Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/rTjntdk76dQ7GzVxCMI7tKRaFv4.roa
File: rTjntdk76dQ7GzVxCMI7tKRaFv4.roa (raw, json)
Hash identifier: AZl53hUQHGAYx8A0Ex89+Tg5HHPdDF9aUCiCIw7SiY8=
Subject key identifier: AD:38:E7:B5:D9:3B:E9:D4:3B:1B:35:71:08:C2:3B:B4:A4:5A:16:FE
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018571557068952BF2AFD045D8D43FF2856B
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/rTjntdk76dQ7GzVxCMI7tKRaFv4.roa
Signing time: Mon 02 Jan 2023 07:15:02 +0000
ROA not before: Mon 02 Jan 2023 07:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399587
IP address blocks: 178.171.50.0/23 maxlen: 23
178.171.48.0/23 maxlen: 23
178.171.62.0/23 maxlen: 23
158.46.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:70:68:95:2b:f2:af:d0:45:d8:d4:3f:f2:85:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 2 07:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad38e7b5d93be9d43b1b357108c23bb4a45a16fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:eb:de:c3:9c:da:84:cf:9a:f8:47:83:ab:f9:
2d:55:d2:93:e6:d5:d7:b1:68:44:e8:80:a3:36:0f:
0c:51:f8:d9:2c:08:66:03:08:be:09:37:2d:64:d3:
8c:8d:01:1b:ab:2f:69:9b:bf:af:d6:2c:04:e7:94:
6a:a1:d3:48:b8:03:1b:b0:86:63:09:b3:ed:4d:14:
48:e4:8f:12:ef:d3:c1:50:3f:65:34:21:e3:62:26:
9b:e0:99:da:53:84:bd:4c:06:f8:2a:4c:fa:3e:5d:
1b:31:7e:0d:27:d8:e9:17:5b:c1:e9:44:8e:3a:54:
da:6f:48:f4:9f:be:eb:34:74:53:bc:38:eb:3c:db:
dc:15:bb:b5:bc:02:bb:75:40:af:08:35:93:12:f0:
a0:48:14:62:1b:f5:2c:27:8f:c7:64:13:d7:89:5e:
25:16:a0:aa:82:4a:8d:0c:03:4a:aa:f9:4d:65:05:
00:27:2e:47:98:58:05:7f:8b:ff:4e:5f:f6:29:78:
8d:b4:1c:88:42:0e:41:1e:a1:c0:b3:e6:96:30:f1:
ef:11:40:54:f1:27:e0:79:c6:38:60:37:0c:fd:0f:
ea:bd:50:ae:c0:6a:0a:6b:3f:7f:a1:e0:3c:07:78:
03:cc:13:79:a9:ab:76:dd:36:c9:29:11:cc:57:dc:
b3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:38:E7:B5:D9:3B:E9:D4:3B:1B:35:71:08:C2:3B:B4:A4:5A:16:FE
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/rTjntdk76dQ7GzVxCMI7tKRaFv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.176.0/22
178.171.48.0/22
178.171.62.0/23
Signature Algorithm: sha256WithRSAEncryption
51:64:df:46:5c:98:72:94:a3:7b:92:da:c8:ba:bd:6b:eb:b3:
01:74:5f:56:12:b3:5c:dd:26:76:5b:04:9c:05:36:1c:a7:83:
9d:e1:53:e3:f0:79:08:e3:73:32:51:ef:79:ee:34:66:14:ab:
7f:7b:fd:98:17:f9:61:1d:6d:f0:b5:99:ca:04:44:31:43:63:
f1:98:7e:bb:dc:0b:33:35:a8:53:9d:b1:e8:ef:8e:b7:ad:69:
91:09:93:a3:e6:d2:91:1d:13:fe:24:f5:81:f7:18:6a:2f:37:
69:1d:24:43:bb:70:5d:0f:1a:e2:99:1d:fb:8d:0a:3c:b8:2d:
45:91:93:ce:f6:87:d2:8d:32:a4:4e:93:a6:56:2c:63:ad:b8:
d4:30:34:15:6b:8b:66:bd:66:5c:bd:53:9c:0b:a2:d5:39:47:
e7:d2:43:43:12:d8:8e:70:f7:45:7c:2a:fb:f5:ab:34:ef:b5:
0e:77:e7:51:0c:8f:b7:8f:79:50:a3:b1:4f:83:16:03:0f:af:
71:28:48:19:be:43:27:e1:e2:e1:81:67:54:c9:c7:6e:3d:02:
57:f4:b9:13:79:e3:90:70:99:c4:8f:da:02:19:54:be:7e:e9:
ae:79:98:ea:13:b4:f8:dd:fd:dd:53:d2:a1:c1:a7:6f:74:47:
21:8b:bb:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxVXBolSvyr9BF2NQ/8oVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMTAyMDcxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDM4ZTdiNWQ5M2JlOWQ0M2IxYjM1NzEwOGMyM2JiNGE0NWExNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ovew5zahM+a+EeDq/ktVdKT5tXX
sWhE6ICjNg8MUfjZLAhmAwi+CTctZNOMjQEbqy9pm7+v1iwE55RqodNIuAMbsIZj
CbPtTRRI5I8S79PBUD9lNCHjYiab4JnaU4S9TAb4Kkz6Pl0bMX4NJ9jpF1vB6USO
OlTab0j0n77rNHRTvDjrPNvcFbu1vAK7dUCvCDWTEvCgSBRiG/UsJ4/HZBPXiV4l
FqCqgkqNDANKqvlNZQUAJy5HmFgFf4v/Tl/2KXiNtByIQg5BHqHAs+aWMPHvEUBU
8SfgecY4YDcM/Q/qvVCuwGoKaz9/oeA8B3gDzBN5qat23TbJKRHMV9yztQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK0457XZO+nUOxs1cQjCO7SkWhb+MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvclRqbnRkazc2ZFE3R3pWeENNSTd0S1JhRnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCni6wAwQC
sqswAwQBsqs+MA0GCSqGSIb3DQEBCwUAA4IBAQBRZN9GXJhylKN7ktrIur1r67MB
dF9WErNc3SZ2WwScBTYcp4Od4VPj8HkI43MyUe957jRmFKt/e/2YF/lhHW3wtZnK
BEQxQ2PxmH673AszNahTnbHo7463rWmRCZOj5tKRHRP+JPWB9xhqLzdpHSRDu3Bd
DxrimR37jQo8uC1FkZPO9ofSjTKkTpOmVixjrbjUMDQVa4tmvWZcvVOcC6LVOUfn
0kNDEtiOcPdFfCr79as077UOd+dRDI+3j3lQo7FPgxYDD69xKEgZvkMn4eLhgWdU
ycduPQJX9LkTeeOQcJnEj9oCGVS+fumueZjqE7T43f3dU9KhwadvdEchi7v4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org