Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/ge9rL2seRBHjZQ3u4SU71n6g8ak.roa
File: ge9rL2seRBHjZQ3u4SU71n6g8ak.roa (raw, json)
Hash identifier: 1eEGTIykUWFHQ5Ve9S6+MjNNXTVzs80tdiyO07Au7tA=
Subject key identifier: 81:EF:6B:2F:6B:1E:44:11:E3:65:0D:EE:E1:25:3B:D6:7E:A0:F1:A9
Certificate issuer: /CN=8ca8a4d42a0196df7cc0e14f597cf5660d63c09f
Certificate serial: 01872D214B0B543D23CFA4AE1235CD4D6A1E
Authority key identifier: 8C:A8:A4:D4:2A:01:96:DF:7C:C0:E1:4F:59:7C:F5:66:0D:63:C0:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/ge9rL2seRBHjZQ3u4SU71n6g8ak.roa
Signing time: Wed 29 Mar 2023 11:29:29 +0000
ROA not before: Wed 29 Mar 2023 11:29:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 46.29.240.0/24 maxlen: 24
46.29.241.0/24 maxlen: 24
46.29.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:21:4b:0b:54:3d:23:cf:a4:ae:12:35:cd:4d:6a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ca8a4d42a0196df7cc0e14f597cf5660d63c09f
Validity
Not Before: Mar 29 11:29:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81ef6b2f6b1e4411e3650deee1253bd67ea0f1a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:38:f7:27:7d:14:1a:96:f0:6d:6c:de:53:00:
41:9e:e4:74:bc:e1:72:4c:3c:23:7b:b4:32:b5:b0:
da:e8:70:1e:82:09:db:e2:96:d6:53:56:6d:ba:bd:
cd:2e:8c:20:97:49:88:f0:c9:8e:8d:62:b2:4b:ee:
e8:23:7c:af:0c:4f:50:84:86:7b:56:f7:66:c5:60:
04:a8:22:e0:12:fa:6c:fc:97:f7:bf:05:06:37:cd:
ed:a0:0a:7a:08:79:ca:26:c7:db:4e:1a:bb:65:3c:
8e:4e:2b:fa:bf:0d:a4:cc:b6:74:ae:a7:58:8e:a6:
fd:40:c0:bf:6f:a6:9c:2e:ec:a1:09:3c:63:db:ff:
34:c1:32:9d:de:7b:2a:04:3e:22:c5:27:76:dd:83:
49:3f:58:3e:48:92:d1:80:7a:ff:d2:fb:40:28:81:
57:3d:38:1b:be:4a:91:86:58:d7:cd:6f:da:f7:47:
7b:76:40:bd:4c:c1:69:e8:f5:60:69:ec:6a:99:c8:
2c:4b:42:36:e8:a4:b9:a1:fe:91:0e:b9:f6:d6:de:
7e:ca:a7:08:ab:5d:b1:f0:0d:c0:16:99:73:07:57:
e4:af:e6:fb:d6:78:3d:24:b9:c6:d9:bc:db:7f:55:
2b:35:31:17:ab:29:ef:03:23:44:5e:9d:90:bd:d4:
a2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EF:6B:2F:6B:1E:44:11:E3:65:0D:EE:E1:25:3B:D6:7E:A0:F1:A9
X509v3 Authority Key Identifier:
keyid:8C:A8:A4:D4:2A:01:96:DF:7C:C0:E1:4F:59:7C:F5:66:0D:63:C0:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/ge9rL2seRBHjZQ3u4SU71n6g8ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/jKik1CoBlt98wOFPWXz1Zg1jwJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.240.0/23
46.29.247.0/24
Signature Algorithm: sha256WithRSAEncryption
46:00:83:42:a3:95:a1:4d:81:60:05:5d:bf:a1:e5:3c:a4:f9:
