Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-fIXnDYPlIPZUuZAZNny8icxr-E.roa
File: 1-fIXnDYPlIPZUuZAZNny8icxr-E.roa (raw, json)
Hash identifier: hV5lgy1RxBOp8IBEdwRWKz/g0N47t9shg2noJgdLjpA=
Subject key identifier: F9:F2:17:9C:36:0F:94:83:D9:52:E6:40:64:D9:F2:F2:27:31:AF:E1
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EBDAE7B6953143D544BFBC78AFD7FCFDE
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-fIXnDYPlIPZUuZAZNny8icxr-E.roa
Signing time: Mon 08 Apr 2024 12:28:32 +0000
ROA not before: Mon 08 Apr 2024 12:28:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41957
IP address blocks: 46.16.37.0/24 maxlen: 24
46.253.128.0/24 maxlen: 24
91.242.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 17:55:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:ae:7b:69:53:14:3d:54:4b:fb:c7:8a:fd:7f:cf:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 8 12:28:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9f2179c360f9483d952e64064d9f2f22731afe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3c:75:8c:8e:d7:c5:64:9f:e2:12:9b:56:39:
69:1d:92:06:d7:e7:e3:3d:d4:4f:36:98:c7:f3:f3:
72:87:f1:a4:10:34:9f:81:27:4e:00:42:2f:86:67:
14:b3:6e:ec:03:cd:83:48:a7:92:47:bc:bb:b0:00:
55:39:11:79:1e:24:88:1d:57:3a:50:0e:f6:8e:9d:
2f:95:d8:30:25:a8:a2:a1:51:c4:d9:38:9a:27:63:
41:61:83:46:45:7e:c0:6f:e1:fd:cd:76:3f:4d:57:
72:6b:e9:56:bb:f1:4e:f0:fe:d4:4b:5c:63:51:b3:
d2:32:35:5e:ec:f7:74:2d:c1:78:d4:b7:0d:68:1b:
b6:53:80:10:dc:24:b3:65:86:35:99:f1:86:b3:56:
3a:79:0d:5a:4c:0e:ea:72:a3:72:7c:46:43:e1:ae:
8e:e4:ae:ba:b9:d9:c9:03:d2:99:f8:b1:28:ab:09:
2c:24:4c:58:62:5b:49:31:e9:0e:78:b8:f5:0c:27:
d2:a1:47:91:2a:51:bc:6e:0b:92:dd:0d:01:ec:f2:
ab:92:5b:94:39:b3:53:c5:c4:3a:97:81:41:d7:fc:
fc:0c:94:1b:ee:e1:d2:f7:0d:c9:4c:fb:43:6e:9d:
2b:27:10:46:c7:c0:76:bd:04:25:3a:d2:4c:16:43:
5b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F2:17:9C:36:0F:94:83:D9:52:E6:40:64:D9:F2:F2:27:31:AF:E1
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-fIXnDYPlIPZUuZAZNny8icxr-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.37.0/24
46.253.128.0/24
91.242.254.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:78:f5:7a:1a:3b:39:51:e1:da:26:fd:97:92:0e:91:cc:b9:
c1:35:cd:70:57:54:4b:5e:3b:f1:cc:98:c6:4d:bc:fb:8a:f3:
4e:0b:2a:2e:df:5f:9f:93:ee:75:ea:ea:b1:23:4e:2c:06:f9:
57:76:cb:4c:d7:3c:5b:1a:3b:a5:93:50:0e:5d:7a:a5:ef:40:
b9:09:cb:d6:d0:21:bb:91:d9:ef:81:64:26:54:09:dc:27:29:
b5:98:67:f8:51:04:ed:61:d0:c3:11:65:db:31:cf:28:da:7b:
95:ee:4b:38:f5:de:33:74:c7:d6:c1:87:cf:12:76:b9:12:6c:
11:6f:02:66:ff:64:d3:65:c9:6c:4e:8c:2a:c8:b2:2f:73:cd:
98:b3:05:63:2e:f9:39:c6:3a:88:4b:97:6f:17:3a:6d:ae:45:
47:75:ad:58:b9:a0:05:18:e9:7f:4c:05:68:37:53:59:db:ff:
6a:cd:66:86:6e:34:db:22:51:3e:5d:bd:0b:55:73:47:84:94:
c5:2e:bb:61:b2:99:03:90:69:62:42:cf:5f:3c:cf:b2:ca:ec:
40:fd:8e:00:83:54:f4:b1:96:55:92:df:ff:3d:8b:20:78:a6:
62:ed:9b:55:af:e0:b5:d9:52:94:99:1d:b6:56:be:20:2d:68:
d7:90:b2:7d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAY69rntpUxQ9VEv7x4r9f8/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDA4MTIyODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWYyMTc5YzM2MGY5NDgzZDk1MmU2NDA2NGQ5ZjJmMjI3MzFhZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjx1jI7XxWSf4hKbVjlpHZIG1+fj
PdRPNpjH8/Nyh/GkEDSfgSdOAEIvhmcUs27sA82DSKeSR7y7sABVORF5HiSIHVc6
UA72jp0vldgwJaiioVHE2TiaJ2NBYYNGRX7Ab+H9zXY/TVdya+lWu/FO8P7US1xj
UbPSMjVe7Pd0LcF41LcNaBu2U4AQ3CSzZYY1mfGGs1Y6eQ1aTA7qcqNyfEZD4a6O
5K66udnJA9KZ+LEoqwksJExYYltJMekOeLj1DCfSoUeRKlG8bguS3Q0B7PKrkluU
ObNTxcQ6l4FB1/z8DJQb7uHS9w3JTPtDbp0rJxBGx8B2vQQlOtJMFkNb/wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPnyF5w2D5SD2VLmQGTZ8vInMa/hMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMS1mSVhuRFlQbElQWlV1WkFaTm55OGljeHItRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvN2I5MzM2LWU5ZjgtNGUyNy1hZjRiLTIzOWQyZmUzOThi
MS8xL0NUTlR3ZnEtaVdyNHVGX25ZQTVHTkphUHpFdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC4QJQME
AC79gAMEAFvy/jANBgkqhkiG9w0BAQsFAAOCAQEAf3j1eho7OVHh2ib9l5IOkcy5
wTXNcFdUS1478cyYxk28+4rzTgsqLt9fn5PuderqsSNOLAb5V3bLTNc8Wxo7pZNQ
Dl16pe9AuQnL1tAhu5HZ74FkJlQJ3CcptZhn+FEE7WHQwxFl2zHPKNp7le5LOPXe
M3TH1sGHzxJ2uRJsEW8CZv9k02XJbE6MKsiyL3PNmLMFYy75OcY6iEuXbxc6ba5F
R3WtWLmgBRjpf0wFaDdTWdv/as1mhm402yJRPl29C1VzR4SUxS67YbKZA5BpYkLP
XzzPssrsQP2OAINU9LGWVZLf/z2LIHimYu2bVa/gtdlSlJkdtla+IC1o15CyfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:51 2024 by rpki-client on console-ams.rpki-client.org