Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/ADl6Fx_JsRFFKf5ehtzXAQXcbwk.roa
File: ADl6Fx_JsRFFKf5ehtzXAQXcbwk.roa (raw, json)
Hash identifier: SWzUSfk91GcXcxM/bygc7KVMXlJ6j6YiSuxt16tFFZo=
Subject key identifier: 00:39:7A:17:1F:C9:B1:11:45:29:FE:5E:86:DC:D7:01:05:DC:6F:09
Certificate issuer: /CN=816684a2958e0190f270a80a98789319e1cee4d8
Certificate serial: 018BAEF424382EF749E4014F5DCA89FAB268
Authority key identifier: 81:66:84:A2:95:8E:01:90:F2:70:A8:0A:98:78:93:19:E1:CE:E4:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gWaEopWOAZDycKgKmHiTGeHO5Ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/ADl6Fx_JsRFFKf5ehtzXAQXcbwk.roa
Signing time: Wed 08 Nov 2023 12:41:57 +0000
ROA not before: Wed 08 Nov 2023 12:41:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207658
IP address blocks: 46.17.76.0/23 maxlen: 23
46.17.76.0/24 maxlen: 24
46.17.72.0/24 maxlen: 24
46.17.72.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:f4:24:38:2e:f7:49:e4:01:4f:5d:ca:89:fa:b2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=816684a2958e0190f270a80a98789319e1cee4d8
Validity
Not Before: Nov 8 12:41:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00397a171fc9b1114529fe5e86dcd70105dc6f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7d:40:27:a7:0c:7d:48:7e:8c:53:60:03:96:
67:85:6e:ed:c4:72:8f:cc:25:99:17:6a:63:91:fc:
8e:06:71:1b:33:f3:b4:20:bc:81:46:7e:98:72:e9:
6f:62:c0:80:15:7c:eb:e3:f6:6b:ec:17:90:d1:60:
f5:e2:18:c8:37:3a:1f:e9:1e:80:90:86:ab:91:57:
2e:88:28:ca:2c:46:29:ee:83:a7:41:c9:0e:21:b5:
8e:3c:ff:ca:f2:8f:d2:e1:43:92:4d:7d:c9:7a:1f:
f5:d9:b4:78:fe:cd:21:98:d6:04:85:2d:e8:47:16:
5e:e5:04:08:ae:10:5e:92:14:15:c6:43:a7:20:9a:
7d:da:79:47:6a:66:18:e8:a8:a6:91:6e:70:f3:b7:
14:d2:f9:c2:0f:9a:e8:db:8a:64:c6:50:49:db:80:
11:58:f4:3a:18:00:12:ba:52:15:36:78:a0:24:58:
00:ec:f7:2a:ec:04:c8:8c:f9:45:01:b3:25:d8:19:
3d:aa:c0:f0:94:6e:48:c3:70:f9:12:48:5c:01:59:
ec:c8:13:ce:aa:82:06:b5:0f:9f:ee:8f:00:c3:f8:
19:f1:ce:70:44:a8:39:03:56:65:bb:b4:34:92:c2:
61:1b:63:fd:5a:35:3e:5f:15:e5:fc:ca:37:9d:35:
47:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:39:7A:17:1F:C9:B1:11:45:29:FE:5E:86:DC:D7:01:05:DC:6F:09
X509v3 Authority Key Identifier:
keyid:81:66:84:A2:95:8E:01:90:F2:70:A8:0A:98:78:93:19:E1:CE:E4:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gWaEopWOAZDycKgKmHiTGeHO5Ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/ADl6Fx_JsRFFKf5ehtzXAQXcbwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1349ca-8c3c-4131-9f55-d59030661949/1/gWaEopWOAZDycKgKmHiTGeHO5Ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.72.0/23
