Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/KekzUhfBQYFQZGcRuWebr8cRetc.roa
File: KekzUhfBQYFQZGcRuWebr8cRetc.roa (raw, json)
Hash identifier: RgHufRNf1yYjeGH+qNgQ32WSCe5JjAusvJl+PWgZIq0=
Subject key identifier: 29:E9:33:52:17:C1:41:81:50:64:67:11:B9:67:9B:AF:C7:11:7A:D7
Certificate issuer: /CN=2ee6d560a08a013f3fe0e66dadaf6fd02beaf43f
Certificate serial: 018CC9BCE579A351126D48AC14E5C972EA2B
Authority key identifier: 2E:E6:D5:60:A0:8A:01:3F:3F:E0:E6:6D:AD:AF:6F:D0:2B:EA:F4:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LubVYKCKAT8_4OZtra9v0Cvq9D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/KekzUhfBQYFQZGcRuWebr8cRetc.roa
Signing time: Tue 02 Jan 2024 10:34:09 +0000
ROA not before: Tue 02 Jan 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49697
IP address blocks: 46.251.230.0/24 maxlen: 32
Validation: Failed, certificate revoked on Sat 20 Jul 2024 17:11:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e5:79:a3:51:12:6d:48:ac:14:e5:c9:72:ea:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ee6d560a08a013f3fe0e66dadaf6fd02beaf43f
Validity
Not Before: Jan 2 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29e9335217c1418150646711b9679bafc7117ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:07:fa:41:76:de:20:3a:cc:07:65:0d:b9:a1:
31:2f:79:e6:e8:4f:75:d1:8e:29:eb:cb:f7:9a:f8:
8b:7c:a9:78:0a:35:37:75:62:07:10:76:e5:83:0c:
c0:e4:2f:df:28:86:69:2d:e9:68:5f:15:a6:01:bc:
8d:44:19:02:42:1f:74:42:08:b3:a0:d0:ec:f4:cf:
63:87:d0:cb:46:05:6d:1a:0b:6a:50:95:6b:e3:2c:
15:37:01:c8:2c:8c:52:58:09:de:b2:9c:13:88:37:
25:ee:b8:af:89:95:2a:61:e2:cc:6d:f7:02:b0:a0:
53:17:8f:2f:b4:90:c7:85:36:39:6f:65:1d:80:97:
f4:fa:e9:a2:a3:3e:54:ec:31:b4:57:f3:90:47:13:
02:cd:ab:83:96:d9:65:98:7b:0e:2a:d2:ea:9c:c2:
42:86:e2:c4:af:bb:2a:80:61:33:e4:3a:c7:94:60:
1d:c0:f8:11:90:11:8a:81:09:a2:0a:93:e2:03:af:
40:c8:1b:55:66:78:9c:15:99:74:c2:56:70:6f:13:
05:21:fc:5b:1f:c1:77:43:66:12:16:e8:ec:1a:e7:
55:bf:8e:41:31:c6:4f:2d:6e:01:f6:fb:b4:78:dd:
9a:64:b8:7e:10:e5:44:2a:d2:f6:90:db:1e:b2:6e:
93:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E9:33:52:17:C1:41:81:50:64:67:11:B9:67:9B:AF:C7:11:7A:D7
X509v3 Authority Key Identifier:
keyid:2E:E6:D5:60:A0:8A:01:3F:3F:E0:E6:6D:AD:AF:6F:D0:2B:EA:F4:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LubVYKCKAT8_4OZtra9v0Cvq9D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/KekzUhfBQYFQZGcRuWebr8cRetc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/LubVYKCKAT8_4OZtra9v0Cvq9D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.230.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:62:e8:bd:4d:1e:82:a7:b0:c4:1a:d9:09:a6:2c:c8:e4:e7:
