Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/bC8mSM9E9WPcgo69YtYuTIKffn4.roa
File: bC8mSM9E9WPcgo69YtYuTIKffn4.roa (raw, json)
Hash identifier: N5R5KxHRac8LJvZfIAyQ9wosCkNtTgfaY0xNZ5NPXKI=
Subject key identifier: 6C:2F:26:48:CF:44:F5:63:DC:82:8E:BD:62:D6:2E:4C:82:9F:7E:7E
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 018BA4E7CAA2E524FED1AC50137EA0A0B743
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/bC8mSM9E9WPcgo69YtYuTIKffn4.roa
Signing time: Mon 06 Nov 2023 13:52:15 +0000
ROA not before: Mon 06 Nov 2023 13:52:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 46.253.80.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:e7:ca:a2:e5:24:fe:d1:ac:50:13:7e:a0:a0:b7:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Nov 6 13:52:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c2f2648cf44f563dc828ebd62d62e4c829f7e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:10:a6:78:9a:db:8d:d8:e8:e7:e2:33:34:5c:
38:bf:56:d0:e9:42:6f:3d:ca:8e:76:86:de:c8:14:
49:cd:b8:ce:ed:84:c0:53:bf:5e:ee:81:b5:47:a1:
a1:7a:dd:cf:07:9a:93:46:94:97:21:af:02:bb:1a:
1f:e3:d3:c2:09:94:af:e2:67:aa:38:16:27:d6:82:
b3:c8:6f:e5:ac:f4:c4:76:97:fd:e3:f5:34:1d:61:
bf:b7:65:ce:99:00:30:2b:2d:f2:f8:86:cd:1b:64:
0f:f7:51:86:7b:14:c7:ee:3e:59:96:f4:00:bf:a2:
c9:7e:e1:ac:65:70:61:ab:84:92:c7:fa:bc:c0:4e:
a8:e3:84:70:29:d8:94:db:41:0f:be:0c:c8:71:0e:
85:a5:74:0c:c3:01:ba:1b:a7:2f:9f:7c:6b:2f:bb:
bf:37:68:3d:d4:ba:d4:5a:5a:6d:d1:c2:80:01:76:
b2:38:c8:17:e6:e0:97:55:be:86:90:34:83:7d:b3:
e8:2e:e1:b4:a6:ef:92:be:cf:2f:12:c2:45:08:ed:
70:4e:51:5c:8c:e9:57:dc:0e:bd:ca:2a:8a:8f:81:
93:03:e3:4f:ff:6a:a2:17:96:e7:5f:d8:bc:9e:1d:
b5:05:1a:66:cd:fa:03:5b:af:07:51:95:2e:4c:11:
b6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:2F:26:48:CF:44:F5:63:DC:82:8E:BD:62:D6:2E:4C:82:9F:7E:7E
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/bC8mSM9E9WPcgo69YtYuTIKffn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/21
Signature Algorithm: sha256WithRSAEncryption
d3:65:75:43:87:62:ce:7e:18:41:4c:b6:2f:80:7f:ae:24:4a:
9f:5d:f0:5e:46:2f:aa:78:3e:8a:12:13:8e:db:df:40:d0:20:
3d:a5:9b:cc:4f:27:53:14:a5:da:e7:45:19:41:e9:63:15:44:
5d:26:a7:dd:b8:ab:c2:30:1d:27:f3:f3:d2:10:7e:5f:b8:b5:
54:97:0e:7d:89:aa:70:36:31:ca:98:9a:61:3d:0f:0d:01:ad:
d6:db:d5:3a:ba:21:f3:f7:6a:ee:52:2d:98:b3:fc:07:65:a2:
75:5c:b7:16:28:eb:17:24:ad:bf:00:2d:88:5a:4f:ab:44:5b:
a3:07:f5:b9:39:27:0d:2f:bc:4f:65:62:ea:6d:5a:a6:b9:2f:
33:13:08:b6:46:75:c9:10:67:fb:e7:5b:bc:04:7b:27:a2:44:
13:d8:22:4c:69:dd:f7:81:e7:db:1d:4e:71:90:34:25:4e:c1:
45:3b:3c:1c:53:a1:d9:d2:a1:1a:8e:78:2b:fa:05:db:3f:e2:
67:12:7e:de:ee:c8:5c:f0:e3:39:45:c2:78:10:95:09:4c:6a:
5d:66:86:00:b8:e5:68:84:80:02:1a:57:24:f7:1e:8d:ff:c3:
cf:a8:90:5e:5c:ed:d3:61:17:f1:77:08:be:01:79:61:4a:9a:
8b:4c:96:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuk58qi5ST+0axQE36goLdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjMxMTA2MTM1MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzJmMjY0OGNmNDRmNTYzZGM4MjhlYmQ2MmQ2MmU0YzgyOWY3ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBCmeJrbjdjo5+IzNFw4v1bQ6UJv
PcqOdobeyBRJzbjO7YTAU79e7oG1R6Ghet3PB5qTRpSXIa8Cuxof49PCCZSv4meq
OBYn1oKzyG/lrPTEdpf94/U0HWG/t2XOmQAwKy3y+IbNG2QP91GGexTH7j5ZlvQA
v6LJfuGsZXBhq4SSx/q8wE6o44RwKdiU20EPvgzIcQ6FpXQMwwG6G6cvn3xrL7u/
N2g91LrUWlpt0cKAAXayOMgX5uCXVb6GkDSDfbPoLuG0pu+Svs8vEsJFCO1wTlFc
jOlX3A69yiqKj4GTA+NP/2qiF5bnX9i8nh21BRpmzfoDW68HUZUuTBG29QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwvJkjPRPVj3IKOvWLWLkyCn35+MB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvYkM4bVNNOUU5V1BjZ282OVl0WXVUSUtmZm40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv1QMA0G
CSqGSIb3DQEBCwUAA4IBAQDTZXVDh2LOfhhBTLYvgH+uJEqfXfBeRi+qeD6KEhOO
299A0CA9pZvMTydTFKXa50UZQeljFURdJqfduKvCMB0n8/PSEH5fuLVUlw59iapw
NjHKmJphPQ8NAa3W29U6uiHz92ruUi2Ys/wHZaJ1XLcWKOsXJK2/AC2IWk+rRFuj
B/W5OScNL7xPZWLqbVqmuS8zEwi2RnXJEGf751u8BHsnokQT2CJMad33gefbHU5x
kDQlTsFFOzwcU6HZ0qEajngr+gXbP+JnEn7e7shc8OM5RcJ4EJUJTGpdZoYAuOVo
hIACGlck9x6N/8PPqJBeXO3TYRfxdwi+AXlhSpqLTJag
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:03 2024 by rpki-client on console-fra.rpki-client.org