Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/Dgjkt5K-DCqZ3unYtwyozyzD-Xo.roa
File: Dgjkt5K-DCqZ3unYtwyozyzD-Xo.roa (raw, json)
Hash identifier: HKuWuobjPbj/7GKtax0mWjX04bZ4DuxVVYjsPT6HaDs=
Subject key identifier: 0E:08:E4:B7:92:BE:0C:2A:99:DE:E9:D8:B7:0C:A8:CF:2C:C3:F9:7A
Certificate issuer: /CN=8f5ea8379bca44f4f6a7f4b69864cd9b02a27b12
Certificate serial: 01857102BB5AF92DDD970B8148623D9B9619
Authority key identifier: 8F:5E:A8:37:9B:CA:44:F4:F6:A7:F4:B6:98:64:CD:9B:02:A2:7B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j16oN5vKRPT2p_S2mGTNmwKiexI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/Dgjkt5K-DCqZ3unYtwyozyzD-Xo.roa
Signing time: Mon 02 Jan 2023 05:44:42 +0000
ROA not before: Mon 02 Jan 2023 05:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62132
IP address blocks: 185.46.110.0/24 maxlen: 24
185.46.108.0/24 maxlen: 24
185.46.111.0/24 maxlen: 24
185.46.108.0/22 maxlen: 22
185.46.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:bb:5a:f9:2d:dd:97:0b:81:48:62:3d:9b:96:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f5ea8379bca44f4f6a7f4b69864cd9b02a27b12
Validity
Not Before: Jan 2 05:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e08e4b792be0c2a99dee9d8b70ca8cf2cc3f97a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:90:a3:36:6e:94:ce:f9:4e:c8:ba:ff:ec:93:
fc:2b:8c:76:d5:75:d9:b6:ea:3d:33:58:83:c5:34:
69:be:ba:46:16:11:b3:a7:e6:12:a3:be:a3:d1:ed:
a9:01:ef:bd:5d:cd:24:1c:42:90:b8:e4:37:4d:ea:
99:d2:0c:5a:8c:f7:da:41:72:d8:25:be:48:84:87:
15:cd:42:c7:ef:c7:f7:66:f3:7b:b6:e7:b9:bc:18:
34:5c:72:69:72:72:48:e4:7f:ae:aa:4f:93:7a:43:
5d:76:1c:fb:72:3e:2c:9c:5e:70:76:fe:cc:2a:cf:
6a:81:ec:0f:f6:21:1d:85:09:85:a2:40:cd:65:20:
54:b8:e2:47:3c:d8:d7:31:1f:1a:5b:c8:f3:48:ee:
cf:88:55:0b:04:c1:55:7b:79:89:7f:d1:8f:4a:55:
f2:d5:b3:6d:8d:33:5e:8e:8f:ac:16:53:28:66:60:
20:a3:7c:3e:4a:36:d1:ae:25:ab:53:38:87:bf:d0:
2f:93:c8:2a:0d:a3:7a:60:00:07:c6:bb:c4:93:59:
b7:a4:a1:96:18:88:d3:71:34:bf:53:56:6b:4c:d1:
77:87:61:e9:92:dc:71:c2:13:f9:b7:6f:fe:54:40:
db:75:0e:a9:b7:5e:07:96:3c:b5:c9:75:c9:e5:5b:
b4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:08:E4:B7:92:BE:0C:2A:99:DE:E9:D8:B7:0C:A8:CF:2C:C3:F9:7A
X509v3 Authority Key Identifier:
keyid:8F:5E:A8:37:9B:CA:44:F4:F6:A7:F4:B6:98:64:CD:9B:02:A2:7B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j16oN5vKRPT2p_S2mGTNmwKiexI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/Dgjkt5K-DCqZ3unYtwyozyzD-Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/j16oN5vKRPT2p_S2mGTNmwKiexI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.108.0/22
