Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/df-R-jYHRcM6hUheHkx6Z0UO6X8.roa
File: df-R-jYHRcM6hUheHkx6Z0UO6X8.roa (raw, json)
Hash identifier: Hm/0Kynvs7yp6O4oqHL+5kyJWXD3rRvAx+Xcpmrt5JU=
Subject key identifier: 75:FF:91:FA:36:07:45:C3:3A:85:48:5E:1E:4C:7A:67:45:0E:E9:7F
Certificate issuer: /CN=c1233861207a230564ef36f11e0157344731e3f9
Certificate serial: 0188B9D94351AD8B26ED33CD7026F97FD36A
Authority key identifier: C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/df-R-jYHRcM6hUheHkx6Z0UO6X8.roa
Signing time: Wed 14 Jun 2023 12:20:03 +0000
ROA not before: Wed 14 Jun 2023 12:20:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16273
IP address blocks: 46.228.128.0/24 maxlen: 24
46.228.128.0/23 maxlen: 24
46.228.129.0/24 maxlen: 24
46.228.130.0/24 maxlen: 24
46.228.131.0/24 maxlen: 24
46.228.132.0/23 maxlen: 23
46.228.134.0/23 maxlen: 23
46.228.141.0/24 maxlen: 24
46.228.143.0/24 maxlen: 24
193.110.108.0/23 maxlen: 23
193.110.108.0/24 maxlen: 24
2a03:7800:a00::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 14 Jun 2023 13:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:d9:43:51:ad:8b:26:ed:33:cd:70:26:f9:7f:d3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1233861207a230564ef36f11e0157344731e3f9
Validity
Not Before: Jun 14 12:20:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75ff91fa360745c33a85485e1e4c7a67450ee97f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b0:a9:28:34:55:10:27:3d:31:9a:b1:cb:93:
d4:fa:9b:78:ea:a2:8c:b8:e1:f9:99:64:89:5e:bd:
d1:6a:a9:1f:26:4e:4b:73:0a:3c:48:ec:12:52:31:
87:b2:38:39:53:88:82:4a:4f:6c:f8:cd:ee:f8:95:
a9:f4:ff:a8:03:ff:05:54:1a:a4:8c:ea:32:a9:a6:
47:86:c3:1a:85:06:09:ea:04:27:b5:53:51:f5:29:
ee:ff:16:36:c4:75:a7:1c:bc:e4:b7:84:e2:27:60:
07:74:c3:4f:16:b2:84:e0:3a:bf:8e:9d:68:8f:e1:
64:95:44:16:b9:ce:0f:e7:16:af:2d:5d:60:6a:b5:
10:24:d9:99:03:f9:4c:a8:61:9f:45:16:c1:4d:6a:
f0:09:4a:66:a5:8a:50:1e:17:01:fc:12:f9:99:42:
67:90:17:fe:89:73:b7:3f:82:6a:5f:c2:f6:48:c7:
d3:3a:fb:72:c6:8d:e2:c0:a4:56:01:83:07:5f:13:
db:63:07:01:89:4d:7b:8d:3f:3c:68:3c:c7:39:c3:
ab:99:bb:fc:4f:fe:2e:78:11:f6:19:cd:ee:e6:c7:
35:48:7f:84:d9:88:56:2b:38:6e:42:49:47:03:9a:
b8:78:55:2d:92:ab:fb:1b:27:97:f1:3c:57:ab:59:
28:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FF:91:FA:36:07:45:C3:3A:85:48:5E:1E:4C:7A:67:45:0E:E9:7F
X509v3 Authority Key Identifier:
keyid:C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/df-R-jYHRcM6hUheHkx6Z0UO6X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/wSM4YSB6IwVk7zbxHgFXNEcx4_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.128.0/21
