Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/x7xlSi1hdRGY9aZ1VKmYNpLUq6E.roa
File: x7xlSi1hdRGY9aZ1VKmYNpLUq6E.roa (raw, json)
Hash identifier: gTKP8mNPkBqWxC7g+QlUSzPx1+Efi5DIEXD1jxjpFEQ=
Subject key identifier: C7:BC:65:4A:2D:61:75:11:98:F5:A6:75:54:A9:98:36:92:D4:AB:A1
Certificate issuer: /CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Certificate serial: 0188FB3900D1EFDDC0643F9226833399A1D6
Authority key identifier: 3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/x7xlSi1hdRGY9aZ1VKmYNpLUq6E.roa
Signing time: Tue 27 Jun 2023 04:59:56 +0000
ROA not before: Tue 27 Jun 2023 04:59:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20253
IP address blocks: 146.19.181.0/24 maxlen: 26
217.20.52.0/24 maxlen: 24
217.20.58.0/24 maxlen: 24
217.20.57.0/24 maxlen: 24
217.20.56.0/24 maxlen: 24
217.20.54.0/24 maxlen: 24
217.20.53.0/24 maxlen: 24
217.20.59.0/24 maxlen: 24
217.20.61.0/24 maxlen: 24
217.20.60.0/24 maxlen: 24
217.20.51.0/24 maxlen: 24
217.20.50.0/24 maxlen: 24
217.20.49.0/24 maxlen: 24
217.20.48.0/24 maxlen: 24
2a12:45c7:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Jul 2023 17:34:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fb:39:00:d1:ef:dd:c0:64:3f:92:26:83:33:99:a1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Validity
Not Before: Jun 27 04:59:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7bc654a2d61751198f5a67554a9983692d4aba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:53:04:72:d5:2f:77:d2:dc:d2:d3:5d:13:f7:
3f:3b:33:b3:64:d3:33:74:95:a5:1f:43:e1:08:52:
cf:b6:c9:91:4d:5c:c0:a9:73:37:b0:6d:3d:d0:1d:
e3:ba:91:b6:95:07:64:e7:13:fa:a2:ba:1b:a4:8a:
81:8f:19:9b:67:47:15:ae:22:96:85:ca:3c:5f:9c:
dc:35:76:c0:14:50:e6:6f:af:af:d4:bd:72:b9:19:
c0:d4:32:49:3c:5f:17:f0:0a:3c:3b:4f:31:77:83:
c0:19:07:39:e3:34:89:c1:92:1c:2d:69:2d:17:44:
da:dc:21:d4:85:5b:6b:f2:4f:ad:63:a6:b4:31:3a:
a3:fd:06:31:80:76:70:2b:77:29:78:8a:aa:1a:a1:
33:7d:30:c9:13:e5:91:7a:55:75:70:31:9d:73:af:
f6:d0:fb:2a:ee:38:b3:25:95:ed:5e:db:03:6e:5e:
03:df:79:b0:c4:9f:51:d4:4c:3b:22:c7:85:ce:8b:
a0:ec:b1:9d:d7:8c:1e:fa:b6:ac:b5:ed:22:17:36:
0f:f8:17:f1:83:c7:6e:ba:22:11:c4:9a:7b:e1:a2:
8f:43:21:ca:a3:3c:6a:a5:40:4e:6b:6b:2d:b4:d0:
2e:7a:5b:ef:60:d7:35:c6:c3:cb:1c:6e:ef:9d:f9:
76:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BC:65:4A:2D:61:75:11:98:F5:A6:75:54:A9:98:36:92:D4:AB:A1
X509v3 Authority Key Identifier:
keyid:3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/x7xlSi1hdRGY9aZ1VKmYNpLUq6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.181.0/24
