Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/csCawKqRCOpA2DdMq6xTvRrShxc.roa
File: csCawKqRCOpA2DdMq6xTvRrShxc.roa (raw, json)
Hash identifier: Q5pgsjTdlmTixImHGS0P6CJaf+jmk0cHAJgjAiydxy0=
Subject key identifier: 72:C0:9A:C0:AA:91:08:EA:40:D8:37:4C:AB:AC:53:BD:1A:D2:87:17
Certificate issuer: /CN=02d0e88885ef48b20c87b76fd85d42e6eb3d7183
Certificate serial: 01856F14B45105CB461EBB3F6423771466E4
Authority key identifier: 02:D0:E8:88:85:EF:48:B2:0C:87:B7:6F:D8:5D:42:E6:EB:3D:71:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AtDoiIXvSLIMh7dv2F1C5us9cYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/csCawKqRCOpA2DdMq6xTvRrShxc.roa
Signing time: Sun 01 Jan 2023 20:45:05 +0000
ROA not before: Sun 01 Jan 2023 20:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41942
IP address blocks: 46.31.0.0/21 maxlen: 21
46.31.4.0/24 maxlen: 24
46.31.6.0/24 maxlen: 24
46.31.5.0/24 maxlen: 24
91.102.200.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:b4:51:05:cb:46:1e:bb:3f:64:23:77:14:66:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02d0e88885ef48b20c87b76fd85d42e6eb3d7183
Validity
Not Before: Jan 1 20:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72c09ac0aa9108ea40d8374cabac53bd1ad28717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ef:01:3c:4a:3e:4a:c3:89:08:3f:c7:c3:2b:
42:57:90:25:97:4b:1b:58:79:24:b7:66:2b:e3:87:
58:34:73:c6:f6:54:81:9e:f4:a9:e1:7e:ab:1d:d8:
ef:95:c3:73:ce:27:c1:1c:90:5a:eb:be:98:31:b5:
9f:e5:82:a9:97:55:64:3b:5a:0c:aa:50:59:b9:69:
a9:f9:28:e8:dd:bd:60:fa:09:4b:e2:e5:b3:c7:1c:
89:19:73:71:11:32:3e:7d:62:f1:dc:2c:86:b0:30:
69:36:97:3d:26:ba:12:eb:78:54:95:d4:c9:27:ce:
b5:5e:91:53:83:67:5c:f6:5b:ee:15:7b:bb:c5:d1:
df:cd:a9:4a:35:46:48:23:59:bb:d4:42:45:69:a5:
8e:e4:02:68:05:19:c2:64:bc:1a:aa:b7:ed:44:d4:
74:5c:8d:2e:19:ce:2e:ae:3e:e1:b9:d7:3d:8e:c6:
fc:e1:55:94:72:c8:c2:ed:6a:b8:e3:b7:bf:a9:15:
53:c3:14:27:73:9d:21:e9:fe:f2:22:ac:c2:a2:00:
71:e3:46:d5:8a:90:c4:fe:d5:8c:65:2e:09:59:d4:
6c:a0:0f:c1:fc:63:93:8f:50:3d:a8:62:f7:b3:47:
87:52:82:6d:67:3c:9a:e0:fe:93:31:9d:e8:6b:12:
89:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C0:9A:C0:AA:91:08:EA:40:D8:37:4C:AB:AC:53:BD:1A:D2:87:17
X509v3 Authority Key Identifier:
keyid:02:D0:E8:88:85:EF:48:B2:0C:87:B7:6F:D8:5D:42:E6:EB:3D:71:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AtDoiIXvSLIMh7dv2F1C5us9cYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/csCawKqRCOpA2DdMq6xTvRrShxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/AtDoiIXvSLIMh7dv2F1C5us9cYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.0.0/21
