Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/t_sXR-MIQf7eyvXEEG1A3gb9rmg.roa
File: t_sXR-MIQf7eyvXEEG1A3gb9rmg.roa (raw, json)
Hash identifier: bRb70nZcNc7rPpcz7lDEK69vdwtUYNRMfwtGiWuAOpQ=
Subject key identifier: B7:FB:17:47:E3:08:41:FE:DE:CA:F5:C4:10:6D:40:DE:06:FD:AE:68
Certificate issuer: /CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Certificate serial: 018803A33D0A9F019BFA1BAB47FEA306BE9F
Authority key identifier: 3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/t_sXR-MIQf7eyvXEEG1A3gb9rmg.roa
Signing time: Wed 10 May 2023 03:10:09 +0000
ROA not before: Wed 10 May 2023 03:10:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20253
IP address blocks: 146.19.181.0/24 maxlen: 26
217.20.52.0/24 maxlen: 24
217.20.58.0/24 maxlen: 24
217.20.57.0/24 maxlen: 24
217.20.56.0/24 maxlen: 24
217.20.53.0/24 maxlen: 24
217.20.61.0/24 maxlen: 24
217.20.60.0/24 maxlen: 24
217.20.51.0/24 maxlen: 24
217.20.50.0/24 maxlen: 24
217.20.49.0/24 maxlen: 24
217.20.48.0/24 maxlen: 24
2a12:45c7:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Jun 2023 04:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:03:a3:3d:0a:9f:01:9b:fa:1b:ab:47:fe:a3:06:be:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Validity
Not Before: May 10 03:10:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7fb1747e30841fedecaf5c4106d40de06fdae68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5d:4c:3d:14:46:9e:16:d3:5d:44:66:05:a8:
1c:03:f3:f3:96:13:60:82:fa:0f:13:ed:fd:9e:4e:
6b:49:6f:85:3b:82:79:d4:34:bd:b6:7f:5e:5a:77:
ea:dc:f6:ba:09:b9:95:79:02:b6:8c:13:6f:2f:a8:
84:45:46:99:e6:c4:ed:dd:60:48:d7:d1:70:9d:0d:
94:5a:97:99:09:ae:3c:18:c3:3e:61:5c:16:92:64:
87:85:b3:f3:a0:d7:ba:a9:12:25:f5:e7:a6:26:a5:
b3:90:ce:1b:dc:ab:9a:75:04:37:23:44:5d:71:d8:
0a:3d:cc:9e:64:f5:9c:dc:b7:0a:e9:5d:bd:98:88:
d4:55:29:e3:9c:1f:cf:c2:88:20:59:d2:69:8f:0f:
ed:ef:5d:e0:a6:2a:e7:ce:ec:e3:e7:1e:b2:66:8c:
f9:98:01:1d:24:a1:64:81:a8:8b:f3:6b:60:ab:6f:
72:81:95:ba:76:0e:7f:0c:39:70:09:a2:19:c1:01:
97:94:f9:72:7c:da:bc:60:d8:2d:dc:e0:c3:fb:54:
af:0c:93:1f:28:b2:5f:6c:b9:ac:a5:fd:d2:2f:e5:
80:b4:e1:83:58:ca:02:7f:90:72:3f:0c:91:73:d5:
1b:24:e8:8c:47:ae:79:21:86:fa:1f:6f:4e:d4:36:
49:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FB:17:47:E3:08:41:FE:DE:CA:F5:C4:10:6D:40:DE:06:FD:AE:68
X509v3 Authority Key Identifier:
keyid:3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/t_sXR-MIQf7eyvXEEG1A3gb9rmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.181.0/24
217.20.48.0-217.20.53.255
