Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/1kpJKKW833oNLdBH0z-yiO1D7fo.roa
File: 1kpJKKW833oNLdBH0z-yiO1D7fo.roa (raw, json)
Hash identifier: pTVujW+x6Xova9aU0bp3kEkYevlokCtiYpPbSUeNgRc=
Subject key identifier: D6:4A:49:28:A5:BC:DF:7A:0D:2D:D0:47:D3:3F:B2:88:ED:43:ED:FA
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018D88E96CE77C708CA82B3B42F4B804762F
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/1kpJKKW833oNLdBH0z-yiO1D7fo.roa
Signing time: Thu 08 Feb 2024 13:30:15 +0000
ROA not before: Thu 08 Feb 2024 13:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201021
IP address blocks: 46.38.141.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 16:03:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:e9:6c:e7:7c:70:8c:a8:2b:3b:42:f4:b8:04:76:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 8 13:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d64a4928a5bcdf7a0d2dd047d33fb288ed43edfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:95:e5:f4:41:66:b1:01:21:e3:f7:a0:2e:16:
45:87:14:6c:71:31:a0:79:60:fb:80:48:8c:df:f0:
ef:05:2c:13:1e:3e:35:8c:e2:62:50:38:b8:2f:ba:
5d:7e:a2:66:d7:88:2f:f9:45:02:81:a2:ac:38:39:
4d:87:51:bd:2b:9e:c9:0a:54:81:1c:7f:d6:ce:49:
7a:a9:9e:e9:8d:99:cc:dc:34:54:ca:dd:8a:df:15:
24:24:14:7d:39:87:e8:d3:5b:61:fd:d6:dc:29:3b:
d0:31:2f:c2:6f:b7:b3:ee:53:3f:4b:b1:09:c9:4e:
51:d2:e8:ea:12:d2:5a:47:08:5a:03:c4:3c:25:17:
cf:62:f9:e5:cf:8e:8f:63:d7:3a:d2:38:54:42:9e:
d2:5c:bc:4d:13:db:78:b4:54:6a:1f:d1:19:82:cf:
72:12:93:d0:de:8d:bf:4d:03:31:41:23:a6:1c:0d:
d5:ca:40:b9:85:8c:7d:05:25:d6:71:7a:8d:4a:7a:
cc:02:63:34:43:fb:3e:f1:99:66:98:95:99:d1:b3:
0d:c9:f9:db:fb:86:82:e7:4e:66:45:0a:e0:6d:9e:
52:03:35:b4:6f:c4:7f:c4:2a:84:1f:1e:16:67:3e:
43:e8:0d:37:23:2c:ee:d0:ea:65:eb:f5:2d:90:22:
fb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4A:49:28:A5:BC:DF:7A:0D:2D:D0:47:D3:3F:B2:88:ED:43:ED:FA
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/1kpJKKW833oNLdBH0z-yiO1D7fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.141.0/24
185.143.74.0/23
212.16.85.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:3a:20:cc:d3:61:c6:f2:ad:d4:c2:74:83:f6:3f:3a:bf:d5:
a9:8e:7f:0c:b3:14:b4:97:04:b3:7f:fe:56:74:0b:8a:11:3a:
29:61:ed:ba:02:be:1a:a0:87:f5:4a:d0:05:2a:27:c7:b2:7e:
62:87:f4:5c:72:0f:df:ae:96:eb:31:9d:ef:50:f0:e7:ba:86:
0f:38:a4:79:5b:5a:43:1d:cd:1b:f6:89:ed:05:f6:a6:ae:6a:
a9:dd:5b:9d:7c:6c:6c:bb:e4:0b:33:c2:d9:9e:3b:a0:bf:63:
f7:b4:d3:de:5c:12:01:62:5b:0b:22:52:75:3b:a9:58:f3:37:
e9:0d:95:0f:eb:de:cf:5d:66:a8:2c:11:35:b1:bc:7e:86:49:
d9:11:a3:32:bd:f5:6a:1f:c9:0c:31:0c:32:f7:38:ca:a9:fb:
e9:3d:00:33:0b:15:78:5f:c1:42:b1:26:40:0e:f8:1f:ce:e2:
86:f8:a2:f3:b5:32:ed:25:b3:8b:0e:79:0c:36:e4:ea:47:e1:
22:46:6b:2f:11:74:da:d2:ec:ae:79:f4:d2:60:48:34:95:ad:
02:f3:b8:ff:ec:97:a2:6f:19:88:b9:7a:d7:e3:b8:be:f2:a2:
09:2f:e0:43:d9:69:e5:a6:7b:b8:0e:1f:43:c4:30:56:75:bb:
74:6d:e5:1f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2I6WznfHCMqCs7QvS4BHYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjA4MTMzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRhNDkyOGE1YmNkZjdhMGQyZGQwNDdkMzNmYjI4OGVkNDNlZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05Xl9EFmsQEh4/egLhZFhxRscTGg
eWD7gEiM3/DvBSwTHj41jOJiUDi4L7pdfqJm14gv+UUCgaKsODlNh1G9K57JClSB
HH/Wzkl6qZ7pjZnM3DRUyt2K3xUkJBR9OYfo01th/dbcKTvQMS/Cb7ez7lM/S7EJ
yU5R0ujqEtJaRwhaA8Q8JRfPYvnlz46PY9c60jhUQp7SXLxNE9t4tFRqH9EZgs9y
EpPQ3o2/TQMxQSOmHA3VykC5hYx9BSXWcXqNSnrMAmM0Q/s+8ZlmmJWZ0bMNyfnb
+4aC505mRQrgbZ5SAzW0b8R/xCqEHx4WZz5D6A03Iyzu0Opl6/UtkCL77QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNZKSSilvN96DS3QR9M/sojtQ+36MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvMWtwSktLVzgzM29OTGRCSDB6LXlpTzFEN2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiaNAwQB
uY9KAwQA1BBVMA0GCSqGSIb3DQEBCwUAA4IBAQCqOiDM02HG8q3UwnSD9j86v9Wp
jn8MsxS0lwSzf/5WdAuKETopYe26Ar4aoIf1StAFKifHsn5ih/Rccg/frpbrMZ3v
UPDnuoYPOKR5W1pDHc0b9ontBfamrmqp3VudfGxsu+QLM8LZnjugv2P3tNPeXBIB
YlsLIlJ1O6lY8zfpDZUP697PXWaoLBE1sbx+hknZEaMyvfVqH8kMMQwy9zjKqfvp
PQAzCxV4X8FCsSZADvgfzuKG+KLztTLtJbOLDnkMNuTqR+EiRmsvEXTa0uyuefTS
YEg0la0C87j/7JeibxmIuXrX47i+8qIJL+BD2Wnlpnu4Dh9DxDBWdbt0beUf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org