Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/8icrqsRnnZLhpRJvlpotiTXkVA0.roa
File: 8icrqsRnnZLhpRJvlpotiTXkVA0.roa (raw, json)
Hash identifier: 4rJRnmFgW4IDm0Niq9M0gyCb3XHRJ62E0vc+He/ev1Y=
Subject key identifier: F2:27:2B:AA:C4:67:9D:92:E1:A5:12:6F:96:9A:2D:89:35:E4:54:0D
Certificate issuer: /CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Certificate serial: 018CE98B29F7920F2F1A59B55FC7FE3A2E30
Authority key identifier: 3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/8icrqsRnnZLhpRJvlpotiTXkVA0.roa
Signing time: Mon 08 Jan 2024 14:47:40 +0000
ROA not before: Mon 08 Jan 2024 14:47:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20253
IP address blocks: 146.19.181.0/24 maxlen: 26
217.20.52.0/24 maxlen: 24
217.20.58.0/24 maxlen: 24
217.20.57.0/24 maxlen: 24
217.20.56.0/24 maxlen: 24
217.20.55.0/24 maxlen: 24
217.20.54.0/24 maxlen: 24
217.20.53.0/24 maxlen: 24
217.20.59.0/24 maxlen: 24
217.20.63.0/24 maxlen: 24
217.20.62.0/24 maxlen: 24
217.20.61.0/24 maxlen: 24
217.20.60.0/24 maxlen: 24
217.20.51.0/24 maxlen: 24
217.20.50.0/24 maxlen: 24
217.20.49.0/24 maxlen: 24
217.20.48.0/24 maxlen: 24
2a12:45c7:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 08:41:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:8b:29:f7:92:0f:2f:1a:59:b5:5f:c7:fe:3a:2e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Validity
Not Before: Jan 8 14:47:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2272baac4679d92e1a5126f969a2d8935e4540d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f9:0a:db:28:76:04:84:60:17:5b:a3:c7:81:
2a:f4:e1:84:2d:95:3f:06:af:10:b3:8a:3d:3d:77:
6f:0f:a3:06:d4:4d:cf:8b:ad:f1:4f:ee:04:ed:60:
37:6a:89:97:de:15:05:54:cb:e6:2a:a0:5d:9a:1f:
e0:3a:40:ba:67:16:8a:da:50:b3:5d:39:ad:c0:b1:
81:4f:e2:a1:5a:40:77:35:84:74:2d:9c:bf:dd:6a:
d0:6f:51:a4:67:df:f0:7e:0e:83:00:3d:6f:da:81:
a3:7b:6d:d6:87:5d:d8:6c:e5:4f:f2:f1:0f:69:ac:
30:9b:67:10:29:a8:c7:80:0c:63:5b:36:49:7b:f1:
b0:8d:1e:22:99:5a:90:7f:0e:0c:61:50:d6:29:4e:
be:5f:3a:f8:86:86:4a:c0:0c:34:9f:6c:82:db:83:
5e:6e:c6:e0:68:d0:c2:a8:fd:47:6c:0b:4f:0e:f5:
cf:0f:25:f9:25:d1:8c:04:dd:a8:c0:9a:0b:35:9c:
12:5b:9b:bb:4c:04:18:73:00:68:62:65:97:f6:38:
5c:d0:84:4b:8a:e9:58:46:c5:dd:d6:96:68:c5:b3:
01:f8:8f:77:dd:32:1a:a3:91:59:42:4a:60:1a:e7:
3c:50:0c:65:9c:c9:4c:a8:23:f0:c6:63:20:8f:49:
2e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:27:2B:AA:C4:67:9D:92:E1:A5:12:6F:96:9A:2D:89:35:E4:54:0D
X509v3 Authority Key Identifier:
