Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/wMDpg3ZZp2olPthtlbWMIOy5mUE.roa
File: wMDpg3ZZp2olPthtlbWMIOy5mUE.roa (raw, json)
Hash identifier: +J+qhjUxsx1QS6oIo6Zb9YM3ECkqW4J7LmiB2IBTC9k=
Subject key identifier: C0:C0:E9:83:76:59:A7:6A:25:3E:D8:6D:95:B5:8C:20:EC:B9:99:41
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018D65A2ACF2B860DC6B33F3DE0F147CE3F0
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/wMDpg3ZZp2olPthtlbWMIOy5mUE.roa
Signing time: Thu 01 Feb 2024 17:06:16 +0000
ROA not before: Thu 01 Feb 2024 17:06:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.105.0/24 maxlen: 24
109.248.41.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 02 Feb 2024 16:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:a2:ac:f2:b8:60:dc:6b:33:f3:de:0f:14:7c:e3:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Feb 1 17:06:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0c0e9837659a76a253ed86d95b58c20ecb99941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:07:ef:87:a4:d5:92:db:20:c4:7f:5a:f8:1c:
24:fd:4f:e5:25:15:bc:ab:2f:cf:57:d0:00:d5:63:
b5:34:40:11:78:0c:01:4e:fe:48:13:e4:40:81:6d:
5f:ba:ac:30:3b:fe:e3:45:c7:e4:87:68:25:da:83:
15:44:30:73:ca:8c:aa:43:9e:61:eb:ce:ba:08:62:
b2:62:f8:61:fb:9b:61:65:fc:7b:2c:9e:6e:06:d8:
76:24:8f:14:6d:23:c2:07:19:07:0a:46:80:c0:fc:
bc:be:10:d7:08:f7:01:1e:77:a3:f3:f4:70:2f:c2:
9a:79:aa:18:39:2c:aa:d5:80:4f:3d:24:b6:3e:8e:
c5:74:68:df:db:6d:93:d0:d5:c4:70:74:c8:16:eb:
d1:c1:4b:ef:81:d5:de:90:7e:a0:c5:ea:42:b8:7b:
72:b2:b8:83:c5:f8:21:a6:1e:e5:19:ab:60:bd:93:
4c:02:bc:a4:19:54:1b:18:91:7e:ee:5a:81:c3:27:
af:7e:c5:aa:ec:8e:f4:85:4c:ed:83:90:a1:83:8c:
13:0f:bf:f5:08:12:df:d7:10:48:95:93:bc:b3:07:
c1:19:44:cd:16:c5:14:be:d6:6c:5f:da:bb:28:e3:
bd:52:d4:bd:32:cc:9d:de:f5:e9:9d:3b:f4:85:95:
55:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C0:E9:83:76:59:A7:6A:25:3E:D8:6D:95:B5:8C:20:EC:B9:99:41
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/wMDpg3ZZp2olPthtlbWMIOy5mUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.105.0/24
109.248.41.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
13:e3:dc:01:b8:c8:2f:1c:0f:3f:f2:1e:26:7f:19:f4:27:38:
72:c1:67:c5:26:4d:01:c6:86:d2:a6:0b:10:cc:f1:76:94:80:
1c:c5:5a:ce:8f:cd:cc:3d:d4:22:b8:2e:9e:4e:46:12:75:0f:
f6:ae:cc:69:5b:ab:f6:1f:22:12:0c:3e:6a:52:13:28:ab:f1:
69:45:66:8b:9e:76:6d:12:1c:8e:7b:ab:17:06:9f:1d:f4:c9:
65:4b:3f:86:b0:62:9b:3c:5e:7a:29:30:0a:30:36:91:8a:de:
e4:25:c8:04:84:71:b2:b8:a3:f8:c2:16:96:c8:1a:a7:7c:3f:
c4:c3:0a:1e:7c:b0:41:bf:40:cd:e1:f0:e6:f5:a5:55:3c:fa:
01:94:94:68:e0:7f:de:56:4a:29:b5:dc:fa:a5:fc:ab:9b:22:
d2:3c:4d:65:d3:6a:b3:fa:7f:be:0a:0d:5f:a9:02:fd:c8:a6:
1d:a0:a8:7e:64:aa:a7:6a:7f:24:0b:52:e9:0d:8b:46:e5:f0:
43:9f:a8:0e:43:80:b7:02:f0:6e:a9:a2:82:cf:9d:e9:b1:7b:
dc:b7:f5:ce:24:46:37:a8:20:16:99:d1:ac:56:a2:0b:b0:48:
91:12:f6:92:c3:fd:76:4e:04:72:cf:2f:f1:24:ac:49:1b:dd:
5f:dd:51:45
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY1loqzyuGDcazPz3g8UfOPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMjAxMTcwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGMwZTk4Mzc2NTlhNzZhMjUzZWQ4NmQ5NWI1OGMyMGVjYjk5OTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwfvh6TVktsgxH9a+Bwk/U/lJRW8
qy/PV9AA1WO1NEAReAwBTv5IE+RAgW1fuqwwO/7jRcfkh2gl2oMVRDBzyoyqQ55h
6866CGKyYvhh+5thZfx7LJ5uBth2JI8UbSPCBxkHCkaAwPy8vhDXCPcBHnej8/Rw
L8KaeaoYOSyq1YBPPSS2Po7FdGjf222T0NXEcHTIFuvRwUvvgdXekH6gxepCuHty
sriDxfghph7lGatgvZNMArykGVQbGJF+7lqBwyevfsWq7I70hUztg5Chg4wTD7/1
CBLf1xBIlZO8swfBGUTNFsUUvtZsX9q7KOO9UtS9Msyd3vXpnTv0hZVVNQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMDA6YN2WadqJT7YbZW1jCDsuZlBMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvd01EcGczWlpwMm9sUHRodGxiV01JT3k1bVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALghpAwQA
bfgpAwQAvIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQAT49wBuMgvHA8/8h4mfxn0JzhywWfFJk0BxobSpgsQzPF2lIAcxVrOj83MPdQi
uC6eTkYSdQ/2rsxpW6v2HyISDD5qUhMoq/FpRWaLnnZtEhyOe6sXBp8d9MllSz+G
sGKbPF56KTAKMDaRit7kJcgEhHGyuKP4whaWyBqnfD/EwwoefLBBv0DN4fDm9aVV
PPoBlJRo4H/eVkoptdz6pfyrmyLSPE1l02qz+n++Cg1fqQL9yKYdoKh+ZKqnan8k
C1LpDYtG5fBDn6gOQ4C3AvBuqaKCz53psXvct/XOJEY3qCAWmdGsVqILsEiREvaS
w/12TgRyzy/xJKxJG91f3VFF
-----END CERTIFICATE-----
Generated at Fri Feb 2 20:33:31 2024 by rpki-client on console-fra.rpki-client.org