Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/XeCRcNU47mLe11pZNMxj9wSVC3c.roa
File: XeCRcNU47mLe11pZNMxj9wSVC3c.roa (raw, json)
Hash identifier: QRCqaHVq4SGeVXA8wAYW9MYHJdXCdxokBgH46vn5kMc=
Subject key identifier: 5D:E0:91:70:D5:38:EE:62:DE:D7:5A:59:34:CC:63:F7:04:95:0B:77
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019049610996698B5B080E05AD6B227C71FE
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/XeCRcNU47mLe11pZNMxj9wSVC3c.roa
Signing time: Mon 24 Jun 2024 08:33:34 +0000
ROA not before: Mon 24 Jun 2024 08:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 46.8.4.0/24 maxlen: 24
46.8.58.0/23 maxlen: 23
188.130.200.0/22 maxlen: 22
188.130.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 07:40:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:61:09:96:69:8b:5b:08:0e:05:ad:6b:22:7c:71:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 24 08:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5de09170d538ee62ded75a5934cc63f704950b77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:01:d8:ba:48:7f:a4:64:db:e1:c3:89:cc:78:
20:36:5c:a8:aa:2b:6d:76:1b:46:95:93:a1:73:fa:
12:5b:36:da:a7:11:92:60:8d:f6:07:db:93:1a:e3:
94:7d:98:d5:1d:57:84:aa:af:4c:82:28:da:74:09:
48:56:f8:98:59:57:78:bb:fa:a1:82:9b:d4:c6:50:
5e:f4:90:77:0d:2d:0c:0d:99:8b:0b:21:46:18:e7:
24:06:32:23:89:f0:2b:10:76:18:8c:50:74:f0:73:
bf:cb:64:67:df:70:fa:c5:3c:1c:c6:ae:03:22:86:
10:ea:0b:eb:14:38:5e:09:82:fb:46:45:93:5a:94:
38:93:61:6d:75:b7:c6:d2:17:34:4f:3e:e3:d0:bc:
5f:1a:77:8f:38:a8:c8:79:a5:a4:70:52:20:af:54:
2c:52:74:7c:89:f9:41:e9:6a:84:45:fd:34:35:fe:
04:10:f8:7a:44:b9:b9:89:31:7b:6d:9d:4f:a3:de:
09:ac:f1:e1:da:80:0d:39:3e:97:eb:26:f9:27:75:
d2:6f:82:57:cc:63:3c:3d:0a:f5:6f:63:23:90:00:
52:a3:bc:91:18:ef:79:5f:be:c7:b9:c0:d6:e7:13:
5e:f8:da:97:1c:c0:95:ba:f3:4c:95:6f:34:17:45:
0d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E0:91:70:D5:38:EE:62:DE:D7:5A:59:34:CC:63:F7:04:95:0B:77
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/XeCRcNU47mLe11pZNMxj9wSVC3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.4.0/24
46.8.58.0/23
188.130.200.0-188.130.204.255
Signature Algorithm: sha256WithRSAEncryption
05:fc:8c:12:7f:db:b2:7e:e6:41:65:7f:72:75:d6:05:d5:98:
74:a7:5f:5a:81:e0:99:47:15:9a:13:96:7d:7f:fa:b1:37:ab:
14:d2:1f:d9:50:0b:b1:c1:1a:61:e2:ec:ac:f8:55:1a:3d:86:
35:62:58:8a:fa:7e:f1:82:ea:8a:44:e0:4c:f6:b5:ff:b8:88:
bb:ea:c4:2b:ed:87:50:ec:57:48:42:c1:84:93:a0:09:b4:2a:
da:c5:fa:b6:cd:8c:03:48:8d:02:91:14:79:10:a6:37:4d:ae:
83:3f:71:b1:5d:f8:e4:0f:7c:aa:21:cc:a2:e3:c1:8b:89:ca:
a7:e7:0f:87:11:06:c5:fb:43:cd:8b:8d:85:b1:5d:4f:7e:f3:
34:8f:b2:56:12:0e:62:6c:18:20:04:27:ea:23:74:da:84:36:
df:3b:b4:0e:a7:74:6d:79:cb:34:62:24:e7:9d:ae:e6:04:20:
2e:2f:dc:9e:49:68:e3:18:db:84:61:8e:e0:83:d3:77:bd:3e:
01:e3:f3:76:fa:83:74:57:41:8f:87:67:31:dd:98:9d:8a:3c:
15:6e:60:54:5a:55:c8:e8:24:66:1e:82:fd:7f:5e:44:c7:2f:
0a:5a:a0:44:6a:af:2d:df:32:56:90:2c:1f:99:60:f7:a1:80:
7b:35:91:42
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZBJYQmWaYtbCA4FrWsifHH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwNjI0MDgzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGUwOTE3MGQ1MzhlZTYyZGVkNzVhNTkzNGNjNjNmNzA0OTUwYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAHYukh/pGTb4cOJzHggNlyoqitt
dhtGlZOhc/oSWzbapxGSYI32B9uTGuOUfZjVHVeEqq9MgijadAlIVviYWVd4u/qh
gpvUxlBe9JB3DS0MDZmLCyFGGOckBjIjifArEHYYjFB08HO/y2Rn33D6xTwcxq4D
IoYQ6gvrFDheCYL7RkWTWpQ4k2FtdbfG0hc0Tz7j0LxfGnePOKjIeaWkcFIgr1Qs
UnR8iflB6WqERf00Nf4EEPh6RLm5iTF7bZ1Po94JrPHh2oANOT6X6yb5J3XSb4JX
zGM8PQr1b2MjkABSo7yRGO95X77HucDW5xNe+NqXHMCVuvNMlW80F0UNvQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF3gkXDVOO5i3tdaWTTMY/cElQt3MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvWGVDUmNOVTQ3bUxlMTFwWk5NeGo5d1NWQzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALggEAwQB
Lgg6MAwDBAO8gsgDBAC8gswwDQYJKoZIhvcNAQELBQADggEBAAX8jBJ/27J+5kFl
f3J11gXVmHSnX1qB4JlHFZoTln1/+rE3qxTSH9lQC7HBGmHi7Kz4VRo9hjViWIr6
fvGC6opE4Ez2tf+4iLvqxCvth1DsV0hCwYSToAm0KtrF+rbNjANIjQKRFHkQpjdN
roM/cbFd+OQPfKohzKLjwYuJyqfnD4cRBsX7Q82LjYWxXU9+8zSPslYSDmJsGCAE
J+ojdNqENt87tA6ndG15yzRiJOedruYEIC4v3J5JaOMY24RhjuCD03e9PgHj83b6
g3RXQY+HZzHdmJ2KPBVuYFRaVcjoJGYegv1/XkTHLwpaoERqry3fMlaQLB+ZYPeh
gHs1kUI=
-----END CERTIFICATE-----
Generated at Thu Jun 27 13:47:35 2024 by rpki-client on console-fra.rpki-client.org