Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/rDNI-dr9bYFMJwM046Pj1M5aubc.roa
File: rDNI-dr9bYFMJwM046Pj1M5aubc.roa (raw, json)
Hash identifier: Xeshr2hdQupGFOW49HRMH8PXbmfVS36eZvqlZZyVqhc=
Subject key identifier: AC:33:48:F9:DA:FD:6D:81:4C:27:03:34:E3:A3:E3:D4:CE:5A:B9:B7
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018571556B318A6202E3130B89A5B82623FB
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/rDNI-dr9bYFMJwM046Pj1M5aubc.roa
Signing time: Mon 02 Jan 2023 07:15:01 +0000
ROA not before: Mon 02 Jan 2023 07:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 178.171.104.0/24 maxlen: 24
158.46.196.0/22 maxlen: 22
178.171.0.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 10 Jul 2023 05:15:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:6b:31:8a:62:02:e3:13:0b:89:a5:b8:26:23:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 2 07:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac3348f9dafd6d814c270334e3a3e3d4ce5ab9b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0f:7f:39:45:28:0a:7b:3a:37:16:31:ef:cd:
53:2b:61:46:7c:49:87:b8:d2:a8:b4:92:9f:3d:cb:
74:96:9f:5a:e3:4f:8e:1e:30:e8:0f:3c:31:6c:e9:
64:a3:a4:58:4b:50:d9:7c:ce:ee:04:5a:15:73:cd:
62:44:5d:b1:a0:de:68:c6:44:95:d2:a8:3e:2e:1f:
72:06:e0:39:da:94:56:b8:a2:5b:64:e0:90:17:7d:
2d:56:a9:bf:01:86:75:46:3d:bb:97:77:c8:97:ab:
ed:86:e0:3a:4d:02:c6:a3:51:0c:0b:36:34:4f:f4:
d7:5d:c2:b1:74:d2:10:c5:a1:f3:f4:c8:ca:62:45:
c4:6a:1a:68:e8:f2:f6:6a:86:b0:f4:a9:bd:e8:54:
68:25:e1:ad:a9:9d:61:2a:4c:e6:5f:e4:ce:61:ca:
22:7d:79:9d:fa:f2:5a:2c:3b:3a:42:4c:d9:ea:c9:
f3:df:e8:48:ee:03:93:ef:cd:3c:d2:6f:05:91:b3:
6f:ad:93:af:f2:97:2c:e2:3d:44:e8:ea:c9:c1:dc:
df:cb:d3:de:d8:1e:d6:c6:22:ff:82:55:14:cc:2d:
99:d2:0c:c3:70:45:3d:31:4f:21:f6:90:73:02:d0:
47:3b:49:80:4f:c8:88:93:43:31:97:2e:dc:46:0e:
9d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:33:48:F9:DA:FD:6D:81:4C:27:03:34:E3:A3:E3:D4:CE:5A:B9:B7
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/rDNI-dr9bYFMJwM046Pj1M5aubc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.196.0/22
178.171.0.0/20
178.171.104.0/24
Signature Algorithm: sha256WithRSAEncryption
91:ca:5d:73:4a:31:d6:18:04:e6:57:2f:ed:b3:ce:55:bb:45:
96:b5:7a:a6:05:42:2a:5e:ca:9a:38:64:ba:bc:ea:8d:e1:fe:
65:03:9e:a1:ec:d8:35:b7:a4:3f:10:f5:8e:2a:e7:4d:aa:93:
bd:2e:93:32:d2:53:e4:56:af:9c:b9:ec:00:eb:12:a3:73:33:
bb:5c:e7:a3:b6:2d:cf:7a:aa:b8:58:b7:59:5b:4f:a8:fc:87:
be:70:0b:c0:a8:f6:34:f2:f3:1b:e4:16:db:f9:59:65:2f:ff:
93:ac:2d:68:28:94:15:48:8a:67:ed:d0:89:20:fe:b6:a1:ef:
da:1d:ff:a0:df:ea:55:6b:43:df:5a:6b:c8:61:7e:cf:61:0d:
77:41:a1:03:e2:c6:3c:7d:60:48:54:3f:0c:c9:21:0e:22:ca:
99:f8:83:d5:c9:e2:55:c1:9b:d5:9f:4f:f9:ae:fa:27:5e:20:
ed:0d:ca:24:f2:0f:97:a3:bf:8a:ad:0c:54:ef:65:7b:9a:8b:
39:e5:ff:8c:a9:cf:2c:45:7e:6c:10:52:a1:82:4d:56:93:89:
c2:33:58:4f:dc:83:47:4b:34:b1:1b:1d:26:dd:28:a6:e3:2a:
6e:55:fb:bb:12:77:11:7d:0d:5c:ba:6f:b2:13:fc:98:dd:c5:
8c:d1:34:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxVWsximIC4xMLiaW4JiP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMTAyMDcxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzMzNDhmOWRhZmQ2ZDgxNGMyNzAzMzRlM2EzZTNkNGNlNWFiOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw9/OUUoCns6NxYx781TK2FGfEmH
uNKotJKfPct0lp9a40+OHjDoDzwxbOlko6RYS1DZfM7uBFoVc81iRF2xoN5oxkSV
0qg+Lh9yBuA52pRWuKJbZOCQF30tVqm/AYZ1Rj27l3fIl6vthuA6TQLGo1EMCzY0
T/TXXcKxdNIQxaHz9MjKYkXEahpo6PL2aoaw9Km96FRoJeGtqZ1hKkzmX+TOYcoi
fXmd+vJaLDs6QkzZ6snz3+hI7gOT78080m8FkbNvrZOv8pcs4j1E6OrJwdzfy9Pe
2B7WxiL/glUUzC2Z0gzDcEU9MU8h9pBzAtBHO0mAT8iIk0Mxly7cRg6dzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKwzSPna/W2BTCcDNOOj49TOWrm3MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvckROSS1kcjliWUZNSndNMDQ2UGoxTTVhdWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCni7EAwQE
sqsAAwQAsqtoMA0GCSqGSIb3DQEBCwUAA4IBAQCRyl1zSjHWGATmVy/ts85Vu0WW
tXqmBUIqXsqaOGS6vOqN4f5lA56h7Ng1t6Q/EPWOKudNqpO9LpMy0lPkVq+cuewA
6xKjczO7XOejti3Peqq4WLdZW0+o/Ie+cAvAqPY08vMb5Bbb+VllL/+TrC1oKJQV
SIpn7dCJIP62oe/aHf+g3+pVa0PfWmvIYX7PYQ13QaED4sY8fWBIVD8MySEOIsqZ
+IPVyeJVwZvVn0/5rvonXiDtDcok8g+Xo7+KrQxU72V7mos55f+Mqc8sRX5sEFKh
gk1Wk4nCM1hP3INHSzSxGx0m3Sim4ypuVfu7EncRfQ1cum+yE/yY3cWM0TRp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org