Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/43312f-991d-4e95-93df-2c7ef9ff03f5/1/v8HtFIsq6ziRgPqlkZ-ZaFftduc.roa
File: v8HtFIsq6ziRgPqlkZ-ZaFftduc.roa (raw, json)
Hash identifier: UEKruJlXlfXtHYlD6uq5zprfrWv+EiAaC8acWfMSqQI=
Subject key identifier: BF:C1:ED:14:8B:2A:EB:38:91:80:FA:A5:91:9F:99:68:57:ED:76:E7
Certificate issuer: /CN=61d764a0434272c1329ae99288d092bc3ef2228f
Certificate serial: 0185723A183DD77EC8573908405F66B4C6F8
Authority key identifier: 61:D7:64:A0:43:42:72:C1:32:9A:E9:92:88:D0:92:BC:3E:F2:22:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YddkoENCcsEymumSiNCSvD7yIo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/43312f-991d-4e95-93df-2c7ef9ff03f5/1/v8HtFIsq6ziRgPqlkZ-ZaFftduc.roa
Signing time: Mon 02 Jan 2023 11:24:47 +0000
ROA not before: Mon 02 Jan 2023 11:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51309
IP address blocks: 46.28.16.0/24 maxlen: 24
46.28.17.0/24 maxlen: 24
46.28.23.0/24 maxlen: 24
46.28.20.0/24 maxlen: 24
46.28.22.0/24 maxlen: 24
46.28.19.0/24 maxlen: 24
46.28.21.0/24 maxlen: 24
46.28.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:18:3d:d7:7e:c8:57:39:08:40:5f:66:b4:c6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61d764a0434272c1329ae99288d092bc3ef2228f
Validity
Not Before: Jan 2 11:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfc1ed148b2aeb389180faa5919f996857ed76e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:da:a0:ab:c0:80:7f:d9:80:16:35:b0:f8:73:
fe:f5:ed:6a:78:92:41:ff:0c:69:f0:71:54:fb:c4:
a9:a7:e3:ec:6d:67:e0:7d:2a:a3:8c:3c:f9:20:74:
0b:69:58:13:45:aa:eb:72:51:60:a9:27:55:89:36:
b2:93:8c:aa:db:97:de:33:32:6f:fc:5f:16:1d:30:
82:0e:2d:c4:48:b6:f8:e7:56:3e:df:94:31:64:ed:
75:bb:fc:c2:e1:4e:74:f5:d2:2a:8f:94:9e:b2:3c:
57:01:e3:d0:81:a7:7d:f9:17:92:b9:f5:6a:cf:ed:
86:9b:98:ef:ee:d5:47:d3:35:96:41:75:3b:5c:75:
67:e8:3a:d8:b3:51:f6:46:4e:0b:10:3e:90:9e:7c:
6b:ae:e2:93:4a:af:f3:e1:85:6f:cb:31:16:33:9d:
ae:b8:cb:fe:17:ef:1c:50:b7:ff:18:e0:50:79:41:
31:c3:aa:8c:85:ef:ca:bf:ed:ac:dd:6f:f3:56:1e:
f6:5b:1d:8f:72:85:be:e2:57:86:b2:c9:9b:11:94:
1c:02:2b:8f:f9:48:7e:0d:38:57:69:b1:f4:a5:1c:
bc:20:34:a6:6f:99:7e:42:60:16:8c:f9:aa:0b:d5:
98:69:80:a8:0a:92:f3:26:2f:b8:cc:3f:ab:61:a0:
56:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C1:ED:14:8B:2A:EB:38:91:80:FA:A5:91:9F:99:68:57:ED:76:E7
X509v3 Authority Key Identifier:
keyid:61:D7:64:A0:43:42:72:C1:32:9A:E9:92:88:D0:92:BC:3E:F2:22:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YddkoENCcsEymumSiNCSvD7yIo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/43312f-991d-4e95-93df-2c7ef9ff03f5/1/v8HtFIsq6ziRgPqlkZ-ZaFftduc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/43312f-991d-4e95-93df-2c7ef9ff03f5/1/YddkoENCcsEymumSiNCSvD7yIo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.16.0/21
