Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/RC_awAMWfy7NIeLUFDAmX0P6wKE.roa
File: RC_awAMWfy7NIeLUFDAmX0P6wKE.roa (raw, json)
Hash identifier: PXtnDsTWIX0aqRcbIgZZl8L1PJiJDtFzcRCWvXDEWuI=
Subject key identifier: 44:2F:DA:C0:03:16:7F:2E:CD:21:E2:D4:14:30:26:5F:43:FA:C0:A1
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018DCFF1367C81D820D2836C91DB08DB1B04
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/RC_awAMWfy7NIeLUFDAmX0P6wKE.roa
Signing time: Thu 22 Feb 2024 08:31:48 +0000
ROA not before: Thu 22 Feb 2024 08:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.224.0/20 maxlen: 24
109.248.41.0/24 maxlen: 24
188.130.154.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 20 Mar 2024 04:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:f1:36:7c:81:d8:20:d2:83:6c:91:db:08:db:1b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Feb 22 08:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=442fdac003167f2ecd21e2d41430265f43fac0a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4d:a1:e2:4e:b7:80:ae:8b:f4:ac:77:86:77:
0e:47:83:02:5c:00:27:eb:05:a8:3e:f5:b5:e5:7c:
1c:76:e7:71:a1:fd:18:c4:a9:1f:92:fa:bb:8d:2b:
3a:54:e4:76:c6:49:10:d3:52:c7:8a:80:f8:6a:0e:
92:d0:bd:df:52:15:1a:a1:67:64:32:c2:b2:f8:20:
89:d4:ab:b6:50:6c:bf:27:91:07:4d:eb:da:65:2b:
f0:7e:f4:13:7a:5d:8f:c6:f7:4c:da:be:57:d1:5d:
53:cb:af:46:44:0a:44:73:e1:f4:c8:18:2d:a3:45:
f7:f4:16:f0:e1:a0:ef:d0:fc:fe:c6:bd:1f:e9:15:
5f:1b:95:f2:37:ff:d6:e3:81:43:8a:38:bb:16:7a:
fb:40:8f:93:57:8b:9f:27:24:0b:a6:cd:c6:e3:52:
a9:4b:50:01:ae:c2:aa:0c:3a:9d:61:c1:aa:ec:0b:
66:4d:5d:87:9a:77:a5:85:05:4c:92:d4:47:75:49:
80:51:06:17:c8:7c:37:20:c1:a5:db:fa:dd:d3:76:
a3:dd:f3:5f:de:8d:1d:61:4f:0e:22:1a:bc:2d:60:
4c:8c:db:d9:fa:df:88:be:e1:97:44:aa:d5:20:db:
84:7b:24:aa:a0:a0:fe:79:18:f1:16:2a:fe:41:75:
30:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2F:DA:C0:03:16:7F:2E:CD:21:E2:D4:14:30:26:5F:43:FA:C0:A1
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/RC_awAMWfy7NIeLUFDAmX0P6wKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.224.0/20
109.248.41.0/24
188.130.154.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
a8:88:f7:84:33:b3:6a:7e:7b:dd:7e:e9:e0:3c:13:3b:20:01:
63:af:25:2a:a9:a3:2a:b5:1e:30:03:8e:15:ea:00:1e:91:40:
0b:7e:35:a6:ff:ae:ab:07:e5:bc:96:ad:ca:1f:c2:88:d1:7d:
8c:9e:a8:f0:d6:73:4f:03:07:d1:8b:72:30:07:8a:cc:cd:82:
fb:ac:e1:2a:8b:91:fc:12:73:bf:52:13:7a:e4:f4:02:be:dd:
9c:68:5e:2f:5d:30:85:96:98:c4:03:89:a0:16:79:c5:04:0c:
81:95:b1:90:3c:21:7d:b8:5d:5a:4a:16:16:83:e1:a4:b9:4c:
89:aa:86:59:50:5d:1f:b5:00:c1:9c:93:c7:ed:8a:ce:7d:18:
63:aa:f9:37:14:10:ac:3f:e9:36:51:c3:17:1b:0b:eb:6f:5d:
e2:19:52:e1:37:fe:fd:c8:84:1f:3d:8d:0f:88:5b:df:b3:da:
70:24:5a:83:87:15:cb:61:6d:e1:87:6f:e6:91:34:e7:20:4b:
19:4b:38:4b:ad:00:81:fd:45:1d:52:84:21:3a:44:a8:47:d1:
7b:49:ff:16:90:00:42:05:86:52:bf:91:8a:19:23:2d:6f:19:
aa:d1:49:05:95:08:e3:64:f2:6f:71:2d:0c:f1:33:fe:ec:e1:
d8:6c:ab:5a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY3P8TZ8gdgg0oNskdsI2xsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMjIyMDgzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDJmZGFjMDAzMTY3ZjJlY2QyMWUyZDQxNDMwMjY1ZjQzZmFjMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE2h4k63gK6L9Kx3hncOR4MCXAAn
6wWoPvW15Xwcdudxof0YxKkfkvq7jSs6VOR2xkkQ01LHioD4ag6S0L3fUhUaoWdk
MsKy+CCJ1Ku2UGy/J5EHTevaZSvwfvQTel2PxvdM2r5X0V1Ty69GRApEc+H0yBgt
o0X39Bbw4aDv0Pz+xr0f6RVfG5XyN//W44FDiji7Fnr7QI+TV4ufJyQLps3G41Kp
S1ABrsKqDDqdYcGq7AtmTV2HmnelhQVMktRHdUmAUQYXyHw3IMGl2/rd03aj3fNf
3o0dYU8OIhq8LWBMjNvZ+t+IvuGXRKrVINuEeySqoKD+eRjxFir+QXUwYwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEQv2sADFn8uzSHi1BQwJl9D+sChMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvUkNfYXdBTVdmeTdOSWVMVUZEQW1YMFA2d0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQELgjgAwQA
bfgpAwQAvIKaAwQAvIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEB
CwUAA4IBAQCoiPeEM7NqfnvdfungPBM7IAFjryUqqaMqtR4wA44V6gAekUALfjWm
/66rB+W8lq3KH8KI0X2Mnqjw1nNPAwfRi3IwB4rMzYL7rOEqi5H8EnO/UhN65PQC
vt2caF4vXTCFlpjEA4mgFnnFBAyBlbGQPCF9uF1aShYWg+GkuUyJqoZZUF0ftQDB
nJPH7YrOfRhjqvk3FBCsP+k2UcMXGwvrb13iGVLhN/79yIQfPY0PiFvfs9pwJFqD
hxXLYW3hh2/mkTTnIEsZSzhLrQCB/UUdUoQhOkSoR9F7Sf8WkABCBYZSv5GKGSMt
bxmq0UkFlQjjZPJvcS0M8TP+7OHYbKta
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org