Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/Ed0MFmxjMYvdR1p1yz0rEl86SXc.roa
File: Ed0MFmxjMYvdR1p1yz0rEl86SXc.roa (raw, json)
Hash identifier: or058VJq9dXde2cOCtevD5Gd8Q7xYsBZdm1rgYDy9OM=
Subject key identifier: 11:DD:0C:16:6C:63:31:8B:DD:47:5A:75:CB:3D:2B:12:5F:3A:49:77
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 018A22C0912D48875F162D47137704921EF9
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/Ed0MFmxjMYvdR1p1yz0rEl86SXc.roa
Signing time: Wed 23 Aug 2023 14:15:59 +0000
ROA not before: Wed 23 Aug 2023 14:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 85.204.107.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
46.229.243.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
2a12:3200:2000::/36 maxlen: 36
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 24 Aug 2023 18:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:c0:91:2d:48:87:5f:16:2d:47:13:77:04:92:1e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Aug 23 14:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11dd0c166c63318bdd475a75cb3d2b125f3a4977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:51:82:f8:5d:a4:94:2c:77:6b:d6:7e:41:94:
c7:83:c5:b8:4f:80:91:88:e5:fc:48:0d:8f:ed:c3:
be:25:1d:91:d7:47:6a:56:d6:af:03:28:93:10:40:
13:fb:a2:6c:32:26:d8:25:58:6e:2f:37:ae:a5:21:
04:f8:e5:77:a2:f3:82:b3:15:8f:a2:98:33:71:80:
df:c3:e3:db:11:66:43:96:b1:82:99:b3:b0:44:4f:
fa:4d:79:03:23:ea:72:5b:e6:ea:af:43:96:9f:a8:
32:8d:9b:5a:5c:f0:b1:60:33:1a:ba:36:79:0e:c9:
22:64:da:82:39:0a:00:f1:f4:34:07:87:7f:bc:44:
f7:4b:dc:65:fe:99:e2:45:93:e4:2f:2c:7f:53:1e:
fb:c0:49:f5:0c:0c:0c:5f:3c:2a:90:65:db:dd:8a:
0e:05:33:82:f6:02:25:96:76:85:a7:4d:a6:0b:f8:
0a:4b:10:41:6f:7d:e2:74:5a:f0:0b:90:e2:c2:a6:
04:a5:95:f0:38:30:6b:05:19:ee:0c:5d:a6:a0:3a:
82:0c:92:e6:f7:42:02:a7:99:87:cb:b3:20:4b:95:
74:83:53:3a:82:4f:38:1a:43:3f:24:2e:76:77:99:
42:c0:dd:01:ed:93:3d:1c:eb:9d:66:c3:0e:fc:d0:
b5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:DD:0C:16:6C:63:31:8B:DD:47:5A:75:CB:3D:2B:12:5F:3A:49:77
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/Ed0MFmxjMYvdR1p1yz0rEl86SXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.253.0/24
85.204.107.0/24
185.104.63.0/24
195.74.93.0/24
IPv6:
2a12:3200::-2a12:3200:2fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:60:51:38:fa:fb:d0:ec:34:5c:5e:9c:01:4b:25:d3:20:f4:
36:e3:e0:8e:47:61:05:be:54:cd:d3:aa:82:39:45:00:21:ab:
4b:ae:6a:77:8a:15:c9:42:38:2e:de:af:7e:84:98:68:68:05:
bc:ac:04:7a:c8:9f:06:bc:3d:72:62:3b:aa:c5:5c:42:82:8b:
c8:16:9e:8a:10:2d:98:d1:c5:fa:92:86:88:56:aa:7f:8a:8f:
ac:38:3f:4f:8f:8b:76:23:82:2c:9c:92:f4:6d:9b:49:38:9b:
e1:2d:57:a6:fa:16:a4:c1:c4:40:85:21:a3:f2:8d:c7:ee:5f:
9f:44:81:5d:a5:7f:16:41:78:b5:7a:1c:54:54:c5:b0:eb:9b:
87:15:e7:f7:a7:0f:58:66:0e:2a:99:75:9e:89:7a:bd:ea:30:
c5:f2:62:41:ed:65:5b:cd:f4:ff:a1:4d:1f:33:54:43:4b:0c:
6e:d5:79:a9:bf:5f:1a:da:40:7d:68:69:1b:ab:a6:b2:9c:93:
9b:4b:a1:20:6f:bf:0c:ce:ff:82:01:27:0f:e6:8e:d1:04:6a:
42:2d:41:cf:a5:85:d8:4a:d1:1c:7f:31:2e:81:b3:98:5f:19:
85:0f:5f:a1:64:3e:fc:b3:2b:63:43:a9:ac:6f:2a:f3:82:e0:
89:1f:c5:95
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYoiwJEtSIdfFi1HE3cEkh75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjMwODIzMTQxNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWRkMGMxNjZjNjMzMThiZGQ0NzVhNzVjYjNkMmIxMjVmM2E0OTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVGC+F2klCx3a9Z+QZTHg8W4T4CR
iOX8SA2P7cO+JR2R10dqVtavAyiTEEAT+6JsMibYJVhuLzeupSEE+OV3ovOCsxWP
opgzcYDfw+PbEWZDlrGCmbOwRE/6TXkDI+pyW+bqr0OWn6gyjZtaXPCxYDMaujZ5
DskiZNqCOQoA8fQ0B4d/vET3S9xl/pniRZPkLyx/Ux77wEn1DAwMXzwqkGXb3YoO
BTOC9gIllnaFp02mC/gKSxBBb33idFrwC5DiwqYEpZXwODBrBRnuDF2moDqCDJLm
90ICp5mHy7MgS5V0g1M6gk84GkM/JC52d5lCwN0B7ZM9HOudZsMO/NC1swIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBHdDBZsYzGL3Udadcs9KxJfOkl3MB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvRWQwTUZteGpNWXZkUjFwMXl6MHJFbDg2U1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQALuXzAwQA
LuX9AwQAVcxrAwQAuWg/AwQAw0pdMBYEAgACMBAwDgMEASoSMgMGBCoSMgAgMA0G
CSqGSIb3DQEBCwUAA4IBAQBWYFE4+vvQ7DRcXpwBSyXTIPQ24+COR2EFvlTN06qC
OUUAIatLrmp3ihXJQjgu3q9+hJhoaAW8rAR6yJ8GvD1yYjuqxVxCgovIFp6KEC2Y
0cX6koaIVqp/io+sOD9Pj4t2I4IsnJL0bZtJOJvhLVem+hakwcRAhSGj8o3H7l+f
RIFdpX8WQXi1ehxUVMWw65uHFef3pw9YZg4qmXWeiXq96jDF8mJB7WVbzfT/oU0f
M1RDSwxu1Xmpv18a2kB9aGkbq6aynJObS6Egb78Mzv+CAScP5o7RBGpCLUHPpYXY
StEcfzEugbOYXxmFD1+hZD78sytjQ6msbyrzguCJH8WV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:15 2024 by rpki-client on console-ams.rpki-client.org