Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/1P8jse-igiMyifyKoVQe08UHlN0.roa
File: 1P8jse-igiMyifyKoVQe08UHlN0.roa (raw, json)
Hash identifier: 7i9FKXNLTkS9ON2en+l0cmxdq6ByPqGLBmu4WJ9Ku40=
Subject key identifier: D4:FF:23:B1:EF:A2:82:23:32:89:FC:8A:A1:54:1E:D3:C5:07:94:DD
Certificate issuer: /CN=707af45346f06b622a0ebbb4ff9ba33be6f42f1e
Certificate serial: 018570829848ECA6232D90A75A9363A7264B
Authority key identifier: 70:7A:F4:53:46:F0:6B:62:2A:0E:BB:B4:FF:9B:A3:3B:E6:F4:2F:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/1P8jse-igiMyifyKoVQe08UHlN0.roa
Signing time: Mon 02 Jan 2023 03:24:44 +0000
ROA not before: Mon 02 Jan 2023 03:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52115
IP address blocks: 46.252.224.0/20 maxlen: 20
185.168.140.0/24 maxlen: 24
2a0d:cf00::/29 maxlen: 29
2a05:e780::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:98:48:ec:a6:23:2d:90:a7:5a:93:63:a7:26:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=707af45346f06b622a0ebbb4ff9ba33be6f42f1e
Validity
Not Before: Jan 2 03:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4ff23b1efa282233289fc8aa1541ed3c50794dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:46:6f:0c:ab:71:c4:24:0a:83:c6:67:5e:b1:
15:aa:d0:e0:32:54:dd:6a:12:8a:17:f6:a6:ee:3a:
82:5a:7c:ef:db:9a:c8:ab:c5:cf:ac:d2:68:bb:50:
89:f1:11:04:e6:7b:04:ad:79:19:6d:7c:91:80:54:
50:90:5d:23:b6:30:32:d3:4a:19:6b:50:cb:42:36:
b8:86:4c:ea:1b:86:b8:58:77:28:d6:d2:1f:a3:74:
7e:e4:f7:a9:2b:88:6e:3a:a3:01:a3:01:e8:4f:68:
60:84:5f:39:e9:f4:3f:1f:ab:9b:e0:8a:39:94:0c:
79:3f:85:65:0d:cc:dd:fc:75:8a:87:f1:17:d9:07:
40:9f:b6:72:5a:2a:d5:95:f3:e2:c4:66:b9:b6:e4:
fb:a0:57:06:fd:78:c7:88:aa:e1:9a:a3:d2:2f:12:
41:20:6e:ae:58:cb:36:81:15:8c:48:24:f8:7b:71:
5f:90:1b:17:2b:0c:bb:5d:88:be:fb:15:e7:ac:a2:
21:4d:7c:5d:4f:dd:56:c6:69:6f:8b:dc:7c:e3:13:
c1:01:08:42:7e:6e:54:2c:54:a9:59:63:0e:c3:52:
8f:7b:35:2e:9a:b4:d6:6b:52:3b:c7:31:59:ba:ee:
da:22:85:01:12:f6:12:71:4a:0c:09:dc:9e:a2:5b:
62:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:FF:23:B1:EF:A2:82:23:32:89:FC:8A:A1:54:1E:D3:C5:07:94:DD
X509v3 Authority Key Identifier:
keyid:70:7A:F4:53:46:F0:6B:62:2A:0E:BB:B4:FF:9B:A3:3B:E6:F4:2F:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/1P8jse-igiMyifyKoVQe08UHlN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.224.0/20
185.168.140.0/24
IPv6:
2a05:e780::/29
2a0d:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
39:05:79:10:c6:b5:f9:56:03:3c:4c:7d:1b:89:37:25:ac:2d:
