Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/T9j04Vk0yfbkKvrcAfDp_3dqcF4.roa
File: T9j04Vk0yfbkKvrcAfDp_3dqcF4.roa (raw, json)
Hash identifier: Ok1YBTRG6pqUBiy2CJTLdjS2FJud/vZSiT4Cfbjiu94=
Subject key identifier: 4F:D8:F4:E1:59:34:C9:F6:E4:2A:FA:DC:01:F0:E9:FF:77:6A:70:5E
Certificate issuer: /CN=3a539e501dff37cdc92cbee0cddb92ed2e81c13c
Certificate serial: 018BA87E102BBF5AA6DAB432457398233E99
Authority key identifier: 3A:53:9E:50:1D:FF:37:CD:C9:2C:BE:E0:CD:DB:92:ED:2E:81:C1:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OlOeUB3_N83JLL7gzduS7S6BwTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/T9j04Vk0yfbkKvrcAfDp_3dqcF4.roa
Signing time: Tue 07 Nov 2023 06:35:15 +0000
ROA not before: Tue 07 Nov 2023 06:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44347
IP address blocks: 185.14.34.0/23 maxlen: 23
185.14.32.0/23 maxlen: 23
185.14.32.0/22 maxlen: 22
188.65.48.0/22 maxlen: 22
188.65.48.0/21 maxlen: 21
188.65.52.0/22 maxlen: 22
46.43.192.0/19 maxlen: 19
46.43.192.0/18 maxlen: 18
46.43.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:7e:10:2b:bf:5a:a6:da:b4:32:45:73:98:23:3e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a539e501dff37cdc92cbee0cddb92ed2e81c13c
Validity
Not Before: Nov 7 06:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fd8f4e15934c9f6e42afadc01f0e9ff776a705e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:93:e4:72:32:c3:f4:68:5b:5c:d8:e9:06:74:
a2:f3:11:fd:e6:9e:ea:99:db:2d:a8:bb:65:9e:ab:
f9:7a:a8:62:1c:49:1d:ab:9a:cd:a8:40:d2:2a:28:
70:27:e9:11:27:ed:6c:1b:6b:f7:a9:a8:a4:81:ec:
24:bb:ee:e1:8e:24:fa:a9:b8:96:ab:e7:dc:dc:a7:
a9:76:99:88:ee:5a:78:8e:ca:2e:4a:07:68:21:c5:
b0:9e:b6:da:f8:89:6f:82:31:87:97:d6:3c:ba:94:
12:78:14:52:7e:fa:c4:03:9c:14:20:ee:4a:e4:d7:
6a:ef:69:33:f6:a6:c8:22:02:91:07:7c:cb:45:41:
6d:55:5b:17:d6:b6:10:9e:b1:04:ad:3c:9e:2e:1e:
fb:0f:f6:dd:22:7c:e5:86:29:d8:f5:2b:16:81:92:
d3:a5:a1:0c:d0:5f:ce:69:b9:25:49:e4:1f:dc:b0:
21:12:e4:ae:46:a9:0d:29:0d:00:a7:a3:11:d5:b3:
59:53:db:16:ec:36:f5:d6:18:de:af:0f:28:f4:3f:
b5:a4:1b:c3:eb:21:e2:c3:4c:ce:12:ae:a9:af:11:
dc:a0:6c:f2:1d:33:ae:29:06:78:7c:dc:7f:6d:00:
88:f8:ca:1d:01:38:ef:e0:ac:13:92:f0:2a:6d:63:
92:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D8:F4:E1:59:34:C9:F6:E4:2A:FA:DC:01:F0:E9:FF:77:6A:70:5E
X509v3 Authority Key Identifier:
keyid:3A:53:9E:50:1D:FF:37:CD:C9:2C:BE:E0:CD:DB:92:ED:2E:81:C1:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OlOeUB3_N83JLL7gzduS7S6BwTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/T9j04Vk0yfbkKvrcAfDp_3dqcF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d81a43-482a-4433-a7a2-027c0d6424e3/1/OlOeUB3_N83JLL7gzduS7S6BwTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.43.192.0/18
