Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/iNOCcExBinYSU-9hMjtAD0f--Do.roa
File: iNOCcExBinYSU-9hMjtAD0f--Do.roa (raw, json)
Hash identifier: TT4fPLtt28G5TyJsjNlLWWrXLPR1lo5K540FQ3JxtMg=
Subject key identifier: 88:D3:82:70:4C:41:8A:76:12:53:EF:61:32:3B:40:0F:47:FE:F8:3A
Certificate issuer: /CN=4ca447f7b3a776f724d8bc8140be3176662c24d0
Certificate serial: 018CC9BC1E9746CB482D92E130B31044B92B
Authority key identifier: 4C:A4:47:F7:B3:A7:76:F7:24:D8:BC:81:40:BE:31:76:66:2C:24:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKRH97Ondvck2LyBQL4xdmYsJNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/iNOCcExBinYSU-9hMjtAD0f--Do.roa
Signing time: Tue 02 Jan 2024 10:33:18 +0000
ROA not before: Tue 02 Jan 2024 10:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34953
IP address blocks: 46.183.96.0/21 maxlen: 24
5.145.128.0/20 maxlen: 24
5.199.240.0/20 maxlen: 24
93.159.248.0/21 maxlen: 24
2a00:fe0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Apr 2024 08:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:1e:97:46:cb:48:2d:92:e1:30:b3:10:44:b9:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca447f7b3a776f724d8bc8140be3176662c24d0
Validity
Not Before: Jan 2 10:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88d382704c418a761253ef61323b400f47fef83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:09:e0:c5:ae:44:08:17:37:cf:86:23:09:db:
bf:42:11:40:41:75:fd:66:41:91:64:58:a2:5b:c1:
c9:ce:5c:41:97:46:e5:c2:9b:1e:d5:6f:88:7d:8e:
4a:95:97:c9:e5:9a:73:a2:ff:2f:65:f0:c2:d1:26:
6c:76:8a:21:f9:2b:0b:1b:b3:69:8e:60:90:db:45:
ab:5e:5a:c3:4e:d1:d9:eb:84:18:9b:cc:67:e7:9c:
cb:37:ab:1f:66:18:16:9e:39:fa:3c:55:cc:92:20:
51:2e:ea:87:a0:72:82:b2:39:6c:1a:1b:b5:7e:10:
73:5e:bb:a4:87:bf:0e:7e:13:a3:e2:fd:85:a0:f9:
d6:0b:5c:9c:ae:82:b5:d5:88:0b:98:53:5c:41:25:
7a:8b:0b:86:c1:d8:70:5b:56:03:5e:07:b3:80:b0:
93:ee:c9:11:29:c5:63:51:86:8f:41:4f:0f:7c:0c:
87:af:49:e6:6d:af:ff:8b:0c:4f:d2:d7:ca:d6:38:
70:a8:d6:83:40:22:0e:4f:05:1a:9b:78:7f:e0:f3:
ae:e0:6c:53:21:93:bf:58:7c:9f:fc:50:93:71:2c:
c8:7c:64:72:c9:69:92:6e:c1:6a:12:04:38:d8:4d:
27:4c:7a:fb:35:63:93:c3:ad:4b:c8:02:1f:ab:c3:
5e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D3:82:70:4C:41:8A:76:12:53:EF:61:32:3B:40:0F:47:FE:F8:3A
X509v3 Authority Key Identifier:
keyid:4C:A4:47:F7:B3:A7:76:F7:24:D8:BC:81:40:BE:31:76:66:2C:24:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKRH97Ondvck2LyBQL4xdmYsJNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/iNOCcExBinYSU-9hMjtAD0f--Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/TKRH97Ondvck2LyBQL4xdmYsJNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.128.0/20
5.199.240.0/20
