yvCu8L8ZlH09C0maG7FlLmfCpZKoNov0rjGriG0dwmWe8SeApa08gSPgBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA4YqwdPTWTL8a8Y2jdwRnWfVeisMB8GA1UdIwQY
MBaAFEbJiy5KPgYN70WrxiwONF+qgLXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEt
MzQ0OTUyMjcxMGU3LzEvRGhpckIwOU5aTXZ4cnhqYU4zQkdkWjlWNkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEtMzQ0OTUyMjcxMGU3
LzEvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2IMA0E
AgACMAcDBQAqAnpgMA0GCSqGSIb3DQEBCwUAA4IBAQCeXncyweio6rtF6kySM6W7
HyxMM7YUn/BNACGsbmy/xSH0J+TouCEvIIFxUSQrM4BHtpehr9pOS8s/McN+vrP8
9C94fJQHapM9tuqfNfc9F0pv5bo49xhixZaCmCdk3ajEey58A1rhnIMMEqBlBaYy
VgUl7S8rK+f3E16cYL7kbvj08X7vPKb+1Gz3eUzpf/vOYxWnujYDTdpa73AISJzu
2UltzwpdHJsjtJvR4v7aLMZ/3W/tx+X4ygiCxRkJct3pihY9oGlzQ7NlOWgAbemd
0oZUAFN4/JgmsYWzEdHolWxrmhMfslmhbuNVDza8Z3M1WkYq/dpGso9DsTbR/28n
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:22 2024 by rpki-client on console-ams.rpki-client.org