Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/zxUN3lkuCnkkq3iH7Kx1lSbdwIw.roa
File: zxUN3lkuCnkkq3iH7Kx1lSbdwIw.roa (raw, json)
Hash identifier: 83x0sNccZw7z4a8KEAjwg4pCLXIEjcyxfUnfLXIbzEQ=
Subject key identifier: CF:15:0D:DE:59:2E:0A:79:24:AB:78:87:EC:AC:75:95:26:DD:C0:8C
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 018581151B3FAE093FE0EA79DBA90E2DCAE1
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/zxUN3lkuCnkkq3iH7Kx1lSbdwIw.roa
Signing time: Thu 05 Jan 2023 08:38:42 +0000
ROA not before: Thu 05 Jan 2023 08:38:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 46.32.182.0/24 maxlen: 24
46.32.183.0/24 maxlen: 24
46.32.180.0/24 maxlen: 24
46.32.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jan 2023 15:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:81:15:1b:3f:ae:09:3f:e0:ea:79:db:a9:0e:2d:ca:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 5 08:38:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf150dde592e0a7924ab7887ecac759526ddc08c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5d:b2:1b:ea:10:29:f7:8d:ae:a9:99:8e:39:
c0:cc:84:e7:f5:b7:1c:7c:e8:25:c3:d8:b6:9d:13:
3b:1c:e3:79:b7:37:ed:92:91:53:8c:93:5c:0f:be:
1f:ca:2c:51:e8:7d:68:ee:85:17:a1:5f:47:e0:fd:
33:e0:1a:fe:dd:a9:94:4f:8d:00:2e:d8:c6:a5:6e:
80:70:6f:e8:98:b4:68:3f:b3:d3:af:25:80:ee:df:
62:09:15:17:f3:59:fe:ec:c6:42:5d:75:d0:6e:b8:
cb:52:c7:fc:01:59:75:2a:a3:68:6b:4c:20:5e:bb:
11:84:cb:c2:fc:bb:24:c3:f9:65:f5:9c:6a:8b:56:
99:59:2b:c7:02:1f:f2:47:46:4c:73:bb:68:d6:22:
e3:fd:fb:c9:8c:9b:b8:02:dc:31:b9:83:84:60:43:
8f:05:99:2d:a8:e8:fc:4b:e5:cb:04:50:d8:53:aa:
64:51:51:05:83:cb:a9:3d:f5:06:2a:c2:cd:34:7e:
11:aa:57:21:32:b0:3e:55:2f:3e:a1:85:65:de:95:
e3:c8:c4:d9:c8:7b:eb:6f:3a:88:25:99:0c:f0:51:
64:63:c8:ab:85:c0:58:02:83:84:22:9c:4b:e1:76:
76:a5:7b:8a:16:df:0f:44:c5:3b:46:7e:21:4c:71:
3f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:15:0D:DE:59:2E:0A:79:24:AB:78:87:EC:AC:75:95:26:DD:C0:8C
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/zxUN3lkuCnkkq3iH7Kx1lSbdwIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.180.0/22
Signature Algorithm: sha256WithRSAEncryption
32:14:a1:8f:55:53:a7:c4:df:38:51:0f:5b:ce:8f:47:6c:af:
6e:d2:d6:d1:cb:aa:8a:60:95:68:d0:a4:b4:2a:57:13:e8:06:
94:97:46:a1:31:e8:7c:c5:cf:0e:ea:17:97:3c:a3:e0:de:ef:
61:73:d2:ef:35:0e:96:0d:f0:6f:5f:d4:9e:da:b8:88:18:42:
a0:1f:0e:ef:a9:54:22:62:c3:2c:81:b6:b7:44:a7:70:d4:e3:
2b:f0:31:bd:2d:23:67:04:00:60:b9:4d:e9:d8:df:53:d5:aa:
5a:a8:8d:29:b5:4e:0d:1b:d1:29:fd:86:e4:e7:3b:c8:1b:18:
7e:7a:27:86:13:da:17:e9:36:ca:09:c9:54:c7:e7:a8:6f:0b:
6d:0b:c4:ef:b5:a0:fe:1e:e3:3f:fe:94:0e:c5:d8:fa:88:8a:
72:44:d8:a5:70:f2:65:fd:39:af:33:62:b4:74:bb:1c:ab:b0:
63:0d:dd:0b:49:98:7d:86:cf:1d:43:4d:73:3f:d4:cb:4a:76:
71:5b:1e:55:3a:94:c3:1d:cd:c2:fd:c6:cd:e6:54:08:0d:c7:
a4:36:50:6e:92:76:27:0c:83:fc:ab:7b:0d:c5:4a:ab:85:28:
10:6d:9c:b7:65:8d:3f:fd:35:3f:29:c6:06:8c:f4:d0:a3:77:
05:16:75:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWBFRs/rgk/4Op526kOLcrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjMwMTA1MDgzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjE1MGRkZTU5MmUwYTc5MjRhYjc4ODdlY2FjNzU5NTI2ZGRjMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjV2yG+oQKfeNrqmZjjnAzITn9bcc
fOglw9i2nRM7HON5tzftkpFTjJNcD74fyixR6H1o7oUXoV9H4P0z4Br+3amUT40A
LtjGpW6AcG/omLRoP7PTryWA7t9iCRUX81n+7MZCXXXQbrjLUsf8AVl1KqNoa0wg
XrsRhMvC/Lskw/ll9Zxqi1aZWSvHAh/yR0ZMc7to1iLj/fvJjJu4AtwxuYOEYEOP
BZktqOj8S+XLBFDYU6pkUVEFg8upPfUGKsLNNH4RqlchMrA+VS8+oYVl3pXjyMTZ
yHvrbzqIJZkM8FFkY8irhcBYAoOEIpxL4XZ2pXuKFt8PRMU7Rn4hTHE//wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8VDd5ZLgp5JKt4h+ysdZUm3cCMMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvenhVTjNsa3VDbmtrcTNpSDdLeDFsU2Jkd0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLiC0MA0G
CSqGSIb3DQEBCwUAA4IBAQAyFKGPVVOnxN84UQ9bzo9HbK9u0tbRy6qKYJVo0KS0
KlcT6AaUl0ahMeh8xc8O6heXPKPg3u9hc9LvNQ6WDfBvX9Se2riIGEKgHw7vqVQi
YsMsgba3RKdw1OMr8DG9LSNnBABguU3p2N9T1apaqI0ptU4NG9Ep/Ybk5zvIGxh+
eieGE9oX6TbKCclUx+eobwttC8TvtaD+HuM//pQOxdj6iIpyRNilcPJl/TmvM2K0
dLscq7BjDd0LSZh9hs8dQ01zP9TLSnZxWx5VOpTDHc3C/cbN5lQIDcekNlBuknYn
DIP8q3sNxUqrhSgQbZy3ZY0//TU/KcYGjPTQo3cFFnW+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:22 2024 by rpki-client on console-ams.rpki-client.org