91.102.200.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:83:5a:d0:96:68:9b:d8:fb:c8:e5:f5:d0:c3:95:c3:c0:b8:
c5:38:8a:69:26:21:8c:cc:4c:97:93:11:b0:d0:04:83:19:14:
1b:87:e8:b9:ff:18:13:ad:82:bb:71:e8:91:ad:2c:45:d8:2a:
c5:51:1b:d5:ef:0a:ae:63:f8:a9:81:0c:94:5c:64:3a:6b:b8:
cc:03:f2:11:79:a4:ad:a0:8e:ad:df:85:80:2f:bf:83:99:4a:
0a:23:2c:54:1a:9e:05:a4:ab:20:00:36:29:0b:26:81:66:54:
a5:56:16:01:20:63:08:fd:c5:d4:ab:68:2e:6f:b1:3a:76:4c:
2a:8d:f8:7a:79:52:a0:89:44:24:7a:c1:cb:17:12:60:03:13:
5d:74:29:8e:0c:62:7c:d0:04:5b:48:3f:75:5e:d5:bf:cc:d8:
11:d2:b7:17:60:31:59:3d:f6:1f:ab:80:3e:1f:30:21:ae:29:
61:59:46:c2:85:4e:7b:f2:d2:f5:ff:fd:1d:87:ae:f7:ca:39:
23:53:17:52:3c:2c:4a:24:cd:fb:7d:75:7e:19:83:a2:64:cd:
86:34:ed:25:7a:f6:ba:6b:0c:4b:9a:39:4c:c3:c2:5c:bb:0d:
3e:b5:36:16:27:5e:dd:40:59:a7:a5:d8:4c:0d:93:2a:15:c5:
f0:33:d3:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFLRRBctGHrs/ZCN3FGbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZDBlODg4ODVlZjQ4YjIwYzg3Yjc2ZmQ4NWQ0MmU2ZWIz
ZDcxODMwHhcNMjMwMTAxMjA0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmMwOWFjMGFhOTEwOGVhNDBkODM3NGNhYmFjNTNiZDFhZDI4NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu8BPEo+SsOJCD/HwytCV5All0sb
WHkkt2Yr44dYNHPG9lSBnvSp4X6rHdjvlcNzzifBHJBa676YMbWf5YKpl1VkO1oM
qlBZuWmp+Sjo3b1g+glL4uWzxxyJGXNxETI+fWLx3CyGsDBpNpc9JroS63hUldTJ
J861XpFTg2dc9lvuFXu7xdHfzalKNUZII1m71EJFaaWO5AJoBRnCZLwaqrftRNR0
XI0uGc4urj7hudc9jsb84VWUcsjC7Wq447e/qRVTwxQnc50h6f7yIqzCogBx40bV
ipDE/tWMZS4JWdRsoA/B/GOTj1A9qGL3s0eHUoJtZzya4P6TMZ3oaxKJyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHLAmsCqkQjqQNg3TKusU70a0ocXMB8GA1UdIwQY
MBaAFALQ6IiF70iyDIe3b9hdQubrPXGDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXREb2lJWHZTTElNaDdkdjJGMUM1dXM5Y1lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjRlYjYtNjAyNi00MDk4LTg4ZDct
OTUzYzY4NTA2ZDVjLzEvY3NDYXdLcVJDT3BBMkRkTXE2eFR2UnJTaHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjRlYjYtNjAyNi00MDk4LTg4ZDctOTUzYzY4NTA2ZDVj
LzEvQXREb2lJWHZTTElNaDdkdjJGMUM1dXM5Y1lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLh8AAwQD
W2bIMA0GCSqGSIb3DQEBCwUAA4IBAQALg1rQlmib2PvI5fXQw5XDwLjFOIppJiGM
zEyXkxGw0ASDGRQbh+i5/xgTrYK7ceiRrSxF2CrFURvV7wquY/ipgQyUXGQ6a7jM
A/IReaStoI6t34WAL7+DmUoKIyxUGp4FpKsgADYpCyaBZlSlVhYBIGMI/cXUq2gu
b7E6dkwqjfh6eVKgiUQkesHLFxJgAxNddCmODGJ80ARbSD91XtW/zNgR0rcXYDFZ
PfYfq4A+HzAhrilhWUbChU578tL1//0dh673yjkjUxdSPCxKJM37fXV+GYOiZM2G
NO0leva6awxLmjlMw8Jcuw0+tTYWJ17dQFmnpdhMDZMqFcXwM9Ng
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:35 2024 by rpki-client on console-ams.rpki-client.org