Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/qDtgFrkv1GEzJPI8dMvTQTLi0DQ.roa
File: qDtgFrkv1GEzJPI8dMvTQTLi0DQ.roa (raw, json)
Hash identifier: xDnSZtyFKkQGx05k2J6YHUifcljATlJmNDmZBHBQouM=
Subject key identifier: A8:3B:60:16:B9:2F:D4:61:33:24:F2:3C:74:CB:D3:41:32:E2:D0:34
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 018CC6B781B6559EF8413E38352FBAB134A5
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/qDtgFrkv1GEzJPI8dMvTQTLi0DQ.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49970
IP address blocks: 46.143.200.0/24 maxlen: 24
46.143.201.0/24 maxlen: 24
46.143.246.0/24 maxlen: 24
46.143.247.0/24 maxlen: 24
109.122.240.0/21 maxlen: 21
46.143.193.0/24 maxlen: 24
46.143.192.0/18 maxlen: 24
46.143.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jan 2024 10:36:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:81:b6:55:9e:f8:41:3e:38:35:2f:ba:b1:34:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a83b6016b92fd4613324f23c74cbd34132e2d034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ce:f2:e6:3c:d9:45:f7:6d:98:e8:f5:52:dd:
0c:01:24:26:71:2b:4e:6f:1e:53:95:35:9e:7e:04:
92:b6:c0:bf:62:e7:fd:04:c6:23:6d:92:b4:25:1b:
56:5c:1e:4d:1c:cd:b4:83:6c:4f:f8:39:96:c9:44:
9a:b6:e8:fc:4d:6c:1b:de:8a:3c:66:6b:dd:74:44:
c0:ce:d8:c9:78:b6:e0:29:b0:35:3e:c1:db:37:4f:
b2:b7:4a:f4:f7:ea:31:5c:3c:24:e3:73:d7:e4:f6:
72:f7:c0:12:47:02:f4:15:38:1b:d5:d9:b5:5e:8f:
e2:23:24:f7:74:b1:bc:59:59:67:b5:16:25:e8:93:
13:f4:2b:54:7d:66:8c:1f:76:f3:0d:80:aa:7e:42:
d6:e8:66:c4:6c:2e:e5:26:bc:01:d1:ef:ab:a6:c1:
d4:07:95:06:82:b4:5c:72:df:a3:0c:71:41:e7:bb:
77:71:b9:1a:9b:c1:2a:22:00:f4:fe:f8:03:dd:8c:
a8:a5:db:8c:e1:c6:f6:2c:0e:3e:cd:c8:f7:b3:b1:
d7:5e:fc:61:49:c5:fd:2f:c6:ec:41:53:2b:cb:d1:
05:0d:d7:0a:02:1c:10:d4:6e:92:ff:e5:83:d3:5e:
4d:4d:8c:38:35:f4:11:1e:aa:7f:ff:cd:c0:61:86:
8f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:3B:60:16:B9:2F:D4:61:33:24:F2:3C:74:CB:D3:41:32:E2:D0:34
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/qDtgFrkv1GEzJPI8dMvTQTLi0DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.192.0/18
109.122.240.0/21
Signature Algorithm: sha256WithRSAEncryption
97:ac:85:eb:ef:11:f8:f9:a1:80:11:ab:91:17:2a:4d:87:d5:
89:21:ed:f1:28:68:2b:11:5a:dd:cf:15:ba:5f:31:5b:c0:b2:
4a:3a:f7:58:8c:89:55:bb:14:e8:10:1d:fe:83:9c:5b:22:b7:
c7:67:e6:76:8b:2c:9b:30:02:7f:b1:3a:d8:d8:26:ca:b8:bd:
d1:3c:44:3a:38:9f:37:b5:51:35:bc:1c:04:9c:79:25:50:9f:
f9:19:32:f7:79:19:3e:0d:f9:83:d1:7c:5d:b2:7a:8f:15:cc:
b5:7c:db:ae:ab:61:f8:1f:ab:4c:8e:89:dc:d7:c5:6d:e0:c4:
6a:f3:dc:06:8d:9b:f2:4d:16:72:d8:93:6a:b0:01:16:65:b2:
33:c1:15:76:6e:47:ab:99:44:c8:0f:14:52:98:52:0a:15:a3:
d3:00:f0:4e:c1:43:22:41:d0:01:50:43:e9:c4:50:cb:f2:63:
14:3b:6b:ba:23:6c:03:29:4e:f2:02:5a:ce:53:12:9e:94:9a:
75:8f:8b:fe:4f:34:06:84:cb:55:90:f0:d7:64:f9:c4:63:d2:
48:95:77:12:1f:ae:07:72:63:e9:87:b7:15:df:56:25:00:6d:
8f:45:67:ac:e2:af:83:b8:cd:57:52:01:68:63:7e:c2:27:40:
a8:99:76:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt4G2VZ74QT44NS+6sTSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODNiNjAxNmI5MmZkNDYxMzMyNGYyM2M3NGNiZDM0MTMyZTJkMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs7y5jzZRfdtmOj1Ut0MASQmcStO
bx5TlTWefgSStsC/Yuf9BMYjbZK0JRtWXB5NHM20g2xP+DmWyUSatuj8TWwb3oo8
ZmvddETAztjJeLbgKbA1PsHbN0+yt0r09+oxXDwk43PX5PZy98ASRwL0FTgb1dm1
Xo/iIyT3dLG8WVlntRYl6JMT9CtUfWaMH3bzDYCqfkLW6GbEbC7lJrwB0e+rpsHU
B5UGgrRcct+jDHFB57t3cbkam8EqIgD0/vgD3YyopduM4cb2LA4+zcj3s7HXXvxh
ScX9L8bsQVMry9EFDdcKAhwQ1G6S/+WD015NTYw4NfQRHqp//83AYYaP9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKg7YBa5L9RhMyTyPHTL00Ey4tA0MB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvcUR0Z0Zya3YxR0V6SlBJOGRNdlRRVExpMERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGLo/AAwQD
bXrwMA0GCSqGSIb3DQEBCwUAA4IBAQCXrIXr7xH4+aGAEauRFypNh9WJIe3xKGgr
EVrdzxW6XzFbwLJKOvdYjIlVuxToEB3+g5xbIrfHZ+Z2iyybMAJ/sTrY2CbKuL3R
PEQ6OJ83tVE1vBwEnHklUJ/5GTL3eRk+DfmD0XxdsnqPFcy1fNuuq2H4H6tMjonc
18Vt4MRq89wGjZvyTRZy2JNqsAEWZbIzwRV2bkermUTIDxRSmFIKFaPTAPBOwUMi
QdABUEPpxFDL8mMUO2u6I2wDKU7yAlrOUxKelJp1j4v+TzQGhMtVkPDXZPnEY9JI
lXcSH64HcmPph7cV31YlAG2PRWes4q+DuM1XUgFoY37CJ0ComXag
-----END CERTIFICATE-----
Generated at Sat Jan 13 13:18:47 2024 by rpki-client on console-fra.rpki-client.org