Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/1-jNpNsOq5rVv1YKtipCaf8AtAto.roa
File: 1-jNpNsOq5rVv1YKtipCaf8AtAto.roa (raw, json)
Hash identifier: kW0t9pyDy2sw2lLvYAywxVaOJA5zIM5zI4Y1KV8gVdc=
Subject key identifier: FA:33:69:36:C3:AA:E6:B5:6F:D5:82:AD:8A:90:9A:7F:C0:2D:02:DA
Certificate issuer: /CN=7e2cb3d0a641769c7801c481612015c2ccb3b655
Certificate serial: 01856CEF38CA42D39B322A683E69100D0013
Authority key identifier: 7E:2C:B3:D0:A6:41:76:9C:78:01:C4:81:61:20:15:C2:CC:B3:B6:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiyz0KZBdpx4AcSBYSAVwsyztlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/1-jNpNsOq5rVv1YKtipCaf8AtAto.roa
Signing time: Sun 01 Jan 2023 10:44:55 +0000
ROA not before: Sun 01 Jan 2023 10:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8943
IP address blocks: 46.255.72.0/21 maxlen: 21
2a00:a400::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 02 Sep 2023 19:17:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:38:ca:42:d3:9b:32:2a:68:3e:69:10:0d:00:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e2cb3d0a641769c7801c481612015c2ccb3b655
Validity
Not Before: Jan 1 10:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa336936c3aae6b56fd582ad8a909a7fc02d02da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:92:3e:24:a9:b3:c4:0b:45:66:be:40:11:25:
44:9c:eb:de:49:8b:cc:15:e8:ee:a7:ed:1a:7d:24:
d9:a8:a5:21:73:9a:d8:2e:55:62:e3:86:46:9d:88:
a3:22:71:8b:e0:68:fa:12:7c:2a:10:52:26:00:a0:
cc:d1:91:e1:4d:03:6d:0d:bf:52:5f:02:5c:db:77:
17:34:f7:41:79:d7:0d:21:5f:f2:3d:b5:59:0b:95:
0d:3b:a6:a5:6b:3a:78:ee:1a:18:29:80:3a:d2:e3:
0e:c7:c4:e3:82:34:de:eb:43:06:60:1f:f7:9b:95:
31:36:76:48:f7:e0:e9:d2:c7:39:a2:f1:3a:ac:c2:
9c:9f:d6:1d:cf:11:da:40:c8:df:5f:7f:5b:2c:e0:
c4:83:17:8a:04:08:df:08:d3:ce:ee:41:61:12:6f:
fd:15:c4:d5:1e:17:67:e0:4b:31:8f:e0:36:ef:e9:
f7:dc:23:ef:90:1d:3f:e8:e3:c8:34:ac:c2:7e:91:
4b:7b:96:5d:43:95:0b:58:05:be:b1:44:96:dd:e0:
c0:79:f2:bd:24:19:f9:5a:10:48:b1:62:f7:de:7f:
b1:2e:df:32:47:fd:be:9b:00:4c:64:0d:d9:ad:04:
59:26:1d:1c:78:55:4c:24:f7:ce:e8:48:5f:e2:73:
01:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:33:69:36:C3:AA:E6:B5:6F:D5:82:AD:8A:90:9A:7F:C0:2D:02:DA
X509v3 Authority Key Identifier:
keyid:7E:2C:B3:D0:A6:41:76:9C:78:01:C4:81:61:20:15:C2:CC:B3:B6:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiyz0KZBdpx4AcSBYSAVwsyztlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/1-jNpNsOq5rVv1YKtipCaf8AtAto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/fiyz0KZBdpx4AcSBYSAVwsyztlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.72.0/21
IPv6:
2a00:a400::/32