01:87:62:54:8b:9b:b0:b0:70:2a:d3:14:8c:81:1a:e7:e7:8f:
d8:4b:62:48:34:a1:74:c6:cc:c2:3a:5c:fb:c8:9c:f3:c2:c6:
2b:d7:eb:02:35:20:49:56:c4:9a:38:2a:7a:11:6a:d4:f1:9b:
96:5e:5f:f0:2e:50:e2:c8:7c:f1:66:07:99:82:3b:7b:c8:8e:
43:80:7b:0a:5d:1d:8c:6d:fd:2c:84:51:97:42:bd:6c:b5:46:
37:78:9a:10:70:ab:2f:a1:69:df:13:57:a5:07:24:07:87:7c:
98:e6:e6:a0:28:5a:22:56:9f:d3:2d:36:90:a9:e7:37:65:33:
8d:67:b4:45:15:42:55:36:2b:3b:6a:25:4e:b9:9e:17:fa:64:
2d:00:45:7f:16:bd:1e:ca:88:b6:72:22:d1:41:28:32:fd:cf:
8a:a5:14:12:e6:de:98:38:1e:f7:dd:2d:49:64:49:c6:72:26:
38:23:ca:7e:e1:1b:92:b0:f5:e7:3c:35:ca:9c:33:43:6f:22:
52:2e:b4:da:4b:4c:6c:44:ce:a9:94:f8:63:56:e6:e2:27:94:
f8:1e:f1:bf:d4:92:59:27:aa:25:62:f7:36:a4:ee:ad:f9:d6:
ee:48:6c:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYctIUsLVD0jz6SuEjXNTWoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYThhNGQ0MmEwMTk2ZGY3Y2MwZTE0ZjU5N2NmNTY2MGQ2
M2MwOWYwHhcNMjMwMzI5MTEyOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWVmNmIyZjZiMWU0NDExZTM2NTBkZWVlMTI1M2JkNjdlYTBmMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjj3J30UGpbwbWzeUwBBnuR0vOFy
TDwje7QytbDa6HAeggnb4pbWU1Ztur3NLowgl0mI8MmOjWKyS+7oI3yvDE9QhIZ7
VvdmxWAEqCLgEvps/Jf3vwUGN83toAp6CHnKJsfbThq7ZTyOTiv6vw2kzLZ0rqdY
jqb9QMC/b6acLuyhCTxj2/80wTKd3nsqBD4ixSd23YNJP1g+SJLRgHr/0vtAKIFX
PTgbvkqRhljXzW/a90d7dkC9TMFp6PVgaexqmcgsS0I26KS5of6RDrn21t5+yqcI
q12x8A3AFplzB1fkr+b71ng9JLnG2bzbf1UrNTEXqynvAyNEXp2QvdSiLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIHvay9rHkQR42UN7uElO9Z+oPGpMB8GA1UdIwQY
MBaAFIyopNQqAZbffMDhT1l89WYNY8CfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktpazFDb0JsdDk4d09GUFdYejFaZzFqd0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9iYjA0ODAtNjZhZC00Mjg4LWI4ZDMt
MTAwNGMxZTUwZGZlLzEvZ2U5ckwyc2VSQkhqWlEzdTRTVTcxbjZnOGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9iYjA0ODAtNjZhZC00Mjg4LWI4ZDMtMTAwNGMxZTUwZGZl
LzEvaktpazFDb0JsdDk4d09GUFdYejFaZzFqd0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLh3wAwQA
Lh33MA0GCSqGSIb3DQEBCwUAA4IBAQBGAINCo5WhTYFgBV2/oeU8pPkBh2JUi5uw
sHAq0xSMgRrn54/YS2JINKF0xszCOlz7yJzzwsYr1+sCNSBJVsSaOCp6EWrU8ZuW
Xl/wLlDiyHzxZgeZgjt7yI5DgHsKXR2Mbf0shFGXQr1stUY3eJoQcKsvoWnfE1el
ByQHh3yY5uagKFoiVp/TLTaQqec3ZTONZ7RFFUJVNis7aiVOuZ4X+mQtAEV/Fr0e
yoi2ciLRQSgy/c+KpRQS5t6YOB733S1JZEnGciY4I8p+4RuSsPXnPDXKnDNDbyJS
LrTaS0xsRM6plPhjVubiJ5T4HvG/1JJZJ6olYvc2pO6t+dbuSGzZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:17 2024 by rpki-client on console-ams.rpki-client.org