Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/ICr7HuZFjwbFusiQteOK-9s_ODc.roa
File: ICr7HuZFjwbFusiQteOK-9s_ODc.roa (raw, json)
Hash identifier: 54KcR5lahHIA0QO/1ihHbhlKgF3JrY+5Tikk0Z9EXEI=
Subject key identifier: 20:2A:FB:1E:E6:45:8F:06:C5:BA:C8:90:B5:E3:8A:FB:DB:3F:38:37
Certificate issuer: /CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Certificate serial: 01857295CFFE7AC23E8AF3AB83CE3ABBB63A
Authority key identifier: 85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/ICr7HuZFjwbFusiQteOK-9s_ODc.roa
Signing time: Mon 02 Jan 2023 13:04:58 +0000
ROA not before: Mon 02 Jan 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34702
IP address blocks: 80.79.112.0/20 maxlen: 20
185.246.184.0/22 maxlen: 22
46.22.208.0/20 maxlen: 20
2a01:97a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:cf:fe:7a:c2:3e:8a:f3:ab:83:ce:3a:bb:b6:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85370cc5d260f3e2aeff5dd8f8f4a415a2345a81
Validity
Not Before: Jan 2 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=202afb1ee6458f06c5bac890b5e38afbdb3f3837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c4:08:6f:b8:86:8d:cd:21:78:15:1a:8c:c3:
cc:e3:d8:80:b7:c7:a1:c1:b2:35:32:2f:9d:43:8e:
2c:20:83:7f:10:3e:cd:b7:a0:71:a2:b5:dc:c3:1a:
cc:af:18:a6:4c:cb:17:29:95:52:94:d7:fc:2a:ce:
4b:09:3f:62:ec:a6:d9:35:15:53:dd:1c:14:29:2a:
b8:ac:63:d9:01:f0:d7:68:6b:ec:4a:fb:f1:c1:69:
66:cd:48:6d:30:a6:c1:f6:e9:8d:c0:ef:d7:c0:00:
f4:f6:89:b6:8c:68:99:83:16:e8:ee:a7:d8:8d:c3:
e2:17:0f:9f:1f:21:bb:35:25:5e:67:fe:e6:b8:5a:
30:5b:c5:ce:0a:73:7a:37:e3:ec:be:b9:47:4e:8d:
7b:67:a9:1e:37:5b:29:ff:1f:24:50:38:b0:74:bc:
b6:bc:2b:a9:62:bf:7a:4d:76:40:37:b3:a7:a7:e0:
69:29:29:1c:2f:ea:79:2e:02:6f:38:5b:fb:f5:2c:
ba:9f:c2:05:d2:2f:ee:1a:ff:d4:14:0d:8c:3b:88:
fa:53:58:48:d6:c2:e0:ea:08:b7:59:fa:e8:9f:f9:
19:cd:bd:43:9e:ac:72:54:c6:16:04:f6:07:6e:ba:
3b:bb:6d:fa:3c:8d:f0:93:2e:11:45:51:bc:80:6d:
5b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2A:FB:1E:E6:45:8F:06:C5:BA:C8:90:B5:E3:8A:FB:DB:3F:38:37
X509v3 Authority Key Identifier:
keyid:85:37:0C:C5:D2:60:F3:E2:AE:FF:5D:D8:F8:F4:A4:15:A2:34:5A:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/ICr7HuZFjwbFusiQteOK-9s_ODc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4f7246-ce8f-44f8-a831-ae60bea06a9c/1/hTcMxdJg8-Ku_13Y-PSkFaI0WoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.208.0/20
80.79.112.0/20
185.246.184.0/22
IPv6:
2a01:97a0::/32
Signature Algorithm: sha256WithRSAEncryption
