Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/R11L1dCbmYAl1WWZVQfAXJMt5zk.roa
File: R11L1dCbmYAl1WWZVQfAXJMt5zk.roa (raw, json)
Hash identifier: rGgNUAVIzqT96WEm0SSrom+zoXqsvo+Myx4oRZoSn4Y=
Subject key identifier: 47:5D:4B:D5:D0:9B:99:80:25:D5:65:99:55:07:C0:5C:93:2D:E7:39
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FBA5344FB44BE8AA2C357FCA00407
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/R11L1dCbmYAl1WWZVQfAXJMt5zk.roa
Signing time: Tue 02 Jan 2024 04:30:14 +0000
ROA not before: Tue 02 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 46.173.240.0/21 maxlen: 21
91.233.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 08 Jan 2024 13:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ba:53:44:fb:44:be:8a:a2:c3:57:fc:a0:04:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=475d4bd5d09b998025d565995507c05c932de739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:0a:2d:02:6d:1e:06:68:c9:7a:a2:8b:08:
38:5b:00:18:22:1c:67:7a:e8:82:05:83:ce:69:04:
27:f2:59:d0:fa:07:08:a1:f1:dd:df:cd:2a:3f:0a:
7a:70:c6:ac:6e:0a:5b:44:dc:4e:33:bc:fb:5c:bb:
36:fb:34:7d:b8:9d:85:b2:6e:c4:c7:36:2d:0b:9e:
d6:2a:12:96:4f:34:03:d8:f5:88:d0:83:4d:d3:74:
06:55:c1:cd:90:07:ed:b4:39:ca:96:1d:fd:e5:8a:
4d:e8:80:f2:d8:86:c1:5f:9b:c3:b4:63:9f:e3:bb:
d0:8f:f0:c1:41:a7:94:c2:7d:0e:68:cc:0e:93:d3:
fd:21:e9:f7:b8:8e:eb:7c:b3:d9:58:b9:8e:f5:58:
cc:e6:4d:3a:36:e5:46:5b:dc:c9:b1:6f:2e:02:27:
9f:45:72:14:c9:56:6f:08:8c:19:d2:50:e3:65:1e:
e3:4a:6b:6f:22:fd:9e:5f:f1:1d:36:64:2f:02:b4:
46:a0:eb:0d:61:e7:23:b5:98:1b:d8:d4:bf:88:63:
67:74:c2:e9:d1:c6:d6:d9:e4:8b:fc:0a:67:db:ce:
b7:cf:ad:99:98:37:7f:39:99:0d:23:ef:d4:56:8f:
40:36:86:ca:3f:db:9c:9d:6d:5a:bf:f2:bc:82:f3:
ad:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5D:4B:D5:D0:9B:99:80:25:D5:65:99:55:07:C0:5C:93:2D:E7:39
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/R11L1dCbmYAl1WWZVQfAXJMt5zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.240.0/21
91.233.0.0/23
Signature Algorithm: sha256WithRSAEncryption
27:fb:49:eb:e4:69:9a:4e:f3:eb:d8:c1:1a:66:da:94:2d:de:
28:d4:f6:73:40:5a:b7:fd:38:f8:b6:23:b7:66:f1:06:ce:b3:
0e:c3:ec:2e:62:ff:77:04:79:d7:4e:08:e2:d4:66:9c:df:cd:
0d:13:2e:a8:90:0f:31:45:c7:b8:7a:c5:17:bd:ba:84:98:fe:
71:2c:30:e5:97:45:30:75:1b:aa:14:76:90:7c:fe:37:ae:3b:
bc:06:94:bc:84:3d:32:c9:cf:bb:a9:fb:ea:a6:46:ad:6a:db:
e1:e9:5d:57:a7:fb:ff:6e:88:81:b6:cb:a3:f9:77:b6:ce:ef:
05:95:d4:01:dd:79:a0:4e:ff:c6:dc:ec:c2:12:05:e5:32:e9:
9f:dd:ad:b2:e8:dc:da:0f:b7:8b:6d:f8:af:28:cd:d6:70:fa:
42:4e:13:c4:dd:2f:11:f5:d6:52:a1:1b:c8:dd:64:43:b3:1b:
8e:32:95:9f:4f:c4:16:7e:54:3b:11:e8:04:54:0d:e8:23:18:
59:13:a6:ca:41:e4:85:d3:3e:51:7c:61:cb:09:1a:ad:4c:19:
30:87:6d:14:96:61:96:ba:6e:71:1d:6c:5f:6b:05:36:1d:2b:
d4:7f:47:12:7c:79:c6:99:4e:7e:24:a2:fa:2c:9f:e6:3c:8d:
7e:8d:f7:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb7pTRPtEvoqiw1f8oAQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzVkNGJkNWQwOWI5OTgwMjVkNTY1OTk1NTA3YzA1YzkzMmRlNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwkKLQJtHgZoyXqiiwg4WwAYIhxn
euiCBYPOaQQn8lnQ+gcIofHd380qPwp6cMasbgpbRNxOM7z7XLs2+zR9uJ2Fsm7E
xzYtC57WKhKWTzQD2PWI0INN03QGVcHNkAfttDnKlh395YpN6IDy2IbBX5vDtGOf
47vQj/DBQaeUwn0OaMwOk9P9Ien3uI7rfLPZWLmO9VjM5k06NuVGW9zJsW8uAief
RXIUyVZvCIwZ0lDjZR7jSmtvIv2eX/EdNmQvArRGoOsNYecjtZgb2NS/iGNndMLp
0cbW2eSL/Apn2863z62ZmDd/OZkNI+/UVo9ANobKP9ucnW1av/K8gvOt8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEddS9XQm5mAJdVlmVUHwFyTLec5MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUjExTDFkQ2JtWUFsMVdXWlZRZkFYSk10NXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq3wAwQB
W+kAMA0GCSqGSIb3DQEBCwUAA4IBAQAn+0nr5GmaTvPr2MEaZtqULd4o1PZzQFq3
/Tj4tiO3ZvEGzrMOw+wuYv93BHnXTgji1Gac380NEy6okA8xRce4esUXvbqEmP5x
LDDll0UwdRuqFHaQfP43rju8BpS8hD0yyc+7qfvqpkatatvh6V1Xp/v/boiBtsuj
+Xe2zu8FldQB3XmgTv/G3OzCEgXlMumf3a2y6NzaD7eLbfivKM3WcPpCThPE3S8R
9dZSoRvI3WRDsxuOMpWfT8QWflQ7EegEVA3oIxhZE6bKQeSF0z5RfGHLCRqtTBkw
h20UlmGWum5xHWxfawU2HSvUf0cSfHnGmU5+JKL6LJ/mPI1+jfdg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org