Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/K9ApMkKXa38wzzVvVhIqK5oV2E4.roa
File: K9ApMkKXa38wzzVvVhIqK5oV2E4.roa (raw, json)
Hash identifier: 59b1gslN4j6q6wboP71gM7m5fpTl2jhsx6D58pW84A0=
Subject key identifier: 2B:D0:29:32:42:97:6B:7F:30:CF:35:6F:56:12:2A:2B:9A:15:D8:4E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018AB31D505E3FF57D61C9FFAFE62C186340
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/K9ApMkKXa38wzzVvVhIqK5oV2E4.roa
Signing time: Wed 20 Sep 2023 15:02:37 +0000
ROA not before: Wed 20 Sep 2023 15:02:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142019
IP address blocks: 46.249.104.0/24 maxlen: 24
46.249.105.0/24 maxlen: 24
46.249.106.0/24 maxlen: 24
46.249.107.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:1d:50:5e:3f:f5:7d:61:c9:ff:af:e6:2c:18:63:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Sep 20 15:02:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bd0293242976b7f30cf356f56122a2b9a15d84e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:00:b6:d8:0c:ba:82:9c:30:b3:ff:af:03:1a:
75:75:68:7c:3e:60:e9:7b:f0:da:c0:6e:5e:7c:31:
f4:3d:d6:5f:3a:8b:01:97:47:ac:8f:7b:1e:9b:36:
39:1a:19:17:47:f2:8f:7e:a5:0b:e5:7f:cf:e4:08:
a5:57:43:f2:26:ef:b6:40:77:01:56:25:33:18:05:
ee:11:0d:8e:e1:05:85:fc:8a:2e:c2:c3:96:be:fa:
8f:c4:a4:13:59:73:f3:ea:b8:5e:a7:41:99:bc:76:
b2:d7:bb:7e:2c:c4:a3:48:c0:af:73:b4:f3:e0:ec:
da:9d:f0:d4:aa:31:98:2f:e4:da:74:fa:48:e8:09:
ec:98:73:8a:51:11:3f:24:da:66:36:37:2e:cf:9a:
b3:0b:84:65:86:ed:e4:c6:ff:73:e3:39:1d:45:77:
a7:98:bf:70:64:8b:db:af:20:51:f4:89:e1:38:56:
e5:59:1a:8e:24:8f:75:82:d1:48:ff:24:a2:6b:31:
1b:1b:cd:29:48:c0:45:3b:75:46:95:ef:43:85:2a:
3a:55:c5:b2:f9:96:f7:b3:67:84:3f:60:15:f3:98:
38:2c:3b:71:07:c2:83:bd:2e:2e:e0:4c:b4:ac:bc:
d8:68:ef:0c:b5:b9:5f:1d:ed:68:f0:d0:7a:5f:7f:
ee:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D0:29:32:42:97:6B:7F:30:CF:35:6F:56:12:2A:2B:9A:15:D8:4E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/K9ApMkKXa38wzzVvVhIqK5oV2E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.104.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:46:9c:41:39:d9:e1:2a:3d:a6:96:d7:69:65:57:16:9f:21:
8d:9e:5a:77:ae:b3:68:d1:f1:ee:b7:9c:b1:05:ab:36:97:2b:
85:58:13:14:2c:fd:61:7c:a2:49:6c:02:bf:55:f5:02:cd:a7:
16:e3:b2:ca:1e:3d:11:bc:e3:f6:a9:00:32:5d:d7:cb:42:34:
e0:ac:0e:f2:0e:f3:b7:d0:44:5d:75:07:f6:80:d0:6c:d9:e3:
5b:30:6b:be:be:6f:a4:a3:e5:42:0d:bf:b7:95:ef:7a:65:47:
9a:fd:78:7d:73:48:1e:b2:e2:a0:e5:22:b0:35:ed:19:18:bc:
cd:f5:2f:66:ee:c6:9e:54:49:60:c5:88:48:ee:97:63:32:c0:
4b:13:de:69:60:79:38:d6:70:e7:3f:fb:43:ce:11:4f:f7:20:
72:e9:ab:63:a3:16:88:3a:ce:1e:1f:d7:42:33:af:ad:e4:52:
2f:a3:b2:8f:81:02:48:5e:dc:ae:52:ea:80:0f:dd:1b:54:10:
2b:84:d1:e8:03:7a:fe:09:a8:0c:c6:df:1d:f2:2f:84:3b:db:
c5:3b:2f:9a:d4:95:17:56:14:b1:60:31:5b:38:8d:95:4d:6b:
37:c2:da:13:cc:e9:4b:d5:db:a0:a7:79:0c:39:da:22:6e:6c:
1c:06:87:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqzHVBeP/V9Ycn/r+YsGGNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwOTIwMTUwMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQwMjkzMjQyOTc2YjdmMzBjZjM1NmY1NjEyMmEyYjlhMTVkODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQC22Ay6gpwws/+vAxp1dWh8PmDp
e/DawG5efDH0PdZfOosBl0esj3semzY5GhkXR/KPfqUL5X/P5AilV0PyJu+2QHcB
ViUzGAXuEQ2O4QWF/IouwsOWvvqPxKQTWXPz6rhep0GZvHay17t+LMSjSMCvc7Tz
4OzanfDUqjGYL+TadPpI6AnsmHOKURE/JNpmNjcuz5qzC4Rlhu3kxv9z4zkdRXen
mL9wZIvbryBR9InhOFblWRqOJI91gtFI/ySiazEbG80pSMBFO3VGle9DhSo6VcWy
+Zb3s2eEP2AV85g4LDtxB8KDvS4u4Ey0rLzYaO8MtblfHe1o8NB6X3/ujQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvQKTJCl2t/MM81b1YSKiuaFdhOMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvSzlBcE1rS1hhMzh3enpWdlZoSXFLNW9WMkU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLvloMA0G
CSqGSIb3DQEBCwUAA4IBAQC7RpxBOdnhKj2mltdpZVcWnyGNnlp3rrNo0fHut5yx
Bas2lyuFWBMULP1hfKJJbAK/VfUCzacW47LKHj0RvOP2qQAyXdfLQjTgrA7yDvO3
0ERddQf2gNBs2eNbMGu+vm+ko+VCDb+3le96ZUea/Xh9c0gesuKg5SKwNe0ZGLzN
9S9m7saeVElgxYhI7pdjMsBLE95pYHk41nDnP/tDzhFP9yBy6atjoxaIOs4eH9dC
M6+t5FIvo7KPgQJIXtyuUuqAD90bVBArhNHoA3r+CagMxt8d8i+EO9vFOy+a1JUX
VhSxYDFbOI2VTWs3wtoTzOlL1dugp3kMOdoibmwcBoeR
-----END CERTIFICATE-----
Generated at Fri Dec 1 13:44:48 2023 by rpki-client on console-ams.rpki-client.org