Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/o2XDwONFW1EUFo3PioixKFGya4k.roa
File: o2XDwONFW1EUFo3PioixKFGya4k.roa (raw, json)
Hash identifier: Y04qWh5czfeQkSqV8Jn6En6Rm1jOYdSQlk+De3T22Ps=
Subject key identifier: A3:65:C3:C0:E3:45:5B:51:14:16:8D:CF:8A:88:B1:28:51:B2:6B:89
Certificate issuer: /CN=2b928097dc9f89a7a3a8a296a78a4f9d0cbce17f
Certificate serial: 018CC6B8E78D6CECB65065E1647B426B90B2
Authority key identifier: 2B:92:80:97:DC:9F:89:A7:A3:A8:A2:96:A7:8A:4F:9D:0C:BC:E1:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5KAl9yfiaejqKKWp4pPnQy84X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/o2XDwONFW1EUFo3PioixKFGya4k.roa
Signing time: Mon 01 Jan 2024 20:30:55 +0000
ROA not before: Mon 01 Jan 2024 20:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57908
IP address blocks: 46.243.16.0/24 maxlen: 24
46.243.17.0/24 maxlen: 24
46.243.19.0/24 maxlen: 24
46.243.20.0/24 maxlen: 24
46.243.21.0/24 maxlen: 24
46.243.22.0/24 maxlen: 24
46.243.23.0/24 maxlen: 24
46.243.18.0/24 maxlen: 24
2a03:6dc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 Feb 2024 18:48:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:e7:8d:6c:ec:b6:50:65:e1:64:7b:42:6b:90:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b928097dc9f89a7a3a8a296a78a4f9d0cbce17f
Validity
Not Before: Jan 1 20:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a365c3c0e3455b5114168dcf8a88b12851b26b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:26:9d:39:65:40:11:78:07:c0:69:44:5a:d1:
9b:96:59:e2:75:26:22:47:75:ac:c0:29:26:9b:05:
51:74:5c:16:e4:f2:05:61:0d:93:b2:65:e4:dc:35:
6e:fe:99:b1:1f:88:6d:6c:8f:9c:81:8a:81:d8:72:
a2:02:67:59:ab:b6:9e:dc:6a:72:22:5d:c6:f6:74:
69:8e:42:07:c4:8e:34:e6:01:b9:9b:d8:74:7a:ae:
4b:ba:e1:55:fd:51:3c:f4:3e:15:cf:33:c5:4d:57:
77:44:c0:16:be:ee:fd:b8:09:4d:55:d0:e7:b4:ed:
7f:a4:b4:9a:ae:04:0f:c0:70:f9:ca:77:8c:e1:6b:
a1:43:31:19:d1:c4:5c:0e:e7:8c:1d:b0:b2:ae:55:
ce:0c:1d:c9:57:b5:a3:af:ab:99:64:50:73:5f:95:
24:74:37:30:d3:ac:a1:d7:3f:00:83:7d:99:ce:6c:
36:52:57:99:9d:0a:d4:10:f3:60:e9:6a:83:53:8f:
ff:f4:72:1e:7e:a2:ce:31:15:14:84:41:d7:1f:4b:
6f:92:58:4c:a0:60:ce:a7:24:41:5e:53:6e:98:66:
1f:69:db:3f:82:b7:7e:2c:75:bf:3b:44:90:5f:db:
03:bd:37:49:26:3d:fc:65:b2:33:56:c8:19:e4:18:
2b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:65:C3:C0:E3:45:5B:51:14:16:8D:CF:8A:88:B1:28:51:B2:6B:89
X509v3 Authority Key Identifier:
keyid:2B:92:80:97:DC:9F:89:A7:A3:A8:A2:96:A7:8A:4F:9D:0C:BC:E1:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5KAl9yfiaejqKKWp4pPnQy84X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/o2XDwONFW1EUFo3PioixKFGya4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/K5KAl9yfiaejqKKWp4pPnQy84X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.16.0/21
