Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/n7kFJAg6QoA7IzaLRp48-dE4KoM.roa
File: n7kFJAg6QoA7IzaLRp48-dE4KoM.roa (raw, json)
Hash identifier: 1SzKUWnf/GEdGv+VscwMR/6BA5rVFzm1DPLgOh50J5o=
Subject key identifier: 9F:B9:05:24:08:3A:42:80:3B:23:36:8B:46:9E:3C:F9:D1:38:2A:83
Certificate issuer: /CN=32c2be483ff27bb8f0dc09ce0f71f2a88eaf7e07
Certificate serial: 01856D4A9B2B4F26BE0142500B567D6F157E
Authority key identifier: 32:C2:BE:48:3F:F2:7B:B8:F0:DC:09:CE:0F:71:F2:A8:8E:AF:7E:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MsK-SD_ye7jw3AnOD3HyqI6vfgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/n7kFJAg6QoA7IzaLRp48-dE4KoM.roa
Signing time: Sun 01 Jan 2023 12:24:44 +0000
ROA not before: Sun 01 Jan 2023 12:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51941
IP address blocks: 46.183.72.0/21 maxlen: 24
185.128.252.0/22 maxlen: 24
2a02:2380::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Jun 2023 11:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:9b:2b:4f:26:be:01:42:50:0b:56:7d:6f:15:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c2be483ff27bb8f0dc09ce0f71f2a88eaf7e07
Validity
Not Before: Jan 1 12:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fb90524083a42803b23368b469e3cf9d1382a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c3:46:be:d9:8c:90:ad:08:c4:d2:0a:dc:69:
27:33:af:e0:f1:8d:f6:dc:4f:db:55:4c:1d:49:62:
47:fc:10:3b:5f:3c:8b:e5:69:6c:e1:23:5a:f4:ef:
63:44:65:6d:54:12:8b:d2:15:d6:34:1e:ec:8e:d2:
5c:ef:72:e6:92:9e:b2:83:c9:e3:47:cc:60:11:28:
90:53:ce:32:83:95:9c:bd:08:1e:e1:00:0a:2e:59:
ba:39:8f:b6:81:62:f4:7f:98:35:bc:3c:d0:33:9e:
32:3a:47:f6:87:c5:42:33:57:af:45:62:15:18:6a:
c4:21:41:53:cf:95:06:11:25:42:50:37:b4:34:48:
c8:57:11:bd:7c:9e:24:44:22:fe:85:86:d6:14:78:
a3:e7:df:2a:43:42:01:41:21:0d:47:06:ba:db:84:
58:35:d6:26:75:c6:91:82:1c:5d:11:b2:b1:e4:4d:
68:09:bb:9f:cc:98:8e:b3:ab:24:fe:2b:de:66:12:
5d:6b:e5:5b:7c:2c:8f:03:1a:0a:a9:c5:3b:d7:67:
1f:a0:72:95:25:25:3c:f7:66:46:1e:70:e6:60:3d:
75:e4:75:e0:f5:50:ee:ea:23:84:88:66:6f:3c:31:
77:a4:33:8b:f2:e2:d2:7e:32:0e:56:12:76:7d:e3:
65:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B9:05:24:08:3A:42:80:3B:23:36:8B:46:9E:3C:F9:D1:38:2A:83
X509v3 Authority Key Identifier:
keyid:32:C2:BE:48:3F:F2:7B:B8:F0:DC:09:CE:0F:71:F2:A8:8E:AF:7E:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MsK-SD_ye7jw3AnOD3HyqI6vfgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/n7kFJAg6QoA7IzaLRp48-dE4KoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/MsK-SD_ye7jw3AnOD3HyqI6vfgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.72.0/21
185.128.252.0/22
