Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/RNgrsD6VmQdpnRoxtat-5FkpxyQ.roa
File: RNgrsD6VmQdpnRoxtat-5FkpxyQ.roa (raw, json)
Hash identifier: PgsXpLdqi36g+q7YuqlmzFlph0OJLdBNUH4O/I1czP0=
Subject key identifier: 44:D8:2B:B0:3E:95:99:07:69:9D:1A:31:B5:AB:7E:E4:59:29:C7:24
Certificate issuer: /CN=553ca7b2e6c1e17f5f3edbe375e19ece39533910
Certificate serial: 01856D663100E504A9F442CEBD7968023570
Authority key identifier: 55:3C:A7:B2:E6:C1:E1:7F:5F:3E:DB:E3:75:E1:9E:CE:39:53:39:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VTynsubB4X9fPtvjdeGezjlTORA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/RNgrsD6VmQdpnRoxtat-5FkpxyQ.roa
Signing time: Sun 01 Jan 2023 12:54:51 +0000
ROA not before: Sun 01 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49318
IP address blocks: 188.93.176.0/21 maxlen: 21
46.28.250.0/24 maxlen: 24
46.28.249.0/24 maxlen: 24
46.28.252.0/24 maxlen: 24
46.28.251.0/24 maxlen: 24
46.28.253.0/24 maxlen: 24
46.28.248.0/24 maxlen: 24
46.28.254.0/24 maxlen: 24
46.28.255.0/24 maxlen: 24
194.110.124.0/24 maxlen: 24
194.110.131.0/24 maxlen: 24
194.110.130.0/23 maxlen: 23
194.110.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 16:35:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:31:00:e5:04:a9:f4:42:ce:bd:79:68:02:35:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=553ca7b2e6c1e17f5f3edbe375e19ece39533910
Validity
Not Before: Jan 1 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44d82bb03e959907699d1a31b5ab7ee45929c724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:90:bc:a7:79:5f:12:76:92:d2:7e:35:da:85:
08:60:f1:84:8f:ae:e0:d6:cc:ab:0a:f2:0c:7b:c1:
1e:1d:96:17:7a:ca:50:94:2f:86:9a:9d:67:38:96:
3f:06:73:d8:92:12:a2:bc:aa:bc:f1:cb:31:23:7c:
62:b2:06:15:39:08:95:a7:7b:4f:50:4a:3f:da:33:
11:7a:60:c6:96:20:ce:1f:05:6e:6f:6b:9b:7e:3b:
cb:29:a6:1e:0d:5d:e7:b6:61:4a:23:43:3a:8d:c7:
d5:7d:dc:fa:dc:fa:74:91:50:5d:86:54:af:d7:ae:
e2:b8:eb:fe:bc:fe:97:34:ef:58:0e:06:99:27:9f:
76:6f:c0:ac:ca:cd:ae:44:ef:6c:8a:a1:db:05:22:
3b:1d:23:12:42:d2:b2:7e:58:86:c0:cd:ed:bc:c3:
5c:30:57:98:f6:88:9b:eb:af:1e:33:3a:f0:f6:93:
3d:0c:a4:22:23:a9:a2:3e:65:07:0b:ad:e8:9c:7b:
d7:94:7b:9c:86:cf:5f:b7:67:4f:16:0a:09:b5:ff:
7f:b2:65:54:48:4f:47:5d:61:81:f6:4f:92:95:14:
2b:b0:60:17:b7:42:d5:c3:45:ab:81:cd:54:3f:b2:
f1:1a:f7:f9:c4:5c:0e:a3:92:a6:1c:7e:f2:d5:3d:
b1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D8:2B:B0:3E:95:99:07:69:9D:1A:31:B5:AB:7E:E4:59:29:C7:24
X509v3 Authority Key Identifier:
keyid:55:3C:A7:B2:E6:C1:E1:7F:5F:3E:DB:E3:75:E1:9E:CE:39:53:39:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VTynsubB4X9fPtvjdeGezjlTORA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/RNgrsD6VmQdpnRoxtat-5FkpxyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d572c3-350f-479b-a7b3-153e9182af41/1/VTynsubB4X9fPtvjdeGezjlTORA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.248.0/21
