Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/1-wP3cXmLCq5VrPSEOVdplGYamBU.roa
File: 1-wP3cXmLCq5VrPSEOVdplGYamBU.roa (raw, json)
Hash identifier: jBllQzuM9X2b7WkET82foy6HRExcj6HcPL51koEqu2w=
Subject key identifier: FB:03:F7:71:79:8B:0A:AE:55:AC:F4:84:39:57:69:94:66:1A:98:15
Certificate issuer: /CN=12a657f3424c8dd55215af853b93307c366c538a
Certificate serial: 019135FDB379E2B4199D367B5962FE226A5B
Authority key identifier: 12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/1-wP3cXmLCq5VrPSEOVdplGYamBU.roa
Signing time: Fri 09 Aug 2024 07:15:04 +0000
ROA not before: Fri 09 Aug 2024 07:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211995
IP address blocks: 46.22.225.0/24 maxlen: 24
46.22.226.0/24 maxlen: 24
46.28.237.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
109.237.112.0/20 maxlen: 20
109.237.112.0/24 maxlen: 24
109.237.113.0/24 maxlen: 24
185.77.3.0/24 maxlen: 24
185.136.207.0/24 maxlen: 24
185.233.35.0/24 maxlen: 24
194.164.222.0/24 maxlen: 24
213.142.158.0/24 maxlen: 24
2a10:d880::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 13 Aug 2024 19:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:35:fd:b3:79:e2:b4:19:9d:36:7b:59:62:fe:22:6a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12a657f3424c8dd55215af853b93307c366c538a
Validity
Not Before: Aug 9 07:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb03f771798b0aae55acf48439576994661a9815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d9:1f:51:d4:1f:0f:ef:2f:0e:4f:d5:71:6d:
a9:50:72:0c:e7:9d:94:77:9e:01:51:76:4f:e4:f3:
be:d6:60:a2:af:a6:f3:35:e6:f3:6a:fd:3f:d7:7a:
b3:6f:6b:aa:0c:92:6d:9b:6e:bc:ae:e0:19:7b:5d:
04:44:d6:3a:7d:22:6a:30:ea:49:32:63:29:fe:0f:
15:d3:e4:4d:29:2b:55:b0:a9:68:73:69:14:15:ed:
77:0c:4a:e3:2f:02:38:f7:a2:1a:30:7e:04:16:a1:
ee:de:ac:08:35:c2:59:9d:01:a6:f2:21:7c:23:cb:
8a:f1:29:14:1a:53:96:e6:2e:cc:52:10:8a:c3:3f:
5f:22:b3:71:88:06:99:87:4a:08:9f:4a:cc:29:3f:
81:86:d9:a1:fe:5b:dd:0f:9a:1a:e6:b6:61:86:d8:
3a:09:5d:0c:10:91:94:5b:47:19:8e:f1:e8:42:a0:
12:03:52:dd:6f:9c:dc:cd:f3:dc:de:b9:ef:8d:24:
55:47:74:f6:48:ae:bc:1a:62:f4:bf:7b:b7:cf:41:
8d:c1:77:21:2b:f7:e9:6d:25:60:c8:ba:d6:c8:76:
5a:15:61:15:a8:b8:05:e9:d9:7f:1e:ab:e9:20:7c:
4d:4a:82:d4:32:af:95:30:32:90:6a:64:c9:24:1c:
6a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:03:F7:71:79:8B:0A:AE:55:AC:F4:84:39:57:69:94:66:1A:98:15
X509v3 Authority Key Identifier:
keyid:12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/1-wP3cXmLCq5VrPSEOVdplGYamBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.225.0-46.22.226.255
46.28.237.0/24
93.114.130.0/24
109.237.112.0/20
185.77.3.0/24
185.136.207.0/24
185.233.35.0/24
