Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/IwBtahABZgaXuQgIy7PHEw5DOUE.roa
File: IwBtahABZgaXuQgIy7PHEw5DOUE.roa (raw, json)
Hash identifier: Cy3FsxZHiF54x0el487KERHkM5IZ35Xs1g64PI+TQLk=
Subject key identifier: 23:00:6D:6A:10:01:66:06:97:B9:08:08:CB:B3:C7:13:0E:43:39:41
Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875
Certificate serial: 018BAACD866A785956583E6FFD71066C8A4F
Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/IwBtahABZgaXuQgIy7PHEw5DOUE.roa
Signing time: Tue 07 Nov 2023 17:21:17 +0000
ROA not before: Tue 07 Nov 2023 17:21:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203536
IP address blocks: 46.167.8.0/21 maxlen: 21
194.59.14.0/23 maxlen: 23
194.59.14.0/24 maxlen: 24
92.118.120.0/22 maxlen: 22
194.59.32.0/23 maxlen: 23
2a0f:bc0::/29 maxlen: 29
2a09:a640::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:cd:86:6a:78:59:56:58:3e:6f:fd:71:06:6c:8a:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875
Validity
Not Before: Nov 7 17:21:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23006d6a1001660697b90808cbb3c7130e433941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ac:1c:d2:2a:bf:00:17:54:3b:ff:eb:41:76:
9a:c9:6a:ae:a6:fc:cf:43:01:91:f2:5c:26:38:f4:
b5:c5:0a:d1:3c:f3:fa:75:c8:c4:c4:46:fc:c8:c3:
98:f6:ba:92:4d:b2:4b:2e:ae:b6:89:4c:83:eb:c4:
d6:ec:c9:9f:fa:82:06:6b:48:29:a9:7c:20:12:30:
0a:99:3e:de:98:90:ce:d7:96:18:96:ad:8f:a8:a9:
eb:88:74:aa:a8:4a:93:97:83:84:98:5e:cf:e9:44:
bf:a2:2e:9b:40:5a:d8:fc:c5:aa:46:82:81:e5:ba:
80:31:55:5e:9d:24:2f:37:c2:b4:06:58:c7:ce:e6:
30:f6:18:7b:f3:cc:ca:c3:c0:83:1c:07:53:db:ce:
51:21:8f:1a:7e:68:6f:43:27:32:59:2c:d3:f0:5a:
cc:b0:97:cb:b3:13:79:8e:7a:45:61:03:87:66:12:
c9:58:e6:49:4c:dc:12:b8:87:7e:93:fb:f4:2b:4c:
18:ab:dc:3e:ef:a5:84:4e:bf:ae:73:53:a7:5e:6a:
57:24:86:56:22:5a:14:17:b8:a7:84:36:b0:a6:8a:
ae:96:c4:45:81:61:b7:e8:82:56:12:fd:f7:18:48:
c1:b7:c6:5c:60:bc:6e:d2:5b:a3:e6:6f:ce:87:ba:
45:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:00:6D:6A:10:01:66:06:97:B9:08:08:CB:B3:C7:13:0E:43:39:41
X509v3 Authority Key Identifier:
keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/IwBtahABZgaXuQgIy7PHEw5DOUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.8.0/21
92.118.120.0/22
194.59.14.0/23
194.59.32.0/23
IPv6:
2a09:a640::/32
2a0f:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
ad:ab:01:d8:c8:7c:09:4f:cd:8e:30:a6:2c:e1:04:6a:05:1d:
62:ef:3c:f0:3e:d2:8f:8b:8c:33:65:7c:0d:08:64:b4:08:a0:
db:10:ba:ed:57:a9:db:27:28:51:0a:18:a2:e3:45:89:32:8a:
f8:42:83:80:55:7f:65:89:85:a2:4a:78:15:a1:fe:bf:69:78:
43:c1:ee:8f:47:c7:6e:27:fd:23:7d:7e:4a:28:15:91:39:9d:
82:26:1d:be:71:2c:bc:4a:b7:5e:64:32:73:14:f2:89:f0:35:
0d:3f:a3:5a:0f:75:ff:0f:7d:4c:1d:c3:68:5c:39:38:fe:49:
b0:e4:5f:f6:46:14:f8:05:1a:ca:56:16:8d:00:50:1a:04:70:
3f:77:8a:24:ae:70:b1:67:46:c8:f3:01:ae:f7:47:97:8a:97:
57:62:41:a3:c5:9d:bb:4b:75:56:f9:f4:d9:c9:4f:e4:77:22:
63:2a:95:88:b9:25:51:a3:bf:4b:46:71:1f:43:73:ee:23:12:
1c:6a:ca:9f:7d:b5:62:9e:f4:29:44:a2:db:52:58:8f:a7:ee:
7b:62:cd:40:9d:05:54:0b:32:dd:ff:96:92:ce:c0:d3:d1:dd:
e6:40:71:67:ae:0e:ea:a8:8e:bd:ad:af:66:c9:39:99:96:86:
7b:6a:28:a2
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYuqzYZqeFlWWD5v/XEGbIpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl
NTc4NzUwHhcNMjMxMTA3MTcyMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzAwNmQ2YTEwMDE2NjA2OTdiOTA4MDhjYmIzYzcxMzBlNDMzOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6wc0iq/ABdUO//rQXaayWqupvzP
QwGR8lwmOPS1xQrRPPP6dcjExEb8yMOY9rqSTbJLLq62iUyD68TW7Mmf+oIGa0gp
qXwgEjAKmT7emJDO15YYlq2PqKnriHSqqEqTl4OEmF7P6US/oi6bQFrY/MWqRoKB
5bqAMVVenSQvN8K0BljHzuYw9hh788zKw8CDHAdT285RIY8afmhvQycyWSzT8FrM
sJfLsxN5jnpFYQOHZhLJWOZJTNwSuId+k/v0K0wYq9w+76WETr+uc1OnXmpXJIZW
IloUF7inhDawpoqulsRFgWG36IJWEv33GEjBt8ZcYLxu0luj5m/Oh7pFEwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCMAbWoQAWYGl7kICMuzxxMOQzlBMB8GA1UdIwQY
MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt
NWNmMzdhMzQ4MzBkLzEvSXdCdGFoQUJaZ2FYdVFnSXk3UEhFdzVET1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk
LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLqcIAwQC
XHZ4AwQBwjsOAwQBwjsgMBQEAgACMA4DBQAqCaZAAwUDKg8LwDANBgkqhkiG9w0B
AQsFAAOCAQEArasB2Mh8CU/NjjCmLOEEagUdYu888D7Sj4uMM2V8DQhktAig2xC6
7Vep2ycoUQoYouNFiTKK+EKDgFV/ZYmFokp4FaH+v2l4Q8Huj0fHbif9I31+SigV
kTmdgiYdvnEsvEq3XmQycxTyifA1DT+jWg91/w99TB3DaFw5OP5JsORf9kYU+AUa
ylYWjQBQGgRwP3eKJK5wsWdGyPMBrvdHl4qXV2JBo8Wdu0t1Vvn02clP5HciYyqV
iLklUaO/S0ZxH0Nz7iMSHGrKn321Yp70KUSi21JYj6fue2LNQJ0FVAsy3f+Wks7A
09Hd5kBxZ64O6qiOva2vZsk5mZaGe2ooog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:01 2024 by rpki-client on console-fra.rpki-client.org