Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/RBC7yEQ9hP4XMdo1xvkyNI59lD0.roa
File: RBC7yEQ9hP4XMdo1xvkyNI59lD0.roa (raw, json)
Hash identifier: yiEjBmItxOM5/nYzWyLbfBkG0Lx1NjRAun0OAC4NlKU=
Subject key identifier: 44:10:BB:C8:44:3D:84:FE:17:31:DA:35:C6:F9:32:34:8E:7D:94:3D
Certificate issuer: /CN=7e2cb3d0a641769c7801c481612015c2ccb3b655
Certificate serial: 018A5753BD3BC683C265112BF8CE5DEEF0B6
Authority key identifier: 7E:2C:B3:D0:A6:41:76:9C:78:01:C4:81:61:20:15:C2:CC:B3:B6:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiyz0KZBdpx4AcSBYSAVwsyztlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/RBC7yEQ9hP4XMdo1xvkyNI59lD0.roa
Signing time: Sat 02 Sep 2023 19:17:00 +0000
ROA not before: Sat 02 Sep 2023 19:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8943
IP address blocks: 46.255.72.0/21 maxlen: 21
46.255.72.0/22 maxlen: 22
2a00:a400::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:57:53:bd:3b:c6:83:c2:65:11:2b:f8:ce:5d:ee:f0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e2cb3d0a641769c7801c481612015c2ccb3b655
Validity
Not Before: Sep 2 19:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4410bbc8443d84fe1731da35c6f932348e7d943d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:84:50:e0:7f:c0:a1:5a:70:d7:89:c2:6f:
d6:06:ee:0a:3f:6a:0a:1f:e4:07:0e:bd:ea:03:ac:
b0:2a:a6:8f:80:08:00:58:05:7c:8e:83:6c:28:62:
a6:49:37:07:8e:6e:d7:8d:ea:e4:48:21:76:e7:12:
f5:a7:1c:87:9b:a2:da:aa:c2:63:b3:e6:a6:f9:86:
46:85:96:9e:ef:91:d4:e4:18:d4:8c:3f:0e:70:92:
68:fb:82:85:74:19:88:79:d8:36:05:29:47:8e:dc:
5d:8e:d4:9e:b7:49:c8:94:06:ec:86:3c:0b:95:a5:
57:55:95:53:da:a1:7b:3a:ef:eb:73:c3:eb:d0:6f:
5f:93:a3:b3:ee:4f:56:54:7e:48:e9:15:e3:1c:9f:
58:79:c3:b5:d9:24:55:69:62:63:c3:e5:28:30:cf:
a3:07:fc:68:81:eb:d7:b9:46:53:c3:ae:bd:6c:6a:
d1:eb:51:19:18:64:2f:b0:ce:c1:e4:e9:d8:50:70:
5b:b1:2a:11:77:01:d6:35:a1:03:ba:ea:ba:f4:6d:
f5:69:08:c9:5d:bc:ff:a0:18:ab:87:2a:bf:57:d5:
ac:5b:40:30:c6:ea:41:c7:fa:d4:7f:f9:19:f5:74:
52:9e:df:21:4f:0e:dc:24:15:a5:97:59:d2:78:16:
3e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:10:BB:C8:44:3D:84:FE:17:31:DA:35:C6:F9:32:34:8E:7D:94:3D
X509v3 Authority Key Identifier:
keyid:7E:2C:B3:D0:A6:41:76:9C:78:01:C4:81:61:20:15:C2:CC:B3:B6:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiyz0KZBdpx4AcSBYSAVwsyztlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/RBC7yEQ9hP4XMdo1xvkyNI59lD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/431df1-09f4-475c-a045-f5bb2843c89e/1/fiyz0KZBdpx4AcSBYSAVwsyztlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.72.0/21
IPv6:
2a00:a400::/32
