Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/aPmqKFgHxOh9K94qamL-4eoFu78.roa
File: aPmqKFgHxOh9K94qamL-4eoFu78.roa (raw, json)
Hash identifier: 8OmHXQ0bRYjG6HvOOvp7VDqIfWJ/DlyZHOUPNODx63Q=
Subject key identifier: 68:F9:AA:28:58:07:C4:E8:7D:2B:DE:2A:6A:62:FE:E1:EA:05:BB:BF
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 018CC3490D0CDEE7B3A14216C74035E16CFF
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/aPmqKFgHxOh9K94qamL-4eoFu78.roa
Signing time: Mon 01 Jan 2024 04:29:53 +0000
ROA not before: Mon 01 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197033
IP address blocks: 46.18.224.0/21 maxlen: 21
185.33.88.0/22 maxlen: 22
91.216.43.0/24 maxlen: 24
185.24.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 26 Mar 2024 13:53:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0d:0c:de:e7:b3:a1:42:16:c7:40:35:e1:6c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jan 1 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68f9aa285807c4e87d2bde2a6a62fee1ea05bbbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:20:75:82:e1:47:73:a3:10:37:b2:e9:71:0d:
e8:61:17:31:09:b0:2d:47:69:52:37:ba:4b:19:95:
1a:fe:5d:44:b2:a6:39:6f:71:71:d4:d5:0b:20:66:
59:d6:77:10:65:c8:b1:2f:e2:5a:91:75:70:57:7c:
2f:1c:f5:bc:e6:0e:30:fd:1b:40:c2:39:e8:d0:ea:
c2:24:10:2f:f2:79:37:89:c8:99:bd:fb:82:61:8a:
31:ae:6e:ef:e8:0f:3b:6e:de:0b:6f:03:3f:a8:3b:
9e:ee:fa:8a:4d:2e:32:6a:eb:06:90:c2:33:3f:43:
9b:0d:06:f6:6c:cd:78:38:5e:1e:e0:c2:ff:5a:d7:
37:37:04:c7:f5:aa:aa:36:1e:5b:c0:65:56:54:26:
e9:22:a7:46:b5:67:ae:e1:51:46:42:ac:33:01:18:
d6:f9:77:e2:44:64:66:dc:13:60:09:a4:f4:19:53:
c0:e3:e4:c9:2a:e7:8e:6e:df:70:84:c3:54:4b:95:
1f:07:cc:9e:c8:94:59:c1:ee:2c:3a:5b:49:21:d5:
70:80:e8:ef:86:4d:bb:e6:5e:62:fc:6b:41:c3:c0:
c7:53:b0:56:63:a5:1d:5e:70:e9:60:1b:89:de:32:
90:25:65:1b:aa:0c:69:22:85:17:84:ad:ba:6e:26:
c0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F9:AA:28:58:07:C4:E8:7D:2B:DE:2A:6A:62:FE:E1:EA:05:BB:BF
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/aPmqKFgHxOh9K94qamL-4eoFu78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.224.0/21
91.216.43.0/24
185.24.152.0/22
185.33.88.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:22:9e:f3:90:34:ed:fd:51:72:3c:18:35:2e:fa:90:c3:51:
5a:e1:1a:25:3f:b4:16:64:24:04:4a:7b:61:22:09:85:24:8b:
41:96:c4:bc:e0:6b:c6:be:32:28:23:14:e5:55:ef:03:a8:d4:
af:e3:d1:06:b5:2e:3a:23:1b:49:6b:3f:bb:81:2c:01:7f:1f:
9e:89:47:2f:96:6e:8c:aa:55:4c:c9:47:20:99:ca:57:65:5b:
39:cc:f1:13:cb:cd:6d:79:2b:18:fc:7b:ec:5f:c9:47:9b:14:
55:e0:23:da:1e:34:21:f4:13:a0:dc:0e:7a:dd:32:30:e8:e4:
55:18:a7:ad:e0:65:d6:6e:7a:55:f4:69:79:53:e8:7a:c1:b6:
18:e1:18:3a:7b:8e:c9:00:03:2a:49:a4:4c:a5:55:73:d6:b7:
19:4b:16:08:78:c3:e5:55:2a:1e:91:9a:94:a4:24:2c:21:54:
26:e2:91:00:3a:2c:a8:0c:d7:9f:62:cf:15:72:15:36:84:2d:
f3:b8:8e:c3:bb:54:eb:27:2a:df:84:17:b6:e7:6a:69:6c:d1:
d4:ee:e2:de:6b:2f:a4:97:b4:12:75:02:5c:7f:66:e0:d5:72:
b7:37:50:4a:fb:e1:8a:c6:4f:54:ea:86:bd:32:a9:70:8f:0d:
f2:df:60:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSQ0M3uezoUIWx0A14Wz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2
ZjcxNWEwHhcNMjQwMTAxMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGY5YWEyODU4MDdjNGU4N2QyYmRlMmE2YTYyZmVlMWVhMDViYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyB1guFHc6MQN7LpcQ3oYRcxCbAt
R2lSN7pLGZUa/l1EsqY5b3Fx1NULIGZZ1ncQZcixL+JakXVwV3wvHPW85g4w/RtA
wjno0OrCJBAv8nk3iciZvfuCYYoxrm7v6A87bt4LbwM/qDue7vqKTS4yausGkMIz
P0ObDQb2bM14OF4e4ML/Wtc3NwTH9aqqNh5bwGVWVCbpIqdGtWeu4VFGQqwzARjW
+XfiRGRm3BNgCaT0GVPA4+TJKueObt9whMNUS5UfB8yeyJRZwe4sOltJIdVwgOjv
hk275l5i/GtBw8DHU7BWY6UdXnDpYBuJ3jKQJWUbqgxpIoUXhK26bibADQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGj5qihYB8TofSveKmpi/uHqBbu/MB8GA1UdIwQY
MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt
NmMzMDVhNmRiYWI5LzEvYVBtcUtGZ0h4T2g5Szk0cWFtTC00ZW9GdTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5
LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLhLgAwQA
W9grAwQCuRiYAwQCuSFYMA0GCSqGSIb3DQEBCwUAA4IBAQAtIp7zkDTt/VFyPBg1
LvqQw1Fa4RolP7QWZCQESnthIgmFJItBlsS84GvGvjIoIxTlVe8DqNSv49EGtS46
IxtJaz+7gSwBfx+eiUcvlm6MqlVMyUcgmcpXZVs5zPETy81teSsY/HvsX8lHmxRV
4CPaHjQh9BOg3A563TIw6ORVGKet4GXWbnpV9Gl5U+h6wbYY4Rg6e47JAAMqSaRM
pVVz1rcZSxYIeMPlVSoekZqUpCQsIVQm4pEAOiyoDNefYs8VchU2hC3zuI7Du1Tr
JyrfhBe252ppbNHU7uLeay+kl7QSdQJcf2bg1XK3N1BK++GKxk9U6oa9Mqlwjw3y
32Dy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:18 2024 by rpki-client on console-ams.rpki-client.org