Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/enN6UWoQ0ex4c145pXw-GzmIJD8.roa
File: enN6UWoQ0ex4c145pXw-GzmIJD8.roa (raw, json)
Hash identifier: BwEhxfKb7nzqYpLR3dgxXDd+K/hhOiQXO/LL9BMaqqQ=
Subject key identifier: 7A:73:7A:51:6A:10:D1:EC:78:73:5E:39:A5:7C:3E:1B:39:88:24:3F
Certificate issuer: /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial: 018AD082F3560FAFEC3FB1CB36C7A0B8E736
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/enN6UWoQ0ex4c145pXw-GzmIJD8.roa
Signing time: Tue 26 Sep 2023 08:02:37 +0000
ROA not before: Tue 26 Sep 2023 08:02:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43581
IP address blocks: 46.253.143.0/24 maxlen: 24
91.211.115.0/24 maxlen: 24
193.17.92.0/24 maxlen: 24
2a13:a500::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:82:f3:56:0f:af:ec:3f:b1:cb:36:c7:a0:b8:e7:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Validity
Not Before: Sep 26 08:02:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a737a516a10d1ec78735e39a57c3e1b3988243f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:50:4c:99:8f:f0:c7:f7:0f:f0:fc:ba:f7:88:
ac:01:9c:5f:ee:c7:a0:cd:6f:67:a5:ae:12:bf:2b:
26:92:37:c9:7c:da:62:c7:ef:0b:94:ff:ef:b6:11:
a4:98:dd:3c:4b:b2:7a:6c:cc:d8:8d:de:16:12:dc:
3c:69:da:33:62:f8:ed:75:92:e3:c1:d2:14:99:08:
ff:3e:f0:51:cb:d4:69:fa:08:8b:49:5a:77:4f:64:
ff:20:7c:30:e3:21:24:a7:79:fe:76:fe:6e:e0:09:
ef:c5:c9:b7:36:48:b5:8e:c8:cd:62:4f:61:b9:8d:
05:3f:64:48:08:45:30:10:c6:d7:87:04:6a:91:0b:
27:9f:fd:60:c4:1e:f3:fb:d7:75:48:48:5a:09:9b:
25:51:27:c0:a1:42:f8:e0:e5:0f:6e:60:97:b3:27:
e7:0e:a8:6e:8f:8a:7e:1a:97:3a:e7:05:70:8e:54:
1d:05:37:0c:11:ac:03:3b:3e:4c:86:70:2f:a8:6e:
7b:09:d1:a7:91:5e:62:d2:a4:62:37:5c:54:12:b4:
97:be:7c:ec:b3:46:b2:13:3b:5b:4e:3c:c9:aa:1e:
13:cc:c0:3b:1f:76:4b:cc:31:a0:f8:c6:bd:a4:c1:
55:e5:4e:fd:25:f1:60:6d:ab:49:ae:93:8e:cf:51:
a5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:73:7A:51:6A:10:D1:EC:78:73:5E:39:A5:7C:3E:1B:39:88:24:3F
X509v3 Authority Key Identifier:
keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/enN6UWoQ0ex4c145pXw-GzmIJD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.143.0/24
91.211.115.0/24
193.17.92.0/24
IPv6:
2a13:a500::/32
Signature Algorithm: sha256WithRSAEncryption
55:ef:f3:c2:d5:42:f3:de:25:45:a0:d8:95:0f:0e:63:c1:ea:
16:a8:88:9a:fd:9e:46:a0:e6:26:ca:2c:1e:86:3e:b1:1a:19:
f3:75:f0:dc:d6:db:02:f0:3f:fc:59:bf:9b:42:e1:7c:a0:05:
c1:ec:eb:8e:77:f1:43:af:95:6e:a2:cb:7a:34:96:50:8b:4b:
76:78:8b:f2:2d:55:82:47:bb:38:31:80:c0:a9:b1:5b:8c:3c:
17:65:a5:c8:08:b4:19:1e:28:4e:43:48:f3:e8:fc:b0:5b:bc:
b0:67:42:39:c9:b8:98:90:af:a2:b9:c4:ed:b1:ca:78:38:52:
b6:16:17:09:09:e9:5a:d8:83:61:6e:3c:5c:28:30:53:99:8f:
a9:2d:ef:6a:1b:a3:0c:0b:17:dc:61:10:d3:92:5b:dc:f2:26:
73:9c:93:1d:14:9a:18:13:19:2f:ea:c3:cb:58:09:58:e5:16:
b4:fe:3a:0a:e5:60:85:97:ad:e8:4f:9f:ed:50:a8:e9:af:53:
24:68:67:b0:40:02:ce:d7:92:25:79:de:63:ed:6b:6a:6f:a6:
98:5c:59:04:c3:89:ce:5f:15:34:65:77:f7:f4:8d:2d:70:5e:
ab:e3:30:cf:74:72:7c:be:7e:c6:de:fc:91:32:06:20:b8:6e:
fb:75:7a:8b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYrQgvNWD6/sP7HLNseguOc2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjMwOTI2MDgwMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTczN2E1MTZhMTBkMWVjNzg3MzVlMzlhNTdjM2UxYjM5ODgyNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFBMmY/wx/cP8Py694isAZxf7seg
zW9npa4SvysmkjfJfNpix+8LlP/vthGkmN08S7J6bMzYjd4WEtw8adozYvjtdZLj
wdIUmQj/PvBRy9Rp+giLSVp3T2T/IHww4yEkp3n+dv5u4Anvxcm3Nki1jsjNYk9h
uY0FP2RICEUwEMbXhwRqkQsnn/1gxB7z+9d1SEhaCZslUSfAoUL44OUPbmCXsyfn
Dqhuj4p+Gpc65wVwjlQdBTcMEawDOz5MhnAvqG57CdGnkV5i0qRiN1xUErSXvnzs
s0ayEztbTjzJqh4TzMA7H3ZLzDGg+Ma9pMFV5U79JfFgbatJrpOOz1GlEwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHpzelFqENHseHNeOaV8Phs5iCQ/MB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvZW5ONlVXb1EwZXg0YzE0NXBYdy1Hem1JSkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALv2PAwQA
W9NzAwQAwRFcMA0EAgACMAcDBQAqE6UAMA0GCSqGSIb3DQEBCwUAA4IBAQBV7/PC
1ULz3iVFoNiVDw5jweoWqIia/Z5GoOYmyiwehj6xGhnzdfDc1tsC8D/8Wb+bQuF8
oAXB7OuOd/FDr5Vuost6NJZQi0t2eIvyLVWCR7s4MYDAqbFbjDwXZaXICLQZHihO
Q0jz6PywW7ywZ0I5ybiYkK+iucTtscp4OFK2FhcJCela2INhbjxcKDBTmY+pLe9q
G6MMCxfcYRDTklvc8iZznJMdFJoYExkv6sPLWAlY5Ra0/joK5WCFl63oT5/tUKjp
r1MkaGewQALO15Iled5j7Wtqb6aYXFkEw4nOXxU0ZXf39I0tcF6r4zDPdHJ8vn7G
3vyRMgYguG77dXqL
-----END CERTIFICATE-----
Generated at Thu Nov 16 12:30:38 2023 by rpki-client on console-ams.rpki-client.org