Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/2rXKAMLAXzDfCyXQQH5gupd6HnY.roa
File: 2rXKAMLAXzDfCyXQQH5gupd6HnY.roa (raw, json)
Hash identifier: AhveML+2usfM33Fn0S9/7UKfeR8J9MoQzF26AifWVZs=
Subject key identifier: DA:B5:CA:00:C2:C0:5F:30:DF:0B:25:D0:40:7E:60:BA:97:7A:1E:76
Certificate issuer: /CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d
Certificate serial: 018607FB9039078E89CA2B5D60B0A296BA85
Authority key identifier: E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/2rXKAMLAXzDfCyXQQH5gupd6HnY.roa
Signing time: Tue 31 Jan 2023 13:19:32 +0000
ROA not before: Tue 31 Jan 2023 13:19:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31198
IP address blocks: 46.18.152.0/21 maxlen: 21
217.173.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:fb:90:39:07:8e:89:ca:2b:5d:60:b0:a2:96:ba:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d
Validity
Not Before: Jan 31 13:19:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dab5ca00c2c05f30df0b25d0407e60ba977a1e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f3:b7:1d:30:9c:c5:ed:72:3b:ce:2b:10:27:
36:60:0a:6e:da:43:20:82:6c:c9:2b:24:3d:3d:e0:
94:67:73:a2:e7:1a:e6:5b:eb:6a:e4:ad:7b:ee:ec:
ee:51:c1:2f:21:a8:21:66:36:c2:36:08:8c:6f:d8:
3a:16:0a:02:05:9d:eb:03:80:ac:e3:86:9d:72:14:
d7:dd:a9:42:cc:3c:68:89:5b:e8:b8:59:a1:fd:fa:
37:e7:28:28:e3:d2:57:c9:55:3a:b4:98:f7:79:ec:
0f:b1:5d:e1:d6:5b:a8:56:16:bd:19:77:85:03:20:
ca:70:47:3e:17:59:5f:13:20:a1:a0:0d:a5:5e:b9:
1a:7f:5c:93:f6:f2:fa:ec:ef:ac:d2:d6:ac:8d:b7:
17:b0:d2:e8:57:2c:c7:3b:3f:a9:b2:9f:68:ad:bf:
a9:f7:a0:d2:b6:26:88:fe:ab:03:12:dc:3e:75:26:
bc:a5:06:4a:a9:e0:73:b1:20:06:8e:2a:7d:37:c6:
64:0a:15:bf:19:71:67:56:a2:94:0c:6e:ba:f5:6c:
1b:4a:e4:53:8b:85:55:a4:e1:b3:73:4a:74:62:8c:
eb:4f:25:5c:25:ba:b3:fd:bb:05:30:4b:c7:6b:95:
b3:07:7c:33:18:9a:b5:3d:60:d0:24:51:9e:da:52:
b2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B5:CA:00:C2:C0:5F:30:DF:0B:25:D0:40:7E:60:BA:97:7A:1E:76
X509v3 Authority Key Identifier:
keyid:E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/2rXKAMLAXzDfCyXQQH5gupd6HnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/4rHi5MUIxsepi2WYUodFyBP60x0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.152.0/21
217.173.48.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ce:00:17:a4:83:a1:76:5f:6b:6f:16:06:e6:10:0e:98:cf:
d4:d3:ac:a7:4c:a3:4b:c9:4e:e8:4b:a2:ed:86:72:d9:a2:1a:
5f:23:a0:6e:aa:36:53:73:b6:01:b1:01:7a:b7:bd:14:ad:42:
14:d8:94:8e:2e:23:f2:58:bf:26:87:40:02:cd:9d:60:e2:af:
85:82:45:6b:99:db:9e:0c:9e:bd:e8:54:9e:0c:42:4c:c0:ad:
42:eb:53:16:b4:db:07:05:e4:aa:82:21:90:3a:b4:52:23:f1:
37:25:ae:89:d7:24:b5:5a:2e:c4:c7:a9:6d:e4:36:b4:c9:41:
dd:e1:4e:8a:78:29:17:53:ac:cd:54:19:d9:e1:6f:6a:ec:e1:
a4:31:ef:a4:13:62:30:bb:c6:aa:55:ed:e7:22:08:9f:ea:e7:
55:62:02:79:46:a5:57:a1:78:0a:9a:00:ca:f0:b9:44:bc:3f:
51:57:d9:18:44:cb:b0:e1:d5:a5:70:57:57:8b:9d:a7:7d:d4:
fb:bf:49:1e:1c:67:0d:43:a8:d1:5f:52:17:a2:f3:35:8e:05:
f3:d7:10:4c:fd:db:74:f4:90:91:f3:fe:23:8c:bd:f8:77:fb:
b7:f9:69:8f:06:45:a5:55:e6:5d:e2:20:36:a1:88:90:70:b7:
09:12:f9:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYH+5A5B46JyitdYLCilrqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYjFlMmU0YzUwOGM2YzdhOThiNjU5ODUyODc0NWM4MTNm
YWQzMWQwHhcNMjMwMTMxMTMxOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI1Y2EwMGMyYzA1ZjMwZGYwYjI1ZDA0MDdlNjBiYTk3N2ExZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPO3HTCcxe1yO84rECc2YApu2kMg
gmzJKyQ9PeCUZ3Oi5xrmW+tq5K177uzuUcEvIaghZjbCNgiMb9g6FgoCBZ3rA4Cs
44adchTX3alCzDxoiVvouFmh/fo35ygo49JXyVU6tJj3eewPsV3h1luoVha9GXeF
AyDKcEc+F1lfEyChoA2lXrkaf1yT9vL67O+s0tasjbcXsNLoVyzHOz+psp9orb+p
96DStiaI/qsDEtw+dSa8pQZKqeBzsSAGjip9N8ZkChW/GXFnVqKUDG669WwbSuRT
i4VVpOGzc0p0YozrTyVcJbqz/bsFMEvHa5WzB3wzGJq1PWDQJFGe2lKy+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNq1ygDCwF8w3wsl0EB+YLqXeh52MB8GA1UdIwQY
MBaAFOKx4uTFCMbHqYtlmFKHRcgT+tMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2Et
NTQzZDYxODJlMjk0LzEvMnJYS0FNTEFYekRmQ3lYUVFINWd1cGQ2SG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2EtNTQzZDYxODJlMjk0
LzEvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhKYAwQA
2a0wMA0GCSqGSIb3DQEBCwUAA4IBAQAxzgAXpIOhdl9rbxYG5hAOmM/U06ynTKNL
yU7oS6LthnLZohpfI6BuqjZTc7YBsQF6t70UrUIU2JSOLiPyWL8mh0ACzZ1g4q+F
gkVrmdueDJ696FSeDEJMwK1C61MWtNsHBeSqgiGQOrRSI/E3Ja6J1yS1Wi7Ex6lt
5Da0yUHd4U6KeCkXU6zNVBnZ4W9q7OGkMe+kE2Iwu8aqVe3nIgif6udVYgJ5RqVX
oXgKmgDK8LlEvD9RV9kYRMuw4dWlcFdXi52nfdT7v0keHGcNQ6jRX1IXovM1jgXz
1xBM/dt09JCR8/4jjL34d/u3+WmPBkWlVeZd4iA2oYiQcLcJEvmd
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:08 2024 by rpki-client on console-ams.rpki-client.org