Signature Algorithm: sha256WithRSAEncryption
63:9a:9e:38:ef:86:2e:73:6a:ff:63:66:1e:bb:8f:68:62:3c:
bf:be:9b:d3:3f:be:7e:9d:56:b4:3a:e8:1b:cc:07:9b:38:b1:
ac:a0:08:28:9a:ae:1c:59:97:8f:d6:78:df:3f:cc:68:57:25:
98:5b:33:9c:17:e4:ba:d9:0d:05:c1:6c:1e:5e:ce:07:03:d0:
48:84:08:98:c2:4c:05:31:30:7d:32:1d:27:b2:05:24:c3:6b:
9c:e6:13:06:b2:fe:ec:8f:20:da:63:11:7e:e8:bb:ca:6d:e2:
23:b7:59:c0:95:2c:c2:05:ec:1c:98:c2:1c:26:be:cb:4d:e6:
d0:2c:2e:c8:08:8f:8a:ce:7d:38:d4:0a:93:07:93:d4:56:77:
d2:ec:e1:e5:27:a4:f2:71:c8:9b:99:8d:37:31:ff:40:49:e2:
37:da:87:7d:92:39:6c:5c:9b:c1:58:64:c7:f2:9c:b4:45:a1:
35:eb:ab:8e:6e:0b:e7:28:ec:d1:0c:86:67:e7:5f:67:5a:9f:
17:30:ac:ac:83:2d:e5:c6:20:2a:0c:39:55:d6:8c:17:95:a4:
d9:55:a1:4c:d0:b5:22:76:21:cf:91:63:51:6f:46:0c:73:c4:
79:7a:05:b3:a3:ca:60:74:3e:0f:61:42:08:38:4d:02:14:2b:
74:36:54:f3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVs7zjKQtObMipoPmkQDQATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMmNiM2QwYTY0MTc2OWM3ODAxYzQ4MTYxMjAxNWMyY2Ni
M2I2NTUwHhcNMjMwMTAxMTA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTMzNjkzNmMzYWFlNmI1NmZkNTgyYWQ4YTkwOWE3ZmMwMmQwMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJI+JKmzxAtFZr5AESVEnOveSYvM
Fejup+0afSTZqKUhc5rYLlVi44ZGnYijInGL4Gj6EnwqEFImAKDM0ZHhTQNtDb9S
XwJc23cXNPdBedcNIV/yPbVZC5UNO6alazp47hoYKYA60uMOx8TjgjTe60MGYB/3
m5UxNnZI9+Dp0sc5ovE6rMKcn9YdzxHaQMjfX39bLODEgxeKBAjfCNPO7kFhEm/9
FcTVHhdn4Esxj+A27+n33CPvkB0/6OPINKzCfpFLe5ZdQ5ULWAW+sUSW3eDAefK9
JBn5WhBIsWL33n+xLt8yR/2+mwBMZA3ZrQRZJh0ceFVMJPfO6Ehf4nMB6QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPozaTbDqua1b9WCrYqQmn/ALQLaMB8GA1UdIwQY
MBaAFH4ss9CmQXaceAHEgWEgFcLMs7ZVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZml5ejBLWkJkcHg0QWNTQllTQVZ3c3l6dGxVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80MzFkZjEtMDlmNC00NzVjLWEwNDUt
ZjViYjI4NDNjODllLzEvMS1qTnBOc09xNXJWdjFZS3RpcENhZjhBdEF0by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODQvNDMxZGYxLTA5ZjQtNDc1Yy1hMDQ1LWY1YmIyODQzYzg5
ZS8xL2ZpeXowS1pCZHB4NEFjU0JZU0FWd3N5enRsVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAy7/SDAN
BAIAAjAHAwUAKgCkADANBgkqhkiG9w0BAQsFAAOCAQEAY5qeOO+GLnNq/2NmHruP
aGI8v76b0z++fp1WtDroG8wHmzixrKAIKJquHFmXj9Z43z/MaFclmFsznBfkutkN
BcFsHl7OBwPQSIQImMJMBTEwfTIdJ7IFJMNrnOYTBrL+7I8g2mMRfui7ym3iI7dZ
wJUswgXsHJjCHCa+y03m0CwuyAiPis59ONQKkweT1FZ30uzh5Sek8nHIm5mNNzH/
QEniN9qHfZI5bFybwVhkx/KctEWhNeurjm4L5yjs0QyGZ+dfZ1qfFzCsrIMt5cYg
Kgw5VdaMF5Wk2VWhTNC1InYhz5FjUW9GDHPEeXoFs6PKYHQ+D2FCCDhNAhQrdDZU
8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:22 2024 by rpki-client on console-fra.rpki-client.org