Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/45e632-b0fd-4d81-9cf7-8fd22105806b/1/nOduJZ-oT-cBaa4SGp9CXjanjUI.roa
File: nOduJZ-oT-cBaa4SGp9CXjanjUI.roa (raw, json)
Hash identifier: sXvSJSyYYk/v0jsp/8wpeTh+iuYcfWYxjVpWT/1ETnA=
Subject key identifier: 9C:E7:6E:25:9F:A8:4F:E7:01:69:AE:12:1A:9F:42:5E:36:A7:8D:42
Certificate issuer: /CN=70811ce0ce7353f03ede9cb7ca5116255fbfb7bd
Certificate serial: 0185735F00A6C7B875146C5EBC0349523484
Authority key identifier: 70:81:1C:E0:CE:73:53:F0:3E:DE:9C:B7:CA:51:16:25:5F:BF:B7:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIEc4M5zU_A-3py3ylEWJV-_t70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/45e632-b0fd-4d81-9cf7-8fd22105806b/1/nOduJZ-oT-cBaa4SGp9CXjanjUI.roa
Signing time: Mon 02 Jan 2023 16:44:43 +0000
ROA not before: Mon 02 Jan 2023 16:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52058
IP address blocks: 46.174.56.0/21 maxlen: 24
91.221.212.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:5f:00:a6:c7:b8:75:14:6c:5e:bc:03:49:52:34:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70811ce0ce7353f03ede9cb7ca5116255fbfb7bd
Validity
Not Before: Jan 2 16:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ce76e259fa84fe70169ae121a9f425e36a78d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9b:79:51:9c:7b:ff:d7:63:62:bf:04:39:5f:
1b:ba:66:42:fa:55:45:04:48:d6:e3:b4:ea:88:23:
30:6a:23:f7:db:50:ae:5b:3b:5e:86:d3:de:3f:ca:
c0:38:95:5c:06:25:bd:f0:18:df:30:c9:04:79:29:
df:b2:a8:16:0f:24:5b:84:01:e0:4d:ef:f9:1c:d9:
8d:23:e6:dc:dc:a7:00:fe:b9:f7:be:a9:49:a8:28:
22:42:78:9f:eb:1d:dc:c2:6f:b2:59:3f:3f:b8:d5:
50:fb:7a:f5:d5:3c:5f:d5:e1:8b:53:3e:e2:22:df:
bd:dc:d5:1d:82:a2:80:58:46:a8:70:71:fc:a1:c7:
f6:ab:f6:60:44:a3:86:6c:dd:36:8b:7f:a8:4a:92:
d0:ca:9d:94:1f:f4:00:95:fe:ec:c2:33:78:a8:91:
69:c0:3f:85:f3:52:af:d4:14:75:51:c6:d1:b9:12:
00:83:e5:e9:e5:b7:7d:6a:24:67:49:cd:db:75:9e:
bf:f8:55:e6:35:c3:87:7d:bc:8d:ea:a6:e6:d1:c0:
2f:11:41:ce:a2:ed:79:78:06:d8:f6:27:bb:b2:fa:
cc:5e:e3:5f:bd:1e:8a:a7:44:10:b2:fb:f5:64:fa:
94:c5:20:dd:d1:fb:8f:00:bf:d5:9d:5c:74:f5:05:
6d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E7:6E:25:9F:A8:4F:E7:01:69:AE:12:1A:9F:42:5E:36:A7:8D:42
X509v3 Authority Key Identifier:
keyid:70:81:1C:E0:CE:73:53:F0:3E:DE:9C:B7:CA:51:16:25:5F:BF:B7:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIEc4M5zU_A-3py3ylEWJV-_t70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/45e632-b0fd-4d81-9cf7-8fd22105806b/1/nOduJZ-oT-cBaa4SGp9CXjanjUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/45e632-b0fd-4d81-9cf7-8fd22105806b/1/cIEc4M5zU_A-3py3ylEWJV-_t70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.56.0/21
