Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1yjiUQwJHt_xToCsrHghBEMS07s.roa
File: 1yjiUQwJHt_xToCsrHghBEMS07s.roa (raw, json)
Hash identifier: rLrFU1AXMBpwuf2TELufa6B51DkRsGgaFc0ZetqczvI=
Subject key identifier: D7:28:E2:51:0C:09:1E:DF:F1:4E:80:AC:AC:78:21:04:43:12:D3:BB
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018D78E032FD6797E71F2BF210548B02696E
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1yjiUQwJHt_xToCsrHghBEMS07s.roa
Signing time: Mon 05 Feb 2024 10:46:15 +0000
ROA not before: Mon 05 Feb 2024 10:46:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52468
IP address blocks: 46.29.28.0/24 maxlen: 24
94.125.137.0/24 maxlen: 24
201.77.53.0/24 maxlen: 24
201.77.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 12:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:e0:32:fd:67:97:e7:1f:2b:f2:10:54:8b:02:69:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Feb 5 10:46:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d728e2510c091edff14e80acac7821044312d3bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:28:20:3c:6f:d9:3d:59:46:8d:6a:a8:b8:87:
5a:6e:bc:d6:da:5c:36:17:81:fd:fb:98:91:e9:5c:
3f:31:f9:ad:9c:58:3e:17:95:90:75:15:3c:57:4e:
ca:df:8d:22:a0:c9:d9:c7:ec:f6:2e:11:49:af:14:
18:e3:88:85:f5:af:b9:79:02:30:c0:45:71:85:16:
fd:a5:04:79:68:cd:19:f7:d7:97:09:61:81:6b:6a:
5e:a4:30:c6:33:8e:f9:03:1d:64:fd:8a:5e:65:ed:
ee:50:9d:12:f7:f2:ae:dd:21:05:52:72:ce:07:6c:
ab:eb:ec:b7:28:f7:66:1b:49:77:ff:ff:99:95:f0:
30:f3:70:57:2e:c2:8e:d9:35:19:b7:9c:fb:42:ae:
a5:33:32:5e:61:c3:1a:4b:89:50:61:52:e8:11:04:
5a:b9:2c:b3:df:c2:3f:c1:f0:91:d1:37:58:13:9d:
fc:05:02:ad:9d:b0:ac:8c:57:ea:3b:07:72:f5:45:
4d:8d:74:fb:8b:ed:b9:84:31:e0:2f:65:4f:8d:53:
4b:1f:0d:33:44:3b:cc:1e:5c:ee:bc:61:cf:84:b5:
5f:43:3f:54:64:d7:44:14:5b:0d:81:a9:c5:02:e7:
da:79:58:1f:56:58:80:a0:03:14:a4:57:00:54:3b:
96:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:28:E2:51:0C:09:1E:DF:F1:4E:80:AC:AC:78:21:04:43:12:D3:BB
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1yjiUQwJHt_xToCsrHghBEMS07s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.28.0/24
94.125.137.0/24
201.77.53.0/24
201.77.55.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:9e:65:76:0c:10:20:e1:a8:fb:8f:68:56:8e:f1:05:98:01:
ea:2b:07:30:f3:ad:0d:69:53:82:dc:5b:0e:e1:55:0a:d8:5d:
d5:4e:b8:79:06:02:13:c5:17:98:85:a6:a3:74:2f:0b:d3:cc:
68:c0:83:c4:61:88:72:bc:8c:e9:cb:f1:50:17:1a:d2:d4:ce:
ff:ad:25:4f:c7:56:21:fc:89:3f:c3:7b:bb:3e:a7:65:d7:86:
6c:e9:f7:bd:3c:91:db:d8:67:b1:0b:89:8c:31:d2:90:d3:8a:
cd:05:a7:05:a2:33:7b:d0:c8:5a:bc:08:d7:f0:29:8a:8b:a3:
99:75:33:9b:0a:ab:e9:19:f7:9b:d6:9f:09:85:57:08:8a:f5:
8a:44:ba:67:0f:83:68:86:0b:8d:00:a8:3d:36:3c:fd:97:76:
b8:9c:ff:5b:65:f7:2e:a9:e3:11:4f:51:c8:6a:83:07:82:cb:
fb:48:4d:57:b4:ee:a4:33:e5:ee:af:bf:33:23:47:a1:ec:53:
53:7b:fc:70:47:39:c2:a8:dd:30:75:f5:77:3f:08:7b:99:59:
c8:58:e5:cf:a8:f7:b9:1e:c8:03:fc:4d:d9:f5:c3:d9:75:9f:
00:72:41:53:50:ab:4b:ff:c0:d9:da:fe:30:53:5f:22:bd:4f:
6f:b7:d3:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY144DL9Z5fnHyvyEFSLAmluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMjA1MTA0NjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzI4ZTI1MTBjMDkxZWRmZjE0ZTgwYWNhYzc4MjEwNDQzMTJkM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyggPG/ZPVlGjWqouIdabrzW2lw2
F4H9+5iR6Vw/MfmtnFg+F5WQdRU8V07K340ioMnZx+z2LhFJrxQY44iF9a+5eQIw
wEVxhRb9pQR5aM0Z99eXCWGBa2pepDDGM475Ax1k/YpeZe3uUJ0S9/Ku3SEFUnLO
B2yr6+y3KPdmG0l3//+ZlfAw83BXLsKO2TUZt5z7Qq6lMzJeYcMaS4lQYVLoEQRa
uSyz38I/wfCR0TdYE538BQKtnbCsjFfqOwdy9UVNjXT7i+25hDHgL2VPjVNLHw0z
RDvMHlzuvGHPhLVfQz9UZNdEFFsNganFAufaeVgfVliAoAMUpFcAVDuWJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNco4lEMCR7f8U6ArKx4IQRDEtO7MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMXlqaVVRd0pIdF94VG9Dc3JIZ2hCRU1TMDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALh0cAwQA
Xn2JAwQAyU01AwQAyU03MA0GCSqGSIb3DQEBCwUAA4IBAQCLnmV2DBAg4aj7j2hW
jvEFmAHqKwcw860NaVOC3FsO4VUK2F3VTrh5BgITxReYhaajdC8L08xowIPEYYhy
vIzpy/FQFxrS1M7/rSVPx1Yh/Ik/w3u7Pqdl14Zs6fe9PJHb2GexC4mMMdKQ04rN
BacFojN70MhavAjX8CmKi6OZdTObCqvpGfeb1p8JhVcIivWKRLpnD4NohguNAKg9
Njz9l3a4nP9bZfcuqeMRT1HIaoMHgsv7SE1XtO6kM+Xur78zI0eh7FNTe/xwRznC
qN0wdfV3Pwh7mVnIWOXPqPe5HsgD/E3Z9cPZdZ8AckFTUKtL/8DZ2v4wU18ivU9v
t9No
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:34 2024 by rpki-client on console-ams.rpki-client.org