194.164.222.0/24
213.142.158.0/24
IPv6:
2a10:d880::/29
Signature Algorithm: sha256WithRSAEncryption
03:4f:a4:7c:06:a7:bb:45:41:86:c3:40:03:7a:d7:26:ab:0b:
43:65:6e:7b:73:87:b2:0c:2d:31:7f:be:b4:29:86:df:c7:e9:
88:f9:94:96:76:bc:52:59:0a:d3:0e:ef:2c:39:67:46:78:47:
e9:cd:80:35:f5:ce:bf:28:f9:d5:77:38:b8:8d:1e:a3:7d:ea:
4e:66:cc:91:46:59:fa:16:e0:e9:35:a8:e6:ff:9b:26:29:e3:
41:ed:23:43:3e:2b:8f:2b:76:72:94:86:85:bb:36:c5:83:78:
1f:1f:f1:05:da:61:7c:55:f2:12:22:fe:6b:cc:7e:d5:ee:e7:
4b:0e:64:f2:59:cd:05:6f:4f:61:fd:eb:0a:ec:d2:cd:98:b6:
18:e7:7f:43:de:5c:46:ca:76:84:b0:9d:e3:a2:09:8c:d8:4c:
73:a5:d9:95:b3:00:3d:38:34:45:09:63:ee:91:aa:b9:14:d6:
a4:9c:78:88:ed:84:03:c8:12:0a:f3:41:dd:e4:50:16:a0:88:
34:d5:c3:a3:79:c4:31:b4:4f:26:5e:e6:41:66:30:51:e3:3c:
4f:b3:21:7f:09:79:c2:c1:a1:e9:fb:5d:31:19:63:8b:18:c4:
e5:dd:59:38:ae:82:ab:f0:b1:e9:12:2e:fe:09:ae:3c:9e:49:
a5:45:e2:53
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZE1/bN54rQZnTZ7WWL+ImpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYTY1N2YzNDI0YzhkZDU1MjE1YWY4NTNiOTMzMDdjMzY2
YzUzOGEwHhcNMjQwODA5MDcxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjAzZjc3MTc5OGIwYWFlNTVhY2Y0ODQzOTU3Njk5NDY2MWE5ODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9kfUdQfD+8vDk/VcW2pUHIM552U
d54BUXZP5PO+1mCir6bzNebzav0/13qzb2uqDJJtm268ruAZe10ERNY6fSJqMOpJ
MmMp/g8V0+RNKStVsKloc2kUFe13DErjLwI496IaMH4EFqHu3qwINcJZnQGm8iF8
I8uK8SkUGlOW5i7MUhCKwz9fIrNxiAaZh0oIn0rMKT+Bhtmh/lvdD5oa5rZhhtg6
CV0MEJGUW0cZjvHoQqASA1Ldb5zczfPc3rnvjSRVR3T2SK68GmL0v3u3z0GNwXch
K/fpbSVgyLrWyHZaFWEVqLgF6dl/HqvpIHxNSoLUMq+VMDKQamTJJBxq8QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFPsD93F5iwquVaz0hDlXaZRmGpgVMB8GA1UdIwQY
MBaAFBKmV/NCTI3VUhWvhTuTMHw2bFOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMt
MDVmMDkzMzg1YWM4LzEvMS13UDNjWG1MQ3E1VnJQU0VPVmRwbEdZYW1CVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvNDY1YWFlLTJhMmMtNDIwMC04ZTVjLTA1ZjA5MzM4NWFj
OC8xL0VxWlg4MEpNamRWU0ZhLUZPNU13ZkRac1U0by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBmBggrBgEFBQcBBwEB/wRXMFUwRAQCAAEwPjAMAwQALhbh
AwQALhbiAwQALhztAwQAXXKCAwQEbe1wAwQAuU0DAwQAuYjPAwQAuekjAwQAwqTe
AwQA1Y6eMA0EAgACMAcDBQMqENiAMA0GCSqGSIb3DQEBCwUAA4IBAQADT6R8Bqe7
RUGGw0ADetcmqwtDZW57c4eyDC0xf760KYbfx+mI+ZSWdrxSWQrTDu8sOWdGeEfp
zYA19c6/KPnVdzi4jR6jfepOZsyRRln6FuDpNajm/5smKeNB7SNDPiuPK3ZylIaF
uzbFg3gfH/EF2mF8VfISIv5rzH7V7udLDmTyWc0Fb09h/esK7NLNmLYY539D3lxG
ynaEsJ3jogmM2ExzpdmVswA9ODRFCWPukaq5FNaknHiI7YQDyBIK80Hd5FAWoIg0
1cOjecQxtE8mXuZBZjBR4zxPsyF/CXnCwaHp+10xGWOLGMTl3Vk4roKr8LHpEi7+
Ca48nkmlReJT
-----END CERTIFICATE-----
Generated at Tue Aug 13 20:45:21 2024 by rpki-client on console-fra.rpki-client.org