IPv6:
2a03:6dc0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:41:ee:8c:76:e9:62:dd:f6:f5:d0:5c:b8:4a:49:e8:23:55:
f9:45:71:06:e6:99:2f:96:53:35:b6:a6:c6:4f:e4:5d:85:08:
13:2e:ba:22:b9:42:24:f5:11:e4:db:99:08:39:14:d4:58:f5:
56:ab:21:c6:36:9f:15:f0:42:cf:89:05:01:3c:23:43:1c:06:
96:ce:db:1c:45:11:fa:33:44:e5:83:8c:e4:da:40:09:3b:ee:
20:e7:7c:57:03:79:c0:f4:17:83:93:ce:51:17:9a:1d:41:f9:
ec:c8:60:14:4e:91:7c:65:dd:f2:7a:fa:41:70:07:de:d1:0f:
69:e2:b4:e9:f5:6b:be:3d:8e:9e:53:ee:2d:69:c2:29:97:85:
7b:f4:a2:5f:0e:24:f0:3c:66:6d:59:59:d9:2f:b1:62:de:d2:
5c:85:60:5e:22:43:2f:b8:eb:2e:f4:4c:f6:56:c8:ba:88:cd:
7c:5d:de:4e:a2:82:25:67:17:03:f5:d4:60:c8:9b:94:e3:b9:
6b:01:f5:bf:73:af:da:52:d2:b7:88:69:19:8d:c6:08:3a:b2:
1c:a7:ad:e1:61:f1:ec:6c:84:7b:c5:fb:07:0f:c4:10:5d:48:
4a:81:92:90:66:de:c1:aa:01:d2:6d:97:c6:67:f4:7c:c7:2b:
a2:9a:69:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuOeNbOy2UGXhZHtCa5CyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTI4MDk3ZGM5Zjg5YTdhM2E4YTI5NmE3OGE0ZjlkMGNi
Y2UxN2YwHhcNMjQwMTAxMjAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzY1YzNjMGUzNDU1YjUxMTQxNjhkY2Y4YTg4YjEyODUxYjI2Yjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSadOWVAEXgHwGlEWtGbllnidSYi
R3WswCkmmwVRdFwW5PIFYQ2TsmXk3DVu/pmxH4htbI+cgYqB2HKiAmdZq7ae3Gpy
Il3G9nRpjkIHxI405gG5m9h0eq5LuuFV/VE89D4VzzPFTVd3RMAWvu79uAlNVdDn
tO1/pLSargQPwHD5yneM4WuhQzEZ0cRcDueMHbCyrlXODB3JV7Wjr6uZZFBzX5Uk
dDcw06yh1z8Ag32Zzmw2UleZnQrUEPNg6WqDU4//9HIefqLOMRUUhEHXH0tvklhM
oGDOpyRBXlNumGYfads/grd+LHW/O0SQX9sDvTdJJj38ZbIzVsgZ5BgrcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKNlw8DjRVtRFBaNz4qIsShRsmuJMB8GA1UdIwQY
MBaAFCuSgJfcn4mno6iilqeKT50MvOF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVLQWw5eWZpYWVqcUtLV3A0cFBuUXk4NFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNzM0YTQtMTQzZC00NjFkLWJmZDYt
NDVjYWE2ZWY2NzAwLzEvbzJYRHdPTkZXMUVVRm8zUGlvaXhLRkd5YTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNzM0YTQtMTQzZC00NjFkLWJmZDYtNDVjYWE2ZWY2NzAw
LzEvSzVLQWw5eWZpYWVqcUtLV3A0cFBuUXk4NFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLvMQMA0E
AgACMAcDBQAqA23AMA0GCSqGSIb3DQEBCwUAA4IBAQCdQe6Mduli3fb10Fy4Skno
I1X5RXEG5pkvllM1tqbGT+RdhQgTLroiuUIk9RHk25kIORTUWPVWqyHGNp8V8ELP
iQUBPCNDHAaWztscRRH6M0Tlg4zk2kAJO+4g53xXA3nA9BeDk85RF5odQfnsyGAU
TpF8Zd3yevpBcAfe0Q9p4rTp9Wu+PY6eU+4tacIpl4V79KJfDiTwPGZtWVnZL7Fi
3tJchWBeIkMvuOsu9Ez2Vsi6iM18Xd5OooIlZxcD9dRgyJuU47lrAfW/c6/aUtK3
iGkZjcYIOrIcp63hYfHsbIR7xfsHD8QQXUhKgZKQZt7BqgHSbZfGZ/R8xyuimmkc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:22 2024 by rpki-client on console-ams.rpki-client.org