Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/vnJmoWlwXwyhuk62Ep4BOIVFHWw.roa
File: vnJmoWlwXwyhuk62Ep4BOIVFHWw.roa (raw, json)
Hash identifier: 8yt5nXanLRMJGoSUp9f0W5ggm+jsk+FobBW8lqbSXQM=
Subject key identifier: BE:72:66:A1:69:70:5F:0C:A1:BA:4E:B6:12:9E:01:38:85:45:1D:6C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CB618A808ABE0974A205D05F81ED89C32
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/vnJmoWlwXwyhuk62Ep4BOIVFHWw.roa
Signing time: Fri 29 Dec 2023 15:01:58 +0000
ROA not before: Fri 29 Dec 2023 15:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 46.173.240.0/21 maxlen: 21
91.233.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:18:a8:08:ab:e0:97:4a:20:5d:05:f8:1e:d8:9c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Dec 29 15:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be7266a169705f0ca1ba4eb6129e013885451d6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ea:31:ec:b2:05:73:a8:f1:4a:cd:12:38:72:
71:20:e1:4e:0b:2d:f8:bb:4d:75:a8:7f:08:4c:4a:
58:f6:dd:e1:76:d6:d8:92:ca:94:df:c6:a9:50:c7:
70:ad:ef:2d:db:d1:9f:11:0b:13:46:ec:1f:42:bb:
ba:6d:68:a3:8d:72:75:24:04:8c:a5:f4:fe:ab:76:
71:e5:6e:98:5b:32:45:43:12:82:99:33:b4:a0:5b:
7a:6f:46:d0:c3:c5:1e:6b:25:a9:18:b1:c1:47:1b:
69:cd:be:a8:d7:b0:66:43:dc:66:49:20:48:5f:b4:
3f:44:54:e5:76:18:6f:a5:ee:11:b6:ba:ad:13:3a:
aa:a9:69:8d:de:1d:d4:a0:53:15:c6:09:01:f5:88:
99:6a:0e:6e:f8:b8:12:fe:36:5b:26:02:fa:0b:8c:
6c:97:d3:5d:62:90:91:f1:38:4c:36:e1:bd:26:4d:
58:6b:cf:7e:fe:16:07:50:75:14:89:87:ad:e8:2f:
f5:11:36:f2:f6:25:bc:51:3d:e9:79:f4:d5:18:e3:
d7:c7:3d:10:b1:b8:1b:9a:23:a3:83:e9:d8:e1:86:
b0:5a:e9:3b:87:84:63:80:f0:77:15:75:f8:02:50:
f8:89:da:d1:69:07:50:b7:be:06:b7:2a:f7:09:88:
ed:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:72:66:A1:69:70:5F:0C:A1:BA:4E:B6:12:9E:01:38:85:45:1D:6C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/vnJmoWlwXwyhuk62Ep4BOIVFHWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.240.0/21
91.233.0.0/23
Signature Algorithm: sha256WithRSAEncryption
81:4f:64:62:7c:e0:7a:a4:76:c9:2e:1b:6f:34:98:51:9f:22:
34:3b:54:7f:4a:66:f4:c2:0f:cd:29:b3:1e:9e:69:45:58:ba:
64:fa:ea:22:90:9d:df:9f:c1:d6:1c:06:ce:10:23:da:fd:57:
a2:46:0a:bc:d9:3f:39:69:b2:b5:e6:d0:03:4b:00:f3:58:74:
a6:23:30:ef:89:55:38:6e:be:b6:3c:e2:ce:b1:10:43:8a:79:
c7:06:94:96:6b:dd:39:cc:36:b7:1e:57:a1:ce:76:be:8a:97:
2d:a8:1c:24:05:ab:b8:f5:30:b8:a2:1f:f2:48:bc:1f:b9:38:
ca:1b:f5:b3:eb:b8:27:40:2d:74:c5:55:58:a9:af:1b:18:3c:
f2:4e:a2:45:fa:75:9b:be:b5:d2:f0:61:bc:43:f4:80:14:a4:
92:52:ff:e2:6e:6d:53:d1:93:1d:de:f2:bd:9b:50:fa:60:44:
1f:f1:13:c1:2b:aa:76:47:9d:a8:f4:f4:9b:ea:64:1e:c2:27:
96:ba:92:95:ca:ad:22:b6:d1:bf:24:e5:c8:9f:a4:28:87:0d:
d1:bf:07:73:8d:6b:2d:b1:b9:d0:de:2a:97:37:4c:ad:68:a9:
8f:4f:cd:24:d9:5f:1f:34:20:e9:5a:b4:73:47:e6:48:37:86:
17:e5:74:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYy2GKgIq+CXSiBdBfge2JwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMjI5MTUwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTcyNjZhMTY5NzA1ZjBjYTFiYTRlYjYxMjllMDEzODg1NDUxZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+ox7LIFc6jxSs0SOHJxIOFOCy34
u011qH8ITEpY9t3hdtbYksqU38apUMdwre8t29GfEQsTRuwfQru6bWijjXJ1JASM
pfT+q3Zx5W6YWzJFQxKCmTO0oFt6b0bQw8UeayWpGLHBRxtpzb6o17BmQ9xmSSBI
X7Q/RFTldhhvpe4RtrqtEzqqqWmN3h3UoFMVxgkB9YiZag5u+LgS/jZbJgL6C4xs
l9NdYpCR8ThMNuG9Jk1Ya89+/hYHUHUUiYet6C/1ETby9iW8UT3pefTVGOPXxz0Q
sbgbmiOjg+nY4YawWuk7h4RjgPB3FXX4AlD4idrRaQdQt74Gtyr3CYjt9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL5yZqFpcF8MobpOthKeATiFRR1sMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvdm5KbW9XbHdYd3lodWs2MkVwNEJPSVZGSFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq3wAwQB
W+kAMA0GCSqGSIb3DQEBCwUAA4IBAQCBT2RifOB6pHbJLhtvNJhRnyI0O1R/Smb0
wg/NKbMenmlFWLpk+uoikJ3fn8HWHAbOECPa/VeiRgq82T85abK15tADSwDzWHSm
IzDviVU4br62POLOsRBDinnHBpSWa905zDa3Hlehzna+ipctqBwkBau49TC4oh/y
SLwfuTjKG/Wz67gnQC10xVVYqa8bGDzyTqJF+nWbvrXS8GG8Q/SAFKSSUv/ibm1T
0ZMd3vK9m1D6YEQf8RPBK6p2R52o9PSb6mQewieWupKVyq0ittG/JOXIn6Qohw3R
vwdzjWstsbnQ3iqXN0ytaKmPT80k2V8fNCDpWrRzR+ZIN4YX5XQh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org