Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/lnML_I44TYlKjp8SwD_SKTp5ol0.roa
File: lnML_I44TYlKjp8SwD_SKTp5ol0.roa (raw, json)
Hash identifier: z/8IMrAE104nk+a6jbLlTs44di9h4AM4vqK2qwCHzeI=
Subject key identifier: 96:73:0B:FC:8E:38:4D:89:4A:8E:9F:12:C0:3F:D2:29:3A:79:A2:5D
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01925170541DD52E3D903E20A9F73CEC02E1
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/lnML_I44TYlKjp8SwD_SKTp5ol0.roa
Signing time: Thu 03 Oct 2024 08:12:48 +0000
ROA not before: Thu 03 Oct 2024 08:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 46.8.58.0/23 maxlen: 23
46.8.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 08:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:70:54:1d:d5:2e:3d:90:3e:20:a9:f7:3c:ec:02:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Oct 3 08:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96730bfc8e384d894a8e9f12c03fd2293a79a25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f7:85:e8:b4:b3:36:14:76:bb:a5:ef:06:77:
a0:18:5b:fe:af:62:45:d7:df:40:70:04:93:fe:7b:
89:8a:c8:7a:11:b3:64:b6:bc:2b:59:86:00:bf:ea:
3c:52:6f:06:67:63:12:aa:15:63:64:24:79:e9:3b:
15:bd:05:1e:d7:5d:1b:b3:b2:a5:fc:bd:4a:bc:09:
c5:4c:6e:a9:8c:b8:ca:13:7f:31:28:92:2c:97:21:
80:93:e6:f5:fa:51:37:2c:11:87:ea:82:2a:f7:cf:
49:b8:fc:16:8f:69:d2:5b:3a:83:ea:7f:74:75:fc:
f7:49:15:82:2e:6b:d5:03:8b:ad:f3:28:b8:5a:5b:
48:ba:55:65:bf:3e:d9:fd:d5:fa:aa:0c:bd:e6:3b:
08:18:7f:1c:72:c9:d8:3e:08:90:e1:31:c8:c6:cc:
80:80:49:08:71:ba:b6:5f:5f:68:24:65:67:0f:ff:
4e:35:53:a6:42:b3:15:58:19:ba:ed:8a:26:18:79:
80:0f:6d:08:5b:35:61:29:de:a3:8e:f1:8c:69:c7:
03:c0:d5:1b:45:d3:6f:d8:ad:e0:8f:53:c3:53:61:
e9:f8:d8:e8:73:41:bc:fc:42:51:60:0e:0c:2e:13:
1a:ac:cd:ce:04:40:13:0d:c8:08:ac:30:5e:ca:8e:
c7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:73:0B:FC:8E:38:4D:89:4A:8E:9F:12:C0:3F:D2:29:3A:79:A2:5D
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/lnML_I44TYlKjp8SwD_SKTp5ol0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.58.0/23
46.8.67.0/24
Signature Algorithm: sha256WithRSAEncryption
63:1d:68:6d:b5:ff:9b:02:8a:a2:47:bf:4d:8d:fc:80:e9:e5:
4a:7d:d8:a4:c6:51:fa:af:77:37:5c:70:c2:54:83:36:2f:78:
33:e6:bb:c9:e6:87:7f:8e:d4:b9:7e:de:46:2a:7b:f2:31:a3:
fc:4c:3b:3a:e8:1d:37:8c:64:71:02:36:32:ba:8c:37:e7:6a:
4c:d7:fc:12:b3:21:5b:dd:4a:3f:23:bc:89:d9:de:27:16:70:
f8:f4:54:06:c9:76:6d:0f:54:13:ee:12:31:a8:51:d7:0a:48:
fe:93:0c:e6:79:b5:24:f0:20:f3:a1:40:f4:d6:6d:c1:cc:6f:
2f:cf:2b:28:61:b8:0f:db:e5:3e:4d:51:e1:2b:9f:6e:58:7f:
31:f9:21:cb:94:10:55:2a:d8:f7:89:09:9f:62:5b:7c:f1:fe:
9d:4f:ae:c9:6a:0b:51:4d:ea:32:70:fe:d3:04:5a:b2:f9:fb:
c8:b9:ae:fd:f5:00:43:0b:f2:bf:6e:56:bc:16:9f:09:95:7c:
d5:18:3c:e1:f0:c8:21:b8:e3:87:4e:4d:a9:28:dd:63:c9:6b:
90:f6:26:02:8d:1d:01:43:a8:1c:79:6a:19:e8:2f:c1:7b:99:
88:2e:53:c0:ab:76:25:cd:d0:29:f0:30:62:02:08:6e:7e:13:
84:8e:ec:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJRcFQd1S49kD4gqfc87ALhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQxMDAzMDgxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjczMGJmYzhlMzg0ZDg5NGE4ZTlmMTJjMDNmZDIyOTNhNzlhMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/eF6LSzNhR2u6XvBnegGFv+r2JF
199AcAST/nuJish6EbNktrwrWYYAv+o8Um8GZ2MSqhVjZCR56TsVvQUe110bs7Kl
/L1KvAnFTG6pjLjKE38xKJIslyGAk+b1+lE3LBGH6oIq989JuPwWj2nSWzqD6n90
dfz3SRWCLmvVA4ut8yi4WltIulVlvz7Z/dX6qgy95jsIGH8ccsnYPgiQ4THIxsyA
gEkIcbq2X19oJGVnD/9ONVOmQrMVWBm67YomGHmAD20IWzVhKd6jjvGMaccDwNUb
RdNv2K3gj1PDU2Hp+Njoc0G8/EJRYA4MLhMarM3OBEATDcgIrDBeyo7HgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJZzC/yOOE2JSo6fEsA/0ik6eaJdMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvbG5NTF9JNDRUWWxLanA4U3dEX1NLVHA1b2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLgg6AwQA
LghDMA0GCSqGSIb3DQEBCwUAA4IBAQBjHWhttf+bAoqiR79NjfyA6eVKfdikxlH6
r3c3XHDCVIM2L3gz5rvJ5od/jtS5ft5GKnvyMaP8TDs66B03jGRxAjYyuow352pM
1/wSsyFb3Uo/I7yJ2d4nFnD49FQGyXZtD1QT7hIxqFHXCkj+kwzmebUk8CDzoUD0
1m3BzG8vzysoYbgP2+U+TVHhK59uWH8x+SHLlBBVKtj3iQmfYlt88f6dT67JagtR
TeoycP7TBFqy+fvIua799QBDC/K/bla8Fp8JlXzVGDzh8MghuOOHTk2pKN1jyWuQ
9iYCjR0BQ6gceWoZ6C/Be5mILlPAq3YlzdAp8DBiAghufhOEjuzc
-----END CERTIFICATE-----
Generated at Wed Oct 9 10:56:23 2024 by rpki-client on console-ams.rpki-client.org