46.183.96.0/21
93.159.248.0/21
IPv6:
2a00:fe0::/32
Signature Algorithm: sha256WithRSAEncryption
bf:7a:79:be:e9:68:e5:4b:f4:9f:de:ac:d1:e3:17:73:1a:94:
5a:ac:5e:21:bd:11:36:06:2c:e6:34:bf:81:61:82:57:f3:32:
7e:b9:32:11:f8:b2:f4:e7:34:79:53:25:ee:cf:f0:64:23:dc:
ce:50:8c:2e:10:60:50:ee:e8:16:09:ec:d0:ef:79:cf:c6:ab:
28:fe:85:ec:74:d8:e8:11:4a:74:74:59:84:61:4e:83:45:de:
08:93:73:5a:49:0c:51:93:3e:1e:db:44:56:5a:af:42:5e:70:
7a:45:1a:dd:61:e1:fc:15:74:84:21:ab:ef:44:b8:7f:27:05:
f9:e6:5a:36:f7:3e:86:dc:8d:55:c3:94:cb:70:98:31:78:71:
59:59:8e:a6:38:b0:60:a9:7e:b4:d9:6a:89:9b:8d:b6:b0:e4:
f5:24:56:4c:3c:ed:cb:6f:85:14:89:09:4e:ed:ee:17:ca:66:
9a:a8:ae:5e:d9:e5:c2:65:9f:94:de:65:df:a7:24:3b:be:0f:
6b:9c:cc:5b:dd:e9:c6:a8:43:e5:20:8b:16:d9:7c:52:fa:98:
dd:7c:6d:c5:a7:82:dc:63:98:10:8e:42:8d:23:f2:a1:f5:2e:
cb:f0:c7:c2:26:6a:f5:51:8a:1b:73:ee:1f:47:b1:f5:94:37:
d6:96:34:54
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJvB6XRstILZLhMLMQRLkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTQ0N2Y3YjNhNzc2ZjcyNGQ4YmM4MTQwYmUzMTc2NjYy
YzI0ZDAwHhcNMjQwMTAyMTAzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQzODI3MDRjNDE4YTc2MTI1M2VmNjEzMjNiNDAwZjQ3ZmVmODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygngxa5ECBc3z4YjCdu/QhFAQXX9
ZkGRZFiiW8HJzlxBl0blwpse1W+IfY5KlZfJ5Zpzov8vZfDC0SZsdooh+SsLG7Np
jmCQ20WrXlrDTtHZ64QYm8xn55zLN6sfZhgWnjn6PFXMkiBRLuqHoHKCsjlsGhu1
fhBzXrukh78OfhOj4v2FoPnWC1ycroK11YgLmFNcQSV6iwuGwdhwW1YDXgezgLCT
7skRKcVjUYaPQU8PfAyHr0nmba//iwxP0tfK1jhwqNaDQCIOTwUam3h/4POu4GxT
IZO/WHyf/FCTcSzIfGRyyWmSbsFqEgQ42E0nTHr7NWOTw61LyAIfq8NeAQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIjTgnBMQYp2ElPvYTI7QA9H/vg6MB8GA1UdIwQY
MBaAFEykR/ezp3b3JNi8gUC+MXZmLCTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtSSDk3T25kdmNrMkx5QlFMNHhkbVlzSk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZjNlMGItMjZjMy00Y2Y5LTgwNTYt
MjlhZjMzYmM2Yjk4LzEvaU5PQ2NFeEJpbllTVS05aE1qdEFEMGYtLURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZjNlMGItMjZjMy00Y2Y5LTgwNTYtMjlhZjMzYmM2Yjk4
LzEvVEtSSDk3T25kdmNrMkx5QlFMNHhkbVlzSk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEBZGAAwQE
BcfwAwQDLrdgAwQDXZ/4MA0EAgACMAcDBQAqAA/gMA0GCSqGSIb3DQEBCwUAA4IB
AQC/enm+6WjlS/Sf3qzR4xdzGpRarF4hvRE2BizmNL+BYYJX8zJ+uTIR+LL05zR5
UyXuz/BkI9zOUIwuEGBQ7ugWCezQ73nPxqso/oXsdNjoEUp0dFmEYU6DRd4Ik3Na
SQxRkz4e20RWWq9CXnB6RRrdYeH8FXSEIavvRLh/JwX55lo29z6G3I1Vw5TLcJgx
eHFZWY6mOLBgqX602WqJm422sOT1JFZMPO3Lb4UUiQlO7e4XymaaqK5e2eXCZZ+U
3mXfpyQ7vg9rnMxb3enGqEPlIIsW2XxS+pjdfG3Fp4LcY5gQjkKNI/Kh9S7L8MfC
Jmr1UYobc+4fR7H1lDfWljRU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:22 2024 by rpki-client on console-ams.rpki-client.org