Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/zjjInWw8pEoijufz8VTqXnEruKE.roa
File: zjjInWw8pEoijufz8VTqXnEruKE.roa (raw, json)
Hash identifier: SZ2dV08IvmFZA9RgQ3QGeP3AIfuTBbHAayZ6nw9NFDA=
Subject key identifier: CE:38:C8:9D:6C:3C:A4:4A:22:8E:E7:F3:F1:54:EA:5E:71:2B:B8:A1
Certificate issuer: /CN=66f90e75df98afb43019ce750350e769b99fbc13
Certificate serial: 01856F94CF38419BA7C4F764522B0368914A
Authority key identifier: 66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/zjjInWw8pEoijufz8VTqXnEruKE.roa
Signing time: Sun 01 Jan 2023 23:05:01 +0000
ROA not before: Sun 01 Jan 2023 23:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197465
IP address blocks: 46.23.242.0/24 maxlen: 24
46.23.240.0/20 maxlen: 20
46.23.241.0/24 maxlen: 24
2a02:5000::/32 maxlen: 32
2a02:5000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:cf:38:41:9b:a7:c4:f7:64:52:2b:03:68:91:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f90e75df98afb43019ce750350e769b99fbc13
Validity
Not Before: Jan 1 23:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce38c89d6c3ca44a228ee7f3f154ea5e712bb8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7b:10:18:46:13:46:c6:c5:79:bc:dc:b9:5e:
00:61:22:58:3d:0a:68:33:bb:41:77:06:57:d5:47:
db:02:11:ff:79:ec:cd:4c:3b:9a:8c:ab:95:4a:56:
24:0b:35:db:25:64:2e:13:02:f8:8e:94:d4:b9:c5:
e1:67:5f:69:9b:6a:73:7f:00:01:2d:ba:9a:83:57:
c1:f3:b8:b5:76:64:0c:2f:91:03:38:79:cd:ed:18:
7a:6d:34:1f:67:2c:fb:fc:55:83:9a:10:6c:59:90:
ef:e9:87:14:2a:d2:9a:ed:f5:73:0b:5c:d3:93:86:
3f:ce:e3:03:16:1c:0a:4e:d1:49:0b:ba:4d:c9:7e:
4e:39:ff:1b:32:11:bd:e4:7a:6c:90:2a:17:ac:3c:
7d:f1:80:51:98:cf:c3:9f:1c:15:55:1c:f6:de:bd:
cb:84:a0:74:54:8b:cb:93:b6:f4:97:7c:b7:d4:ea:
b5:90:75:bd:16:38:6c:1d:3f:e6:7b:af:dd:d4:33:
74:2d:3b:e8:7b:e2:ba:ee:fa:92:30:cd:fa:50:9b:
2c:a8:11:31:ae:b7:65:09:fd:97:5a:4c:e1:87:6c:
57:eb:4b:90:97:22:94:05:c1:e0:a2:83:91:a6:ec:
e5:77:85:35:25:f0:d3:67:1b:11:57:f4:48:b8:60:
7f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:38:C8:9D:6C:3C:A4:4A:22:8E:E7:F3:F1:54:EA:5E:71:2B:B8:A1
X509v3 Authority Key Identifier:
keyid:66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/zjjInWw8pEoijufz8VTqXnEruKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/ZvkOdd-Yr7QwGc51A1DnabmfvBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.240.0/20
IPv6:
2a02:5000::/32
Signature Algorithm: sha256WithRSAEncryption
60:af:80:37:4a:4a:46:83:a5:38:b0:47:af:2d:63:8a:42:da:
