Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/40doIEv7nmUmbfx8eCozUvFzxUo.roa
File: 40doIEv7nmUmbfx8eCozUvFzxUo.roa (raw, json)
Hash identifier: Jgf3N2M251fmtqxoCLeQJ44wYoJ4TsZIrF1xYOnZjQE=
Subject key identifier: E3:47:68:20:4B:FB:9E:65:26:6D:FC:7C:78:2A:33:52:F1:73:C5:4A
Certificate issuer: /CN=f676887f22ecda8d074815a0bcf91faf81942abd
Certificate serial: 018CF2F87DDCE85089EBD8DED04B0F5A6AA8
Authority key identifier: F6:76:88:7F:22:EC:DA:8D:07:48:15:A0:BC:F9:1F:AF:81:94:2A:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9naIfyLs2o0HSBWgvPkfr4GUKr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/40doIEv7nmUmbfx8eCozUvFzxUo.roa
Signing time: Wed 10 Jan 2024 10:43:40 +0000
ROA not before: Wed 10 Jan 2024 10:43:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44694
IP address blocks: 46.16.38.0/24 maxlen: 24
2a14:6480::/29 maxlen: 33
Validation: Failed, certificate revoked on Fri 12 Jan 2024 09:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:f8:7d:dc:e8:50:89:eb:d8:de:d0:4b:0f:5a:6a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f676887f22ecda8d074815a0bcf91faf81942abd
Validity
Not Before: Jan 10 10:43:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e34768204bfb9e65266dfc7c782a3352f173c54a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ec:31:31:a8:5d:5c:51:09:7f:b9:a5:66:6b:
59:a3:96:da:56:58:75:49:23:5e:e0:13:b5:a0:2c:
8a:bc:7f:e5:e1:ec:00:0c:01:38:8f:9e:91:fe:ea:
8c:cb:78:a4:86:a8:7c:54:62:08:6c:ea:7a:cd:7c:
f6:8b:15:ec:61:40:5e:c1:34:df:ef:cb:92:1d:23:
3f:49:7a:66:d2:15:91:0e:3e:be:c2:09:14:5b:52:
d6:9c:3f:64:18:6c:ea:02:c8:fa:35:ee:74:21:fe:
a5:d0:0e:88:c1:94:fa:52:5b:1b:17:1d:4e:47:b5:
5b:24:f1:61:48:ab:3a:90:ab:37:df:7b:8b:66:aa:
7c:b5:2e:f2:10:2c:5d:df:0a:5b:eb:8b:12:1e:f1:
1d:f6:d2:7e:2b:de:fd:a1:c3:64:13:2a:4e:b3:72:
ea:82:5d:d0:63:47:61:10:79:1d:0b:b5:d1:39:3e:
09:62:56:aa:16:26:fd:e8:76:e1:0b:a2:a4:1c:69:
8e:f7:6d:bd:c1:b9:c6:27:77:18:6d:1b:28:67:51:
cb:bb:8a:31:b6:66:b0:47:45:a4:ef:14:96:a5:ee:
e0:cf:b8:e0:2e:3f:ef:1d:2c:97:d7:f7:b3:a8:40:
a7:86:d3:82:36:f7:d2:13:3e:6c:ce:57:3c:cd:a1:
4b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:47:68:20:4B:FB:9E:65:26:6D:FC:7C:78:2A:33:52:F1:73:C5:4A
X509v3 Authority Key Identifier:
keyid:F6:76:88:7F:22:EC:DA:8D:07:48:15:A0:BC:F9:1F:AF:81:94:2A:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9naIfyLs2o0HSBWgvPkfr4GUKr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/40doIEv7nmUmbfx8eCozUvFzxUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.38.0/24
IPv6:
2a14:6480::/29
Signature Algorithm: sha256WithRSAEncryption
