Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/g3UD9ryLkKAdFQYj-tPUx2YbNgo.roa
File: g3UD9ryLkKAdFQYj-tPUx2YbNgo.roa (raw, json)
Hash identifier: 2Fw0RKaUwDvD0yxjBybLSn53xtd17RPc9n+x1eF/D9k=
Subject key identifier: 83:75:03:F6:BC:8B:90:A0:1D:15:06:23:FA:D3:D4:C7:66:1B:36:0A
Certificate issuer: /CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Certificate serial: 018B3DA5A087AD2B68A83EB859C34D369458
Authority key identifier: 2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/g3UD9ryLkKAdFQYj-tPUx2YbNgo.roa
Signing time: Tue 17 Oct 2023 12:39:06 +0000
ROA not before: Tue 17 Oct 2023 12:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35184
IP address blocks: 87.240.64.0/18 maxlen: 24
46.21.128.0/20 maxlen: 24
2a03:6c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:a5:a0:87:ad:2b:68:a8:3e:b8:59:c3:4d:36:94:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Validity
Not Before: Oct 17 12:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=837503f6bc8b90a01d150623fad3d4c7661b360a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:57:f4:ad:21:93:3c:83:57:64:c1:d2:05:57:
b2:49:21:fc:e7:4c:e1:b6:89:27:e4:e4:04:34:97:
84:55:51:18:d1:0f:f2:f7:4a:6b:c4:14:0e:e2:02:
84:af:84:4d:b2:28:e5:09:27:f5:eb:fa:34:93:c3:
55:69:62:a3:40:aa:ba:b2:bb:bf:3e:2d:29:f0:7c:
16:27:db:6c:f3:1c:8b:c5:c5:15:2a:df:42:09:b0:
56:8c:e8:36:94:42:b9:05:05:cf:0c:1c:20:d5:64:
39:71:53:88:4a:1d:41:7c:42:54:74:2d:48:1b:00:
ea:56:e3:d0:f7:a8:eb:c3:48:85:6e:01:fd:bb:48:
22:da:53:48:ae:bb:a0:a2:04:64:71:bf:da:fa:36:
7f:19:b2:ef:05:de:92:0f:e1:a0:c2:d9:79:b5:51:
a9:17:44:f1:45:d3:f2:73:80:29:a6:db:e9:20:ce:
bb:42:8a:a7:44:f6:8f:f8:18:f4:e5:4e:1e:d7:e8:
4d:2c:03:35:be:8f:87:7e:a6:fb:ad:ce:cf:42:0e:
89:a5:bb:10:c7:e3:cf:95:6c:36:6b:7d:77:65:ee:
55:49:48:da:ad:41:e7:86:04:44:18:8a:60:da:26:
4c:3b:da:b1:ca:bb:4b:1e:aa:e3:ed:8c:04:de:13:
07:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:75:03:F6:BC:8B:90:A0:1D:15:06:23:FA:D3:D4:C7:66:1B:36:0A
X509v3 Authority Key Identifier:
keyid:2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/g3UD9ryLkKAdFQYj-tPUx2YbNgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.128.0/20
87.240.64.0/18
IPv6:
2a03:6c00::/32
Signature Algorithm: sha256WithRSAEncryption
a0:31:a2:1e:38:48:e3:7e:de:0d:aa:a9:e9:ec:3f:c0:bf:1f:
6b:ea:7d:9c:49:cc:7e:c0:f5:78:f2:b2:2f:32:e4:39:1e:66:
c7:7a:30:b5:15:4b:6e:ae:2c:79:71:8e:e9:d6:1f:44:24:b5:
3c:03:94:3b:b9:26:a0:26:3a:04:98:72:fa:44:eb:37:b3:35:
10:2c:fa:86:52:4e:42:4e:23:1f:21:d0:a9:6a:1e:c4:da:e0:
e1:e3:1e:a5:cd:94:d0:60:57:db:e7:5e:9f:92:6c:f3:57:48:
4b:21:80:e5:4d:1f:bd:f1:f0:6d:0f:c9:d1:c0:43:e5:3c:25:
30:07:23:a6:fb:b9:e4:27:e7:90:bf:00:f4:66:04:61:dd:1e:
11:be:b8:67:97:09:67:f0:52:56:23:49:98:e7:7b:d5:dd:98:
d7:46:34:94:1d:c7:28:d0:39:09:bf:31:80:4c:d4:5a:0e:97:
aa:9a:f2:da:23:d4:3f:26:43:41:a5:ed:b8:27:a3:9c:fa:e5:
c1:98:f2:5f:6b:57:96:e7:b7:a3:ac:19:e7:02:ee:40:85:80:
26:ca:1f:a3:aa:64:bb:1b:aa:40:ac:94:f6:30:8e:3d:41:ec:
97:84:b8:6c:e2:0b:8f:e4:a4:b2:77:0e:a2:ff:be:70:44:2b:
07:1a:ad:a3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYs9paCHrStoqD64WcNNNpRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzEyMWUxNTQ1ZGYzZTViYjg2ZTkxODhmMjgyNWZhZDc0
NzdmNzUwHhcNMjMxMDE3MTIzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzc1MDNmNmJjOGI5MGEwMWQxNTA2MjNmYWQzZDRjNzY2MWIzNjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1f0rSGTPINXZMHSBVeySSH850zh
tokn5OQENJeEVVEY0Q/y90prxBQO4gKEr4RNsijlCSf16/o0k8NVaWKjQKq6sru/
Pi0p8HwWJ9ts8xyLxcUVKt9CCbBWjOg2lEK5BQXPDBwg1WQ5cVOISh1BfEJUdC1I
GwDqVuPQ96jrw0iFbgH9u0gi2lNIrrugogRkcb/a+jZ/GbLvBd6SD+Ggwtl5tVGp
F0TxRdPyc4ApptvpIM67QoqnRPaP+Bj05U4e1+hNLAM1vo+Hfqb7rc7PQg6JpbsQ
x+PPlWw2a313Ze5VSUjarUHnhgREGIpg2iZMO9qxyrtLHqrj7YwE3hMHawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIN1A/a8i5CgHRUGI/rT1MdmGzYKMB8GA1UdIwQY
MBaAFC7BIeFUXfPlu4bpGI8oJfrXR391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgt
OWY1MjJhMjg0NTk1LzEvZzNVRDlyeUxrS0FkRlFZai10UFV4MlliTmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgtOWY1MjJhMjg0NTk1
LzEvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELhWAAwQG
V/BAMA0EAgACMAcDBQAqA2wAMA0GCSqGSIb3DQEBCwUAA4IBAQCgMaIeOEjjft4N
qqnp7D/Avx9r6n2cScx+wPV48rIvMuQ5HmbHejC1FUturix5cY7p1h9EJLU8A5Q7
uSagJjoEmHL6ROs3szUQLPqGUk5CTiMfIdCpah7E2uDh4x6lzZTQYFfb516fkmzz
V0hLIYDlTR+98fBtD8nRwEPlPCUwByOm+7nkJ+eQvwD0ZgRh3R4Rvrhnlwln8FJW
I0mY53vV3ZjXRjSUHcco0DkJvzGATNRaDpeqmvLaI9Q/JkNBpe24J6Oc+uXBmPJf
a1eW57ejrBnnAu5AhYAmyh+jqmS7G6pArJT2MI49QeyXhLhs4guP5KSydw6i/75w
RCsHGq2j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:11 2024 by rpki-client on console-ams.rpki-client.org