Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/0CgPgUZlepuqNrQBFHp6etzQJyc.roa
File: 0CgPgUZlepuqNrQBFHp6etzQJyc.roa (raw, json)
Hash identifier: nkU2+UbMPerlgBSAzhDirNAU1k9voVDwRi8v/ClfRcQ=
Subject key identifier: D0:28:0F:81:46:65:7A:9B:AA:36:B4:01:14:7A:7A:7A:DC:D0:27:27
Certificate issuer: /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial: 018CC86EFE4D5258BF3911F1512A33F736E6
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/0CgPgUZlepuqNrQBFHp6etzQJyc.roa
Signing time: Tue 02 Jan 2024 04:29:26 +0000
ROA not before: Tue 02 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43581
IP address blocks: 46.253.143.0/24 maxlen: 24
91.211.115.0/24 maxlen: 24
193.17.92.0/24 maxlen: 24
2a13:a502::/32 maxlen: 32
2a13:a500::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Apr 2024 09:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:fe:4d:52:58:bf:39:11:f1:51:2a:33:f7:36:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Validity
Not Before: Jan 2 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0280f8146657a9baa36b401147a7a7adcd02727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d2:51:0d:7c:75:9c:ad:2d:be:57:33:d5:24:
ad:44:bd:fe:7f:51:b5:bb:25:7e:84:7e:89:6f:14:
74:cb:00:b9:f5:83:0a:62:6f:b6:1b:4c:47:95:9f:
fa:46:18:32:05:15:6c:8c:b7:8b:41:7f:29:87:aa:
f8:c4:f0:f2:e1:f0:3f:20:2b:7b:25:24:40:bd:e9:
86:55:95:da:b3:77:d1:26:ef:53:a4:9e:a0:21:84:
0a:c2:ca:5c:2c:db:a2:a7:6f:14:80:ac:f0:ad:8b:
02:b9:fb:e3:7a:69:09:dc:cc:9d:5d:6b:58:a4:1a:
06:09:8a:c1:23:0d:9d:88:f8:fd:b1:79:d0:a4:0b:
47:3a:d9:76:f4:5c:9e:ec:37:59:03:30:bc:2b:25:
6b:bb:d2:a2:40:75:2a:22:ea:17:15:0f:42:df:8f:
78:fb:63:3a:ce:8a:2f:28:1f:fa:77:4e:2c:1a:44:
c9:a9:04:06:bf:c6:92:38:4c:8a:f1:fb:1b:fe:55:
33:2d:26:f2:1f:dc:01:ac:1d:9f:7b:85:4e:c7:3d:
b1:41:e2:4c:0d:76:d4:a4:0b:0b:9e:72:1d:89:6b:
18:49:b7:12:9d:a8:95:a5:1b:74:b9:d0:fc:fa:b6:
ed:a2:75:4d:3b:b8:19:9a:6c:5e:c7:84:86:42:ad:
2e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:28:0F:81:46:65:7A:9B:AA:36:B4:01:14:7A:7A:7A:DC:D0:27:27
X509v3 Authority Key Identifier:
keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/0CgPgUZlepuqNrQBFHp6etzQJyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.143.0/24
91.211.115.0/24
193.17.92.0/24
IPv6:
2a13:a500::/32
2a13:a502::/32
Signature Algorithm: sha256WithRSAEncryption
43:32:2e:25:50:c0:a3:86:cb:3d:74:8d:d4:2b:cf:c6:46:71:
dc:07:aa:50:2f:e9:6e:e5:81:31:32:f7:c4:01:19:4f:63:92:
99:29:56:fa:95:da:54:29:54:a0:4c:a3:b1:6d:8d:f9:e1:b2:
7c:d7:c4:e2:d1:fa:a2:d0:08:fc:9c:87:02:b2:c0:65:55:08:
d5:13:84:56:68:8d:5a:af:98:37:2b:64:ec:d3:f0:ca:b3:b7:
a7:a9:24:f4:f5:86:c7:fb:da:3b:ca:cd:6c:b1:6e:02:ba:9b:
e7:56:2c:a0:36:be:c8:59:7e:3e:fb:9f:ff:86:17:8d:54:ef:
63:dc:39:2f:a8:61:3c:1e:8d:15:84:20:76:fc:ce:1f:a7:b9:
61:d6:50:66:af:16:05:87:32:cb:1a:39:2d:ba:66:59:e0:0c:
55:1b:67:8f:b0:42:30:4c:88:8b:d6:ec:60:16:c7:e1:0f:55:
4b:f8:46:6c:66:dc:72:72:bc:b6:63:d8:77:f9:ed:19:b9:e6:
38:be:5a:66:70:02:65:89:66:c2:6e:87:63:f2:76:a4:68:a5:
36:98:ac:80:e9:88:91:ac:33:a6:f3:f6:f1:b6:19:00:0f:5f:
49:c1:d1:56:6e:fd:d4:b9:35:93:97:58:cb:3f:b1:45:0e:51:
45:05:76:ce
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzIbv5NUli/ORHxUSoz9zbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjQwMTAyMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDI4MGY4MTQ2NjU3YTliYWEzNmI0MDExNDdhN2E3YWRjZDAyNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdJRDXx1nK0tvlcz1SStRL3+f1G1
uyV+hH6JbxR0ywC59YMKYm+2G0xHlZ/6RhgyBRVsjLeLQX8ph6r4xPDy4fA/ICt7
JSRAvemGVZXas3fRJu9TpJ6gIYQKwspcLNuip28UgKzwrYsCufvjemkJ3MydXWtY
pBoGCYrBIw2diPj9sXnQpAtHOtl29Fye7DdZAzC8KyVru9KiQHUqIuoXFQ9C3494
+2M6zoovKB/6d04sGkTJqQQGv8aSOEyK8fsb/lUzLSbyH9wBrB2fe4VOxz2xQeJM
DXbUpAsLnnIdiWsYSbcSnaiVpRt0udD8+rbtonVNO7gZmmxex4SGQq0u4wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNAoD4FGZXqbqja0ARR6enrc0CcnMB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvMENnUGdVWmxlcHVxTnJRQkZIcDZldHpRSnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALv2PAwQA
W9NzAwQAwRFcMBQEAgACMA4DBQAqE6UAAwUAKhOlAjANBgkqhkiG9w0BAQsFAAOC
AQEAQzIuJVDAo4bLPXSN1CvPxkZx3AeqUC/pbuWBMTL3xAEZT2OSmSlW+pXaVClU
oEyjsW2N+eGyfNfE4tH6otAI/JyHArLAZVUI1ROEVmiNWq+YNytk7NPwyrO3p6kk
9PWGx/vaO8rNbLFuArqb51YsoDa+yFl+Pvuf/4YXjVTvY9w5L6hhPB6NFYQgdvzO
H6e5YdZQZq8WBYcyyxo5LbpmWeAMVRtnj7BCMEyIi9bsYBbH4Q9VS/hGbGbccnK8
tmPYd/ntGbnmOL5aZnACZYlmwm6HY/J2pGilNpisgOmIkawzpvP28bYZAA9fScHR
Vm791Lk1k5dYyz+xRQ5RRQV2zg==
-----END CERTIFICATE-----
Generated at Thu Apr 18 11:24:57 2024 by rpki-client on console-fra.rpki-client.org