60:70:3e:4e:6b:84:70:18:8e:02:4b:7a:18:37:de:db:14:19:
be:db:b8:bb:d2:8b:b0:40:13:a2:d6:f4:d2:3e:5b:c5:21:e0:
62:5c:2e:8e:79:8a:d2:10:40:7c:bf:df:a9:c7:94:a0:28:ac:
79:bf:74:c4:60:50:dd:2f:f6:3e:67:2f:60:e2:b6:59:32:c9:
28:1d:4d:ce:ed:1b:2f:ce:54:ac:ee:df:82:0c:81:5e:e4:ce:
44:47:3d:26:06:37:d6:cb:44:0a:e1:dd:17:c2:44:c8:19:7c:
cc:53:f3:24:eb:59:2f:f4:78:dc:ee:f9:21:63:d1:29:1a:a8:
c4:84:95:16:f7:22:20:7e:80:34:2f:c3:fc:a4:03:a7:c2:84:
a5:98:c0:61:f4:f8:6d:6b:76:9b:98:c9:cb:6c:aa:00:cc:eb:
fe:44:ae:1e:5c:d9:c3:97:f7:05:b0:45:a1:4b:ca:75:71:b2:
22:96:92:bd:e4:d6:75:6d:ac:06:cd:ed:02:86:b8:61:29:f1:
33:22:c3:a3:09:13:ee:14:81:1b:cf:fb:37:7a:1b:7e:2d:8a:
23:29:50:c9:06:f2:e1:9b:a1:49:6d:d9:aa:bb:a5:a9:b7:e4:
b6:5a:0f:4a:93:5c:46:8d:83:b1:66:79:86:6f:cc:00:33:7f:
0a:e1:02:55
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzy+H3c6FCJ69je0EsPWmqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NzY4ODdmMjJlY2RhOGQwNzQ4MTVhMGJjZjkxZmFmODE5
NDJhYmQwHhcNMjQwMTEwMTA0MzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQ3NjgyMDRiZmI5ZTY1MjY2ZGZjN2M3ODJhMzM1MmYxNzNjNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOwxMahdXFEJf7mlZmtZo5baVlh1
SSNe4BO1oCyKvH/l4ewADAE4j56R/uqMy3ikhqh8VGIIbOp6zXz2ixXsYUBewTTf
78uSHSM/SXpm0hWRDj6+wgkUW1LWnD9kGGzqAsj6Ne50If6l0A6IwZT6UlsbFx1O
R7VbJPFhSKs6kKs333uLZqp8tS7yECxd3wpb64sSHvEd9tJ+K979ocNkEypOs3Lq
gl3QY0dhEHkdC7XROT4JYlaqFib96HbhC6KkHGmO9229wbnGJ3cYbRsoZ1HLu4ox
tmawR0Wk7xSWpe7gz7jgLj/vHSyX1/ezqECnhtOCNvfSEz5szlc8zaFLmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFONHaCBL+55lJm38fHgqM1Lxc8VKMB8GA1UdIwQY
MBaAFPZ2iH8i7NqNB0gVoLz5H6+BlCq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW5hSWZ5THMybzBIU0JXZ3ZQa2ZyNEdVS3IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jYmM0YmItOTk5Yy00OTg4LWExZTEt
Y2QyZGNiMzU1NjU1LzEvNDBkb0lFdjdubVVtYmZ4OGVDb3pVdkZ6eFVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jYmM0YmItOTk5Yy00OTg4LWExZTEtY2QyZGNiMzU1NjU1
LzEvOW5hSWZ5THMybzBIU0JXZ3ZQa2ZyNEdVS3IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALhAmMA0E
AgACMAcDBQMqFGSAMA0GCSqGSIb3DQEBCwUAA4IBAQBgcD5Oa4RwGI4CS3oYN97b
FBm+27i70ouwQBOi1vTSPlvFIeBiXC6OeYrSEEB8v9+px5SgKKx5v3TEYFDdL/Y+
Zy9g4rZZMskoHU3O7RsvzlSs7t+CDIFe5M5ERz0mBjfWy0QK4d0XwkTIGXzMU/Mk
61kv9Hjc7vkhY9EpGqjEhJUW9yIgfoA0L8P8pAOnwoSlmMBh9Phta3abmMnLbKoA
zOv+RK4eXNnDl/cFsEWhS8p1cbIilpK95NZ1bawGze0ChrhhKfEzIsOjCRPuFIEb
z/s3eht+LYojKVDJBvLhm6FJbdmqu6Wpt+S2Wg9Kk1xGjYOxZnmGb8wAM38K4QJV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:01 2024 by rpki-client on console-fra.rpki-client.org