IPv6:
2a02:2380::/32
Signature Algorithm: sha256WithRSAEncryption
0d:cd:1d:90:10:0c:a4:73:e2:98:7d:e4:50:51:ee:cf:81:c5:
bd:42:32:27:4e:46:03:13:57:5a:73:3d:a0:20:77:d1:26:6a:
a1:cb:26:42:69:1b:cc:af:86:c9:f7:4c:67:df:32:a7:c3:04:
1c:4c:03:7d:22:99:e1:53:f9:3c:f1:b2:83:b3:1d:bb:88:69:
90:1b:ee:91:30:4c:30:8f:40:2e:85:2d:9c:5e:f8:52:0c:be:
01:9f:26:a9:ae:0a:c3:d3:43:1d:49:e2:a0:dc:d4:d7:98:9b:
72:78:bf:19:57:cc:46:5f:ca:9f:c8:43:11:06:32:67:f1:fe:
96:d8:7e:fa:34:1b:83:47:fd:7b:5e:e6:c6:76:3d:85:58:19:
ac:67:de:c0:ff:01:4d:ee:e8:e1:d4:98:9a:9b:69:01:c5:ae:
cd:a3:ff:b5:53:3c:47:29:48:a2:5f:00:e5:1d:11:94:2a:9b:
93:fa:ef:6c:f6:8e:37:b7:f6:1c:6c:d8:e8:6b:5f:26:c1:dc:
9f:67:d1:9c:8f:94:7b:fa:11:db:df:1f:65:41:ef:3c:f3:32:
60:6a:8b:2e:9e:54:9d:04:39:29:d9:c4:c7:8b:19:e3:35:50:
30:38:0f:ad:1e:4f:d7:99:15:7e:5c:3c:51:53:db:b7:68:d4:
67:91:db:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtSpsrTya+AUJQC1Z9bxV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzJiZTQ4M2ZmMjdiYjhmMGRjMDljZTBmNzFmMmE4OGVh
ZjdlMDcwHhcNMjMwMTAxMTIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmI5MDUyNDA4M2E0MjgwM2IyMzM2OGI0NjllM2NmOWQxMzgyYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMNGvtmMkK0IxNIK3GknM6/g8Y32
3E/bVUwdSWJH/BA7XzyL5Wls4SNa9O9jRGVtVBKL0hXWNB7sjtJc73Lmkp6yg8nj
R8xgESiQU84yg5WcvQge4QAKLlm6OY+2gWL0f5g1vDzQM54yOkf2h8VCM1evRWIV
GGrEIUFTz5UGESVCUDe0NEjIVxG9fJ4kRCL+hYbWFHij598qQ0IBQSENRwa624RY
NdYmdcaRghxdEbKx5E1oCbufzJiOs6sk/iveZhJda+VbfCyPAxoKqcU712cfoHKV
JSU892ZGHnDmYD115HXg9VDu6iOEiGZvPDF3pDOL8uLSfjIOVhJ2feNlZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ+5BSQIOkKAOyM2i0aePPnROCqDMB8GA1UdIwQY
MBaAFDLCvkg/8nu48NwJzg9x8qiOr34HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNLLVNEX3llN2p3M0FuT0QzSHlxSTZ2ZmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mZjAwYzQtYjcyOC00NGEwLTk2MmQt
OTczZGI5Y2U2OGI1LzEvbjdrRkpBZzZRb0E3SXphTFJwNDgtZEU0S29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mZjAwYzQtYjcyOC00NGEwLTk2MmQtOTczZGI5Y2U2OGI1
LzEvTXNLLVNEX3llN2p3M0FuT0QzSHlxSTZ2ZmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLrdIAwQC
uYD8MA0EAgACMAcDBQAqAiOAMA0GCSqGSIb3DQEBCwUAA4IBAQANzR2QEAykc+KY
feRQUe7PgcW9QjInTkYDE1dacz2gIHfRJmqhyyZCaRvMr4bJ90xn3zKnwwQcTAN9
IpnhU/k88bKDsx27iGmQG+6RMEwwj0AuhS2cXvhSDL4BnyaprgrD00MdSeKg3NTX
mJtyeL8ZV8xGX8qfyEMRBjJn8f6W2H76NBuDR/17XubGdj2FWBmsZ97A/wFN7ujh
1Jiam2kBxa7No/+1UzxHKUiiXwDlHRGUKpuT+u9s9o43t/YcbNjoa18mwdyfZ9Gc
j5R7+hHb3x9lQe888zJgaosunlSdBDkp2cTHixnjNVAwOA+tHk/XmRV+XDxRU9u3
aNRnkdsx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:54 2024 by rpki-client on console-fra.rpki-client.org