Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1lgRhm5sHQfNoJmVfYGVTp_rRo4.roa
File: 1lgRhm5sHQfNoJmVfYGVTp_rRo4.roa (raw, json)
Hash identifier: dRCkDEmJnm4Fvm5C1GPXLbCEIIfeNhdlBItuqsgJXLU=
Subject key identifier: D6:58:11:86:6E:6C:1D:07:CD:A0:99:95:7D:81:95:4E:9F:EB:46:8E
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0189088280B08AE46BDF621A193C7486A992
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1lgRhm5sHQfNoJmVfYGVTp_rRo4.roa
Signing time: Thu 29 Jun 2023 18:55:17 +0000
ROA not before: Thu 29 Jun 2023 18:55:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205569
IP address blocks: 109.248.60.0/24 maxlen: 24
46.8.50.0/23 maxlen: 23
46.8.50.0/24 maxlen: 24
46.8.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:08:82:80:b0:8a:e4:6b:df:62:1a:19:3c:74:86:a9:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 29 18:55:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d65811866e6c1d07cda099957d81954e9feb468e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2b:c5:e2:03:02:14:4d:ef:90:08:c7:02:0c:
eb:8d:ef:3a:05:8e:44:8c:f4:87:bc:de:5d:36:b7:
1d:78:ea:6a:34:89:18:a0:53:f9:2d:b7:5d:4c:7a:
da:6e:6b:e2:ab:ac:60:66:6a:3a:74:33:49:95:4a:
23:08:42:ca:13:d0:95:bd:28:25:de:ed:08:1a:8a:
55:24:7b:ff:41:19:4f:15:a0:8b:bb:64:d0:d6:f2:
ee:fa:d5:f3:3b:d4:58:f4:ee:75:f8:de:5c:44:f5:
1a:91:58:39:61:85:55:32:89:d7:8e:03:49:31:34:
1f:97:62:08:42:b3:ad:09:31:ef:cf:2e:d1:fb:92:
71:ff:a4:ff:37:5a:0d:3e:13:6f:ba:b8:1f:2c:6f:
e6:4d:16:ab:cb:bb:98:db:83:fc:6f:4f:df:45:98:
7f:b0:ff:db:79:b9:94:75:92:33:bd:f7:bb:a2:8f:
40:81:25:81:57:46:31:44:a1:22:2c:7d:1b:86:a6:
d9:19:b1:94:19:8b:f0:09:70:66:10:da:6d:ef:84:
33:76:c2:6a:0b:42:9b:47:ae:66:82:d8:68:cb:8a:
77:97:81:16:0d:fa:6b:41:7b:e1:a5:d5:7f:13:3f:
1e:cd:40:0f:b4:17:d4:b1:dc:f4:4f:c9:7c:a9:39:
66:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:58:11:86:6E:6C:1D:07:CD:A0:99:95:7D:81:95:4E:9F:EB:46:8E
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1lgRhm5sHQfNoJmVfYGVTp_rRo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.50.0/23
109.248.60.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:c8:d2:d9:d7:f2:c0:dd:83:5c:a1:58:61:20:43:a1:00:f2:
c5:0f:0d:e4:b8:fe:f4:c4:a6:54:49:52:a6:02:f0:0a:f9:c0:
8a:68:91:92:84:30:c3:b1:52:cc:74:03:9a:e8:d9:58:37:75:
0a:9f:c4:e8:1b:1c:2b:c0:b5:5a:81:00:f3:b0:d4:5c:cf:5a:
a1:10:26:9c:e0:e2:19:f6:1d:dd:67:f6:fe:d2:a4:4b:f6:c6:
53:98:5e:2d:cb:8a:63:7a:b8:dc:cd:d0:09:ac:a4:a4:64:fe:
99:22:0e:88:70:93:bb:61:90:98:86:7e:ff:62:7d:ed:51:18:
2b:75:b0:eb:0d:54:b0:2a:c7:c2:1a:f0:9b:03:c4:75:20:c6:
cd:82:f2:bc:67:e7:5d:ee:70:0e:77:6c:d1:52:54:ce:bf:17:
11:60:3c:8b:8e:c0:65:43:4f:f9:7e:ab:8c:3f:07:c8:da:9f:
6d:b5:a6:63:2d:79:06:99:a3:75:40:c8:4f:19:09:d6:7d:27:
47:12:6c:78:f0:0d:fc:b2:ff:87:39:6b:ff:ef:07:c7:55:d7:
9c:fd:53:94:61:84:57:ee:90:c4:b2:af:3e:56:77:aa:56:3f:
e1:e7:0f:a5:86:d5:a8:b0:d4:c3:69:9b:2e:76:1b:0f:e1:e2:
3a:71:4e:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkIgoCwiuRr32IaGTx0hqmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwNjI5MTg1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjU4MTE4NjZlNmMxZDA3Y2RhMDk5OTU3ZDgxOTU0ZTlmZWI0NjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCvF4gMCFE3vkAjHAgzrje86BY5E
jPSHvN5dNrcdeOpqNIkYoFP5LbddTHrabmviq6xgZmo6dDNJlUojCELKE9CVvSgl
3u0IGopVJHv/QRlPFaCLu2TQ1vLu+tXzO9RY9O51+N5cRPUakVg5YYVVMonXjgNJ
MTQfl2IIQrOtCTHvzy7R+5Jx/6T/N1oNPhNvurgfLG/mTRary7uY24P8b0/fRZh/
sP/bebmUdZIzvfe7oo9AgSWBV0YxRKEiLH0bhqbZGbGUGYvwCXBmENpt74QzdsJq
C0KbR65mgthoy4p3l4EWDfprQXvhpdV/Ez8ezUAPtBfUsdz0T8l8qTlm4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNZYEYZubB0HzaCZlX2BlU6f60aOMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvMWxnUmhtNXNIUWZOb0ptVmZZR1ZUcF9yUm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLggyAwQA
bfg8MA0GCSqGSIb3DQEBCwUAA4IBAQBPyNLZ1/LA3YNcoVhhIEOhAPLFDw3kuP70
xKZUSVKmAvAK+cCKaJGShDDDsVLMdAOa6NlYN3UKn8ToGxwrwLVagQDzsNRcz1qh
ECac4OIZ9h3dZ/b+0qRL9sZTmF4ty4pjerjczdAJrKSkZP6ZIg6IcJO7YZCYhn7/
Yn3tURgrdbDrDVSwKsfCGvCbA8R1IMbNgvK8Z+dd7nAOd2zRUlTOvxcRYDyLjsBl
Q0/5fquMPwfI2p9ttaZjLXkGmaN1QMhPGQnWfSdHEmx48A38sv+HOWv/7wfHVdec
/VOUYYRX7pDEsq8+VneqVj/h5w+lhtWosNTDaZsudhsP4eI6cU5p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org