Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/p5YQk1fy4TplQ1VLbSHkKHYpDno.roa
File: p5YQk1fy4TplQ1VLbSHkKHYpDno.roa (raw, json)
Hash identifier: NqAMdT4JQhSvhxygxlLRleV4ACRd3dBcsg2ONQFaf+g=
Subject key identifier: A7:96:10:93:57:F2:E1:3A:65:43:55:4B:6D:21:E4:28:76:29:0E:7A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018BD74D1FE26D40730028D2070957C7551A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/p5YQk1fy4TplQ1VLbSHkKHYpDno.roa
Signing time: Thu 16 Nov 2023 08:43:57 +0000
ROA not before: Thu 16 Nov 2023 08:43:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49304
IP address blocks: 188.253.0.0/23 maxlen: 24
82.115.8.0/23 maxlen: 24
46.249.108.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:4d:1f:e2:6d:40:73:00:28:d2:07:09:57:c7:55:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 16 08:43:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a796109357f2e13a6543554b6d21e42876290e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:68:8c:e0:2b:97:60:3f:f9:14:99:7c:30:55:
b0:1c:84:5b:54:ba:8f:fd:95:8b:2b:05:dc:40:d6:
6d:04:19:97:26:3a:44:17:f1:c7:89:7f:2d:40:f1:
4a:7d:2b:41:62:d2:87:a3:0e:58:46:3d:07:24:12:
85:1a:e7:c6:f8:2d:55:f5:0b:f5:48:ae:fc:78:2a:
26:e4:06:07:43:65:c0:7d:3a:60:4c:91:94:32:06:
3b:18:9d:32:af:7b:88:f7:64:bb:3b:88:be:45:ba:
62:93:c4:96:08:eb:03:b7:a7:58:f8:b0:c2:15:79:
64:70:ff:20:99:8f:ed:ae:ac:b4:3c:7a:5e:fe:dc:
15:af:b9:85:96:43:39:ac:2c:7a:dc:2b:24:9c:2d:
05:4a:73:30:0d:01:71:c1:9c:d6:b2:b8:65:d2:3d:
b3:9d:e5:d0:4e:f6:e0:c8:36:c8:bf:7d:5f:c8:04:
9e:2b:70:de:be:73:45:fa:be:4c:55:0e:04:e1:eb:
b5:5e:f3:6f:f1:ac:d9:cd:3f:e0:99:60:5f:6a:2d:
00:56:c5:ba:1c:f1:e6:64:18:8b:61:e9:13:eb:a3:
80:10:ae:fd:f2:3a:17:0f:34:69:16:dd:68:33:34:
af:9b:d1:02:31:f0:9f:4d:5a:d3:f7:af:44:66:13:
9c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:96:10:93:57:F2:E1:3A:65:43:55:4B:6D:21:E4:28:76:29:0E:7A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/p5YQk1fy4TplQ1VLbSHkKHYpDno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.108.0/23
82.115.8.0/23
188.253.0.0/23
Signature Algorithm: sha256WithRSAEncryption
44:28:ad:70:f7:9d:c5:25:b8:94:fc:af:94:9d:59:19:f0:80:
1c:8b:17:05:6a:a2:6d:7d:1a:d4:83:76:66:9a:17:8a:28:f3:
99:3a:61:95:8e:aa:46:83:d6:d0:a7:55:eb:1a:08:91:9e:fe:
bf:64:44:c1:62:f6:c7:1b:d3:a3:09:e6:91:66:5c:8e:55:9b:
d4:8b:8e:d3:0c:a1:bf:de:26:78:3b:cc:27:1f:33:a5:55:8e:
94:65:e1:bc:de:da:a9:dc:71:5d:14:e4:14:a4:0e:f2:55:dd:
91:d9:67:38:dd:d7:a0:d4:fb:11:1f:6c:28:f3:6d:fe:3b:53:
c3:2a:e2:5c:e8:ea:e5:c0:2c:ad:55:42:25:74:6f:0d:5b:37:
bb:3b:a8:ef:2f:2e:b4:61:b0:28:84:6d:24:85:63:87:33:cf:
13:2c:6f:d6:42:5f:9e:6c:b5:0e:44:30:fb:95:c5:86:75:b5:
ea:8c:57:78:96:d2:8d:dd:07:a9:db:1a:b2:08:66:80:cb:87:
fe:8a:ae:12:dc:48:ce:ec:c0:af:92:4f:48:76:fd:ab:5e:ef:
e3:c0:eb:b1:a6:d1:ee:02:66:2e:f3:b5:6a:17:e8:f6:6f:5b:
46:14:64:54:24:23:de:a8:9e:26:e1:bc:4f:f5:68:86:cb:b6:
73:cb:8c:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvXTR/ibUBzACjSBwlXx1UaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMTE2MDg0MzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzk2MTA5MzU3ZjJlMTNhNjU0MzU1NGI2ZDIxZTQyODc2MjkwZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmiM4CuXYD/5FJl8MFWwHIRbVLqP
/ZWLKwXcQNZtBBmXJjpEF/HHiX8tQPFKfStBYtKHow5YRj0HJBKFGufG+C1V9Qv1
SK78eCom5AYHQ2XAfTpgTJGUMgY7GJ0yr3uI92S7O4i+Rbpik8SWCOsDt6dY+LDC
FXlkcP8gmY/trqy0PHpe/twVr7mFlkM5rCx63CsknC0FSnMwDQFxwZzWsrhl0j2z
neXQTvbgyDbIv31fyASeK3DevnNF+r5MVQ4E4eu1XvNv8azZzT/gmWBfai0AVsW6
HPHmZBiLYekT66OAEK798joXDzRpFt1oMzSvm9ECMfCfTVrT969EZhOcFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKeWEJNX8uE6ZUNVS20h5Ch2KQ56MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcDVZUWsxZnk0VHBsUTFWTGJTSGtLSFlwRG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLvlsAwQB
UnMIAwQBvP0AMA0GCSqGSIb3DQEBCwUAA4IBAQBEKK1w953FJbiU/K+UnVkZ8IAc
ixcFaqJtfRrUg3ZmmheKKPOZOmGVjqpGg9bQp1XrGgiRnv6/ZETBYvbHG9OjCeaR
ZlyOVZvUi47TDKG/3iZ4O8wnHzOlVY6UZeG83tqp3HFdFOQUpA7yVd2R2Wc43deg
1PsRH2wo823+O1PDKuJc6OrlwCytVUIldG8NWze7O6jvLy60YbAohG0khWOHM88T
LG/WQl+ebLUORDD7lcWGdbXqjFd4ltKN3Qep2xqyCGaAy4f+iq4S3EjO7MCvkk9I
dv2rXu/jwOuxptHuAmYu87VqF+j2b1tGFGRUJCPeqJ4m4bxP9WiGy7Zzy4y8
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:48 2024 by rpki-client on console-fra.rpki-client.org