217.20.56.0-217.20.58.255
217.20.60.0/23
IPv6:
2a12:45c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
80:ab:cb:11:af:2a:06:4a:5e:2b:e8:dc:c7:41:9c:66:d5:7a:
29:e1:e4:3a:c1:58:48:98:09:d0:fe:4d:02:10:9d:15:c1:90:
48:57:41:96:1e:a1:6f:e5:fc:72:aa:41:78:d9:0c:67:5a:89:
52:8a:0c:02:2b:74:a8:f9:57:61:03:c3:8a:1a:44:ce:42:59:
f7:bc:10:1c:67:4a:6b:49:af:32:8a:13:71:a1:61:c5:fd:33:
91:08:18:6c:9d:20:56:06:9c:7e:ea:02:82:9c:49:fd:8f:d0:
d8:e5:43:b4:98:cb:01:f1:ff:39:a1:83:5d:49:6d:c2:fd:88:
8c:0f:12:bc:2e:92:d6:90:99:24:f8:dc:1f:a9:72:b8:0b:f8:
3f:01:a9:e3:0d:f2:8c:eb:bb:dd:c7:ae:92:26:14:27:7d:8c:
29:96:0c:a8:8c:ed:11:90:7e:5c:c5:09:a7:60:3a:ad:cb:a9:
b4:27:8d:4e:73:1b:d6:8b:34:22:c0:d1:b1:4d:19:91:e0:d6:
4d:0d:ef:23:48:61:b3:bf:e9:87:4f:53:23:39:a7:14:15:bc:
e5:06:91:1b:f8:98:0f:57:80:6a:89:a6:c2:3d:4d:70:6a:d1:
4b:69:6f:ba:f5:b6:82:40:3b:8f:11:6a:99:76:d4:c2:09:82:
ee:c6:13:6b
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYgDoz0KnwGb+hurR/6jBr6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzYzZTVkYjA0MzVjMmQzZTc0YTZiMjhhZDNkOWMzMGQ2
YThjZWUwHhcNMjMwNTEwMDMxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2ZiMTc0N2UzMDg0MWZlZGVjYWY1YzQxMDZkNDBkZTA2ZmRhZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw11MPRRGnhbTXURmBagcA/PzlhNg
gvoPE+39nk5rSW+FO4J51DS9tn9eWnfq3Pa6CbmVeQK2jBNvL6iERUaZ5sTt3WBI
19FwnQ2UWpeZCa48GMM+YVwWkmSHhbPzoNe6qRIl9eemJqWzkM4b3KuadQQ3I0Rd
cdgKPcyeZPWc3LcK6V29mIjUVSnjnB/PwoggWdJpjw/t713gpirnzuzj5x6yZoz5
mAEdJKFkgaiL82tgq29ygZW6dg5/DDlwCaIZwQGXlPlyfNq8YNgt3ODD+1SvDJMf
KLJfbLmspf3SL+WAtOGDWMoCf5ByPwyRc9UbJOiMR655IYb6H29O1DZJiQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLf7F0fjCEH+3sr1xBBtQN4G/a5oMB8GA1UdIwQY
MBaAFD7GPl2wQ1wtPnSmsorT2cMNaozuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjIt
NTIwNThmOGE5YTFhLzEvdF9zWFItTUlRZjdleXZYRUVHMUEzZ2I5cm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjItNTIwNThmOGE5YTFh
LzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAuBAIAATAoAwQAkhO1MAwD
BATZFDADBAHZFDQwDAMEA9kUOAMEANkUOgMEAdkUPDAPBAIAAjAJAwcAKhJFx///
MA0GCSqGSIb3DQEBCwUAA4IBAQCAq8sRryoGSl4r6NzHQZxm1Xop4eQ6wVhImAnQ
/k0CEJ0VwZBIV0GWHqFv5fxyqkF42QxnWolSigwCK3So+VdhA8OKGkTOQln3vBAc
Z0prSa8yihNxoWHF/TORCBhsnSBWBpx+6gKCnEn9j9DY5UO0mMsB8f85oYNdSW3C
/YiMDxK8LpLWkJkk+NwfqXK4C/g/AanjDfKM67vdx66SJhQnfYwplgyojO0RkH5c
xQmnYDqty6m0J41OcxvWizQiwNGxTRmR4NZNDe8jSGGzv+mHT1MjOacUFbzlBpEb
+JgPV4BqiabCPU1watFLaW+69baCQDuPEWqZdtTCCYLuxhNr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:21 2024 by rpki-client on console-fra.rpki-client.org