Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/okziwT0A4Z3qHDVpjMnISI71qrA.roa
File: okziwT0A4Z3qHDVpjMnISI71qrA.roa (raw, json)
Hash identifier: x6dmdHclEqI12OCfEG1MJAw7Pn6Flh3Ey8ra20XiE8I=
Subject key identifier: A2:4C:E2:C1:3D:00:E1:9D:EA:1C:35:69:8C:C9:C8:48:8E:F5:AA:B0
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018BE132BFF5BB50868045D8374E10D4988B
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/okziwT0A4Z3qHDVpjMnISI71qrA.roa
Signing time: Sat 18 Nov 2023 06:51:21 +0000
ROA not before: Sat 18 Nov 2023 06:51:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 46.249.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e1:32:bf:f5:bb:50:86:80:45:d8:37:4e:10:d4:98:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 18 06:51:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a24ce2c13d00e19dea1c35698cc9c8488ef5aab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:82:53:68:87:4f:e6:f1:41:a6:bb:5a:2b:90:
c0:ec:8e:0b:ca:07:f9:46:4a:4f:c1:82:9c:b8:46:
d6:ea:31:66:ec:5d:8f:22:7b:a8:7b:3b:46:ba:dc:
05:f6:21:f7:7c:07:d1:f8:12:95:af:5d:55:2c:bb:
85:7f:b3:4f:3f:b8:23:14:7a:31:92:89:3a:fa:5d:
50:3a:d7:f5:5f:74:07:4f:48:42:bc:ae:2c:cf:12:
d3:08:80:a5:0f:b0:ea:ba:c2:03:19:fe:25:5a:a7:
c6:4e:ee:78:6f:eb:21:10:11:f3:7d:f3:26:60:06:
4e:50:ca:39:a7:4d:9c:5f:ce:55:4c:f0:6f:d1:b3:
ba:9a:e5:ca:36:f7:ff:39:b2:02:f0:a4:78:b1:e5:
52:cb:c6:e7:26:1c:91:57:e8:d5:94:f2:70:1a:9a:
d4:92:07:90:5b:b8:43:a8:3a:f7:8c:23:fe:9c:a6:
ad:b3:8c:94:cd:8d:d5:fb:b4:6b:73:4c:34:90:47:
74:2d:7a:be:d2:ee:76:d1:36:a8:18:67:c0:5b:0b:
e5:c2:9a:19:05:3a:c6:5f:d2:e2:b0:91:15:66:42:
46:da:27:0a:29:83:18:1e:7c:5a:14:d5:4f:06:e5:
37:1a:ca:9f:bf:f5:76:07:c5:af:56:c5:53:96:8a:
b7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4C:E2:C1:3D:00:E1:9D:EA:1C:35:69:8C:C9:C8:48:8E:F5:AA:B0
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/okziwT0A4Z3qHDVpjMnISI71qrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.110.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:e6:5c:ed:75:df:10:6a:35:5e:2e:5d:b3:27:f3:55:2b:29:
18:43:1c:eb:1f:49:d2:f9:9e:57:c1:06:2d:49:9c:58:32:c3:
fd:fc:46:99:ef:6d:ce:42:e0:7f:c7:05:c6:3b:b9:95:8b:cb:
01:37:77:aa:98:64:35:09:c5:29:ee:20:a8:88:02:12:3b:d6:
bb:56:0f:76:95:8a:03:90:07:b5:f4:90:9e:45:a1:2c:0c:80:
2d:28:92:1c:d6:54:67:cc:57:ad:33:80:6e:ae:ee:97:29:eb:
26:d9:ce:05:f8:3f:72:f6:14:02:70:93:64:19:70:bc:3e:09:
48:a5:30:b6:6b:2d:18:92:54:c0:ad:6a:11:09:ac:64:1b:42:
71:b3:42:bd:75:cc:31:65:60:5d:b4:82:41:0a:02:32:f6:64:
c5:06:6c:7e:11:7a:b1:b3:37:d6:90:e6:e1:4a:3f:5b:65:40:
58:51:71:87:77:e0:7f:2e:55:a3:e7:a5:66:68:ed:34:66:b6:
16:b0:44:19:c1:6a:65:1a:0b:02:94:5b:56:d2:46:59:cd:32:
c2:f2:d0:b1:b3:bc:6c:db:72:b1:d4:cd:25:e7:7f:96:97:40:
3d:f0:db:a4:c7:00:db:73:ab:e4:0f:55:6b:71:45:55:75:62:
5c:ae:e5:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvhMr/1u1CGgEXYN04Q1JiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMTE4MDY1MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjRjZTJjMTNkMDBlMTlkZWExYzM1Njk4Y2M5Yzg0ODhlZjVhYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYJTaIdP5vFBprtaK5DA7I4Lygf5
RkpPwYKcuEbW6jFm7F2PInuoeztGutwF9iH3fAfR+BKVr11VLLuFf7NPP7gjFHox
kok6+l1QOtf1X3QHT0hCvK4szxLTCIClD7DqusIDGf4lWqfGTu54b+shEBHzffMm
YAZOUMo5p02cX85VTPBv0bO6muXKNvf/ObIC8KR4seVSy8bnJhyRV+jVlPJwGprU
kgeQW7hDqDr3jCP+nKats4yUzY3V+7Rrc0w0kEd0LXq+0u520TaoGGfAWwvlwpoZ
BTrGX9LisJEVZkJG2icKKYMYHnxaFNVPBuU3Gsqfv/V2B8WvVsVTloq3SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJM4sE9AOGd6hw1aYzJyEiO9aqwMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvb2t6aXdUMEE0WjNxSERWcGpNbklTSTcxcXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvluMA0G
CSqGSIb3DQEBCwUAA4IBAQDJ5lztdd8QajVeLl2zJ/NVKykYQxzrH0nS+Z5XwQYt
SZxYMsP9/EaZ723OQuB/xwXGO7mVi8sBN3eqmGQ1CcUp7iCoiAISO9a7Vg92lYoD
kAe19JCeRaEsDIAtKJIc1lRnzFetM4Buru6XKesm2c4F+D9y9hQCcJNkGXC8PglI
pTC2ay0YklTArWoRCaxkG0Jxs0K9dcwxZWBdtIJBCgIy9mTFBmx+EXqxszfWkObh
Sj9bZUBYUXGHd+B/LlWj56VmaO00ZrYWsEQZwWplGgsClFtW0kZZzTLC8tCxs7xs
23Kx1M0l53+Wl0A98NukxwDbc6vkD1VrcUVVdWJcruVw
-----END CERTIFICATE-----
Generated at Sat Nov 18 08:36:27 2023 by rpki-client on console-ams.rpki-client.org