188.93.176.0/21
194.110.124.0/24
194.110.130.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:7f:b1:6d:7a:ca:c6:09:35:20:ec:ce:37:54:cf:b1:0e:da:
5e:d5:81:2d:b0:c9:de:52:cd:35:59:15:88:3f:26:1f:33:11:
7b:18:80:b1:32:7e:de:80:c7:8c:19:21:52:70:0d:a2:31:2b:
48:f0:0e:6f:7a:88:13:64:90:68:ee:c0:8e:30:63:ab:3d:f0:
a3:f4:72:63:d9:51:c0:dc:28:1e:57:b7:cd:51:ee:d2:e7:e6:
3d:0c:6d:33:c8:ba:aa:fb:5f:2e:cf:71:63:2d:f9:b9:95:6a:
e4:d1:b7:20:5b:ac:ee:45:bb:de:de:d5:ee:dd:ae:34:b1:24:
2d:2c:61:20:fa:13:22:c3:ad:17:f6:b5:29:e8:cd:ae:c1:57:
74:db:c4:19:97:1c:e3:eb:04:c2:72:2f:51:67:4d:4e:cb:b0:
51:72:85:09:7c:f1:5e:82:84:7d:50:d0:02:a4:29:a3:d3:38:
a3:16:a7:c2:2d:ff:eb:3e:58:0a:45:f5:3f:e3:b8:26:8b:ab:
1e:bb:55:27:d4:22:4f:3c:6c:f9:fe:a2:8e:2e:17:29:79:ed:
63:b1:9d:2c:9d:bb:04:8c:7e:64:c6:9c:b0:1c:93:0f:ee:e3:
69:01:b0:32:f9:8e:bd:83:ae:0a:ce:8e:5c:93:69:e3:e7:ba:
54:b8:34:28
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtZjEA5QSp9ELOvXloAjVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1M2NhN2IyZTZjMWUxN2Y1ZjNlZGJlMzc1ZTE5ZWNlMzk1
MzM5MTAwHhcNMjMwMTAxMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ4MmJiMDNlOTU5OTA3Njk5ZDFhMzFiNWFiN2VlNDU5MjljNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpC8p3lfEnaS0n412oUIYPGEj67g
1syrCvIMe8EeHZYXespQlC+Gmp1nOJY/BnPYkhKivKq88csxI3xisgYVOQiVp3tP
UEo/2jMRemDGliDOHwVub2ubfjvLKaYeDV3ntmFKI0M6jcfVfdz63Pp0kVBdhlSv
167iuOv+vP6XNO9YDgaZJ592b8Csys2uRO9siqHbBSI7HSMSQtKyfliGwM3tvMNc
MFeY9oib668eMzrw9pM9DKQiI6miPmUHC63onHvXlHuchs9ft2dPFgoJtf9/smVU
SE9HXWGB9k+SlRQrsGAXt0LVw0Wrgc1UP7LxGvf5xFwOo5KmHH7y1T2xXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFETYK7A+lZkHaZ0aMbWrfuRZKcckMB8GA1UdIwQY
MBaAFFU8p7LmweF/Xz7b43Xhns45UzkQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlR5bnN1YkI0WDlmUHR2amRlR2V6amxUT1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kNTcyYzMtMzUwZi00NzliLWE3YjMt
MTUzZTkxODJhZjQxLzEvUk5ncnNENlZtUWRwblJveHRhdC01RmtweHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kNTcyYzMtMzUwZi00NzliLWE3YjMtMTUzZTkxODJhZjQx
LzEvVlR5bnN1YkI0WDlmUHR2amRlR2V6amxUT1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLhz4AwQD
vF2wAwQAwm58AwQBwm6CMA0GCSqGSIb3DQEBCwUAA4IBAQCcf7FtesrGCTUg7M43
VM+xDtpe1YEtsMneUs01WRWIPyYfMxF7GICxMn7egMeMGSFScA2iMStI8A5veogT
ZJBo7sCOMGOrPfCj9HJj2VHA3CgeV7fNUe7S5+Y9DG0zyLqq+18uz3FjLfm5lWrk
0bcgW6zuRbve3tXu3a40sSQtLGEg+hMiw60X9rUp6M2uwVd028QZlxzj6wTCci9R
Z01Oy7BRcoUJfPFegoR9UNACpCmj0zijFqfCLf/rPlgKRfU/47gmi6seu1Un1CJP
PGz5/qKOLhcpee1jsZ0snbsEjH5kxpywHJMP7uNpAbAy+Y69g64Kzo5ck2nj57pU
uDQo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org