Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/K8UaFeS4HSUl5a1xLQE_YsZxMFw.roa
File: K8UaFeS4HSUl5a1xLQE_YsZxMFw.roa (raw, json)
Hash identifier: cS0C6X9H61SfrFfi3kjpSeDQQI9UNiQWxqKzW+/OK6Y=
Subject key identifier: 2B:C5:1A:15:E4:B8:1D:25:25:E5:AD:71:2D:01:3F:62:C6:71:30:5C
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01904938114584108303688CE463E64653EA
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/K8UaFeS4HSUl5a1xLQE_YsZxMFw.roa
Signing time: Mon 24 Jun 2024 07:48:49 +0000
ROA not before: Mon 24 Jun 2024 07:48:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 46.8.238.0/24 maxlen: 32
188.130.154.0/24 maxlen: 24
188.130.206.0/24 maxlen: 32
188.130.207.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jul 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:38:11:45:84:10:83:03:68:8c:e4:63:e6:46:53:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 24 07:48:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bc51a15e4b81d2525e5ad712d013f62c671305c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:69:9e:b8:fa:08:c6:6b:2d:60:af:e7:7c:23:
de:45:b4:94:fd:c3:46:b7:20:17:22:4c:92:0d:ad:
4d:b9:c8:52:ea:57:4b:16:b7:b2:87:0d:6e:6a:c3:
48:93:c6:d3:f0:9c:04:5f:a8:77:31:24:bf:c3:1e:
75:a1:20:d9:9a:02:c5:c3:3a:9f:b9:36:1c:66:00:
1c:a2:c1:df:fd:ec:bb:81:78:4f:46:76:d5:bf:0f:
f0:17:11:ce:3f:86:32:5f:30:8b:c3:40:2d:b3:da:
bd:d8:47:63:e7:d7:1c:88:ec:69:4a:de:a2:7f:a2:
f2:90:81:0f:3b:57:c0:a3:b7:8f:5c:af:bc:75:a3:
e1:58:54:b4:f7:05:39:4c:f8:c5:e0:cd:4c:a3:91:
61:16:60:80:f3:10:1c:f2:a5:78:b1:5b:b1:15:70:
c4:5d:50:f1:e7:3a:b8:a0:60:00:ab:fa:71:42:12:
e0:0f:f9:04:ea:7b:68:b9:e2:17:0b:f5:30:33:09:
3e:d2:94:b5:9c:ce:a5:09:ae:52:bf:f9:f8:3a:e0:
50:f0:a7:cf:e8:a2:68:bc:bf:41:47:9c:35:c5:89:
10:06:91:e2:37:cf:e1:98:31:63:66:c3:a9:3f:e1:
ab:6f:cb:c6:c3:10:ec:ba:ca:98:52:9e:b3:4f:c3:
02:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C5:1A:15:E4:B8:1D:25:25:E5:AD:71:2D:01:3F:62:C6:71:30:5C
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/K8UaFeS4HSUl5a1xLQE_YsZxMFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.238.0/24
188.130.154.0/24
188.130.206.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:eb:6a:17:18:77:8f:99:20:44:a6:f6:1b:41:f4:1a:83:88:
c2:a9:b6:a2:e4:6e:b4:3a:e9:08:34:e7:39:14:6e:49:c5:a6:
b8:32:16:5e:47:a4:da:71:5c:65:bd:17:a6:75:8d:bc:42:4c:
af:ce:1e:cf:71:fd:ff:d9:f6:0a:46:22:24:a7:9c:9f:a5:62:
ab:66:3a:f0:0d:34:c6:11:4d:19:af:07:fb:e3:67:fd:b2:3c:
58:3a:26:0e:e0:8c:41:57:ea:d7:02:7b:db:9f:3b:a6:af:28:
40:0e:bc:77:d2:d9:c0:21:f1:de:d1:37:44:30:7d:f8:9a:b6:
e6:92:95:bd:8f:82:64:e6:82:4f:5b:b9:2c:ee:01:35:f7:15:
cd:59:d1:e0:d6:6e:20:e6:69:d5:8a:fe:74:26:cc:2c:ff:14:
44:5a:1f:3d:48:b5:9c:0c:c6:a3:65:a0:14:36:e1:37:42:0a:
88:f7:03:a1:b6:79:10:61:0f:b7:f8:e6:aa:13:21:4d:69:08:
69:5f:3e:86:9f:3b:78:59:05:b3:8a:45:b5:4b:57:c1:52:d2:
f2:4c:bf:73:24:55:18:36:49:b2:06:00:1c:7f:72:b4:6f:ea:
67:16:27:40:55:2a:ab:0e:d2:3f:64:18:10:df:68:a0:1f:51:
10:b8:ce:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBJOBFFhBCDA2iM5GPmRlPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwNjI0MDc0ODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM1MWExNWU0YjgxZDI1MjVlNWFkNzEyZDAxM2Y2MmM2NzEzMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmmeuPoIxmstYK/nfCPeRbSU/cNG
tyAXIkySDa1NuchS6ldLFreyhw1uasNIk8bT8JwEX6h3MSS/wx51oSDZmgLFwzqf
uTYcZgAcosHf/ey7gXhPRnbVvw/wFxHOP4YyXzCLw0Ats9q92Edj59cciOxpSt6i
f6LykIEPO1fAo7ePXK+8daPhWFS09wU5TPjF4M1Mo5FhFmCA8xAc8qV4sVuxFXDE
XVDx5zq4oGAAq/pxQhLgD/kE6ntoueIXC/UwMwk+0pS1nM6lCa5Sv/n4OuBQ8KfP
6KJovL9BR5w1xYkQBpHiN8/hmDFjZsOpP+Grb8vGwxDsusqYUp6zT8MC2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCvFGhXkuB0lJeWtcS0BP2LGcTBcMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvSzhVYUZlUzRIU1VsNWExeExRRV9Zc1p4TUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALgjuAwQA
vIKaAwQBvILOMA0GCSqGSIb3DQEBCwUAA4IBAQCb62oXGHePmSBEpvYbQfQag4jC
qbai5G60OukINOc5FG5Jxaa4MhZeR6TacVxlvRemdY28Qkyvzh7Pcf3/2fYKRiIk
p5yfpWKrZjrwDTTGEU0Zrwf742f9sjxYOiYO4IxBV+rXAnvbnzumryhADrx30tnA
IfHe0TdEMH34mrbmkpW9j4Jk5oJPW7ks7gE19xXNWdHg1m4g5mnViv50Jsws/xRE
Wh89SLWcDMajZaAUNuE3QgqI9wOhtnkQYQ+3+OaqEyFNaQhpXz6Gnzt4WQWzikW1
S1fBUtLyTL9zJFUYNkmyBgAcf3K0b+pnFidAVSqrDtI/ZBgQ32igH1EQuM5n
-----END CERTIFICATE-----
Generated at Mon Jul 1 16:21:27 2024 by rpki-client on console-ams.rpki-client.org