91.221.212.0/23
Signature Algorithm: sha256WithRSAEncryption
19:9b:db:1f:34:ab:b6:1c:a5:34:d8:a3:31:b2:1b:60:c7:49:
e2:9b:73:99:ec:11:4f:e2:b4:7e:8e:f2:2c:c3:51:80:bf:dd:
f6:2a:f2:61:1d:78:ae:03:86:35:ba:36:48:21:8d:4a:8c:33:
2a:3c:ad:0e:11:af:71:88:a3:c2:27:1c:6d:ee:ab:59:b7:ba:
82:a7:2f:84:45:96:d3:52:e9:fe:47:00:fd:1e:bc:b3:c0:d4:
40:0a:2e:f0:21:6c:a4:1d:c2:6e:ea:88:7c:9d:c0:ca:0a:51:
26:e6:3e:3c:33:df:ac:db:a5:1a:d1:d5:6a:5a:cd:e3:ca:a1:
4a:2a:6a:80:e4:fd:ce:61:92:d7:0e:34:15:04:02:0f:51:64:
9d:5a:49:06:1a:cb:35:6e:b3:0c:89:b0:36:e0:27:f8:a9:f7:
ab:50:fe:29:fb:a6:52:5f:20:e5:c8:02:ce:02:8c:b2:e9:4f:
4e:0f:cc:5d:06:bd:ef:a4:c3:3b:dd:47:4e:8c:4b:2c:65:1e:
a8:62:cd:7f:c6:38:8c:64:1f:b4:67:b9:93:03:40:4b:8a:00:
da:5e:db:ad:f8:be:85:71:d2:53:3f:ed:a4:5b:4f:6e:1e:b8:
4b:92:8d:46:c6:d1:a3:2a:8d:87:41:bf:23:22:1d:ac:c5:c4:
70:5f:67:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzXwCmx7h1FGxevANJUjSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODExY2UwY2U3MzUzZjAzZWRlOWNiN2NhNTExNjI1NWZi
ZmI3YmQwHhcNMjMwMTAyMTY0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2U3NmUyNTlmYTg0ZmU3MDE2OWFlMTIxYTlmNDI1ZTM2YTc4ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZt5UZx7/9djYr8EOV8bumZC+lVF
BEjW47TqiCMwaiP321CuWztehtPeP8rAOJVcBiW98BjfMMkEeSnfsqgWDyRbhAHg
Te/5HNmNI+bc3KcA/rn3vqlJqCgiQnif6x3cwm+yWT8/uNVQ+3r11Txf1eGLUz7i
It+93NUdgqKAWEaocHH8ocf2q/ZgRKOGbN02i3+oSpLQyp2UH/QAlf7swjN4qJFp
wD+F81Kv1BR1UcbRuRIAg+Xp5bd9aiRnSc3bdZ6/+FXmNcOHfbyN6qbm0cAvEUHO
ou15eAbY9ie7svrMXuNfvR6Kp0QQsvv1ZPqUxSDd0fuPAL/VnVx09QVtEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJznbiWfqE/nAWmuEhqfQl42p41CMB8GA1UdIwQY
MBaAFHCBHODOc1PwPt6ct8pRFiVfv7e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lFYzRNNXpVX0EtM3B5M3lsRVdKVi1fdDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80NWU2MzItYjBmZC00ZDgxLTljZjct
OGZkMjIxMDU4MDZiLzEvbk9kdUpaLW9ULWNCYWE0U0dwOUNYamFualVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80NWU2MzItYjBmZC00ZDgxLTljZjctOGZkMjIxMDU4MDZi
LzEvY0lFYzRNNXpVX0EtM3B5M3lsRVdKVi1fdDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq44AwQB
W93UMA0GCSqGSIb3DQEBCwUAA4IBAQAZm9sfNKu2HKU02KMxshtgx0nim3OZ7BFP
4rR+jvIsw1GAv932KvJhHXiuA4Y1ujZIIY1KjDMqPK0OEa9xiKPCJxxt7qtZt7qC
py+ERZbTUun+RwD9HryzwNRACi7wIWykHcJu6oh8ncDKClEm5j48M9+s26Ua0dVq
Ws3jyqFKKmqA5P3OYZLXDjQVBAIPUWSdWkkGGss1brMMibA24Cf4qferUP4p+6ZS
XyDlyALOAoyy6U9OD8xdBr3vpMM73UdOjEssZR6oYs1/xjiMZB+0Z7mTA0BLigDa
Xtut+L6FcdJTP+2kW09uHrhLko1GxtGjKo2HQb8jIh2sxcRwX2eE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:11 2024 by rpki-client on console-fra.rpki-client.org