Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/TsFdsNRC8wR39awnvoYWNHZmmKI.roa
File: TsFdsNRC8wR39awnvoYWNHZmmKI.roa (raw, json)
Hash identifier: KvpNiFTC/L157zYjvMzJ6zZbPxLkkc1O7pPPi9i7gjg=
Subject key identifier: 4E:C1:5D:B0:D4:42:F3:04:77:F5:AC:27:BE:86:16:34:76:66:98:A2
Certificate issuer: /CN=cb382815b25161365a91610cbdad71f66286f781
Certificate serial: 0185A06481085332F37FB7F0481BC5B4FD7B
Authority key identifier: CB:38:28:15:B2:51:61:36:5A:91:61:0C:BD:AD:71:F6:62:86:F7:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzgoFbJRYTZakWEMva1x9mKG94E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/TsFdsNRC8wR39awnvoYWNHZmmKI.roa
Signing time: Wed 11 Jan 2023 10:33:38 +0000
ROA not before: Wed 11 Jan 2023 10:33:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33814
IP address blocks: 46.235.192.0/21 maxlen: 24
2a03:c200::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:64:81:08:53:32:f3:7f:b7:f0:48:1b:c5:b4:fd:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb382815b25161365a91610cbdad71f66286f781
Validity
Not Before: Jan 11 10:33:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ec15db0d442f30477f5ac27be861634766698a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f4:bf:d9:c3:a9:be:05:b5:65:bc:f7:cc:1f:
24:51:aa:6b:4c:b4:e8:ed:70:43:91:93:fa:ad:cc:
52:54:d6:78:ee:9b:5e:22:78:fe:48:bf:e5:78:b5:
b2:e1:32:e6:38:38:47:e6:0b:f6:81:cf:d8:8b:e0:
92:45:07:f3:9a:72:fa:cf:f5:2a:a3:91:f2:47:6a:
20:71:6d:32:a8:41:b2:0b:d9:de:8d:c1:0f:44:ba:
80:7c:f2:a3:72:be:bd:dd:7f:e2:ee:97:d4:96:8d:
09:00:35:ff:6d:36:db:df:a6:9a:8c:2f:9e:d4:2b:
50:cd:58:88:d0:2e:f6:39:19:15:51:0c:70:73:37:
7f:72:b4:ab:2c:72:bf:98:c1:4a:a2:e0:56:14:5c:
94:82:fd:46:2f:cf:f8:1a:48:c4:ec:fd:ed:b4:a5:
06:ae:04:43:0a:77:0a:bc:c7:01:09:7c:a5:20:60:
23:fb:e9:ce:34:ea:d2:a5:80:c6:b8:4e:ef:e5:61:
f8:03:79:e0:8a:fe:04:0a:cf:2e:43:c3:be:3a:15:
a0:ef:26:e9:10:99:94:bb:e7:1b:f7:bc:d5:dd:5b:
0c:54:74:73:e2:ab:c1:e7:02:72:45:08:5c:58:1b:
b5:af:f0:22:4d:97:df:9c:99:b8:48:9e:a0:b5:47:
9f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C1:5D:B0:D4:42:F3:04:77:F5:AC:27:BE:86:16:34:76:66:98:A2
X509v3 Authority Key Identifier:
keyid:CB:38:28:15:B2:51:61:36:5A:91:61:0C:BD:AD:71:F6:62:86:F7:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzgoFbJRYTZakWEMva1x9mKG94E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/TsFdsNRC8wR39awnvoYWNHZmmKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/yzgoFbJRYTZakWEMva1x9mKG94E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.192.0/21
IPv6:
2a03:c200::/32
