Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/65d5BKhW76ebCtURZFsdjIKDZKA.roa
File: 65d5BKhW76ebCtURZFsdjIKDZKA.roa (raw, json)
Hash identifier: ncZDDZ0N937T6eN0D+bVaXTBNpZB5Hn0l06vqO7fuMo=
Subject key identifier: EB:97:79:04:A8:56:EF:A7:9B:0A:D5:11:64:5B:1D:8C:82:83:64:A0
Certificate issuer: /CN=4766c6d9ad21cd4118a0448264d6fb35d55f14c0
Certificate serial: 01856FF94613F19CCB1AF70958518D3DC1A9
Authority key identifier: 47:66:C6:D9:AD:21:CD:41:18:A0:44:82:64:D6:FB:35:D5:5F:14:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2bG2a0hzUEYoESCZNb7NdVfFMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/65d5BKhW76ebCtURZFsdjIKDZKA.roa
Signing time: Mon 02 Jan 2023 00:54:45 +0000
ROA not before: Mon 02 Jan 2023 00:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20694
IP address blocks: 185.45.110.0/23 maxlen: 23
46.30.24.0/21 maxlen: 21
2a02:22f0:12::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:46:13:f1:9c:cb:1a:f7:09:58:51:8d:3d:c1:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4766c6d9ad21cd4118a0448264d6fb35d55f14c0
Validity
Not Before: Jan 2 00:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb977904a856efa79b0ad511645b1d8c828364a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5d:15:20:a8:99:10:84:90:53:e0:58:d9:59:
ec:61:44:bb:12:0e:77:8a:37:cc:f7:35:47:f1:dd:
7f:be:78:f8:78:6c:2f:1b:6b:15:f7:92:09:33:24:
1f:3c:c4:45:4f:93:fa:60:40:28:98:00:59:58:75:
3e:ae:6d:95:b5:d4:28:00:e4:5d:5b:36:72:94:ff:
72:d9:32:19:c5:17:ef:55:6a:7a:c0:db:98:af:e8:
38:a3:f5:18:2f:ad:bb:6e:d1:47:04:93:a6:27:5b:
d2:7d:18:93:a6:01:e7:0a:aa:da:3d:5b:b5:6e:16:
bd:7d:85:b4:b5:4c:0f:70:fb:9a:99:d1:47:13:72:
55:57:c4:0e:6f:ef:c5:9d:10:1d:cd:fc:a8:40:7a:
47:56:78:a1:96:21:e4:7d:55:22:11:d1:76:83:47:
4e:75:2f:fd:67:18:82:cf:3b:fe:75:e1:07:e6:35:
82:16:c5:53:a3:a2:17:55:6a:b9:e8:e4:c2:98:51:
d1:5a:85:a4:02:77:3c:ef:d1:e1:82:c4:b9:e1:88:
00:d8:c9:87:9d:34:19:c2:79:1f:93:79:49:e7:0a:
48:3f:f6:cb:4b:73:49:7d:a3:97:07:38:b0:9d:bb:
3a:9c:9d:85:55:f4:c6:48:66:18:c3:a5:f2:ca:4c:
35:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:97:79:04:A8:56:EF:A7:9B:0A:D5:11:64:5B:1D:8C:82:83:64:A0
X509v3 Authority Key Identifier:
keyid:47:66:C6:D9:AD:21:CD:41:18:A0:44:82:64:D6:FB:35:D5:5F:14:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2bG2a0hzUEYoESCZNb7NdVfFMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/65d5BKhW76ebCtURZFsdjIKDZKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/R2bG2a0hzUEYoESCZNb7NdVfFMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.24.0/21
185.45.110.0/23
IPv6:
2a02:22f0:12::/48