46.228.141.0/24
46.228.143.0/24
193.110.108.0/23
IPv6:
2a03:7800:a00::/40
Signature Algorithm: sha256WithRSAEncryption
2c:5b:c0:3f:86:2b:aa:c9:3a:83:4e:fa:df:7c:00:b0:32:ba:
7b:b8:8e:5a:cf:9b:ca:2a:63:c3:66:ff:a7:05:8c:cd:f5:ec:
47:4b:b2:f0:c6:8d:a5:1d:43:f6:a0:9a:e1:bf:87:cc:b7:ee:
4c:80:6f:6d:84:ab:f9:96:d3:ac:d3:13:a2:94:7c:39:cd:0c:
95:e4:2f:ba:bb:5d:ba:ea:d0:2d:ca:db:9a:01:cc:a9:e8:fa:
00:7a:25:38:8c:96:a8:d1:fb:6c:51:0b:97:92:4b:16:b4:db:
ae:0f:5e:f9:0e:e5:e8:0a:e6:e5:3c:76:02:9f:93:dc:c6:c0:
98:af:47:bc:a4:cf:98:4e:78:ed:2e:28:b0:32:62:86:15:fe:
d5:1c:c1:ef:d2:c8:23:7c:e5:1b:74:29:4d:8c:01:44:7a:c4:
84:cb:8e:c5:b4:f6:d1:69:33:b0:42:c8:12:ee:f2:20:55:52:
f1:00:86:65:74:75:d0:a7:cf:56:58:bc:06:49:cb:f4:b9:37:
db:dc:74:d2:33:c3:ce:2e:8d:fc:ee:2b:b6:bb:89:87:55:89:
b2:68:bd:27:cf:ad:a7:4e:24:6e:bb:ce:a9:60:37:9c:e4:01:
a9:64:bb:7e:3e:df:25:c1:84:57:e8:ec:f9:54:73:9a:2e:11:
9b:15:9c:95
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYi52UNRrYsm7TPNcCb5f9NqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMjMzODYxMjA3YTIzMDU2NGVmMzZmMTFlMDE1NzM0NDcz
MWUzZjkwHhcNMjMwNjE0MTIyMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZmOTFmYTM2MDc0NWMzM2E4NTQ4NWUxZTRjN2E2NzQ1MGVlOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7CpKDRVECc9MZqxy5PU+pt46qKM
uOH5mWSJXr3RaqkfJk5Lcwo8SOwSUjGHsjg5U4iCSk9s+M3u+JWp9P+oA/8FVBqk
jOoyqaZHhsMahQYJ6gQntVNR9Snu/xY2xHWnHLzkt4TiJ2AHdMNPFrKE4Dq/jp1o
j+FklUQWuc4P5xavLV1garUQJNmZA/lMqGGfRRbBTWrwCUpmpYpQHhcB/BL5mUJn
kBf+iXO3P4JqX8L2SMfTOvtyxo3iwKRWAYMHXxPbYwcBiU17jT88aDzHOcOrmbv8
T/4ueBH2Gc3u5sc1SH+E2YhWKzhuQklHA5q4eFUtkqv7GyeX8TxXq1ko9wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHX/kfo2B0XDOoVIXh5MemdFDul/MB8GA1UdIwQY
MBaAFMEjOGEgeiMFZO828R4BVzRHMeP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTIt
MWM3YjJiOTFkMzA4LzEvZGYtUi1qWUhSY002aFVoZUhreDZaMFVPNlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTItMWM3YjJiOTFkMzA4
LzEvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQDLuSAAwQA
LuSNAwQALuSPAwQBwW5sMA4EAgACMAgDBgAqA3gACjANBgkqhkiG9w0BAQsFAAOC
AQEALFvAP4Yrqsk6g07633wAsDK6e7iOWs+byipjw2b/pwWMzfXsR0uy8MaNpR1D
9qCa4b+HzLfuTIBvbYSr+ZbTrNMTopR8Oc0MleQvurtduurQLcrbmgHMqej6AHol
OIyWqNH7bFELl5JLFrTbrg9e+Q7l6Arm5Tx2Ap+T3MbAmK9HvKTPmE547S4osDJi
hhX+1RzB79LII3zlG3QpTYwBRHrEhMuOxbT20WkzsELIEu7yIFVS8QCGZXR10KfP
Vli8BknL9Lk329x00jPDzi6N/O4rtruJh1WJsmi9J8+tp04kbrvOqWA3nOQBqWS7
fj7fJcGEV+js+VRzmi4RmxWclQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org