26:a7:b9:b6:19:75:5e:bc:1c:b4:01:18:90:38:6f:bf:cb:6f:
e1:5d:b2:b4:31:23:fa:20:a6:3e:81:8f:0e:ae:67:31:91:5e:
5d:2a:92:bb:b7:52:b2:d3:05:e0:b0:61:17:00:13:b4:ea:b5:
db:25:25:6f:6e:82:7f:0e:9d:26:35:c7:53:a1:2e:ba:e7:b6:
9a:1f:42:5e:0e:b8:4c:a8:4e:b2:f3:06:55:1d:c7:44:f6:24:
c1:a9:3f:80:53:9f:14:52:08:51:56:43:fe:82:15:0f:d1:a1:
f7:74:3f:cf:f9:59:5c:92:77:ae:4c:4f:a9:25:72:10:9e:a5:
9e:91:42:56:14:fb:56:75:db:da:89:62:ca:e0:6c:92:f4:c5:
a7:15:ef:13:a1:36:98:18:d4:d8:e3:2d:b9:ee:da:d3:34:04:
f1:fc:21:6c:f0:40:0f:86:11:7f:81:31:bc:69:1c:b8:18:c3:
fb:84:5a:62:85:59:46:4a:83:0f:04:40:5b:79:53:19:09:60:
f8:ab:3c:a0:d8:02:f7:9a:41:73:6c:6a:28:4a:fd:15:c1:3b:
94:67:8f:c6:ea:4d:57:33:ca:f4:21:e3:a9:cc:19:50:8b:0d:
f3:45:d2:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvlM84QZunxPdkUisDaJFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjkwZTc1ZGY5OGFmYjQzMDE5Y2U3NTAzNTBlNzY5Yjk5
ZmJjMTMwHhcNMjMwMTAxMjMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTM4Yzg5ZDZjM2NhNDRhMjI4ZWU3ZjNmMTU0ZWE1ZTcxMmJiOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHsQGEYTRsbFebzcuV4AYSJYPQpo
M7tBdwZX1UfbAhH/eezNTDuajKuVSlYkCzXbJWQuEwL4jpTUucXhZ19pm2pzfwAB
Lbqag1fB87i1dmQML5EDOHnN7Rh6bTQfZyz7/FWDmhBsWZDv6YcUKtKa7fVzC1zT
k4Y/zuMDFhwKTtFJC7pNyX5OOf8bMhG95HpskCoXrDx98YBRmM/DnxwVVRz23r3L
hKB0VIvLk7b0l3y31Oq1kHW9FjhsHT/me6/d1DN0LTvoe+K67vqSMM36UJssqBEx
rrdlCf2XWkzhh2xX60uQlyKUBcHgooORpuzld4U1JfDTZxsRV/RIuGB/NQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM44yJ1sPKRKIo7n8/FU6l5xK7ihMB8GA1UdIwQY
MBaAFGb5DnXfmK+0MBnOdQNQ52m5n7wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZrT2RkLVlyN1F3R2M1MUExRG5hYm1mdkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81YTY5OGQtOTk4YS00OGJhLThkYzUt
MzMzZjBjOTkyNzllLzEvempqSW5XdzhwRW9panVmejhWVHFYbkVydUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81YTY5OGQtOTk4YS00OGJhLThkYzUtMzMzZjBjOTkyNzll
LzEvWnZrT2RkLVlyN1F3R2M1MUExRG5hYm1mdkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQELhfwMA0E
AgACMAcDBQAqAlAAMA0GCSqGSIb3DQEBCwUAA4IBAQBgr4A3SkpGg6U4sEevLWOK
Qtomp7m2GXVevBy0ARiQOG+/y2/hXbK0MSP6IKY+gY8OrmcxkV5dKpK7t1Ky0wXg
sGEXABO06rXbJSVvboJ/Dp0mNcdToS6657aaH0JeDrhMqE6y8wZVHcdE9iTBqT+A
U58UUghRVkP+ghUP0aH3dD/P+VlckneuTE+pJXIQnqWekUJWFPtWddvaiWLK4GyS
9MWnFe8ToTaYGNTY4y257trTNATx/CFs8EAPhhF/gTG8aRy4GMP7hFpihVlGSoMP
BEBbeVMZCWD4qzyg2AL3mkFzbGooSv0VwTuUZ4/G6k1XM8r0IeOpzBlQiw3zRdJ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org