Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/POfZczA1lHnWp33qauXQdlG21Vk.roa
File: POfZczA1lHnWp33qauXQdlG21Vk.roa (raw, json)
Hash identifier: DL5SSC1HSq+qpD4oHQ5MNkEONgOE7JQtT0apGiJFkos=
Subject key identifier: 3C:E7:D9:73:30:35:94:79:D6:A7:7D:EA:6A:E5:D0:76:51:B6:D5:59
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018E713A882E0DC3A8EE5A2E4074058F7DB9
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/POfZczA1lHnWp33qauXQdlG21Vk.roa
Signing time: Sun 24 Mar 2024 16:10:45 +0000
ROA not before: Sun 24 Mar 2024 16:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.224.0/20 maxlen: 24
188.130.154.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Apr 2024 05:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:71:3a:88:2e:0d:c3:a8:ee:5a:2e:40:74:05:8f:7d:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Mar 24 16:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ce7d97330359479d6a77dea6ae5d07651b6d559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:98:68:8b:6d:d7:f1:2f:a7:9e:db:bf:4e:e6:
34:c5:41:bf:26:fa:e5:69:cb:ea:93:66:80:73:90:
59:5e:a8:a7:f5:62:0f:2b:b0:ed:08:d2:f2:67:bd:
86:23:72:e8:4c:58:52:9a:0e:08:10:5c:5c:87:4d:
b1:23:18:f3:90:da:ab:6f:26:41:12:82:c3:a4:aa:
e8:04:a3:a4:f3:4b:51:54:95:73:95:c9:04:58:aa:
e6:de:47:20:83:2c:de:86:11:a4:75:46:94:c9:1c:
4c:d0:87:d6:63:c1:36:a6:2d:8a:af:fb:12:33:e2:
5a:0b:83:8d:15:09:ab:38:ae:29:3d:89:ca:db:2f:
51:d5:25:ea:15:ac:eb:85:13:56:76:e1:06:fc:8e:
3d:73:43:8e:15:b8:42:ff:f7:b6:40:be:f5:78:33:
6f:20:df:30:dd:07:8c:50:a9:9a:78:89:06:d7:45:
9b:4d:1d:d1:c9:ce:e4:e7:67:a8:16:e6:a0:7d:ee:
bb:3f:2c:8f:65:c2:95:23:d4:11:e2:ef:cc:6f:0c:
e3:59:82:f2:61:43:9a:75:83:a4:b4:52:ce:e1:06:
ef:90:bb:b3:1a:e7:63:6e:0a:72:a8:e2:fe:03:ce:
c9:52:72:39:d5:12:cc:14:2f:2c:f9:0e:4c:2e:49:
40:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E7:D9:73:30:35:94:79:D6:A7:7D:EA:6A:E5:D0:76:51:B6:D5:59
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/POfZczA1lHnWp33qauXQdlG21Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.224.0/20
188.130.154.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
91:bb:07:75:63:db:da:6a:24:77:a8:fd:15:61:72:39:e9:1f:
67:ae:27:f0:fd:49:ca:a1:87:db:73:33:51:6e:c4:5f:14:7d:
2a:28:72:95:14:2b:ed:18:eb:a6:79:86:fa:86:b4:a9:a8:dc:
8e:7a:d7:e4:94:b2:b5:4e:a5:e4:a8:50:ea:2f:e2:6f:29:99:
e0:c8:14:e9:59:75:d7:f8:ea:e4:fd:57:44:61:de:26:3a:71:
56:23:f9:e3:fb:d3:c2:da:64:e2:85:21:df:cf:25:99:81:2a:
78:e6:73:67:a6:c0:50:08:e2:be:cc:87:5a:1c:80:8a:57:c3:
9c:4b:96:85:76:30:32:44:32:74:11:8e:17:de:43:46:84:53:
26:d8:25:71:d0:e2:13:57:70:d1:81:03:0a:bf:15:64:51:9a:
23:78:52:be:76:ef:5a:29:3e:b5:43:ea:51:70:74:d8:c1:43:
66:04:4c:6f:c7:f8:b2:d7:42:9c:28:ad:1a:ab:f8:1e:78:02:
8d:d3:78:8a:b3:3d:e5:0c:89:72:88:6b:ad:87:d0:74:8d:cf:
ba:ff:10:26:b8:ba:ac:80:27:48:16:44:b1:0e:5b:23:57:95:
6b:72:e6:ac:58:8c:fb:b4:63:b0:6b:5f:1a:63:aa:23:11:e8:
e0:a1:4b:d5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY5xOoguDcOo7louQHQFj325MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMzI0MTYxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2U3ZDk3MzMwMzU5NDc5ZDZhNzdkZWE2YWU1ZDA3NjUxYjZkNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5hoi23X8S+nntu/TuY0xUG/Jvrl
acvqk2aAc5BZXqin9WIPK7DtCNLyZ72GI3LoTFhSmg4IEFxch02xIxjzkNqrbyZB
EoLDpKroBKOk80tRVJVzlckEWKrm3kcggyzehhGkdUaUyRxM0IfWY8E2pi2Kr/sS
M+JaC4ONFQmrOK4pPYnK2y9R1SXqFazrhRNWduEG/I49c0OOFbhC//e2QL71eDNv
IN8w3QeMUKmaeIkG10WbTR3Ryc7k52eoFuagfe67PyyPZcKVI9QR4u/MbwzjWYLy
YUOadYOktFLO4QbvkLuzGudjbgpyqOL+A87JUnI51RLMFC8s+Q5MLklA8wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDzn2XMwNZR51qd96mrl0HZRttVZMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvUE9mWmN6QTFsSG5XcDMzcWF1WFFkbEcyMVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQELgjgAwQA
vIKaAwQAvIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQCRuwd1Y9vaaiR3qP0VYXI56R9nrifw/UnKoYfbczNRbsRfFH0qKHKVFCvtGOum
eYb6hrSpqNyOetfklLK1TqXkqFDqL+JvKZngyBTpWXXX+Ork/VdEYd4mOnFWI/nj
+9PC2mTihSHfzyWZgSp45nNnpsBQCOK+zIdaHICKV8OcS5aFdjAyRDJ0EY4X3kNG
hFMm2CVx0OITV3DRgQMKvxVkUZojeFK+du9aKT61Q+pRcHTYwUNmBExvx/iy10Kc
KK0aq/geeAKN03iKsz3lDIlyiGuth9B0jc+6/xAmuLqsgCdIFkSxDlsjV5Vrcuas
WIz7tGOwa18aY6ojEejgoUvV
-----END CERTIFICATE-----
Generated at Tue Apr 2 06:33:31 2024 by rpki-client on console-fra.rpki-client.org