Signature Algorithm: sha256WithRSAEncryption
af:84:a3:bb:6d:84:18:11:ef:f9:f3:27:79:c0:37:5a:ed:05:
cf:8b:c3:67:ff:5e:84:e5:29:b9:65:19:61:41:2d:b4:eb:0b:
e6:ef:aa:cb:e2:bd:dd:84:3a:b8:f1:05:36:93:b3:d5:02:b1:
dd:77:9a:15:c8:ec:c0:9e:bd:b9:45:6c:5f:3f:e9:6f:12:b6:
eb:2e:c1:f9:56:50:2a:14:6e:05:fe:85:53:bb:ec:ab:9b:2b:
79:29:1f:af:e7:57:62:70:52:e4:a5:3b:16:8a:f4:4b:88:87:
4f:cb:23:11:fc:62:da:e5:a1:0f:3c:ab:cb:44:bc:d6:df:8e:
95:33:70:1a:36:98:c8:9f:1d:b8:39:98:67:e3:8d:77:93:ef:
08:33:bf:2f:ca:1d:11:48:96:d8:1f:89:97:2f:91:69:52:33:
e1:4a:43:b5:2e:e4:19:e5:27:22:04:62:34:9c:1c:77:32:b7:
f0:35:18:a3:d5:ea:91:ea:6c:82:06:d0:ba:67:64:60:d1:64:
bf:c0:75:c7:29:8f:45:6c:cb:2d:13:7e:31:9b:65:57:75:b5:
a8:fb:7d:fd:82:b3:97:88:b5:9c:8d:59:55:84:4d:5d:27:f9:
62:0f:43:6c:d1:49:b3:17:85:61:9b:0b:b5:b6:1e:74:7a:70:
c5:07:0c:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOhg9137IVzkIQF9mtMb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZDc2NGEwNDM0MjcyYzEzMjlhZTk5Mjg4ZDA5MmJjM2Vm
MjIyOGYwHhcNMjMwMTAyMTEyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmMxZWQxNDhiMmFlYjM4OTE4MGZhYTU5MTlmOTk2ODU3ZWQ3NmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9qgq8CAf9mAFjWw+HP+9e1qeJJB
/wxp8HFU+8Spp+PsbWfgfSqjjDz5IHQLaVgTRarrclFgqSdViTayk4yq25feMzJv
/F8WHTCCDi3ESLb451Y+35QxZO11u/zC4U509dIqj5SesjxXAePQgad9+ReSufVq
z+2Gm5jv7tVH0zWWQXU7XHVn6DrYs1H2Rk4LED6QnnxrruKTSq/z4YVvyzEWM52u
uMv+F+8cULf/GOBQeUExw6qMhe/Kv+2s3W/zVh72Wx2PcoW+4leGssmbEZQcAiuP
+Uh+DThXabH0pRy8IDSmb5l+QmAWjPmqC9WYaYCoCpLzJi+4zD+rYaBW9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/B7RSLKus4kYD6pZGfmWhX7XbnMB8GA1UdIwQY
MBaAFGHXZKBDQnLBMprpkojQkrw+8iKPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWRka29FTkNjc0V5bXVtU2lOQ1N2RDd5SW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi80MzMxMmYtOTkxZC00ZTk1LTkzZGYt
MmM3ZWY5ZmYwM2Y1LzEvdjhIdEZJc3E2emlSZ1BxbGtaLVphRmZ0ZHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi80MzMxMmYtOTkxZC00ZTk1LTkzZGYtMmM3ZWY5ZmYwM2Y1
LzEvWWRka29FTkNjc0V5bXVtU2lOQ1N2RDd5SW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhwQMA0G
CSqGSIb3DQEBCwUAA4IBAQCvhKO7bYQYEe/58yd5wDda7QXPi8Nn/16E5Sm5ZRlh
QS206wvm76rL4r3dhDq48QU2k7PVArHdd5oVyOzAnr25RWxfP+lvErbrLsH5VlAq
FG4F/oVTu+yrmyt5KR+v51dicFLkpTsWivRLiIdPyyMR/GLa5aEPPKvLRLzW346V
M3AaNpjInx24OZhn4413k+8IM78vyh0RSJbYH4mXL5FpUjPhSkO1LuQZ5SciBGI0
nBx3MrfwNRij1eqR6myCBtC6Z2Rg0WS/wHXHKY9FbMstE34xm2VXdbWo+339grOX
iLWcjVlVhE1dJ/liD0Ns0UmzF4Vhmwu1th50enDFBwyV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:33 2024 by rpki-client on console-ams.rpki-client.org