Signature Algorithm: sha256WithRSAEncryption
89:55:2c:cd:06:99:92:e1:44:17:0f:e1:3a:e5:7e:ea:e9:68:
c8:4b:06:d7:9e:40:86:9c:f1:1c:6a:e4:e1:8f:6d:7c:f6:67:
a5:01:61:b2:a4:d7:56:56:61:67:68:82:81:72:b4:ce:2d:2d:
09:8f:e4:5e:d1:d3:49:c2:9c:b4:9a:3a:e2:21:11:e9:71:77:
6b:81:67:61:81:9a:5a:88:46:1c:b4:42:ef:c4:e9:55:f9:31:
83:c8:48:42:21:8a:3c:5f:75:a0:b7:9e:3c:ba:58:da:b0:25:
7a:a9:59:51:a4:75:72:cc:46:f4:ed:17:dc:27:48:63:23:68:
a1:bd:1b:cc:3c:e2:3d:1d:63:2b:77:2f:36:4d:39:81:03:f0:
3b:46:55:67:69:1e:32:67:ff:53:68:3e:af:f1:32:36:dd:28:
3e:6c:91:fd:a3:41:5b:a2:9a:fa:0f:d6:d1:fd:63:7e:8d:a6:
30:60:a6:77:13:10:9a:0b:06:92:27:a1:af:16:82:cc:55:79:
69:b9:31:14:69:0f:8b:63:3e:28:67:0f:f2:93:42:6d:b4:e2:
53:b0:a9:dc:92:b1:60:1f:9c:56:28:0b:e1:08:14:ff:a5:a1:
6c:a0:59:11:26:9b:8a:19:06:08:30:0f:e0:bc:ff:e3:0e:96:
0e:39:30:b7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVv+UYT8ZzLGvcJWFGNPcGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NjZjNmQ5YWQyMWNkNDExOGEwNDQ4MjY0ZDZmYjM1ZDU1
ZjE0YzAwHhcNMjMwMTAyMDA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk3NzkwNGE4NTZlZmE3OWIwYWQ1MTE2NDViMWQ4YzgyODM2NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr10VIKiZEISQU+BY2VnsYUS7Eg53
ijfM9zVH8d1/vnj4eGwvG2sV95IJMyQfPMRFT5P6YEAomABZWHU+rm2VtdQoAORd
WzZylP9y2TIZxRfvVWp6wNuYr+g4o/UYL627btFHBJOmJ1vSfRiTpgHnCqraPVu1
bha9fYW0tUwPcPuamdFHE3JVV8QOb+/FnRAdzfyoQHpHVnihliHkfVUiEdF2g0dO
dS/9ZxiCzzv+deEH5jWCFsVTo6IXVWq56OTCmFHRWoWkAnc879HhgsS54YgA2MmH
nTQZwnkfk3lJ5wpIP/bLS3NJfaOXBziwnbs6nJ2FVfTGSGYYw6Xyykw1awIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOuXeQSoVu+nmwrVEWRbHYyCg2SgMB8GA1UdIwQY
MBaAFEdmxtmtIc1BGKBEgmTW+zXVXxTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjJiRzJhMGh6VUVZb0VTQ1pOYjdOZFZmRk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80MWRjNzUtMWYzMi00ZWRkLWE5NGMt
ZjVlYzQwM2ZkYWNmLzEvNjVkNUJLaFc3NmViQ3RVUlpGc2RqSUtEWktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80MWRjNzUtMWYzMi00ZWRkLWE5NGMtZjVlYzQwM2ZkYWNm
LzEvUjJiRzJhMGh6VUVZb0VTQ1pOYjdOZFZmRk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDLh4YAwQB
uS1uMA8EAgACMAkDBwAqAiLwABIwDQYJKoZIhvcNAQELBQADggEBAIlVLM0GmZLh
RBcP4TrlfurpaMhLBteeQIac8Rxq5OGPbXz2Z6UBYbKk11ZWYWdogoFytM4tLQmP
5F7R00nCnLSaOuIhEelxd2uBZ2GBmlqIRhy0Qu/E6VX5MYPISEIhijxfdaC3njy6
WNqwJXqpWVGkdXLMRvTtF9wnSGMjaKG9G8w84j0dYyt3LzZNOYED8DtGVWdpHjJn
/1NoPq/xMjbdKD5skf2jQVuimvoP1tH9Y36NpjBgpncTEJoLBpInoa8WgsxVeWm5
MRRpD4tjPihnD/KTQm204lOwqdySsWAfnFYoC+EIFP+loWygWREmm4oZBggwD+C8
/+MOlg45MLc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:16 2024 by rpki-client on console-fra.rpki-client.org