22:31:59:5b:1a:a1:67:b2:9a:28:66:dd:a6:4e:09:37:26:be:
ba:f0:bf:b0:e7:78:c2:ef:41:75:a2:20:18:80:4f:84:e6:45:
f1:23:67:22:78:13:70:22:95:2b:8b:f1:cd:52:9c:e8:84:c0:
b6:29:5e:e6:d4:b5:ca:63:fe:8e:e4:4a:64:52:b9:e3:9b:91:
ca:cc:2b:3f:61:08:24:71:c3:0b:db:a3:0d:6f:9e:ca:71:17:
e5:94:fa:30:e0:24:d0:68:58:32:18:31:3c:30:bd:b9:f4:47:
10:bf:0d:06:34:f6:de:bb:cc:20:d9:01:7e:0f:91:60:93:3d:
50:76:01:9c:2b:1f:c6:9a:d7:17:f9:9a:1c:92:91:9c:ba:f9:
e8:57:94:66:15:1d:ad:9b:19:e4:67:db:4f:43:50:a7:85:86:
ae:5e:83:a1:e5:b2:85:3a:1a:31:79:09:47:4b:7e:af:a3:a7:
8e:8f:61:cc:0a:0d:2c:07:82:ed:8b:c9:1c:d2:af:94:9d:1c:
d6:3d:e8:dc:58:6d:11:6e:bb:2c:4e:b8:7c:1b:c2:8f:44:66:
3a:e5:14:21:fc:71:33:18:d3:22:1a:06:64:78:39:73:79:66:
ca:af:5d:1b:35:28:e7:6f:3f:86:93:cc:ed:9b:c5:40:c1:56:
87:4b:2d:b9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVylc/+esI+ivOrg846u7Y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzcwY2M1ZDI2MGYzZTJhZWZmNWRkOGY4ZjRhNDE1YTIz
NDVhODEwHhcNMjMwMTAyMTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDJhZmIxZWU2NDU4ZjA2YzViYWM4OTBiNWUzOGFmYmRiM2YzODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcQIb7iGjc0heBUajMPM49iAt8eh
wbI1Mi+dQ44sIIN/ED7Nt6BxorXcwxrMrximTMsXKZVSlNf8Ks5LCT9i7KbZNRVT
3RwUKSq4rGPZAfDXaGvsSvvxwWlmzUhtMKbB9umNwO/XwAD09om2jGiZgxbo7qfY
jcPiFw+fHyG7NSVeZ/7muFowW8XOCnN6N+PsvrlHTo17Z6keN1sp/x8kUDiwdLy2
vCupYr96TXZAN7Onp+BpKSkcL+p5LgJvOFv79Sy6n8IF0i/uGv/UFA2MO4j6U1hI
1sLg6gi3Wfron/kZzb1DnqxyVMYWBPYHbro7u236PI3wky4RRVG8gG1bUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCAq+x7mRY8GxbrIkLXjivvbPzg3MB8GA1UdIwQY
MBaAFIU3DMXSYPPirv9d2Pj0pBWiNFqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEt
YWU2MGJlYTA2YTljLzEvSUNyN0h1WkZqd2JGdXNpUXRlT0stOXNfT0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80ZjcyNDYtY2U4Zi00NGY4LWE4MzEtYWU2MGJlYTA2YTlj
LzEvaFRjTXhkSmc4LUt1XzEzWS1QU2tGYUkwV29FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQELhbQAwQE
UE9wAwQCufa4MA0EAgACMAcDBQAqAZegMA0GCSqGSIb3DQEBCwUAA4IBAQAiMVlb
GqFnspooZt2mTgk3Jr668L+w53jC70F1oiAYgE+E5kXxI2cieBNwIpUri/HNUpzo
hMC2KV7m1LXKY/6O5EpkUrnjm5HKzCs/YQgkccML26MNb57KcRfllPow4CTQaFgy
GDE8ML259EcQvw0GNPbeu8wg2QF+D5Fgkz1QdgGcKx/GmtcX+ZockpGcuvnoV5Rm
FR2tmxnkZ9tPQ1CnhYauXoOh5bKFOhoxeQlHS36vo6eOj2HMCg0sB4Lti8kc0q+U
nRzWPejcWG0RbrssTrh8G8KPRGY65RQh/HEzGNMiGgZkeDlzeWbKr10bNSjnbz+G
k8ztm8VAwVaHSy25
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:05 2024 by rpki-client on console-ams.rpki-client.org