Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/z9zV37C3G7W5j9PPmpfFKmFhIMo.roa
File: z9zV37C3G7W5j9PPmpfFKmFhIMo.roa (raw, json)
Hash identifier: P1nFvtQaG40VcjaS/tTWtlyWvNnQwKpNifFreiEBGkM=
Subject key identifier: CF:DC:D5:DF:B0:B7:1B:B5:B9:8F:D3:CF:9A:97:C5:2A:61:61:20:CA
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 018A92B32BD3B381744C16EABAFDE31253BB
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/z9zV37C3G7W5j9PPmpfFKmFhIMo.roa
Signing time: Thu 14 Sep 2023 07:58:50 +0000
ROA not before: Thu 14 Sep 2023 07:58:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52145
IP address blocks: 46.253.90.0/24 maxlen: 24
46.253.90.0/25 maxlen: 25
46.253.90.128/25 maxlen: 25
46.253.91.0/24 maxlen: 24
46.253.88.0/21 maxlen: 21
46.253.92.0/24 maxlen: 24
46.253.93.0/24 maxlen: 24
46.253.94.0/24 maxlen: 24
46.253.95.0/24 maxlen: 24
2a04:19c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:b3:2b:d3:b3:81:74:4c:16:ea:ba:fd:e3:12:53:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Sep 14 07:58:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfdcd5dfb0b71bb5b98fd3cf9a97c52a616120ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:af:09:6d:2b:fc:ec:72:88:a6:80:82:d2:7d:
3e:fc:e7:6a:12:3d:49:4a:ae:50:99:d0:1d:46:43:
8d:0f:8b:f4:6d:a1:0e:ee:51:9b:9c:cc:fb:00:7f:
60:93:1f:d2:b2:09:1e:df:1d:e7:03:f5:e1:59:1d:
38:c8:fa:43:ec:e7:8a:94:d2:af:4e:96:d6:ba:c4:
4e:b5:bb:9a:95:9e:83:7c:89:b9:71:c2:5d:ec:ce:
66:53:bf:c7:26:6a:53:4c:74:be:47:ae:a3:1a:97:
97:b1:d8:d9:2a:28:cd:81:8d:39:89:d7:8b:ca:39:
ad:e7:b3:ca:b2:9b:7d:6f:e1:dc:e2:2d:92:e2:22:
bf:d1:ba:87:cb:68:9c:07:2a:4a:3b:de:36:f3:45:
81:23:a8:38:e0:a2:69:70:2f:b4:98:ae:f4:ea:51:
4b:6c:bc:d4:49:32:c5:8a:44:f9:ae:a8:e6:35:e8:
76:bf:50:dc:ad:d7:63:fc:8b:83:ae:f6:78:b8:8e:
48:a8:54:74:7a:17:21:54:ed:5b:15:d0:8b:07:4f:
e5:81:e6:f1:70:b9:3f:81:db:79:f9:45:bb:02:46:
b9:89:f6:bc:38:96:ca:aa:c1:b8:3f:be:4e:40:39:
cd:bb:e3:c3:b9:81:6b:df:17:f2:a0:15:0d:03:88:
95:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:DC:D5:DF:B0:B7:1B:B5:B9:8F:D3:CF:9A:97:C5:2A:61:61:20:CA
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/z9zV37C3G7W5j9PPmpfFKmFhIMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.88.0/21
IPv6:
2a04:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:0f:7c:8f:ba:cc:29:56:3a:7b:dc:33:ef:34:ac:d5:f7:ed:
8e:1b:a7:e9:c4:af:08:88:a2:2d:d5:a1:7a:94:d1:ca:6a:7d:
aa:86:f1:7f:db:a0:c7:0d:b9:95:ed:f4:6e:3a:bc:2b:10:e0:
43:54:c6:61:ed:4f:7d:21:48:0c:9a:4a:fb:76:8b:6a:23:8c:
a3:6b:7a:51:9e:10:c0:02:22:4e:f3:f8:ce:74:10:f0:88:af:
4d:aa:d0:1f:8d:bd:03:d3:a1:00:41:af:81:c3:a9:92:02:e6:
37:89:ca:6b:aa:7a:14:9e:d3:0d:bf:ed:77:5b:61:d5:69:40:
ef:4b:d6:99:b8:9d:85:78:69:e5:a5:e4:3e:0c:75:94:ee:48:
ce:dd:66:77:7e:be:12:19:c9:08:7e:20:c8:3c:98:95:79:81:
50:89:26:0d:e9:4e:9f:8b:96:05:c6:e2:ec:62:98:98:51:02:
94:53:92:62:0f:a2:19:d9:21:6b:07:f3:96:2c:51:1d:da:bc:
ac:4e:70:01:e8:dc:23:de:a6:9c:cb:72:a6:38:6b:32:e5:65:
92:12:3a:6c:90:73:04:f5:cf:9c:af:9f:c7:47:74:05:dd:95:
5e:64:43:2e:50:75:2c:d2:5a:88:e0:c0:8e:69:8f:16:5d:09:
33:4d:aa:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYqSsyvTs4F0TBbquv3jElO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjMwOTE0MDc1ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRjZDVkZmIwYjcxYmI1Yjk4ZmQzY2Y5YTk3YzUyYTYxNjEyMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl68JbSv87HKIpoCC0n0+/OdqEj1J
Sq5QmdAdRkOND4v0baEO7lGbnMz7AH9gkx/Ssgke3x3nA/XhWR04yPpD7OeKlNKv
TpbWusROtbualZ6DfIm5ccJd7M5mU7/HJmpTTHS+R66jGpeXsdjZKijNgY05ideL
yjmt57PKspt9b+Hc4i2S4iK/0bqHy2icBypKO94280WBI6g44KJpcC+0mK706lFL
bLzUSTLFikT5rqjmNeh2v1Dcrddj/IuDrvZ4uI5IqFR0ehchVO1bFdCLB0/lgebx
cLk/gdt5+UW7Aka5ifa8OJbKqsG4P75OQDnNu+PDuYFr3xfyoBUNA4iVuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM/c1d+wtxu1uY/Tz5qXxSphYSDKMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvejl6VjM3QzNHN1c1ajlQUG1wZkZLbUZoSU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLv1YMA0E
AgACMAcDBQMqBBnAMA0GCSqGSIb3DQEBCwUAA4IBAQBOD3yPuswpVjp73DPvNKzV
9+2OG6fpxK8IiKIt1aF6lNHKan2qhvF/26DHDbmV7fRuOrwrEOBDVMZh7U99IUgM
mkr7dotqI4yja3pRnhDAAiJO8/jOdBDwiK9NqtAfjb0D06EAQa+Bw6mSAuY3icpr
qnoUntMNv+13W2HVaUDvS9aZuJ2FeGnlpeQ+DHWU7kjO3WZ3fr4SGckIfiDIPJiV
eYFQiSYN6U6fi5YFxuLsYpiYUQKUU5JiD6IZ2SFrB/OWLFEd2rysTnAB6Nwj3qac
y3KmOGsy5WWSEjpskHME9c+cr5/HR3QF3ZVeZEMuUHUs0lqI4MCOaY8WXQkzTarT
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:03 2024 by rpki-client on console-fra.rpki-client.org