f2:51:ab:a6:3d:53:ec:92:05:16:4b:b3:87:08:73:ad:b6:e3:
63:4f:93:1d:e9:54:d0:88:39:8d:6f:bd:20:97:a7:f6:35:18:
26:a2:a2:bf:09:54:0d:ea:d0:5a:84:1b:61:bf:d8:b2:b3:a4:
1c:ef:e9:13:21:9b:69:23:cf:c6:2f:5a:3d:f6:28:c8:ca:77:
c2:09:60:62:71:3f:3c:17:dc:aa:0d:5f:0a:f4:67:78:3d:f4:
2c:f7:83:ce:5c:4e:84:a4:0d:40:84:70:e9:70:a4:0f:94:58:
8e:b2:21:bd:79:40:1e:c6:d4:84:a6:14:d5:a2:ba:d8:3a:08:
ab:9e:a2:39:46:15:22:61:20:4e:b2:7d:8e:51:3f:a9:08:5b:
5f:7e:f0:a7:c1:62:ac:e5:ad:d6:fb:d7:6c:eb:73:58:4e:c7:
bc:ad:ba:5f:61:ee:4e:8a:db:49:b9:6f:0c:5f:1b:6d:d6:f3:
b9:f2:41:c0:78:fb:4e:90:ab:58:e2:d8:85:d6:f0:32:a2:30:
23:1f:cf:88:d9:2c:e1:b6:0e:b2:b0:6f:e6:62:87:a1:b0:0c:
6c:30:e7:ed:8a:6e:c9:82:1f:87:5d:59:08:50:61:f5:fb:49:
af:40:b6:92
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVwgphI7KYjLZCnWpNjpyZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwN2FmNDUzNDZmMDZiNjIyYTBlYmJiNGZmOWJhMzNiZTZm
NDJmMWUwHhcNMjMwMTAyMDMyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGZmMjNiMWVmYTI4MjIzMzI4OWZjOGFhMTU0MWVkM2M1MDc5NGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkZvDKtxxCQKg8ZnXrEVqtDgMlTd
ahKKF/am7jqCWnzv25rIq8XPrNJou1CJ8REE5nsErXkZbXyRgFRQkF0jtjAy00oZ
a1DLQja4hkzqG4a4WHco1tIfo3R+5PepK4huOqMBowHoT2hghF856fQ/H6ub4Io5
lAx5P4VlDczd/HWKh/EX2QdAn7ZyWirVlfPixGa5tuT7oFcG/XjHiKrhmqPSLxJB
IG6uWMs2gRWMSCT4e3FfkBsXKwy7XYi++xXnrKIhTXxdT91Wxmlvi9x84xPBAQhC
fm5ULFSpWWMOw1KPezUumrTWa1I7xzFZuu7aIoUBEvYScUoMCdyeoltigwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNT/I7HvooIjMon8iqFUHtPFB5TdMB8GA1UdIwQY
MBaAFHB69FNG8GtiKg67tP+bozvm9C8eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hyMFUwYndhMklxRHJ1MF81dWpPLWIwTHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS83OTIwZDAtZjk1Ni00NDM5LTljZDIt
NGI3ODA4ZDk4NjY0LzEvMVA4anNlLWlnaU15aWZ5S29WUWUwOFVIbE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS83OTIwZDAtZjk1Ni00NDM5LTljZDItNGI3ODA4ZDk4NjY0
LzEvY0hyMFUwYndhMklxRHJ1MF81dWpPLWIwTHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQELvzgAwQA
uaiMMBQEAgACMA4DBQMqBeeAAwUDKg3PADANBgkqhkiG9w0BAQsFAAOCAQEAOQV5
EMa1+VYDPEx9G4k3Jawt8lGrpj1T7JIFFkuzhwhzrbbjY0+THelU0Ig5jW+9IJen
9jUYJqKivwlUDerQWoQbYb/YsrOkHO/pEyGbaSPPxi9aPfYoyMp3wglgYnE/PBfc
qg1fCvRneD30LPeDzlxOhKQNQIRw6XCkD5RYjrIhvXlAHsbUhKYU1aK62DoIq56i
OUYVImEgTrJ9jlE/qQhbX37wp8FirOWt1vvXbOtzWE7HvK26X2HuTorbSblvDF8b
bdbzufJBwHj7TpCrWOLYhdbwMqIwIx/PiNks4bYOsrBv5mKHobAMbDDn7YpuyYIf
h11ZCFBh9ftJr0C2kg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:59 2024 by rpki-client on console-ams.rpki-client.org