keyid:3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/8icrqsRnnZLhpRJvlpotiTXkVA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.181.0/24
217.20.48.0/20
IPv6:
2a12:45c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
3f:3a:c7:67:ee:fa:a1:fb:18:5d:b8:c8:73:33:7e:74:35:53:
4a:ad:51:0a:0f:88:50:86:80:90:ee:96:70:3b:e3:4b:1a:cf:
e1:80:10:d2:4e:46:41:57:21:7b:7b:fa:13:a7:70:6b:f8:15:
9d:87:2c:b9:5e:ae:a6:32:05:cb:29:9d:12:22:cf:da:0d:06:
fe:0f:fd:bc:8a:3d:b4:2d:7d:02:3a:38:cc:4d:6e:18:f0:8d:
7a:f4:f2:5b:41:ec:f7:1d:a2:cf:34:85:1c:a5:e1:5e:ea:b0:
6f:bc:fc:03:3b:b0:a4:39:96:cb:68:da:42:09:9c:92:57:9e:
34:9e:34:33:76:4a:49:d8:b8:8d:20:4c:6d:11:13:ad:eb:8d:
a4:de:87:ef:36:60:d7:c7:2d:38:c7:35:8b:ee:58:ce:02:88:
9b:d7:c9:0c:27:7c:41:15:49:51:10:da:9a:af:0a:13:1b:63:
98:28:ee:7f:27:bb:f8:79:fc:e1:9b:14:fe:f3:7e:77:74:bf:
f1:4d:80:50:65:fc:49:86:ca:aa:dd:ad:ea:a1:2a:a3:92:55:
84:f1:9e:b0:21:10:da:c8:4b:0f:3b:ef:56:47:64:d9:85:7e:
3c:84:c1:c6:50:f5:ba:4a:82:8b:69:d4:fa:ec:12:77:e3:89:
14:1e:9a:1d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzpiyn3kg8vGlm1X8f+Oi4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzYzZTVkYjA0MzVjMmQzZTc0YTZiMjhhZDNkOWMzMGQ2
YThjZWUwHhcNMjQwMTA4MTQ0NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjI3MmJhYWM0Njc5ZDkyZTFhNTEyNmY5NjlhMmQ4OTM1ZTQ1NDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfkK2yh2BIRgF1ujx4Eq9OGELZU/
Bq8Qs4o9PXdvD6MG1E3Pi63xT+4E7WA3aomX3hUFVMvmKqBdmh/gOkC6ZxaK2lCz
XTmtwLGBT+KhWkB3NYR0LZy/3WrQb1GkZ9/wfg6DAD1v2oGje23Wh13YbOVP8vEP
aawwm2cQKajHgAxjWzZJe/GwjR4imVqQfw4MYVDWKU6+Xzr4hoZKwAw0n2yC24Ne
bsbgaNDCqP1HbAtPDvXPDyX5JdGMBN2owJoLNZwSW5u7TAQYcwBoYmWX9jhc0IRL
iulYRsXd1pZoxbMB+I933TIao5FZQkpgGuc8UAxlnMlMqCPwxmMgj0kuOQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPInK6rEZ52S4aUSb5aaLYk15FQNMB8GA1UdIwQY
MBaAFD7GPl2wQ1wtPnSmsorT2cMNaozuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjIt
NTIwNThmOGE5YTFhLzEvOGljcnFzUm5uWkxocFJKdmxwb3RpVFhrVkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjItNTIwNThmOGE5YTFh
LzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAkhO1AwQE
2RQwMA8EAgACMAkDBwAqEkXH//8wDQYJKoZIhvcNAQELBQADggEBAD86x2fu+qH7
GF24yHMzfnQ1U0qtUQoPiFCGgJDulnA740saz+GAENJORkFXIXt7+hOncGv4FZ2H
LLlerqYyBcspnRIiz9oNBv4P/byKPbQtfQI6OMxNbhjwjXr08ltB7Pcdos80hRyl
4V7qsG+8/AM7sKQ5lsto2kIJnJJXnjSeNDN2SknYuI0gTG0RE63rjaTeh+82YNfH
LTjHNYvuWM4CiJvXyQwnfEEVSVEQ2pqvChMbY5go7n8nu/h5/OGbFP7zfnd0v/FN
gFBl/EmGyqrdreqhKqOSVYTxnrAhENrISw8771ZHZNmFfjyEwcZQ9bpKgotp1Prs
EnfjiRQemh0=
-----END CERTIFICATE-----
Generated at Thu Jul 11 10:21:57 2024 by rpki-client on console-ams.rpki-client.org