Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/adk06hTJplIPH8egiNkI_LRxH5M.roa
File: adk06hTJplIPH8egiNkI_LRxH5M.roa (raw, json)
Hash identifier: L/izKe1Gq/osRH6U9p2bFHlvnIq2f4Oat1bbedlRaHM=
Subject key identifier: 69:D9:34:EA:14:C9:A6:52:0F:1F:C7:A0:88:D9:08:FC:B4:71:1F:93
Certificate issuer: /CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Certificate serial: 018CC26D43C45B22D7963CA0B7D9EEA867EC
Authority key identifier: 3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/adk06hTJplIPH8egiNkI_LRxH5M.roa
Signing time: Mon 01 Jan 2024 00:29:49 +0000
ROA not before: Mon 01 Jan 2024 00:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20253
IP address blocks: 146.19.181.0/24 maxlen: 26
217.20.52.0/24 maxlen: 24
217.20.58.0/24 maxlen: 24
217.20.57.0/24 maxlen: 24
217.20.56.0/24 maxlen: 24
217.20.54.0/24 maxlen: 24
217.20.53.0/24 maxlen: 24
217.20.59.0/24 maxlen: 24
217.20.63.0/24 maxlen: 24
217.20.61.0/24 maxlen: 24
217.20.60.0/24 maxlen: 24
217.20.51.0/24 maxlen: 24
217.20.50.0/24 maxlen: 24
217.20.49.0/24 maxlen: 24
217.20.48.0/24 maxlen: 24
2a12:45c7:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jan 2024 14:45:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:43:c4:5b:22:d7:96:3c:a0:b7:d9:ee:a8:67:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Validity
Not Before: Jan 1 00:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69d934ea14c9a6520f1fc7a088d908fcb4711f93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e7:3f:62:7c:46:a3:49:06:18:15:3f:6f:7f:
46:46:45:a8:31:06:d1:0d:a5:69:7d:56:9b:d9:4c:
c9:7e:b9:3a:5c:62:57:89:80:1f:c8:52:85:da:97:
af:9f:35:1f:00:56:5a:4a:0c:3b:6b:c0:12:ce:3c:
32:cc:cc:df:1d:2d:de:bb:a6:c9:38:a6:3c:23:55:
cb:8e:da:44:4c:d5:44:85:08:cc:f4:97:6d:90:d6:
3c:76:7f:fb:5a:3f:39:86:8c:35:c5:de:73:d8:ca:
8e:7c:5b:85:ff:b2:c8:22:05:07:ea:e6:27:b9:e7:
70:0f:a4:b6:f3:14:41:43:5c:88:11:a3:69:04:76:
be:e5:bd:47:42:2f:a4:f5:b5:11:19:a5:a5:6c:e3:
23:4d:c9:83:cc:c0:7a:cf:3b:45:e0:19:99:98:9a:
0a:1c:07:b9:0d:ca:c2:2b:d1:b9:44:8d:06:a9:eb:
e4:eb:9f:f0:f5:3f:a3:57:93:13:5c:47:6b:eb:fd:
55:53:30:32:9d:29:29:9a:fb:03:01:ce:41:c5:89:
25:11:b6:c3:72:e9:08:28:bd:0e:03:36:ad:9c:5a:
96:82:58:ed:11:64:b3:b0:dc:46:69:86:e1:07:bf:
0f:a1:c5:c5:c3:4a:ab:c0:0a:ee:76:df:ee:46:c6:
90:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D9:34:EA:14:C9:A6:52:0F:1F:C7:A0:88:D9:08:FC:B4:71:1F:93
X509v3 Authority Key Identifier:
keyid:3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/adk06hTJplIPH8egiNkI_LRxH5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.181.0/24
