Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/Dm3YisqKk5Zj-O6XZPpd6oe-FqE.roa
File: Dm3YisqKk5Zj-O6XZPpd6oe-FqE.roa (raw, json)
Hash identifier: jTB6xyF9D2s2eJaWtugjXD7LvXMwK5q6M4d4PWSEAR8=
Subject key identifier: 0E:6D:D8:8A:CA:8A:93:96:63:F8:EE:97:64:FA:5D:EA:87:BE:16:A1
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019178F9CE80DCCD014F9440FB4F35195512
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/Dm3YisqKk5Zj-O6XZPpd6oe-FqE.roa
Signing time: Thu 22 Aug 2024 07:25:22 +0000
ROA not before: Thu 22 Aug 2024 07:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 46.8.224.0/24 maxlen: 24
46.8.225.0/24 maxlen: 24
46.8.226.0/24 maxlen: 24
46.8.227.0/24 maxlen: 24
46.8.228.0/24 maxlen: 24
46.8.229.0/24 maxlen: 24
46.8.230.0/24 maxlen: 24
46.8.231.0/24 maxlen: 24
46.8.236.0/24 maxlen: 24
46.8.237.0/24 maxlen: 24
46.8.238.0/24 maxlen: 32
95.182.101.0/24 maxlen: 24
188.130.154.0/24 maxlen: 24
188.130.206.0/24 maxlen: 32
188.130.207.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 21 Oct 2024 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:78:f9:ce:80:dc:cd:01:4f:94:40:fb:4f:35:19:55:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Aug 22 07:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e6dd88aca8a939663f8ee9764fa5dea87be16a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9e:e1:13:52:97:c9:7d:21:9a:a6:52:8f:27:
e8:a9:fc:0c:a4:d4:b9:18:b5:ef:64:cb:47:fb:cd:
30:28:74:4b:ac:21:3e:6c:1d:e9:1a:e3:41:77:be:
86:be:37:22:56:44:a0:eb:93:fe:ad:10:59:42:6d:
9b:5f:e4:e4:f7:fe:51:5e:0b:42:6f:2c:a0:0d:7e:
e7:24:07:2c:0f:ea:12:3b:54:2c:cd:df:67:0f:2f:
e9:ba:06:dc:72:2c:ed:d3:c0:ba:76:0a:9e:1b:f2:
16:1e:4c:5e:be:2b:b8:c2:8a:b5:c1:1c:e0:ca:21:
37:96:27:fe:56:6c:78:3f:36:5f:df:a7:24:dd:59:
54:0d:ab:97:83:a8:92:27:ac:7d:5a:fa:cb:0a:86:
57:f9:a9:a0:c6:5e:20:9a:85:4f:d3:99:fc:c1:d3:
ce:7b:75:4a:5d:e8:80:d6:de:bd:91:c7:5c:3d:cf:
9e:3b:b1:d5:04:3c:26:4c:4a:ff:e9:e5:74:9c:6c:
98:ef:75:5f:4a:c9:ee:af:05:c9:e8:18:2a:59:32:
ab:7f:98:a2:57:b8:ca:ef:26:8c:d3:d4:e2:95:9d:
58:1e:c6:a6:de:ea:b0:d5:b5:94:0d:9e:36:f3:f1:
97:98:41:13:e9:58:54:3c:76:e9:a5:59:1e:9f:37:
64:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:6D:D8:8A:CA:8A:93:96:63:F8:EE:97:64:FA:5D:EA:87:BE:16:A1
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/Dm3YisqKk5Zj-O6XZPpd6oe-FqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.224.0/21
46.8.236.0-46.8.238.255
95.182.101.0/24
188.130.154.0/24
188.130.206.0/23
Signature Algorithm: sha256WithRSAEncryption
66:30:75:55:c2:8e:df:70:7c:de:b8:4f:b4:91:36:14:63:e7:
97:ff:6e:01:8e:36:a7:a2:24:51:90:4c:88:e5:56:6a:1e:7b:
9f:97:3e:d8:7f:e9:9f:0f:6f:a2:1b:15:a3:f0:8a:01:66:55:
dd:90:52:6b:09:59:3e:ca:7c:b7:44:1a:e8:38:4a:b8:39:5d:
72:a1:14:71:36:c3:e9:43:db:61:78:f7:d7:67:b5:0e:09:c9:
b2:0e:e4:df:58:eb:da:75:c8:2d:06:e8:d7:c7:dc:fa:41:c4:
81:4f:f6:3b:20:6a:88:40:84:a7:95:e3:03:df:8a:51:99:b3:
e9:4a:cb:c2:97:b4:5f:97:6f:7d:34:98:ef:d6:25:21:95:1f:
7e:7b:49:94:b0:f8:ab:ef:72:3c:a8:22:ec:75:e3:1f:ef:4f:
f4:99:95:ba:81:f0:82:3e:50:a3:08:7b:80:68:33:2a:62:2c:
42:6f:a9:0c:99:e3:63:f4:ad:e1:4f:44:0a:4c:59:a2:e2:2f:
2f:e6:29:f6:b8:33:65:a1:14:e7:f4:c8:64:22:76:6b:8c:d0:
8f:6c:dd:0d:91:e9:85:a6:57:51:f6:ce:06:33:a6:f5:e2:c1:
f9:28:90:fe:74:4a:28:03:fd:be:3d:bd:b3:c1:43:19:06:bd:
7f:45:05:b1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZF4+c6A3M0BT5RA+081GVUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwODIyMDcyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTZkZDg4YWNhOGE5Mzk2NjNmOGVlOTc2NGZhNWRlYTg3YmUxNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J7hE1KXyX0hmqZSjyfoqfwMpNS5
GLXvZMtH+80wKHRLrCE+bB3pGuNBd76GvjciVkSg65P+rRBZQm2bX+Tk9/5RXgtC
byygDX7nJAcsD+oSO1Qszd9nDy/pugbccizt08C6dgqeG/IWHkxeviu4woq1wRzg
yiE3lif+Vmx4PzZf36ck3VlUDauXg6iSJ6x9WvrLCoZX+amgxl4gmoVP05n8wdPO
e3VKXeiA1t69kcdcPc+eO7HVBDwmTEr/6eV0nGyY73VfSsnurwXJ6BgqWTKrf5ii
V7jK7yaM09TilZ1YHsam3uqw1bWUDZ428/GXmEET6VhUPHbppVkenzdkLQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFA5t2IrKipOWY/jul2T6XeqHvhahMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvRG0zWWlzcUtrNVpqLU82WFpQcGQ2b2UtRnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDLgjgMAwD
BAIuCOwDBAAuCO4DBABftmUDBAC8gpoDBAG8gs4wDQYJKoZIhvcNAQELBQADggEB
AGYwdVXCjt9wfN64T7SRNhRj55f/bgGONqeiJFGQTIjlVmoee5+XPth/6Z8Pb6Ib
FaPwigFmVd2QUmsJWT7KfLdEGug4Srg5XXKhFHE2w+lD22F499dntQ4JybIO5N9Y
69p1yC0G6NfH3PpBxIFP9jsgaohAhKeV4wPfilGZs+lKy8KXtF+Xb300mO/WJSGV
H357SZSw+KvvcjyoIux14x/vT/SZlbqB8II+UKMIe4BoMypiLEJvqQyZ42P0reFP
RApMWaLiLy/mKfa4M2WhFOf0yGQidmuM0I9s3Q2R6YWmV1H2zgYzpvXiwfkokP50
SigD/b49vbPBQxkGvX9FBbE=
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:23:57 2024 by rpki-client on console-ams.rpki-client.org