Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/QkSBAiA2_yvWJe8vjn-2z7Uy-TI.roa
File: QkSBAiA2_yvWJe8vjn-2z7Uy-TI.roa (raw, json)
Hash identifier: EcwOORFF02dWP2l8Np+nScRe6H/XUNPd+sYZL826vK8=
Subject key identifier: 42:44:81:02:20:36:FF:2B:D6:25:EF:2F:8E:7F:B6:CF:B5:32:F9:32
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 01856E2FA07D03B9B2C946F56CCB3CCD7A3B
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/QkSBAiA2_yvWJe8vjn-2z7Uy-TI.roa
Signing time: Sun 01 Jan 2023 16:34:53 +0000
ROA not before: Sun 01 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61248
IP address blocks: 46.143.212.0/22 maxlen: 22
46.143.248.0/22 maxlen: 22
109.122.252.0/23 maxlen: 23
109.122.254.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:a0:7d:03:b9:b2:c9:46:f5:6c:cb:3c:cd:7a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Jan 1 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=424481022036ff2bd625ef2f8e7fb6cfb532f932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6c:a3:b8:b9:e6:be:aa:6f:22:da:a0:2b:46:
e0:cf:5c:55:14:c6:a6:06:76:32:fe:31:1f:77:9c:
19:57:9a:5d:44:4a:e8:d7:ba:2a:67:f7:53:cd:ba:
3d:f4:db:9e:36:a8:5b:53:f5:cb:d2:e3:7d:ac:db:
81:04:f8:85:27:29:c2:4c:e3:15:b1:76:f1:3a:c2:
72:1a:91:cc:91:04:96:f4:65:f7:89:87:c9:1d:fc:
96:1e:9e:1b:57:bb:bc:34:2c:0c:5d:31:dc:d5:27:
6c:df:dc:20:d5:f4:23:20:bb:d2:ca:db:ab:2d:65:
44:b7:a9:8f:76:e1:d0:98:75:56:01:da:e6:9e:2f:
2f:6b:7b:2b:36:aa:39:7d:78:40:1b:71:02:5c:a8:
73:55:b4:27:d7:10:30:22:d1:8d:d2:2e:7b:0b:73:
23:f7:12:1c:64:1b:55:18:fe:e8:8c:da:0b:49:d0:
b2:20:2b:33:9a:a7:e7:92:e5:f7:62:1e:3f:78:e3:
ff:76:20:b9:18:e8:90:c4:2d:4e:6e:a1:6f:ef:60:
39:52:43:76:60:6f:42:c9:64:06:86:03:58:cf:c0:
a3:74:e1:75:07:f0:eb:15:37:f3:c4:d4:7e:7d:1b:
bc:c3:cb:59:e3:2a:de:44:79:96:29:28:f3:3a:6f:
8e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:44:81:02:20:36:FF:2B:D6:25:EF:2F:8E:7F:B6:CF:B5:32:F9:32
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/QkSBAiA2_yvWJe8vjn-2z7Uy-TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.212.0/22
46.143.248.0/22
109.122.252.0/22
Signature Algorithm: sha256WithRSAEncryption
48:10:fe:c5:25:f0:fc:23:1c:a3:25:77:ea:ae:ac:02:57:f0:
ab:16:fa:4f:54:fa:0c:d4:46:3c:53:36:e7:44:12:da:65:16:
8e:38:e6:9d:51:c2:d0:72:46:65:ff:40:da:8d:d1:ca:59:21:
24:b9:36:c7:f8:b8:10:29:f8:7f:fc:b8:2e:f6:a8:eb:1e:e7:
db:85:e6:a7:9c:b4:7c:7b:c4:b2:41:13:7a:f1:16:40:5e:1f:
4d:f2:61:1f:52:af:ea:50:14:33:17:fc:2a:04:27:2e:07:32:
03:8a:bd:30:26:c7:80:5b:f2:5a:37:f3:f2:75:32:2c:ad:94:
bb:e2:36:5e:b2:21:aa:dd:16:75:8e:0d:36:b4:14:c2:8d:5d:
8f:50:74:7b:90:d5:4c:f3:f4:4c:b2:c5:2c:1a:fa:fe:1b:bd:
42:2a:0d:c6:b0:d7:77:4e:ed:3f:a7:fa:7f:a9:6a:07:8a:52:
20:46:8a:77:97:9e:db:6d:f8:38:28:d5:20:77:0a:53:78:5b:
05:3d:43:db:d3:7d:09:c3:5f:9d:c2:9c:f0:4d:33:60:63:e3:
67:c0:b8:8f:95:b9:43:29:fa:d7:b1:5f:45:f8:c5:de:92:27:
96:d4:01:6b:b6:11:dd:fd:4a:b4:2b:d0:2d:4d:72:c5:56:a8:
18:39:be:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuL6B9A7myyUb1bMs8zXo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjMwMTAxMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ0ODEwMjIwMzZmZjJiZDYyNWVmMmY4ZTdmYjZjZmI1MzJmOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmyjuLnmvqpvItqgK0bgz1xVFMam
BnYy/jEfd5wZV5pdREro17oqZ/dTzbo99NueNqhbU/XL0uN9rNuBBPiFJynCTOMV
sXbxOsJyGpHMkQSW9GX3iYfJHfyWHp4bV7u8NCwMXTHc1Sds39wg1fQjILvSytur
LWVEt6mPduHQmHVWAdrmni8va3srNqo5fXhAG3ECXKhzVbQn1xAwItGN0i57C3Mj
9xIcZBtVGP7ojNoLSdCyICszmqfnkuX3Yh4/eOP/diC5GOiQxC1ObqFv72A5UkN2
YG9CyWQGhgNYz8CjdOF1B/DrFTfzxNR+fRu8w8tZ4yreRHmWKSjzOm+OLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEJEgQIgNv8r1iXvL45/ts+1MvkyMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvUWtTQkFpQTJfeXZXSmU4dmpuLTJ6N1V5LVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLo/UAwQC
Lo/4AwQCbXr8MA0GCSqGSIb3DQEBCwUAA4IBAQBIEP7FJfD8IxyjJXfqrqwCV/Cr
FvpPVPoM1EY8UzbnRBLaZRaOOOadUcLQckZl/0DajdHKWSEkuTbH+LgQKfh//Lgu
9qjrHufbheannLR8e8SyQRN68RZAXh9N8mEfUq/qUBQzF/wqBCcuBzIDir0wJseA
W/JaN/PydTIsrZS74jZesiGq3RZ1jg02tBTCjV2PUHR7kNVM8/RMssUsGvr+G71C
Kg3GsNd3Tu0/p/p/qWoHilIgRop3l57bbfg4KNUgdwpTeFsFPUPb030Jw1+dwpzw
TTNgY+NnwLiPlblDKfrXsV9F+MXekieW1AFrthHd/Uq0K9AtTXLFVqgYOb4v
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:02 2024 by rpki-client on console-ams.rpki-client.org