Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/rUWbZHIKcLSnXVyqXaCHrGDUBaM.roa
File: rUWbZHIKcLSnXVyqXaCHrGDUBaM.roa (raw, json)
Hash identifier: xY0M2zcxa9ZrhehEZrsHbMF4I2qTd9WtpePqBt1jEj0=
Subject key identifier: AD:45:9B:64:72:0A:70:B4:A7:5D:5C:AA:5D:A0:87:AC:60:D4:05:A3
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018EE84565EE82CA488153F364652A939BD2
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/rUWbZHIKcLSnXVyqXaCHrGDUBaM.roa
Signing time: Tue 16 Apr 2024 18:57:25 +0000
ROA not before: Tue 16 Apr 2024 18:57:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.224.0/20 maxlen: 24
46.8.254.0/24 maxlen: 24
95.182.76.0/24 maxlen: 24
188.130.154.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 17 Apr 2024 09:10:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e8:45:65:ee:82:ca:48:81:53:f3:64:65:2a:93:9b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Apr 16 18:57:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad459b64720a70b4a75d5caa5da087ac60d405a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a1:d5:90:a5:81:b7:6a:be:a3:ae:dc:ff:b0:
de:f1:b7:cd:1c:41:2c:27:5a:ab:40:fd:1f:0b:eb:
3d:2b:c0:b0:d3:c2:c3:d8:2a:93:e2:9f:77:f6:8e:
9b:aa:ff:54:98:84:0b:4a:14:db:e1:ec:73:c2:1f:
91:f1:bf:f6:89:d8:8b:af:56:c0:da:3a:c7:3c:75:
e9:8e:2f:08:36:e8:62:c7:cf:7c:9f:71:9e:a1:d3:
c7:fd:44:1f:f3:49:47:12:b5:30:ce:1c:d0:31:68:
cd:5a:c2:9b:b9:8b:08:20:21:57:db:d3:0e:63:59:
2b:50:93:68:4b:db:a7:f5:fe:f9:28:ec:ff:c6:72:
b9:4c:52:a7:c1:4a:3f:47:19:4e:8e:5d:12:f1:57:
e9:52:da:62:90:37:5a:c0:b2:95:e7:24:65:bc:d4:
d6:25:be:71:4b:66:92:2e:a0:4f:f9:0e:1f:64:e1:
0c:0e:e9:b0:6e:ad:d1:1d:32:d2:7d:6a:85:24:4f:
a7:a0:45:ff:4d:3d:77:62:b6:c1:61:a0:70:a7:9d:
a1:05:32:a7:8b:68:ad:78:38:34:27:b5:22:23:b6:
df:ed:7f:3c:45:ae:00:22:01:b4:6e:6d:3b:26:7e:
65:9e:da:34:9c:b6:55:16:2c:ef:5c:65:28:b4:39:
58:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:45:9B:64:72:0A:70:B4:A7:5D:5C:AA:5D:A0:87:AC:60:D4:05:A3
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/rUWbZHIKcLSnXVyqXaCHrGDUBaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.224.0/20
46.8.254.0/24
95.182.76.0/24
188.130.154.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
84:e8:a1:be:91:0c:d4:1c:a6:56:64:88:38:90:c8:9b:33:a1:
3a:ee:87:4a:19:c5:c7:5b:be:2e:b0:46:00:05:ce:b0:5d:e0:
d3:77:56:98:84:2e:4e:16:19:0c:d3:00:d1:0f:45:df:36:75:
69:14:07:4e:e8:81:b4:c0:9e:e8:6b:b1:88:15:70:4e:57:9c:
fc:a0:54:5a:d0:97:6c:e9:f6:c8:3f:8a:7e:a2:5e:af:da:93:
80:ae:55:7f:46:00:2a:95:76:eb:75:e9:32:ce:40:6b:3f:f6:
6f:32:27:93:20:9a:db:1f:2b:23:4f:86:d3:dc:ae:b8:f4:ab:
ea:3b:a0:a4:46:7b:6b:c8:7b:e5:24:42:2c:73:a4:8f:3b:57:
0f:9e:b7:86:db:e6:d6:3d:f3:d3:6a:47:82:7b:bb:8d:00:0d:
c0:7e:37:64:02:2a:ba:6c:0e:bb:2d:b4:ef:c1:f2:3b:72:c7:
3c:4f:c3:57:82:be:9b:22:14:90:29:3c:cc:9d:0d:a1:f1:e8:
8e:4e:83:15:8b:19:19:d3:c2:3f:1f:db:fa:a8:fd:d1:3a:5e:
96:0a:b4:cb:6d:37:33:90:00:35:74:3c:1e:b2:66:85:08:9b:
89:58:30:86:20:0a:80:44:a4:d9:f4:59:eb:f3:c2:f0:5f:95:
80:38:a0:d0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY7oRWXugspIgVPzZGUqk5vSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwNDE2MTg1NzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQ1OWI2NDcyMGE3MGI0YTc1ZDVjYWE1ZGEwODdhYzYwZDQwNWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6HVkKWBt2q+o67c/7De8bfNHEEs
J1qrQP0fC+s9K8Cw08LD2CqT4p939o6bqv9UmIQLShTb4exzwh+R8b/2idiLr1bA
2jrHPHXpji8INuhix898n3GeodPH/UQf80lHErUwzhzQMWjNWsKbuYsIICFX29MO
Y1krUJNoS9un9f75KOz/xnK5TFKnwUo/RxlOjl0S8VfpUtpikDdawLKV5yRlvNTW
Jb5xS2aSLqBP+Q4fZOEMDumwbq3RHTLSfWqFJE+noEX/TT13YrbBYaBwp52hBTKn
i2iteDg0J7UiI7bf7X88Ra4AIgG0bm07Jn5lnto0nLZVFizvXGUotDlYMQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFK1Fm2RyCnC0p11cql2gh6xg1AWjMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvclVXYlpISUtjTFNuWFZ5cVhhQ0hyR0RVQmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQELgjgAwQA
Lgj+AwQAX7ZMAwQAvIKaAwQAvIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqG
SIb3DQEBCwUAA4IBAQCE6KG+kQzUHKZWZIg4kMibM6E67odKGcXHW74usEYABc6w
XeDTd1aYhC5OFhkM0wDRD0XfNnVpFAdO6IG0wJ7oa7GIFXBOV5z8oFRa0Jds6fbI
P4p+ol6v2pOArlV/RgAqlXbrdekyzkBrP/ZvMieTIJrbHysjT4bT3K649KvqO6Ck
RntryHvlJEIsc6SPO1cPnreG2+bWPfPTakeCe7uNAA3AfjdkAiq6bA67LbTvwfI7
csc8T8NXgr6bIhSQKTzMnQ2h8eiOToMVixkZ08I/H9v6qP3ROl6WCrTLbTczkAA1
dDwesmaFCJuJWDCGIAqARKTZ9Fnr88LwX5WAOKDQ
-----END CERTIFICATE-----
Generated at Wed Apr 17 12:33:46 2024 by rpki-client on console-ams.rpki-client.org