Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6gKkFxuaWCBlZduMq0b1oWieUrc.roa
File: 6gKkFxuaWCBlZduMq0b1oWieUrc.roa (raw, json)
Hash identifier: M3b0vxwaSmSsklDp3HzZ2hIllH1Rdgz18Nha6LYEBE8=
Subject key identifier: EA:02:A4:17:1B:9A:58:20:65:65:DB:8C:AB:46:F5:A1:68:9E:52:B7
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A69115B2D9C330DCE11D633CEDE6A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6gKkFxuaWCBlZduMq0b1oWieUrc.roa
Signing time: Tue 02 Jan 2024 12:33:46 +0000
ROA not before: Tue 02 Jan 2024 12:33:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24875
IP address blocks: 46.249.104.0/24 maxlen: 24
46.249.104.0/23 maxlen: 24
46.249.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 12:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:69:11:5b:2d:9c:33:0d:ce:11:d6:33:ce:de:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea02a4171b9a58206565db8cab46f5a1689e52b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:d6:58:5a:97:5d:01:80:3f:95:f8:9c:95:
ae:29:8b:92:75:7f:9e:76:ef:34:16:9a:74:c9:05:
a0:aa:ab:96:3b:92:8d:ed:0f:4f:80:68:b7:fc:7a:
0e:12:63:14:57:cc:4f:76:a3:26:f6:a0:79:60:6d:
ff:38:e3:3a:77:95:c4:e3:00:42:42:2b:bd:e0:a5:
3b:de:84:ef:cd:10:7a:46:60:15:89:27:8a:3d:89:
1c:12:53:02:da:cd:e2:d0:1f:80:c0:2a:4a:f2:be:
bd:a1:18:d2:58:1d:64:c0:86:f3:0d:cc:0f:75:ad:
91:58:3e:29:d1:07:1b:57:5e:cd:91:a1:32:28:6f:
58:ce:f7:40:c7:e4:da:5f:91:65:b6:61:e1:bb:08:
15:4d:06:07:3f:1e:cf:1d:69:69:6a:4e:13:e1:33:
ca:32:88:ce:70:05:42:a4:58:52:32:f8:00:0c:8a:
e4:03:0c:0e:6e:24:87:cb:05:59:a9:3e:e2:37:f8:
1a:87:77:87:30:5b:3d:f7:88:b8:1b:a4:69:bb:c9:
8a:88:04:dc:c5:03:8f:0b:cb:27:89:cd:9b:d7:66:
02:de:3f:06:5f:15:1f:72:39:9c:91:87:82:f4:83:
cb:ac:ab:3e:38:dd:3a:2c:91:a6:d3:2c:9e:bb:61:
ec:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:02:A4:17:1B:9A:58:20:65:65:DB:8C:AB:46:F5:A1:68:9E:52:B7
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6gKkFxuaWCBlZduMq0b1oWieUrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.104.0-46.249.106.255
Signature Algorithm: sha256WithRSAEncryption
5a:ba:a6:c4:b5:83:ab:8c:15:7b:63:83:52:0d:2b:83:0c:eb:
2f:5f:79:ea:7e:94:99:cc:e9:2d:ae:be:1d:67:fb:f4:f0:90:
2d:be:50:7c:6d:78:ca:e3:4b:d2:9b:33:ec:c9:17:91:be:04:
74:e3:f7:5b:e8:75:eb:c4:af:f0:11:65:18:2e:b4:9a:11:59:
a0:86:ca:50:0d:66:60:a7:08:97:ba:81:b6:94:69:89:e7:a4:
56:87:95:d9:e2:c0:ff:da:17:af:83:cc:6c:ad:c4:80:5c:ec:
3e:50:10:6c:6a:35:b4:dc:9f:e4:74:cc:e0:08:0e:95:5f:9a:
6b:e7:79:e3:81:b2:44:fa:ba:9b:83:b3:ee:e5:1a:66:e3:8f:
88:49:28:ff:66:62:e7:80:e9:e4:ab:0c:a5:0a:c0:c9:de:4c:
1d:bd:8d:d0:8b:8f:0b:69:60:20:ee:07:e9:fa:b9:79:35:c8:
b8:f5:61:d9:ce:4a:54:4a:c8:db:1d:3e:68:73:8e:03:1e:bb:
c2:47:93:5b:d8:54:7e:bf:c1:94:f7:e1:bd:97:23:a2:d2:ab:
2b:99:3a:9b:de:50:5c:d5:d8:91:2e:88:54:37:91:41:f8:04:
3c:5c:00:95:de:2c:b0:7e:2f:73:e2:ae:c3:47:0a:f1:18:54:
be:d6:6f:2e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKKmkRWy2cMw3OEdYzzt5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTAyYTQxNzFiOWE1ODIwNjU2NWRiOGNhYjQ2ZjVhMTY4OWU1MmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNvWWFqXXQGAP5X4nJWuKYuSdX+e
du80Fpp0yQWgqquWO5KN7Q9PgGi3/HoOEmMUV8xPdqMm9qB5YG3/OOM6d5XE4wBC
Qiu94KU73oTvzRB6RmAViSeKPYkcElMC2s3i0B+AwCpK8r69oRjSWB1kwIbzDcwP
da2RWD4p0QcbV17NkaEyKG9YzvdAx+TaX5FltmHhuwgVTQYHPx7PHWlpak4T4TPK
MojOcAVCpFhSMvgADIrkAwwObiSHywVZqT7iN/gah3eHMFs994i4G6Rpu8mKiATc
xQOPC8snic2b12YC3j8GXxUfcjmckYeC9IPLrKs+ON06LJGm0yyeu2Hs+wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOoCpBcbmlggZWXbjKtG9aFonlK3MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvNmdLa0Z4dWFXQ0JsWmR1TXEwYjFvV2llVXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMu+WgD
BAAu+WowDQYJKoZIhvcNAQELBQADggEBAFq6psS1g6uMFXtjg1INK4MM6y9feep+
lJnM6S2uvh1n+/TwkC2+UHxteMrjS9KbM+zJF5G+BHTj91vodevEr/ARZRgutJoR
WaCGylANZmCnCJe6gbaUaYnnpFaHldniwP/aF6+DzGytxIBc7D5QEGxqNbTcn+R0
zOAIDpVfmmvneeOBskT6upuDs+7lGmbjj4hJKP9mYueA6eSrDKUKwMneTB29jdCL
jwtpYCDuB+n6uXk1yLj1YdnOSlRKyNsdPmhzjgMeu8JHk1vYVH6/wZT34b2XI6LS
qyuZOpveUFzV2JEuiFQ3kUH4BDxcAJXeLLB+L3PirsNHCvEYVL7Wby4=
-----END CERTIFICATE-----
Generated at Thu Feb 29 16:39:21 2024 by rpki-client on console-fra.rpki-client.org