Signature Algorithm: sha256WithRSAEncryption
a7:3d:b6:61:f5:bb:82:67:6e:27:00:d2:96:0e:84:ee:10:19:
42:dd:b9:36:e5:a1:c8:b0:2a:f9:d9:5e:fd:bb:8f:e5:73:92:
92:2e:bb:7d:02:a3:63:6c:06:d6:9e:e9:86:65:4d:11:24:05:
3b:2c:7d:74:b0:41:d6:2f:b6:87:bb:a9:d8:b4:b2:c0:52:03:
86:28:f4:e8:47:8f:6c:c6:21:4b:b9:1b:b6:b9:90:2f:63:98:
29:97:a7:6f:b3:fc:95:92:8a:89:b4:9a:34:38:0b:0e:2d:ab:
73:f9:0c:0d:93:b2:61:5f:0c:6d:82:44:81:92:58:0b:ea:db:
90:21:ea:ab:05:ba:e1:ac:9d:67:20:41:c9:de:cc:8b:96:a8:
ea:d9:96:35:88:ae:6c:a8:4a:21:98:0a:d6:57:8b:2f:08:3f:
6c:d3:cf:2e:80:8c:eb:08:9a:08:4e:22:80:f4:2d:48:a6:52:
5f:b9:f5:cb:89:1f:86:1a:3b:0c:65:57:34:cc:0d:d4:d5:a2:
a3:45:f2:a6:43:11:67:6d:27:e9:2a:9b:61:36:f5:0c:4f:9c:
ec:47:3a:87:e1:ef:6a:8b:ec:13:48:f9:3a:aa:bd:2f:71:4f:
dd:6f:77:74:cc:5e:78:9d:1b:3e:6a:2d:94:43:5c:03:1a:32:
2c:78:2e:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpXU707xoPCZREr+M5d7vC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMmNiM2QwYTY0MTc2OWM3ODAxYzQ4MTYxMjAxNWMyY2Ni
M2I2NTUwHhcNMjMwOTAyMTkxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDEwYmJjODQ0M2Q4NGZlMTczMWRhMzVjNmY5MzIzNDhlN2Q5NDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r6EUOB/wKFacNeJwm/WBu4KP2oK
H+QHDr3qA6ywKqaPgAgAWAV8joNsKGKmSTcHjm7XjerkSCF25xL1pxyHm6LaqsJj
s+am+YZGhZae75HU5BjUjD8OcJJo+4KFdBmIedg2BSlHjtxdjtSet0nIlAbshjwL
laVXVZVT2qF7Ou/rc8Pr0G9fk6Oz7k9WVH5I6RXjHJ9YecO12SRVaWJjw+UoMM+j
B/xogevXuUZTw669bGrR61EZGGQvsM7B5OnYUHBbsSoRdwHWNaEDuuq69G31aQjJ
Xbz/oBirhyq/V9WsW0AwxupBx/rUf/kZ9XRSnt8hTw7cJBWll1nSeBY+9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEQQu8hEPYT+FzHaNcb5MjSOfZQ9MB8GA1UdIwQY
MBaAFH4ss9CmQXaceAHEgWEgFcLMs7ZVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZml5ejBLWkJkcHg0QWNTQllTQVZ3c3l6dGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80MzFkZjEtMDlmNC00NzVjLWEwNDUt
ZjViYjI4NDNjODllLzEvUkJDN3lFUTloUDRYTWRvMXh2a3lOSTU5bEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80MzFkZjEtMDlmNC00NzVjLWEwNDUtZjViYjI4NDNjODll
LzEvZml5ejBLWkJkcHg0QWNTQllTQVZ3c3l6dGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLv9IMA0E
AgACMAcDBQAqAKQAMA0GCSqGSIb3DQEBCwUAA4IBAQCnPbZh9buCZ24nANKWDoTu
EBlC3bk25aHIsCr52V79u4/lc5KSLrt9AqNjbAbWnumGZU0RJAU7LH10sEHWL7aH
u6nYtLLAUgOGKPToR49sxiFLuRu2uZAvY5gpl6dvs/yVkoqJtJo0OAsOLatz+QwN
k7JhXwxtgkSBklgL6tuQIeqrBbrhrJ1nIEHJ3syLlqjq2ZY1iK5sqEohmArWV4sv
CD9s088ugIzrCJoITiKA9C1IplJfufXLiR+GGjsMZVc0zA3U1aKjRfKmQxFnbSfp
KpthNvUMT5zsRzqH4e9qi+wTSPk6qr0vcU/db3d0zF54nRs+ai2UQ1wDGjIseC65
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:22 2024 by rpki-client on console-fra.rpki-client.org