Signature Algorithm: sha256WithRSAEncryption
51:00:91:a3:01:02:fe:68:ff:3d:45:91:ae:14:fb:b7:ce:90:
0c:37:47:a0:9d:65:01:9c:6f:b6:5d:a7:8d:12:b0:2a:c6:5c:
68:38:e9:0f:85:36:ab:92:89:cf:ea:d9:cc:68:ec:86:af:5b:
0f:1f:7d:89:ff:0c:8f:88:5a:8f:2e:39:94:5d:16:01:8c:de:
a1:96:24:f8:b0:91:7a:77:ca:05:97:50:75:3c:88:a2:bd:e9:
84:6f:f6:bb:97:74:39:9a:db:bd:21:48:ae:79:88:6c:5f:e2:
f1:97:5d:71:c7:90:68:f4:35:22:8c:d2:d7:7b:9d:2a:53:ca:
07:91:81:1b:07:f6:d9:f8:06:4e:30:39:a0:58:39:32:2d:2f:
ae:48:2c:cd:10:c3:ca:6a:71:dd:a3:07:14:ca:3a:5c:21:38:
ec:24:05:8b:84:1e:9d:a7:c7:fc:80:8c:23:ff:6e:9b:a0:7a:
97:9c:05:65:48:f8:99:c7:d9:36:d4:2a:75:cc:f2:ff:e2:e4:
b2:1c:e1:d4:a6:fb:11:46:8a:f7:e8:69:77:41:d5:a7:e8:fa:
04:a7:2e:1d:55:4d:a9:21:06:eb:47:1b:37:5d:d0:06:96:3c:
68:82:27:50:64:92:74:d5:70:42:63:ab:32:35:f7:1b:ba:da:
e5:e1:4e:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxArta+S3dlwuBSGI9m5YZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNWVhODM3OWJjYTQ0ZjRmNmE3ZjRiNjk4NjRjZDliMDJh
MjdiMTIwHhcNMjMwMTAyMDU0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA4ZTRiNzkyYmUwYzJhOTlkZWU5ZDhiNzBjYThjZjJjYzNmOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5CjNm6UzvlOyLr/7JP8K4x21XXZ
tuo9M1iDxTRpvrpGFhGzp+YSo76j0e2pAe+9Xc0kHEKQuOQ3TeqZ0gxajPfaQXLY
Jb5IhIcVzULH78f3ZvN7tue5vBg0XHJpcnJI5H+uqk+TekNddhz7cj4snF5wdv7M
Ks9qgewP9iEdhQmFokDNZSBUuOJHPNjXMR8aW8jzSO7PiFULBMFVe3mJf9GPSlXy
1bNtjTNejo+sFlMoZmAgo3w+SjbRriWrUziHv9Avk8gqDaN6YAAHxrvEk1m3pKGW
GIjTcTS/U1ZrTNF3h2HpktxxwhP5t2/+VEDbdQ6pt14Hljy1yXXJ5Vu0vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA4I5LeSvgwqmd7p2LcMqM8sw/l6MB8GA1UdIwQY
MBaAFI9eqDebykT09qf0tphkzZsConsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajE2b041dktSUFQycF9TMm1HVE5td0tpZXhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80MDJkNDMtZTk5Yy00MTEyLWEwMzgt
ZWNiYjk0NDJmNTg5LzEvRGdqa3Q1Sy1EQ3FaM3VuWXR3eW96eXpELVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80MDJkNDMtZTk5Yy00MTEyLWEwMzgtZWNiYjk0NDJmNTg5
LzEvajE2b041dktSUFQycF9TMm1HVE5td0tpZXhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS5sMA0G
CSqGSIb3DQEBCwUAA4IBAQBRAJGjAQL+aP89RZGuFPu3zpAMN0egnWUBnG+2XaeN
ErAqxlxoOOkPhTarkonP6tnMaOyGr1sPH32J/wyPiFqPLjmUXRYBjN6hliT4sJF6
d8oFl1B1PIiivemEb/a7l3Q5mtu9IUiueYhsX+Lxl11xx5Bo9DUijNLXe50qU8oH
kYEbB/bZ+AZOMDmgWDkyLS+uSCzNEMPKanHdowcUyjpcITjsJAWLhB6dp8f8gIwj
/26boHqXnAVlSPiZx9k21Cp1zPL/4uSyHOHUpvsRRor36Gl3QdWn6PoEpy4dVU2p
IQbrRxs3XdAGljxogidQZJJ01XBCY6syNfcbutrl4U7G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:52 2024 by rpki-client on console-ams.rpki-client.org