Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/TI3g5sap18qOTro5j4nYpa5rX_U.roa
File: TI3g5sap18qOTro5j4nYpa5rX_U.roa (raw, json)
Hash identifier: Wwppwgx36ei3j/9KhTvcjZMCJK21eGXvB9SaZI83tYg=
Subject key identifier: 4C:8D:E0:E6:C6:A9:D7:CA:8E:4E:BA:39:8F:89:D8:A5:AE:6B:5F:F5
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01877548F03E92A1A281FDF1A511F5F543BC
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/TI3g5sap18qOTro5j4nYpa5rX_U.roa
Signing time: Wed 12 Apr 2023 11:45:27 +0000
ROA not before: Wed 12 Apr 2023 11:45:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12722
IP address blocks: 46.150.248.0/24 maxlen: 24
46.150.249.0/24 maxlen: 24
91.195.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:48:f0:3e:92:a1:a2:81:fd:f1:a5:11:f5:f5:43:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Apr 12 11:45:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c8de0e6c6a9d7ca8e4eba398f89d8a5ae6b5ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3a:e7:79:35:75:90:29:6d:b7:b5:7e:57:0e:
b6:48:2d:63:ed:5d:2b:0f:73:4b:ff:b1:1f:32:64:
ad:d8:f0:8d:d0:e8:57:dc:a2:f3:4c:2d:2b:0a:9b:
44:e4:4e:52:c3:35:92:0b:ce:9e:1a:12:00:de:a2:
aa:fb:ee:30:c5:5c:79:fc:91:4b:8f:33:fe:c2:11:
4f:33:58:29:ff:a2:b6:c1:85:26:15:7e:8e:0d:c6:
65:e6:d2:05:04:24:e5:56:4a:d1:63:60:fb:7a:2b:
5a:50:09:5f:95:d4:92:e4:2a:ff:ca:2e:4c:c3:51:
fc:d0:01:ba:97:73:99:f9:ad:b8:05:f5:45:6c:55:
e0:7f:49:ce:1a:a2:02:5e:83:de:77:d7:88:ac:e1:
2f:3f:35:5c:e9:9b:37:af:6a:05:f1:12:7c:6e:76:
48:46:db:56:1e:02:26:93:f9:4d:d0:e7:1f:10:f8:
4f:55:05:28:c5:c6:69:65:3f:78:2b:df:29:4b:dc:
7a:7c:0b:86:2f:57:c0:4b:f8:ed:dc:e4:9c:1a:84:
82:17:6c:bd:62:ef:3c:5f:a7:16:dd:f6:c2:49:15:
08:b7:27:78:62:eb:ca:28:26:b1:94:50:69:f0:7a:
7e:b3:ec:5b:7f:98:7c:ec:b3:3d:43:37:03:72:3a:
54:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8D:E0:E6:C6:A9:D7:CA:8E:4E:BA:39:8F:89:D8:A5:AE:6B:5F:F5
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/TI3g5sap18qOTro5j4nYpa5rX_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.150.248.0/23
91.195.21.0/24
Signature Algorithm: sha256WithRSAEncryption
71:e9:d2:15:d5:00:c8:d2:a3:57:f4:ed:2d:a0:ef:e1:8d:be:
2d:38:1e:33:7f:0a:52:05:33:57:12:21:1c:62:2c:a6:f5:d2:
82:c8:2c:41:3e:7c:c8:c8:a3:fb:5c:5c:d0:c6:01:cc:66:10:
0a:29:01:2c:55:2d:f7:f6:7f:77:dc:81:d3:85:5f:32:7b:fa:
77:35:e2:db:a2:78:37:27:05:1d:df:b0:59:50:ac:93:1b:3e:
d2:d6:5b:b7:d9:1d:1c:11:0b:7c:42:64:e2:bb:c5:f4:b0:d0:
91:21:8f:3f:c2:b5:d3:b0:c4:1f:20:4a:ca:33:52:84:a7:23:
44:a7:f9:2c:6a:0d:9a:df:e7:78:2e:93:70:8a:05:da:1a:5a:
5d:87:23:e3:48:2d:44:5b:ab:7b:32:0d:7d:3c:08:cf:bf:c4:
d8:31:8d:23:82:f8:e8:62:f7:e9:b5:f0:8c:97:13:48:04:d6:
00:1c:fc:fe:5f:6d:ff:53:f4:46:3d:c8:94:08:1b:1d:f6:31:
ef:d8:bf:3e:cd:aa:e8:1a:4a:65:46:24:70:9d:c9:db:b1:29:
a0:b6:02:ac:43:bb:52:66:a9:86:80:d5:30:78:3d:96:98:e5:
ae:7a:6b:2e:ea:78:4b:e6:44:9b:70:5a:d6:10:1e:f0:43:84:
f6:b6:d2:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd1SPA+kqGigf3xpRH19UO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNDEyMTE0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhkZTBlNmM2YTlkN2NhOGU0ZWJhMzk4Zjg5ZDhhNWFlNmI1ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzrneTV1kCltt7V+Vw62SC1j7V0r
D3NL/7EfMmSt2PCN0OhX3KLzTC0rCptE5E5SwzWSC86eGhIA3qKq++4wxVx5/JFL
jzP+whFPM1gp/6K2wYUmFX6ODcZl5tIFBCTlVkrRY2D7eitaUAlfldSS5Cr/yi5M
w1H80AG6l3OZ+a24BfVFbFXgf0nOGqICXoPed9eIrOEvPzVc6Zs3r2oF8RJ8bnZI
RttWHgImk/lN0OcfEPhPVQUoxcZpZT94K98pS9x6fAuGL1fAS/jt3OScGoSCF2y9
Yu88X6cW3fbCSRUItyd4YuvKKCaxlFBp8Hp+s+xbf5h87LM9QzcDcjpUEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEyN4ObGqdfKjk66OY+J2KWua1/1MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvVEkzZzVzYXAxOHFPVHJvNWo0bllwYTVyWF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLpb4AwQA
W8MVMA0GCSqGSIb3DQEBCwUAA4IBAQBx6dIV1QDI0qNX9O0toO/hjb4tOB4zfwpS
BTNXEiEcYiym9dKCyCxBPnzIyKP7XFzQxgHMZhAKKQEsVS339n933IHThV8ye/p3
NeLbong3JwUd37BZUKyTGz7S1lu32R0cEQt8QmTiu8X0sNCRIY8/wrXTsMQfIErK
M1KEpyNEp/ksag2a3+d4LpNwigXaGlpdhyPjSC1EW6t7Mg19PAjPv8TYMY0jgvjo
YvfptfCMlxNIBNYAHPz+X23/U/RGPciUCBsd9jHv2L8+zaroGkplRiRwncnbsSmg
tgKsQ7tSZqmGgNUweD2WmOWuemsu6nhL5kSbcFrWEB7wQ4T2ttIY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org