217.20.48.0-217.20.54.255
217.20.56.0-217.20.61.255
217.20.63.0/24
IPv6:
2a12:45c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
b9:30:81:e5:87:33:f8:9c:05:49:45:e4:56:3e:ac:11:38:2e:
0f:8a:b1:8d:d2:ec:51:c4:96:1d:bf:59:ec:81:78:d4:76:ca:
24:93:bf:7f:32:6c:13:52:7f:ba:50:1b:91:d5:31:d7:9a:b2:
0c:85:6a:00:60:ad:a0:36:40:59:83:a9:3f:e1:8e:c5:86:95:
f6:71:28:a6:ce:c0:68:cb:fe:d7:29:42:39:0f:7a:43:56:00:
a1:3a:a3:f4:63:00:32:86:de:b6:19:55:06:28:cb:0a:75:c8:
71:10:51:30:f2:c6:e7:e6:06:e9:30:cc:b6:c4:14:ca:03:d0:
f4:04:6c:7b:f3:b4:97:e2:c3:46:79:03:53:77:a2:80:27:fd:
00:28:aa:7c:c3:9c:90:86:5b:80:8d:39:ad:49:76:2c:d4:91:
e1:61:42:18:90:3b:10:12:9e:fb:6a:23:3e:74:4e:f6:58:17:
c2:2a:90:82:78:4a:38:d0:85:0b:e9:f5:b4:4c:7f:95:b7:61:
f5:89:af:1f:08:50:e3:3c:d1:29:46:b0:de:cf:97:50:77:7c:
38:d6:5f:b4:43:f1:94:7c:61:fd:0c:d9:58:bc:c5:48:21:82:
25:ee:77:f0:e0:d9:ab:7b:10:3e:62:19:58:8f:9a:3a:f8:06:
34:c7:1c:9b
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzCbUPEWyLXljygt9nuqGfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzYzZTVkYjA0MzVjMmQzZTc0YTZiMjhhZDNkOWMzMGQ2
YThjZWUwHhcNMjQwMTAxMDAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQ5MzRlYTE0YzlhNjUyMGYxZmM3YTA4OGQ5MDhmY2I0NzExZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOc/YnxGo0kGGBU/b39GRkWoMQbR
DaVpfVab2UzJfrk6XGJXiYAfyFKF2pevnzUfAFZaSgw7a8ASzjwyzMzfHS3eu6bJ
OKY8I1XLjtpETNVEhQjM9JdtkNY8dn/7Wj85how1xd5z2MqOfFuF/7LIIgUH6uYn
uedwD6S28xRBQ1yIEaNpBHa+5b1HQi+k9bURGaWlbOMjTcmDzMB6zztF4BmZmJoK
HAe5DcrCK9G5RI0Gqevk65/w9T+jV5MTXEdr6/1VUzAynSkpmvsDAc5BxYklEbbD
cukIKL0OAzatnFqWgljtEWSzsNxGaYbhB78PocXFw0qrwArudt/uRsaQEwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGnZNOoUyaZSDx/HoIjZCPy0cR+TMB8GA1UdIwQY
MBaAFD7GPl2wQ1wtPnSmsorT2cMNaozuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjIt
NTIwNThmOGE5YTFhLzEvYWRrMDZoVEpwbElQSDhlZ2lOa0lfTFJ4SDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjItNTIwNThmOGE5YTFh
LzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAuBAIAATAoAwQAkhO1MAwD
BATZFDADBADZFDYwDAMEA9kUOAMEAdkUPAMEANkUPzAPBAIAAjAJAwcAKhJFx///
MA0GCSqGSIb3DQEBCwUAA4IBAQC5MIHlhzP4nAVJReRWPqwROC4PirGN0uxRxJYd
v1nsgXjUdsokk79/MmwTUn+6UBuR1THXmrIMhWoAYK2gNkBZg6k/4Y7FhpX2cSim
zsBoy/7XKUI5D3pDVgChOqP0YwAyht62GVUGKMsKdchxEFEw8sbn5gbpMMy2xBTK
A9D0BGx787SX4sNGeQNTd6KAJ/0AKKp8w5yQhluAjTmtSXYs1JHhYUIYkDsQEp77
aiM+dE72WBfCKpCCeEo40IUL6fW0TH+Vt2H1ia8fCFDjPNEpRrDez5dQd3w41l+0
Q/GUfGH9DNlYvMVIIYIl7nfw4NmrexA+YhlYj5o6+AY0xxyb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:21 2024 by rpki-client on console-fra.rpki-client.org