Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/bW5zfPV-D67-kgcxnoh5dIFma0I.roa
File: bW5zfPV-D67-kgcxnoh5dIFma0I.roa (raw, json)
Hash identifier: wLRnGFMx1l+3Z72sJNDlRJo5q8HQYXKXurhJea9oZGs=
Subject key identifier: 6D:6E:73:7C:F5:7E:0F:AE:FE:92:07:31:9E:88:79:74:81:66:6B:42
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 018A8D4AE4C9C2F9F86A13F556256E5B7B4C
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/bW5zfPV-D67-kgcxnoh5dIFma0I.roa
Signing time: Wed 13 Sep 2023 06:46:50 +0000
ROA not before: Wed 13 Sep 2023 06:46:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52145
IP address blocks: 46.253.80.0/21 maxlen: 21
46.253.90.0/24 maxlen: 24
46.253.90.0/25 maxlen: 25
46.253.90.128/25 maxlen: 25
46.253.91.0/24 maxlen: 24
46.253.88.0/21 maxlen: 21
46.253.92.0/24 maxlen: 24
46.253.93.0/24 maxlen: 24
46.253.94.0/24 maxlen: 24
46.253.95.0/24 maxlen: 24
185.21.120.0/22 maxlen: 22
2a04:19c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:4a:e4:c9:c2:f9:f8:6a:13:f5:56:25:6e:5b:7b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Sep 13 06:46:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d6e737cf57e0faefe9207319e88797481666b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:97:1c:32:96:42:24:19:3f:b8:50:7d:fa:89:
cc:37:ff:43:a7:b4:eb:69:68:d9:92:b7:8e:fe:a2:
ce:d8:96:5e:83:26:c8:b6:ef:9b:7f:e6:48:ae:ff:
ff:8e:d8:bc:c6:6c:78:4e:f3:8c:52:92:25:60:28:
5a:7f:9e:0e:54:60:9a:4b:22:91:b1:7c:91:16:67:
d2:76:07:35:f7:80:3c:f8:37:36:17:37:cb:ba:4c:
3e:bb:82:3a:d2:15:53:ab:79:4a:6f:e4:62:60:e7:
4e:96:a6:7c:de:b8:b1:e7:bd:84:e2:9b:21:65:78:
89:a4:5b:b4:e5:36:9c:46:4a:9b:c7:e4:5b:40:d3:
59:ce:d5:fb:c2:7a:bd:5b:88:8b:81:4c:d8:89:70:
a4:a7:2d:9d:a5:6b:2d:23:b2:b7:ef:82:38:e4:ba:
3b:0f:44:00:2e:72:55:dc:67:06:29:a6:8a:f1:f7:
cb:84:72:ac:3e:16:ae:49:6d:ae:14:0d:df:16:dc:
60:4b:ba:47:63:60:81:25:c6:c9:d0:86:96:1d:2b:
7f:2e:ee:ab:76:2e:22:67:b5:04:86:d0:b6:63:19:
b9:a5:32:68:b5:f2:32:53:f0:d9:34:c8:72:36:af:
d0:a3:fb:43:ec:0f:b4:9e:65:d8:15:9d:42:c0:c8:
4d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6E:73:7C:F5:7E:0F:AE:FE:92:07:31:9E:88:79:74:81:66:6B:42
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/bW5zfPV-D67-kgcxnoh5dIFma0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/20
185.21.120.0/22
IPv6:
2a04:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
da:42:f8:a9:1f:4c:9b:4e:66:96:07:ec:32:02:a6:b3:85:d2:
4c:fd:0d:85:f2:c6:16:81:84:ef:25:0d:99:96:d1:88:4a:73:
da:da:d8:0e:d8:04:5a:60:7e:10:97:0c:9e:64:4f:24:cb:c5:
54:98:e4:27:17:66:fa:0f:1a:65:cf:9b:3d:0a:57:cf:ae:a0:
60:58:75:ff:f5:a0:15:53:55:d1:82:0a:e9:fb:0f:9d:66:14:
1e:dc:69:6f:59:b2:6d:4b:64:f4:ae:c7:4b:4e:6b:72:e1:e5:
e7:c3:88:82:dd:6d:a6:73:1b:85:52:10:50:45:aa:be:3f:d3:
f5:da:43:09:a5:b6:33:c6:89:a4:b3:8d:85:a6:07:bd:e5:f2:
a3:95:da:47:6d:e9:07:b9:07:1b:4a:32:c1:7c:39:85:16:fe:
20:4c:41:81:6b:da:91:a0:6b:b6:26:74:b9:c4:bc:e9:bf:f0:
f0:60:c2:4c:6b:1a:b3:a0:7c:ef:3c:14:56:b7:e2:2e:ba:e8:
f1:76:1b:50:9c:c5:05:3d:de:13:dc:93:03:29:a9:31:92:d3:
c3:e9:87:f3:ea:ba:d0:08:72:e7:a5:aa:ed:a1:ac:a3:9a:4e:
c4:42:3f:15:7b:c1:26:52:8e:72:a3:11:99:2c:5d:5b:91:17:
bf:d1:34:87
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYqNSuTJwvn4ahP1ViVuW3tMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjMwOTEzMDY0NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDZlNzM3Y2Y1N2UwZmFlZmU5MjA3MzE5ZTg4Nzk3NDgxNjY2YjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZccMpZCJBk/uFB9+onMN/9Dp7Tr
aWjZkreO/qLO2JZegybItu+bf+ZIrv//jti8xmx4TvOMUpIlYChaf54OVGCaSyKR
sXyRFmfSdgc194A8+Dc2FzfLukw+u4I60hVTq3lKb+RiYOdOlqZ83rix572E4psh
ZXiJpFu05TacRkqbx+RbQNNZztX7wnq9W4iLgUzYiXCkpy2dpWstI7K374I45Lo7
D0QALnJV3GcGKaaK8ffLhHKsPhauSW2uFA3fFtxgS7pHY2CBJcbJ0IaWHSt/Lu6r
di4iZ7UEhtC2Yxm5pTJotfIyU/DZNMhyNq/Qo/tD7A+0nmXYFZ1CwMhNhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG1uc3z1fg+u/pIHMZ6IeXSBZmtCMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvYlc1emZQVi1ENjcta2djeG5vaDVkSUZtYTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELv1QAwQC
uRV4MA0EAgACMAcDBQMqBBnAMA0GCSqGSIb3DQEBCwUAA4IBAQDaQvipH0ybTmaW
B+wyAqazhdJM/Q2F8sYWgYTvJQ2ZltGISnPa2tgO2ARaYH4QlwyeZE8ky8VUmOQn
F2b6Dxplz5s9ClfPrqBgWHX/9aAVU1XRggrp+w+dZhQe3GlvWbJtS2T0rsdLTmty
4eXnw4iC3W2mcxuFUhBQRaq+P9P12kMJpbYzxomks42Fpge95fKjldpHbekHuQcb
SjLBfDmFFv4gTEGBa9qRoGu2JnS5xLzpv/DwYMJMaxqzoHzvPBRWt+IuuujxdhtQ
nMUFPd4T3JMDKakxktPD6Yfz6rrQCHLnpartoayjmk7EQj8Ve8EmUo5yoxGZLF1b
kRe/0TSH
-----END CERTIFICATE-----
Generated at Thu Sep 14 08:28:45 2023 by rpki-client on console-fra.rpki-client.org