Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/JsT-9hzMqAQWdLWzx6QO_MRs4oU.roa
File: JsT-9hzMqAQWdLWzx6QO_MRs4oU.roa (raw, json)
Hash identifier: A+KAV436t3/L6loo9VcMIDGspfr0si8/SPujvHK6EhU=
Subject key identifier: 26:C4:FE:F6:1C:CC:A8:04:16:74:B5:B3:C7:A4:0E:FC:C4:6C:E2:85
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 018776C430716A0B7A4771AB790A4BF5D4E1
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/JsT-9hzMqAQWdLWzx6QO_MRs4oU.roa
Signing time: Wed 12 Apr 2023 18:39:41 +0000
ROA not before: Wed 12 Apr 2023 18:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35819
IP address blocks: 46.153.16.0/20 maxlen: 20
46.153.32.0/20 maxlen: 20
46.153.48.0/20 maxlen: 20
46.153.64.0/19 maxlen: 19
46.153.96.0/19 maxlen: 19
46.153.0.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 12 Apr 2023 19:11:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:c4:30:71:6a:0b:7a:47:71:ab:79:0a:4b:f5:d4:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Apr 12 18:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26c4fef61ccca8041674b5b3c7a40efcc46ce285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:95:a1:c3:11:82:db:d3:77:e1:87:3e:4c:ee:
30:37:c5:fc:3f:bb:57:42:1b:9e:a2:b8:27:31:7e:
0a:70:b5:3c:02:1d:c7:7d:d1:7d:89:34:68:f7:19:
6d:c5:34:c5:7d:c8:4f:ef:8e:39:df:f8:90:15:d1:
83:de:77:47:8b:ab:eb:99:6b:ef:ae:1f:46:5e:06:
5e:10:bb:b1:15:bc:01:58:25:0c:2a:5d:ae:b0:48:
c2:8f:51:18:f7:4b:7c:d1:55:31:5b:33:64:8f:04:
a4:49:49:17:70:5b:39:af:7c:a7:95:24:47:5d:4e:
11:13:b3:d8:6c:6a:12:b0:ae:36:7a:2a:bb:ef:44:
b4:f1:bc:3b:01:01:7f:7f:57:ec:2e:66:51:d7:ce:
dd:0d:87:1c:43:c4:2f:07:2c:08:e5:2b:2d:db:eb:
30:c2:4c:ea:8e:6c:45:b6:67:33:e9:17:e9:40:12:
bf:9c:bb:03:d9:b3:e1:a6:cf:64:b9:9b:2a:b7:08:
cb:c5:65:40:f8:c1:58:18:f0:69:59:a8:be:20:f6:
fe:9c:fb:81:ac:2f:78:f6:8c:c5:2d:b4:88:fa:76:
1a:dd:c9:de:7f:49:e2:3e:e6:f3:d5:89:f8:a7:8c:
32:9c:d0:b8:16:24:44:0c:9d:05:ea:08:57:22:61:
d7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C4:FE:F6:1C:CC:A8:04:16:74:B5:B3:C7:A4:0E:FC:C4:6C:E2:85
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/JsT-9hzMqAQWdLWzx6QO_MRs4oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.153.0.0/17
Signature Algorithm: sha256WithRSAEncryption
05:99:ac:9c:1a:4b:1f:3b:0d:bd:54:bc:22:27:29:5a:a8:d7:
48:2d:31:e0:af:c4:96:5d:a3:b6:0e:6e:85:b5:d3:39:5a:bc:
03:87:38:70:8a:81:50:9a:08:d9:a5:06:80:75:ae:be:a9:1d:
46:38:3c:c8:1f:4f:f4:86:cd:5b:2b:cf:bf:3a:04:c0:90:94:
5e:98:1d:13:57:44:10:bf:3a:a4:46:1a:75:e6:82:cf:19:d6:
32:49:5e:48:1b:4b:db:6d:66:e1:4f:17:00:98:3b:59:43:8f:
8e:d7:54:df:d4:31:87:f1:38:5d:89:df:1a:cc:8d:9c:1f:27:
2a:05:77:df:2a:87:28:84:99:64:ca:29:28:5d:18:ab:e5:d5:
01:51:85:11:3d:55:77:c2:5d:8b:58:74:f8:6b:b5:66:b0:b5:
2a:2e:13:10:0e:2d:4f:d0:3b:b5:2a:a8:a0:68:47:f8:c2:cc:
9d:c2:97:f2:32:6b:13:8c:c2:2b:01:17:93:c9:70:9e:5f:84:
fe:eb:4b:da:4b:4d:a5:fd:08:2a:1e:22:16:03:66:22:4f:23:
3c:02:01:3e:3f:eb:07:11:98:4f:63:50:04:1d:9a:fa:ec:93:
f5:fc:ae:5d:7c:4a:69:eb:4e:bd:ec:bf:64:7d:57:fd:2e:d7:
53:67:e0:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd2xDBxagt6R3GreQpL9dThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjMwNDEyMTgzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmM0ZmVmNjFjY2NhODA0MTY3NGI1YjNjN2E0MGVmY2M0NmNlMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZWhwxGC29N34Yc+TO4wN8X8P7tX
QhueorgnMX4KcLU8Ah3HfdF9iTRo9xltxTTFfchP74453/iQFdGD3ndHi6vrmWvv
rh9GXgZeELuxFbwBWCUMKl2usEjCj1EY90t80VUxWzNkjwSkSUkXcFs5r3ynlSRH
XU4RE7PYbGoSsK42eiq770S08bw7AQF/f1fsLmZR187dDYccQ8QvBywI5Sst2+sw
wkzqjmxFtmcz6RfpQBK/nLsD2bPhps9kuZsqtwjLxWVA+MFYGPBpWai+IPb+nPuB
rC949ozFLbSI+nYa3cnef0niPubz1Yn4p4wynNC4FiREDJ0F6ghXImHXiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbE/vYczKgEFnS1s8ekDvzEbOKFMB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvSnNULTloek1xQVFXZExXeng2UU9fTVJzNG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHLpkAMA0G
CSqGSIb3DQEBCwUAA4IBAQAFmaycGksfOw29VLwiJylaqNdILTHgr8SWXaO2Dm6F
tdM5WrwDhzhwioFQmgjZpQaAda6+qR1GODzIH0/0hs1bK8+/OgTAkJRemB0TV0QQ
vzqkRhp15oLPGdYySV5IG0vbbWbhTxcAmDtZQ4+O11Tf1DGH8Thdid8azI2cHycq
BXffKocohJlkyikoXRir5dUBUYURPVV3wl2LWHT4a7VmsLUqLhMQDi1P0Du1Kqig
aEf4wsydwpfyMmsTjMIrAReTyXCeX4T+60vaS02l/QgqHiIWA2YiTyM8AgE+P+sH
EZhPY1AEHZr67JP1/K5dfEpp60697L9kfVf9LtdTZ+DV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:14 2024 by rpki-client on console-fra.rpki-client.org