Signature Algorithm: sha256WithRSAEncryption
85:25:3d:d4:de:38:0c:97:f6:98:f3:1d:61:19:60:f3:26:0c:
b6:96:32:a2:39:53:3e:f8:35:e3:cb:02:5a:24:7b:d2:57:d3:
c1:d4:5b:14:2f:38:31:75:7d:60:37:a3:93:fc:ea:c0:a0:67:
7a:b8:f7:46:42:c0:71:fe:74:78:26:ca:47:f8:92:c2:ae:76:
81:2e:50:4a:0d:3a:5a:63:fb:30:95:6e:38:a0:eb:ee:f4:88:
0f:91:46:b6:d6:2a:2a:cc:19:11:25:32:29:54:4d:1d:85:6c:
31:e4:46:6a:b1:ce:92:ee:be:27:c8:fe:e2:ad:d1:5d:fb:67:
52:9f:2e:81:6e:a0:c6:c0:56:fc:c2:2c:de:16:01:71:d3:49:
74:5e:74:f0:4d:1f:a2:54:b0:c6:65:12:a7:15:c1:07:d6:84:
61:a9:7c:dd:64:10:10:83:ff:6c:14:bd:ea:4a:d6:0a:79:d1:
79:d2:fe:4c:67:4f:2e:81:1d:26:85:b3:9d:20:1f:96:5b:e7:
88:8b:28:86:aa:7b:24:98:3d:cc:48:eb:8c:fc:2b:30:33:41:
d1:6f:b5:ed:08:eb:2e:77:18:87:d6:a0:e7:bf:ef:cc:59:6b:
36:34:47:ed:d2:09:a3:71:e6:01:77:37:32:23:79:1d:fe:b0:
d2:78:43:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYWgZIEIUzLzf7fwSBvFtP17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzgyODE1YjI1MTYxMzY1YTkxNjEwY2JkYWQ3MWY2NjI4
NmY3ODEwHhcNMjMwMTExMTAzMzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWMxNWRiMGQ0NDJmMzA0NzdmNWFjMjdiZTg2MTYzNDc2NjY5OGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvS/2cOpvgW1Zbz3zB8kUaprTLTo
7XBDkZP6rcxSVNZ47pteInj+SL/leLWy4TLmODhH5gv2gc/Yi+CSRQfzmnL6z/Uq
o5HyR2ogcW0yqEGyC9nejcEPRLqAfPKjcr693X/i7pfUlo0JADX/bTbb36aajC+e
1CtQzViI0C72ORkVUQxwczd/crSrLHK/mMFKouBWFFyUgv1GL8/4GkjE7P3ttKUG
rgRDCncKvMcBCXylIGAj++nONOrSpYDGuE7v5WH4A3ngiv4ECs8uQ8O+OhWg7ybp
EJmUu+cb97zV3VsMVHRz4qvB5wJyRQhcWBu1r/AiTZffnJm4SJ6gtUef9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE7BXbDUQvMEd/WsJ76GFjR2ZpiiMB8GA1UdIwQY
MBaAFMs4KBWyUWE2WpFhDL2tcfZihveBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpnb0ZiSlJZVFpha1dFTXZhMXg5bUtHOTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lZjcwZjEtNTJhMS00ZTdhLWIzYzYt
NDE0MjM4YzViYmMyLzEvVHNGZHNOUkM4d1IzOWF3bnZvWVdOSFptbUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lZjcwZjEtNTJhMS00ZTdhLWIzYzYtNDE0MjM4YzViYmMy
LzEveXpnb0ZiSlJZVFpha1dFTXZhMXg5bUtHOTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuvAMA0E
AgACMAcDBQAqA8IAMA0GCSqGSIb3DQEBCwUAA4IBAQCFJT3U3jgMl/aY8x1hGWDz
Jgy2ljKiOVM++DXjywJaJHvSV9PB1FsULzgxdX1gN6OT/OrAoGd6uPdGQsBx/nR4
JspH+JLCrnaBLlBKDTpaY/swlW44oOvu9IgPkUa21ioqzBkRJTIpVE0dhWwx5EZq
sc6S7r4nyP7irdFd+2dSny6BbqDGwFb8wizeFgFx00l0XnTwTR+iVLDGZRKnFcEH
1oRhqXzdZBAQg/9sFL3qStYKedF50v5MZ08ugR0mhbOdIB+WW+eIiyiGqnskmD3M
SOuM/CswM0HRb7XtCOsudxiH1qDnv+/MWWs2NEft0gmjceYBdzcyI3kd/rDSeEO4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:55 2024 by rpki-client on console-fra.rpki-client.org