Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/dhYxYcy5ffcFeStsiUUL-MzvmWI.roa
File: dhYxYcy5ffcFeStsiUUL-MzvmWI.roa (raw, json)
Hash identifier: 7+fDqS2jKfHWXlcF3ETJY6OWnHP8KgVt2W2hPKRrBvc=
Subject key identifier: 76:16:31:61:CC:B9:7D:F7:05:79:2B:6C:89:45:0B:F8:CC:EF:99:62
Certificate issuer: /CN=e248d5bf01b0e295bd0885fc5c4df827543822ed
Certificate serial: 018572A8094EC1EEC0B6BFF88412CC660CE6
Authority key identifier: E2:48:D5:BF:01:B0:E2:95:BD:08:85:FC:5C:4D:F8:27:54:38:22:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kjVvwGw4pW9CIX8XE34J1Q4Iu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/dhYxYcy5ffcFeStsiUUL-MzvmWI.roa
Signing time: Mon 02 Jan 2023 13:24:53 +0000
ROA not before: Mon 02 Jan 2023 13:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52092
IP address blocks: 46.149.112.0/20 maxlen: 20
46.149.120.0/24 maxlen: 24
46.149.121.0/24 maxlen: 24
2001:67c:3b4::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a8:09:4e:c1:ee:c0:b6:bf:f8:84:12:cc:66:0c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e248d5bf01b0e295bd0885fc5c4df827543822ed
Validity
Not Before: Jan 2 13:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76163161ccb97df705792b6c89450bf8ccef9962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cb:cb:b2:e2:3d:0c:82:f8:d0:f5:12:11:e4:
9b:a3:d8:06:80:17:a5:b1:36:b2:f9:78:da:97:ee:
f8:82:d8:c6:c5:6f:bc:da:05:90:28:14:53:fe:97:
5d:94:37:0c:a1:e4:97:c6:34:15:8b:c4:08:cf:49:
94:d9:ca:47:d9:3d:c3:9e:8c:67:1d:17:04:f9:68:
ec:fe:07:87:89:7d:77:94:c4:7b:92:ff:78:8d:35:
9c:af:0a:8f:06:ee:02:9f:7f:d1:93:cc:4e:7a:9e:
d2:9b:5f:99:b9:85:6a:0e:0d:50:ad:55:12:2b:af:
fe:cd:98:43:c8:b0:9b:a4:6d:0d:11:b7:b0:7c:bf:
c4:78:2d:a7:c5:86:bc:02:79:d7:71:a6:cd:ba:bc:
f7:ff:b3:39:85:58:40:26:c0:63:e1:7e:a3:30:c3:
e2:3b:5d:71:0b:38:e9:d1:2c:a4:55:3e:6e:9b:72:
cb:0a:9f:76:bb:4e:f8:8c:ec:db:00:7f:14:f5:5a:
b7:6f:66:a4:5a:47:b3:f7:ea:7f:c7:3f:4c:b4:b3:
18:21:cc:1d:e3:bf:10:54:0e:67:b5:ea:fe:d5:57:
fe:bf:8b:8d:f3:3b:09:f0:79:45:61:73:69:30:c7:
b3:b9:af:1d:1f:88:1f:63:22:37:35:d7:ad:9e:f6:
5f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:16:31:61:CC:B9:7D:F7:05:79:2B:6C:89:45:0B:F8:CC:EF:99:62
X509v3 Authority Key Identifier:
keyid:E2:48:D5:BF:01:B0:E2:95:BD:08:85:FC:5C:4D:F8:27:54:38:22:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kjVvwGw4pW9CIX8XE34J1Q4Iu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/dhYxYcy5ffcFeStsiUUL-MzvmWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebe8e1-539b-4004-8d4c-a00b5713c6aa/1/4kjVvwGw4pW9CIX8XE34J1Q4Iu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.112.0/20
