Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1NmTg0Pn1HKHj0vQFChdepi_Wnc.roa
File: 1NmTg0Pn1HKHj0vQFChdepi_Wnc.roa (raw, json)
Hash identifier: ujEcDUefc5YgvSIxiind+il+q1ZZZvFR4z2EMZ26e0I=
Subject key identifier: D4:D9:93:83:43:E7:D4:72:87:8F:4B:D0:14:28:5D:7A:98:BF:5A:77
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A65BF2F038901C01FB34D675CC68E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1NmTg0Pn1HKHj0vQFChdepi_Wnc.roa
Signing time: Tue 02 Jan 2024 12:33:45 +0000
ROA not before: Tue 02 Jan 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 46.249.112.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:65:bf:2f:03:89:01:c0:1f:b3:4d:67:5c:c6:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4d9938343e7d472878f4bd014285d7a98bf5a77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f0:98:f6:d4:7c:d4:ba:05:97:f4:69:37:8e:
85:2b:ef:d5:79:1b:c1:49:44:34:ab:62:9e:b5:40:
c2:9d:ba:cb:85:8f:ba:21:b0:b8:c0:89:39:60:69:
0e:d2:06:6d:5d:e9:07:e7:a1:44:65:7e:2e:1f:00:
e3:e5:1f:93:df:dc:e0:76:84:d8:d5:c6:0f:da:c7:
3f:dd:16:79:8a:5c:5e:b0:92:b0:1b:f7:5d:4a:5d:
1f:65:e5:94:90:3a:98:c7:a6:0f:51:9b:3c:66:a5:
9e:22:a8:0c:2e:c8:05:fc:80:e9:d6:d0:d0:d7:cb:
05:aa:b8:bc:f3:b5:15:9a:e4:42:82:d8:f9:04:84:
79:00:be:aa:46:f4:3e:c4:75:0b:aa:bf:b6:cd:fb:
d9:a7:c6:76:8e:72:e7:99:29:13:67:41:17:13:b5:
25:83:d7:13:75:c8:a9:b7:25:7c:6f:d7:d2:77:c7:
2c:82:fd:58:7d:a5:df:ce:a5:c1:df:74:97:46:96:
89:6d:fd:b6:38:0e:e7:cc:8a:37:99:62:81:24:dc:
10:bd:fe:63:6d:2c:fc:2a:fd:46:4a:13:0b:66:b8:
eb:66:90:ac:af:ca:23:ef:29:2f:2e:ba:71:24:d1:
cb:08:9b:74:0a:a7:81:1f:d0:01:bd:5b:a3:5c:c1:
56:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D9:93:83:43:E7:D4:72:87:8F:4B:D0:14:28:5D:7A:98:BF:5A:77
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1NmTg0Pn1HKHj0vQFChdepi_Wnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.112.0/22
Signature Algorithm: sha256WithRSAEncryption
34:12:d3:d1:49:98:93:21:b3:cf:54:1c:3f:52:88:01:0b:86:
46:01:c8:fd:eb:0a:75:94:7b:4e:93:8a:44:c2:24:96:77:d0:
8a:42:9e:a9:f2:70:38:e5:7a:90:d2:c5:a2:8a:39:0d:3a:93:
ab:30:95:ed:74:e0:df:a4:db:e2:2f:ca:c3:71:f0:a1:fb:e0:
b6:75:f2:c1:d7:b2:ab:57:e1:7b:75:17:d1:7e:20:ce:ff:b0:
23:1f:20:21:bf:49:76:67:c4:a1:ad:a7:2a:e4:21:94:ea:e8:
3b:f9:31:7d:7a:cb:80:0f:7d:95:73:1f:8f:29:ce:d6:e1:01:
10:3a:6b:bd:35:49:41:17:a3:2c:15:2a:be:78:21:4c:c0:6e:
ca:55:b6:8e:4c:3d:eb:79:52:c4:7f:a6:07:ee:4f:2e:fa:f3:
8e:ac:61:cd:0b:03:f7:c3:7b:7f:e5:58:cb:cc:62:c4:b6:9c:
c1:ae:3d:bc:5c:ee:3d:6d:e2:3e:3f:39:8d:cf:94:d3:95:b4:
8a:c7:22:1b:d3:bb:b8:b8:cb:46:3d:70:4c:0c:5a:04:f5:81:
af:06:09:3d:1e:f1:38:0f:64:a6:13:4b:a0:83:1e:ff:96:3b:
a1:4b:12:60:a2:21:2d:c5:a1:77:fe:30:c6:52:df:d2:39:da:
4e:0d:13:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKmW/LwOJAcAfs01nXMaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQ5OTM4MzQzZTdkNDcyODc4ZjRiZDAxNDI4NWQ3YTk4YmY1YTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfCY9tR81LoFl/RpN46FK+/VeRvB
SUQ0q2KetUDCnbrLhY+6IbC4wIk5YGkO0gZtXekH56FEZX4uHwDj5R+T39zgdoTY
1cYP2sc/3RZ5ilxesJKwG/ddSl0fZeWUkDqYx6YPUZs8ZqWeIqgMLsgF/IDp1tDQ
18sFqri887UVmuRCgtj5BIR5AL6qRvQ+xHULqr+2zfvZp8Z2jnLnmSkTZ0EXE7Ul
g9cTdciptyV8b9fSd8csgv1YfaXfzqXB33SXRpaJbf22OA7nzIo3mWKBJNwQvf5j
bSz8Kv1GShMLZrjrZpCsr8oj7ykvLrpxJNHLCJt0CqeBH9ABvVujXMFWYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTZk4ND59Ryh49L0BQoXXqYv1p3MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMU5tVGcwUG4xSEtIajB2UUZDaGRlcGlfV25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLvlwMA0G
CSqGSIb3DQEBCwUAA4IBAQA0EtPRSZiTIbPPVBw/UogBC4ZGAcj96wp1lHtOk4pE
wiSWd9CKQp6p8nA45XqQ0sWiijkNOpOrMJXtdODfpNviL8rDcfCh++C2dfLB17Kr
V+F7dRfRfiDO/7AjHyAhv0l2Z8Shracq5CGU6ug7+TF9esuAD32Vcx+PKc7W4QEQ
Omu9NUlBF6MsFSq+eCFMwG7KVbaOTD3reVLEf6YH7k8u+vOOrGHNCwP3w3t/5VjL
zGLEtpzBrj28XO49beI+PzmNz5TTlbSKxyIb07u4uMtGPXBMDFoE9YGvBgk9HvE4
D2SmE0uggx7/ljuhSxJgoiEtxaF3/jDGUt/SOdpODRN5
-----END CERTIFICATE-----
Generated at Wed Jan 3 15:42:00 2024 by rpki-client on console-ams.rpki-client.org