2a:ef:d6:cf:bc:4c:e4:54:6f:44:5e:45:e1:3c:4c:06:78:46:
b9:3b:1d:58:e3:52:5e:23:5b:51:2e:99:d2:16:b5:96:e8:59:
8e:9c:55:23:5b:58:69:a5:f4:6f:5f:4c:0e:96:06:49:dd:62:
38:aa:45:bb:9f:bb:4f:5c:62:a4:fa:f9:43:c8:a6:e8:3f:6b:
16:49:dc:67:b3:c7:6e:2b:3f:8d:4d:f6:6d:00:46:9c:a8:42:
d5:35:c1:19:c4:6e:ed:64:8b:4c:46:4c:8a:c2:86:16:cb:a8:
7f:d4:79:12:ef:ee:50:b7:fa:5f:ed:57:7d:7e:ed:89:0b:2f:
37:df:08:95:ef:d7:2e:5c:55:42:99:55:db:bc:c2:28:62:a1:
d7:bd:1b:13:21:a9:77:42:e8:8b:64:eb:f8:5f:cf:a4:de:dd:
8c:a2:b1:f1:a1:c2:f7:83:de:4b:c0:cf:1d:86:bf:5c:51:8a:
9d:b7:3f:b9:de:9e:dd:75:f0:de:dc:c9:8b:8c:ed:14:36:bc:
7d:76:2d:bc:60:69:c7:3d:95:18:31:14:1b:fc:a4:09:42:05:
e7:79:4e:13:7c:dd:2c:52:aa:fe:2f:3c:c6:79:b7:9b:2f:ab:
df:0d:fa:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvOV5o1ESbUisFOXJcuorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZTZkNTYwYTA4YTAxM2YzZmUwZTY2ZGFkYWY2ZmQwMmJl
YWY0M2YwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWU5MzM1MjE3YzE0MTgxNTA2NDY3MTFiOTY3OWJhZmM3MTE3YWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgf6QXbeIDrMB2UNuaExL3nm6E91
0Y4p68v3mviLfKl4CjU3dWIHEHblgwzA5C/fKIZpLeloXxWmAbyNRBkCQh90Qgiz
oNDs9M9jh9DLRgVtGgtqUJVr4ywVNwHILIxSWAnespwTiDcl7riviZUqYeLMbfcC
sKBTF48vtJDHhTY5b2UdgJf0+umioz5U7DG0V/OQRxMCzauDltllmHsOKtLqnMJC
huLEr7sqgGEz5DrHlGAdwPgRkBGKgQmiCpPiA69AyBtVZnicFZl0wlZwbxMFIfxb
H8F3Q2YSFujsGudVv45BMcZPLW4B9vu0eN2aZLh+EOVEKtL2kNsesm6T+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnpM1IXwUGBUGRnEblnm6/HEXrXMB8GA1UdIwQY
MBaAFC7m1WCgigE/P+Dmba2vb9Ar6vQ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHViVllLQ0tBVDhfNE9adHJhOXYwQ3ZxOUQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9jMDBhNWItNmE1OS00MWRkLWIxM2It
NzM0OTVmYzA4ZmM0LzEvS2VrelVoZkJRWUZRWkdjUnVXZWJyOGNSZXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9jMDBhNWItNmE1OS00MWRkLWIxM2ItNzM0OTVmYzA4ZmM0
LzEvTHViVllLQ0tBVDhfNE9adHJhOXYwQ3ZxOUQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvvmMA0G
CSqGSIb3DQEBCwUAA4IBAQCKYui9TR6Cp7DEGtkJpizI5Ocq79bPvEzkVG9EXkXh
PEwGeEa5Ox1Y41JeI1tRLpnSFrWW6FmOnFUjW1hppfRvX0wOlgZJ3WI4qkW7n7tP
XGKk+vlDyKboP2sWSdxns8duKz+NTfZtAEacqELVNcEZxG7tZItMRkyKwoYWy6h/
1HkS7+5Qt/pf7Vd9fu2JCy833wiV79cuXFVCmVXbvMIoYqHXvRsTIal3QuiLZOv4
X8+k3t2MorHxocL3g95LwM8dhr9cUYqdtz+53p7ddfDe3MmLjO0UNrx9di28YGnH
PZUYMRQb/KQJQgXneU4TfN0sUqr+LzzGebebL6vfDfp9
-----END CERTIFICATE-----
Generated at Sat Jul 20 19:52:50 2024 by rpki-client on console-ams.rpki-client.org