Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/lF6gWv2bWhxzbHRYUskezo6lBDg.roa
File: lF6gWv2bWhxzbHRYUskezo6lBDg.roa (raw, json)
Hash identifier: B5inpPlUjHa+HwCo9L2fMeznGkbi5sGg73uRUwT4sc0=
Subject key identifier: 94:5E:A0:5A:FD:9B:5A:1C:73:6C:74:58:52:C9:1E:CE:8E:A5:04:38
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018DA364FFF0424D7FA3EAC75AA595ADD67C
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/lF6gWv2bWhxzbHRYUskezo6lBDg.roa
Signing time: Tue 13 Feb 2024 16:55:21 +0000
ROA not before: Tue 13 Feb 2024 16:55:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.224.0/20 maxlen: 24
109.248.41.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 22 Feb 2024 08:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a3:64:ff:f0:42:4d:7f:a3:ea:c7:5a:a5:95:ad:d6:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Feb 13 16:55:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=945ea05afd9b5a1c736c745852c91ece8ea50438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:63:67:e3:e0:b9:2b:77:e6:62:33:65:01:2d:
a7:49:e5:a1:89:4d:2d:4d:18:0f:c3:34:62:73:0b:
51:98:de:0b:6d:44:51:dd:24:f3:08:f9:91:44:fa:
ee:83:76:95:63:4a:7d:fd:25:21:8a:07:f7:92:47:
8b:03:e7:80:d8:d2:f4:4d:18:25:d3:45:13:42:a1:
0a:b6:df:b3:3c:fa:8f:15:1c:07:cc:30:5d:22:82:
a9:d3:6c:57:2e:44:9a:97:9f:94:47:ec:d6:48:7e:
eb:f3:db:06:be:e7:d8:f0:7e:42:bd:cf:c1:44:25:
0f:1b:c4:36:24:1d:8f:36:0f:48:d3:0d:04:8b:7e:
af:5c:01:0d:15:d2:66:f7:78:7a:ea:7e:f2:a3:0d:
79:6c:f3:58:01:ac:e5:03:17:3c:63:76:7c:0f:0f:
7d:70:25:5b:68:6a:15:b5:09:78:69:e2:3c:51:fa:
c9:c8:e9:47:63:69:f4:fa:10:6f:d1:95:06:77:95:
4e:ed:e8:66:17:bb:8d:24:28:71:28:92:c3:1d:a3:
4b:c9:8c:8d:1b:67:7c:5f:38:1f:93:45:24:a6:37:
9e:95:27:b6:24:f5:30:e1:6b:ed:80:c7:86:5b:59:
ce:35:05:be:bf:a1:47:a4:0a:09:cd:4c:9f:cb:5a:
54:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:5E:A0:5A:FD:9B:5A:1C:73:6C:74:58:52:C9:1E:CE:8E:A5:04:38
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/lF6gWv2bWhxzbHRYUskezo6lBDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.224.0/20
109.248.41.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
2f:94:52:28:aa:ce:41:22:61:38:b4:91:6e:39:ea:8a:cf:81:
70:b8:1b:52:6c:48:3b:3d:00:10:8e:50:01:86:c1:f7:ac:6f:
e9:a4:3d:4f:46:f1:81:0c:af:a1:8d:f9:cd:58:1c:34:da:14:
6b:39:2e:64:e2:4d:a0:5c:2c:ab:3b:21:94:d4:6f:f2:49:53:
ef:2a:44:d8:3a:80:1f:62:91:34:37:7c:75:8f:64:a3:dc:08:
39:cf:8d:a6:41:42:24:98:a3:ad:f7:dd:0c:9b:21:3e:b2:ab:
b9:56:55:bb:dc:10:01:15:62:da:96:33:8b:7e:a4:14:f4:33:
52:82:52:31:78:c3:cd:b8:0d:68:2d:80:e8:ec:dd:a4:ab:07:
af:5b:69:9a:49:f2:0b:89:e2:45:08:08:21:48:fd:9b:ec:f2:
96:fe:f3:58:9f:06:9c:17:64:02:22:87:56:ae:87:35:59:36:
0f:09:20:73:61:fb:43:9a:b0:62:42:68:40:02:04:e3:9b:cf:
5b:47:ce:64:7e:6a:70:df:7d:df:88:2e:cc:e3:9c:98:74:c5:
cf:0d:7d:45:bb:51:c2:7a:58:4d:5c:c8:51:63:c7:b4:f2:85:
e3:c2:04:1c:a0:35:75:4c:1c:67:43:c9:0e:66:e2:f7:f8:86:
b0:2e:6f:bd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY2jZP/wQk1/o+rHWqWVrdZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMjEzMTY1NTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDVlYTA1YWZkOWI1YTFjNzM2Yzc0NTg1MmM5MWVjZThlYTUwNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2Nn4+C5K3fmYjNlAS2nSeWhiU0t
TRgPwzRicwtRmN4LbURR3STzCPmRRPrug3aVY0p9/SUhigf3kkeLA+eA2NL0TRgl
00UTQqEKtt+zPPqPFRwHzDBdIoKp02xXLkSal5+UR+zWSH7r89sGvufY8H5Cvc/B
RCUPG8Q2JB2PNg9I0w0Ei36vXAENFdJm93h66n7yow15bPNYAazlAxc8Y3Z8Dw99
cCVbaGoVtQl4aeI8UfrJyOlHY2n0+hBv0ZUGd5VO7ehmF7uNJChxKJLDHaNLyYyN
G2d8Xzgfk0UkpjeelSe2JPUw4WvtgMeGW1nONQW+v6FHpAoJzUyfy1pUqQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJReoFr9m1occ2x0WFLJHs6OpQQ4MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvbEY2Z1d2MmJXaHh6YkhSWVVza2V6bzZsQkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQELgjgAwQA
bfgpAwQAvIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQAvlFIoqs5BImE4tJFuOeqKz4FwuBtSbEg7PQAQjlABhsH3rG/ppD1PRvGBDK+h
jfnNWBw02hRrOS5k4k2gXCyrOyGU1G/ySVPvKkTYOoAfYpE0N3x1j2Sj3Ag5z42m
QUIkmKOt990MmyE+squ5VlW73BABFWLaljOLfqQU9DNSglIxeMPNuA1oLYDo7N2k
qwevW2maSfILieJFCAghSP2b7PKW/vNYnwacF2QCIodWroc1WTYPCSBzYftDmrBi
QmhAAgTjm89bR85kfmpw333fiC7M45yYdMXPDX1Fu1HCelhNXMhRY8e08oXjwgQc
oDV1TBxnQ8kOZuL3+IawLm+9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org