Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/B4vjbwZRuEwPREcLkUNXDnohpV4.roa
File: B4vjbwZRuEwPREcLkUNXDnohpV4.roa (raw, json)
Hash identifier: BGtXI/dtmp8MTqUzU1uZE7AupFLbtrfbCwp3gAjV/jU=
Subject key identifier: 07:8B:E3:6F:06:51:B8:4C:0F:44:47:0B:91:43:57:0E:7A:21:A5:5E
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 01918015DEF134B5B43E56BEB9EB77C95F08
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/B4vjbwZRuEwPREcLkUNXDnohpV4.roa
Signing time: Fri 23 Aug 2024 16:33:22 +0000
ROA not before: Fri 23 Aug 2024 16:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 46.226.160.0/21 maxlen: 32
89.169.52.0/22 maxlen: 32
92.246.136.0/22 maxlen: 32
217.144.185.0/24 maxlen: 32
217.144.186.0/24 maxlen: 32
217.144.187.0/24 maxlen: 32
217.144.188.0/24 maxlen: 32
217.144.189.0/24 maxlen: 32
217.144.190.0/24 maxlen: 32
217.144.191.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 05 Sep 2024 10:26:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:80:15:de:f1:34:b5:b4:3e:56:be:b9:eb:77:c9:5f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Aug 23 16:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=078be36f0651b84c0f44470b9143570e7a21a55e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:14:e0:ff:1d:82:e1:30:0c:1b:a2:b6:8d:19:
d6:30:fd:ac:88:e7:64:82:21:f0:be:08:cc:6b:ba:
9d:d0:51:99:a8:a0:d3:c4:76:98:36:9e:c7:7b:19:
5b:c5:fa:4a:9d:9b:70:f9:9e:39:1b:c5:55:17:f7:
11:31:5d:e7:f1:6e:54:f4:71:ab:77:53:32:b3:52:
15:70:d7:1f:82:95:bf:fc:4d:71:b3:1e:cb:e5:a7:
6c:ac:52:4a:7f:6e:b5:0b:95:c2:c9:ed:63:91:4b:
96:b0:a6:e6:ed:3e:64:eb:2c:00:6b:63:6b:11:a1:
bb:40:ad:34:2d:ef:fa:78:9d:3c:76:b9:e3:c8:e9:
cb:c7:75:79:d5:15:82:e6:29:7e:f9:b2:f9:ae:da:
e4:51:f7:ab:9b:05:f3:fd:d3:7c:c3:c9:36:81:82:
e5:f8:54:b8:8a:b2:d7:80:de:63:63:ac:ba:13:af:
aa:f1:d9:be:8a:e7:f5:b1:80:19:5d:66:95:db:71:
dd:7d:c2:71:89:59:8d:ab:80:74:73:4c:66:3f:d4:
65:a6:7b:90:17:ba:ff:66:ea:12:ed:8a:05:28:65:
bc:6c:93:41:38:a9:74:f7:5c:0d:01:33:b9:6d:c2:
9c:99:04:51:f3:b8:f7:3c:ed:25:9f:d0:2d:94:4d:
79:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8B:E3:6F:06:51:B8:4C:0F:44:47:0B:91:43:57:0E:7A:21:A5:5E
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/B4vjbwZRuEwPREcLkUNXDnohpV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.160.0/21
89.169.52.0/22
92.246.136.0/22
217.144.185.0-217.144.191.255
Signature Algorithm: sha256WithRSAEncryption
73:fe:59:49:28:c5:88:32:9b:2f:85:95:ee:19:0b:01:20:3c:
8a:f1:75:b5:82:5a:76:ed:1b:85:c3:f7:d1:a8:ac:27:55:62:
4a:ba:4d:09:ed:44:07:f6:59:1e:0d:58:f9:99:a0:2c:da:5c:
d7:5b:33:79:70:92:c7:79:d7:02:4d:c9:2a:ae:2e:d9:f7:e1:
75:72:e7:ff:ea:18:5a:7d:a4:1f:87:b8:3e:82:af:d7:56:4a:
4e:ea:57:f7:d3:92:37:85:55:2d:e1:dd:a9:4e:83:6a:bc:6e:
2a:10:f0:a3:85:27:47:3d:63:e8:38:b1:4b:ad:da:03:2c:51:
f0:55:e8:0f:d2:05:1b:00:ca:9b:17:2c:20:dc:05:25:64:46:
85:e7:5b:b3:2c:0f:42:cb:9e:cc:7c:16:d1:1f:fe:37:1e:37:
dc:d1:61:7a:1a:8b:49:f2:79:ad:af:ee:67:03:be:ac:01:fd:
2b:7d:7b:29:da:73:89:4d:dd:a0:38:d0:3a:7c:9d:6d:4a:b4:
0d:9f:d4:4c:37:43:e2:42:0b:0c:58:96:f7:5a:d6:e6:34:d8:
a8:35:19:8f:b4:b3:c3:79:37:bf:16:dc:9d:ea:6f:7f:83:2a:
38:6e:78:14:a5:c0:81:62:47:0e:07:b5:78:af:8f:58:7a:eb:
69:a0:17:6b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZGAFd7xNLW0Pla+uet3yV8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwODIzMTYzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzhiZTM2ZjA2NTFiODRjMGY0NDQ3MGI5MTQzNTcwZTdhMjFhNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxTg/x2C4TAMG6K2jRnWMP2siOdk
giHwvgjMa7qd0FGZqKDTxHaYNp7HexlbxfpKnZtw+Z45G8VVF/cRMV3n8W5U9HGr
d1Mys1IVcNcfgpW//E1xsx7L5adsrFJKf261C5XCye1jkUuWsKbm7T5k6ywAa2Nr
EaG7QK00Le/6eJ08drnjyOnLx3V51RWC5il++bL5rtrkUfermwXz/dN8w8k2gYLl
+FS4irLXgN5jY6y6E6+q8dm+iuf1sYAZXWaV23HdfcJxiVmNq4B0c0xmP9RlpnuQ
F7r/ZuoS7YoFKGW8bJNBOKl091wNATO5bcKcmQRR87j3PO0ln9AtlE15EQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAeL428GUbhMD0RHC5FDVw56IaVeMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvQjR2amJ3WlJ1RXdQUkVjTGtVTlhEbm9ocFY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDLuKgAwQC
Wak0AwQCXPaIMAwDBADZkLkDBAbZkIAwDQYJKoZIhvcNAQELBQADggEBAHP+WUko
xYgymy+Fle4ZCwEgPIrxdbWCWnbtG4XD99GorCdVYkq6TQntRAf2WR4NWPmZoCza
XNdbM3lwksd51wJNySquLtn34XVy5//qGFp9pB+HuD6Cr9dWSk7qV/fTkjeFVS3h
3alOg2q8bioQ8KOFJ0c9Y+g4sUut2gMsUfBV6A/SBRsAypsXLCDcBSVkRoXnW7Ms
D0LLnsx8FtEf/jceN9zRYXoai0nyea2v7mcDvqwB/St9eynac4lN3aA40Dp8nW1K
tA2f1Ew3Q+JCCwxYlvda1uY02Kg1GY+0s8N5N78W3J3qb3+DKjhueBSlwIFiRw4H
tXivj1h662mgF2s=
-----END CERTIFICATE-----
Generated at Thu Sep 5 12:31:35 2024 by rpki-client on console-ams.rpki-client.org