46.17.76.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:b3:85:3a:b7:d0:60:ed:51:7c:29:49:ef:72:b4:87:f1:49:
3a:8d:7e:48:c2:85:f4:0a:bf:f1:76:80:52:8a:3d:c0:3e:49:
a6:c9:da:69:82:09:ac:ed:22:f9:35:c2:06:98:0b:11:9a:7f:
90:92:0e:bb:ba:66:40:89:99:98:f9:2b:aa:d5:85:79:0e:f7:
4a:0c:8a:e4:ad:e7:02:c2:1b:24:ee:e1:41:fc:25:14:17:31:
9b:05:1e:ce:cf:87:99:9f:6b:79:d0:53:eb:f9:d1:df:dc:8d:
41:20:42:2b:15:9f:90:54:76:2f:00:dc:4d:dd:1d:5a:be:fe:
e8:68:e3:f3:68:96:41:b3:df:b1:60:19:c2:17:a2:c3:6f:1b:
67:4c:28:9b:09:a4:af:75:e6:ea:eb:ff:7f:38:00:aa:74:10:
9d:fc:98:fa:5a:96:06:94:5f:36:69:51:c7:b0:f5:97:4d:2a:
41:70:98:3c:c9:af:c3:1b:de:87:49:fe:3d:e4:2a:54:af:af:
77:15:62:52:ef:f6:63:4b:af:af:97:77:45:e2:a8:dd:2e:2b:
9c:bc:56:83:b4:57:74:03:b8:ed:48:31:79:9b:04:da:01:e6:
7f:88:39:fa:12:49:da:be:ec:0a:96:94:a5:b5:5b:06:e2:79:
ce:c0:e5:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuu9CQ4LvdJ5AFPXcqJ+rJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNjY4NGEyOTU4ZTAxOTBmMjcwYTgwYTk4Nzg5MzE5ZTFj
ZWU0ZDgwHhcNMjMxMTA4MTI0MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDM5N2ExNzFmYzliMTExNDUyOWZlNWU4NmRjZDcwMTA1ZGM2ZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlX1AJ6cMfUh+jFNgA5ZnhW7txHKP
zCWZF2pjkfyOBnEbM/O0ILyBRn6YculvYsCAFXzr4/Zr7BeQ0WD14hjINzof6R6A
kIarkVcuiCjKLEYp7oOnQckOIbWOPP/K8o/S4UOSTX3Jeh/12bR4/s0hmNYEhS3o
RxZe5QQIrhBekhQVxkOnIJp92nlHamYY6KimkW5w87cU0vnCD5ro24pkxlBJ24AR
WPQ6GAASulIVNnigJFgA7Pcq7ATIjPlFAbMl2Bk9qsDwlG5Iw3D5EkhcAVnsyBPO
qoIGtQ+f7o8Aw/gZ8c5wRKg5A1Zlu7Q0ksJhG2P9WjU+XxXl/Mo3nTVHnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAA5ehcfybERRSn+Xobc1wEF3G8JMB8GA1UdIwQY
MBaAFIFmhKKVjgGQ8nCoCph4kxnhzuTYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1dhRW9wV09BWkR5Y0tnS21IaVRHZUhPNU5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xMzQ5Y2EtOGMzYy00MTMxLTlmNTUt
ZDU5MDMwNjYxOTQ5LzEvQURsNkZ4X0pzUkZGS2Y1ZWh0elhBUVhjYndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xMzQ5Y2EtOGMzYy00MTMxLTlmNTUtZDU5MDMwNjYxOTQ5
LzEvZ1dhRW9wV09BWkR5Y0tnS21IaVRHZUhPNU5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhFIAwQB
LhFMMA0GCSqGSIb3DQEBCwUAA4IBAQAbs4U6t9Bg7VF8KUnvcrSH8Uk6jX5IwoX0
Cr/xdoBSij3APkmmydppggms7SL5NcIGmAsRmn+Qkg67umZAiZmY+Suq1YV5DvdK
DIrkrecCwhsk7uFB/CUUFzGbBR7Oz4eZn2t50FPr+dHf3I1BIEIrFZ+QVHYvANxN
3R1avv7oaOPzaJZBs9+xYBnCF6LDbxtnTCibCaSvdebq6/9/OACqdBCd/Jj6WpYG
lF82aVHHsPWXTSpBcJg8ya/DG96HSf495CpUr693FWJS7/ZjS6+vl3dF4qjdLiuc
vFaDtFd0A7jtSDF5mwTaAeZ/iDn6EknavuwKlpSltVsG4nnOwOWX
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:16 2024 by rpki-client on console-fra.rpki-client.org