IPv6:
2001:67c:3b4::/48
Signature Algorithm: sha256WithRSAEncryption
3d:ce:92:e9:81:2f:37:3d:96:4c:88:5f:9e:17:eb:9a:4c:78:
7b:2a:d8:40:75:9f:45:3d:d4:de:52:a3:da:c6:54:91:e9:06:
26:a8:20:9f:46:a4:c9:26:e2:d3:72:6c:af:84:3f:9a:c8:9d:
25:af:f3:0a:5c:bc:a5:72:21:de:7c:46:00:9a:95:ca:58:db:
74:52:cb:57:d5:6f:71:a2:41:52:a4:5d:be:2c:19:d8:a9:1a:
41:3e:eb:35:26:f7:67:39:92:9b:eb:ff:64:a1:aa:86:d1:fd:
eb:a9:96:4b:b5:88:a8:b3:d0:f1:bd:01:18:17:76:bc:5a:5a:
8a:00:21:6a:f2:24:34:85:95:65:78:1d:60:8b:a6:9e:15:58:
79:88:cc:06:d0:ae:2f:8a:8d:b5:ad:1a:03:9a:b2:36:eb:91:
64:4e:dc:d5:73:52:c3:84:5b:d7:88:ec:39:ec:7d:4b:56:2e:
6e:ec:3c:76:1f:e8:bb:2f:b1:03:b3:01:08:57:d6:b5:b4:0d:
65:e4:7f:bc:01:35:2d:4f:78:67:aa:12:55:a4:35:27:94:ed:
7f:ad:a6:fd:6a:95:75:57:40:2b:4a:4a:b1:20:5f:64:34:aa:
0a:0e:64:dd:db:d1:93:4f:8e:36:3c:99:cc:52:b7:cf:a1:64:
43:0d:dc:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyqAlOwe7Atr/4hBLMZgzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNDhkNWJmMDFiMGUyOTViZDA4ODVmYzVjNGRmODI3NTQz
ODIyZWQwHhcNMjMwMTAyMTMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjE2MzE2MWNjYjk3ZGY3MDU3OTJiNmM4OTQ1MGJmOGNjZWY5OTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMvLsuI9DIL40PUSEeSbo9gGgBel
sTay+Xjal+74gtjGxW+82gWQKBRT/pddlDcMoeSXxjQVi8QIz0mU2cpH2T3Dnoxn
HRcE+Wjs/geHiX13lMR7kv94jTWcrwqPBu4Cn3/Rk8xOep7Sm1+ZuYVqDg1QrVUS
K6/+zZhDyLCbpG0NEbewfL/EeC2nxYa8AnnXcabNurz3/7M5hVhAJsBj4X6jMMPi
O11xCzjp0SykVT5um3LLCp92u074jOzbAH8U9Vq3b2akWkez9+p/xz9MtLMYIcwd
478QVA5nter+1Vf+v4uN8zsJ8HlFYXNpMMezua8dH4gfYyI3NdetnvZf7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHYWMWHMuX33BXkrbIlFC/jM75liMB8GA1UdIwQY
MBaAFOJI1b8BsOKVvQiF/FxN+CdUOCLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtqVnZ3R3c0cFc5Q0lYOFhFMzRKMVE0SXUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lYmU4ZTEtNTM5Yi00MDA0LThkNGMt
YTAwYjU3MTNjNmFhLzEvZGhZeFljeTVmZmNGZVN0c2lVVUwtTXp2bVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lYmU4ZTEtNTM5Yi00MDA0LThkNGMtYTAwYjU3MTNjNmFh
LzEvNGtqVnZ3R3c0cFc5Q0lYOFhFMzRKMVE0SXUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQELpVwMA8E
AgACMAkDBwAgAQZ8A7QwDQYJKoZIhvcNAQELBQADggEBAD3OkumBLzc9lkyIX54X
65pMeHsq2EB1n0U91N5So9rGVJHpBiaoIJ9GpMkm4tNybK+EP5rInSWv8wpcvKVy
Id58RgCalcpY23RSy1fVb3GiQVKkXb4sGdipGkE+6zUm92c5kpvr/2ShqobR/eup
lku1iKiz0PG9ARgXdrxaWooAIWryJDSFlWV4HWCLpp4VWHmIzAbQri+KjbWtGgOa
sjbrkWRO3NVzUsOEW9eI7DnsfUtWLm7sPHYf6LsvsQOzAQhX1rW0DWXkf7wBNS1P
eGeqElWkNSeU7X+tpv1qlXVXQCtKSrEgX2Q0qgoOZN3b0ZNPjjY8mcxSt8+hZEMN
3OY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:08 2024 by rpki-client on console-ams.rpki-client.org