217.20.48.0-217.20.54.255
217.20.56.0-217.20.61.255
IPv6:
2a12:45c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
c1:f2:9d:93:a3:24:ab:07:02:80:66:6d:36:34:43:1c:37:51:
73:9b:ff:5d:e8:58:fa:8b:90:4a:57:4f:b6:c5:17:a0:98:0f:
b2:68:1e:20:01:d5:c7:b9:22:36:69:80:11:4d:db:01:96:75:
07:50:8b:e1:35:b1:38:2e:7d:62:ae:cb:a9:75:dd:bf:8b:07:
70:e5:f4:f3:e7:66:3d:21:0f:04:60:6e:e2:c1:8c:18:55:b3:
e5:3a:26:c7:6d:f3:ca:34:24:7f:de:0c:26:6f:6a:1c:10:b7:
42:77:a6:86:34:54:f9:9f:09:ce:2e:98:e2:f9:1a:58:05:01:
7c:64:8a:11:68:10:40:1e:86:57:22:5c:d4:56:7b:44:c4:5a:
be:07:a1:f9:9d:75:18:62:5a:74:3e:8d:38:e4:c1:95:a2:08:
cb:c5:02:46:83:80:50:41:2a:c6:fb:8f:b1:b5:0d:c1:07:af:
c9:1f:ed:14:1b:ec:a9:5e:ad:50:96:b6:62:08:ae:f5:59:a4:
7e:8a:21:98:67:32:d6:7c:37:c1:33:81:cc:d6:ab:5b:0e:0b:
7d:5c:1b:7d:bb:58:52:4a:b6:0d:c4:29:f5:50:0c:90:ab:28:
f0:1f:95:63:87:04:03:19:f6:82:1b:98:98:59:1a:e4:17:b8:
19:b2:03:57
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYj7OQDR793AZD+SJoMzmaHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzYzZTVkYjA0MzVjMmQzZTc0YTZiMjhhZDNkOWMzMGQ2
YThjZWUwHhcNMjMwNjI3MDQ1OTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JjNjU0YTJkNjE3NTExOThmNWE2NzU1NGE5OTgzNjkyZDRhYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1MEctUvd9Lc0tNdE/c/OzOzZNMz
dJWlH0PhCFLPtsmRTVzAqXM3sG090B3jupG2lQdk5xP6orobpIqBjxmbZ0cVriKW
hco8X5zcNXbAFFDmb6+v1L1yuRnA1DJJPF8X8Ao8O08xd4PAGQc54zSJwZIcLWkt
F0Ta3CHUhVtr8k+tY6a0MTqj/QYxgHZwK3cpeIqqGqEzfTDJE+WRelV1cDGdc6/2
0Psq7jizJZXtXtsDbl4D33mwxJ9R1Ew7IseFzoug7LGd14we+raste0iFzYP+Bfx
g8duuiIRxJp74aKPQyHKozxqpUBOa2sttNAuelvvYNc1xsPLHG7vnfl2yQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMe8ZUotYXURmPWmdVSpmDaS1KuhMB8GA1UdIwQY
MBaAFD7GPl2wQ1wtPnSmsorT2cMNaozuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjIt
NTIwNThmOGE5YTFhLzEveDd4bFNpMWhkUkdZOWFaMVZLbVlOcExVcTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjItNTIwNThmOGE5YTFh
LzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiAwQAkhO1MAwD
BATZFDADBADZFDYwDAMEA9kUOAMEAdkUPDAPBAIAAjAJAwcAKhJFx///MA0GCSqG
SIb3DQEBCwUAA4IBAQDB8p2ToySrBwKAZm02NEMcN1Fzm/9d6Fj6i5BKV0+2xReg
mA+yaB4gAdXHuSI2aYARTdsBlnUHUIvhNbE4Ln1irsupdd2/iwdw5fTz52Y9IQ8E
YG7iwYwYVbPlOibHbfPKNCR/3gwmb2ocELdCd6aGNFT5nwnOLpji+RpYBQF8ZIoR
aBBAHoZXIlzUVntExFq+B6H5nXUYYlp0Po045MGVogjLxQJGg4BQQSrG+4+xtQ3B
B6/JH+0UG+ypXq1QlrZiCK71WaR+iiGYZzLWfDfBM4HM1qtbDgt9XBt9u1hSSrYN
xCn1UAyQqyjwH5VjhwQDGfaCG5iYWRrkF7gZsgNX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:21 2024 by rpki-client on console-fra.rpki-client.org