185.14.32.0/22
188.65.48.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:e9:f0:ab:db:fc:5f:6a:e8:b2:be:94:82:75:e2:60:3d:1c:
94:9e:26:65:92:71:1a:43:33:39:ce:7d:07:a3:72:c5:77:0f:
ee:27:40:dd:07:23:fa:d5:50:3d:12:3d:ff:99:dc:ca:ca:6b:
d6:71:24:cd:6a:3a:68:5c:b9:f5:64:b6:c8:69:55:93:be:1b:
e0:d6:cb:b4:0b:4c:18:a0:5a:35:7c:a9:45:47:cc:e4:79:06:
40:68:ea:ec:ce:81:d9:85:12:69:03:c4:b1:d5:cb:90:2a:36:
03:3d:3b:6b:66:01:03:64:d8:bf:aa:50:59:f7:61:65:11:c4:
01:25:ff:70:fa:24:56:e5:38:03:6c:1b:36:e2:24:59:ad:a8:
bf:08:76:ac:91:3f:de:e0:fe:de:5f:fb:a5:c5:b0:05:db:db:
24:c7:3c:ce:1d:97:d9:d4:0f:7b:33:15:dc:2a:51:c8:0a:30:
42:26:63:17:27:4c:b0:f6:c1:55:de:b6:b4:45:9b:3b:12:4e:
cf:0b:d8:15:32:6d:80:cb:b5:22:48:e2:86:58:3a:1e:55:bd:
c5:e9:6a:37:53:2c:c8:87:82:43:82:64:84:43:99:84:cf:17:
d4:49:f6:c5:16:da:79:4a:a6:2c:cd:cb:64:a3:4d:50:a3:1b:
2c:79:46:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuofhArv1qm2rQyRXOYIz6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNTM5ZTUwMWRmZjM3Y2RjOTJjYmVlMGNkZGI5MmVkMmU4
MWMxM2MwHhcNMjMxMTA3MDYzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQ4ZjRlMTU5MzRjOWY2ZTQyYWZhZGMwMWYwZTlmZjc3NmE3MDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJPkcjLD9GhbXNjpBnSi8xH95p7q
mdstqLtlnqv5eqhiHEkdq5rNqEDSKihwJ+kRJ+1sG2v3qaikgewku+7hjiT6qbiW
q+fc3KepdpmI7lp4jsouSgdoIcWwnrba+IlvgjGHl9Y8upQSeBRSfvrEA5wUIO5K
5Ndq72kz9qbIIgKRB3zLRUFtVVsX1rYQnrEErTyeLh77D/bdInzlhinY9SsWgZLT
paEM0F/OabklSeQf3LAhEuSuRqkNKQ0Ap6MR1bNZU9sW7Db11hjerw8o9D+1pBvD
6yHiw0zOEq6prxHcoGzyHTOuKQZ4fNx/bQCI+ModATjv4KwTkvAqbWOSawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE/Y9OFZNMn25Cr63AHw6f93anBeMB8GA1UdIwQY
MBaAFDpTnlAd/zfNySy+4M3bku0ugcE8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2xPZVVCM19OODNKTEw3Z3pkdVM3UzZCd1R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODFhNDMtNDgyYS00NDMzLWE3YTIt
MDI3YzBkNjQyNGUzLzEvVDlqMDRWazB5ZmJrS3ZyY0FmRHBfM2RxY0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kODFhNDMtNDgyYS00NDMzLWE3YTItMDI3YzBkNjQyNGUz
LzEvT2xPZVVCM19OODNKTEw3Z3pkdVM3UzZCd1R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGLivAAwQC
uQ4gAwQDvEEwMA0GCSqGSIb3DQEBCwUAA4IBAQCj6fCr2/xfauiyvpSCdeJgPRyU
niZlknEaQzM5zn0Ho3LFdw/uJ0DdByP61VA9Ej3/mdzKymvWcSTNajpoXLn1ZLbI
aVWTvhvg1su0C0wYoFo1fKlFR8zkeQZAaOrszoHZhRJpA8Sx1cuQKjYDPTtrZgED
ZNi/qlBZ92FlEcQBJf9w+iRW5TgDbBs24iRZrai/CHaskT/e4P7eX/ulxbAF29sk
xzzOHZfZ1A97MxXcKlHICjBCJmMXJ0yw9sFV3ra0RZs7Ek7PC9gVMm2Ay7UiSOKG
WDoeVb3F6Wo3UyzIh4JDgmSEQ5mEzxfUSfbFFtp5SqYszctko01QoxsseUZ/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:58 2024 by rpki-client on console-fra.rpki-client.org