Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/zNGTC4yxgM5VDb5oMtgB07DCfLY.roa
File: zNGTC4yxgM5VDb5oMtgB07DCfLY.roa (raw, json)
Hash identifier: RQoiuvTwbgxs79N7GS9iBkuiSkU/jtkrodCRIjEn/GU=
Subject key identifier: CC:D1:93:0B:8C:B1:80:CE:55:0D:BE:68:32:D8:01:D3:B0:C2:7C:B6
Certificate issuer: /CN=2b928097dc9f89a7a3a8a296a78a4f9d0cbce17f
Certificate serial: 018CC6B8E7E49FA9B441EF3422A1DDB11837
Authority key identifier: 2B:92:80:97:DC:9F:89:A7:A3:A8:A2:96:A7:8A:4F:9D:0C:BC:E1:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5KAl9yfiaejqKKWp4pPnQy84X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/zNGTC4yxgM5VDb5oMtgB07DCfLY.roa
Signing time: Mon 01 Jan 2024 20:30:55 +0000
ROA not before: Mon 01 Jan 2024 20:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197305
IP address blocks: 46.243.16.0/21 maxlen: 21
46.243.16.0/24 maxlen: 24
46.243.17.0/24 maxlen: 24
46.243.22.0/24 maxlen: 24
46.243.20.0/24 maxlen: 24
46.243.21.0/24 maxlen: 24
46.243.18.0/24 maxlen: 24
46.243.19.0/24 maxlen: 24
46.243.23.0/24 maxlen: 24
2a03:6dc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 Feb 2024 18:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:e7:e4:9f:a9:b4:41:ef:34:22:a1:dd:b1:18:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b928097dc9f89a7a3a8a296a78a4f9d0cbce17f
Validity
Not Before: Jan 1 20:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccd1930b8cb180ce550dbe6832d801d3b0c27cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:12:e9:80:4f:12:9e:da:04:40:c7:0b:a3:29:
0a:01:ed:0e:ea:25:51:1b:0e:78:bf:a8:17:0d:40:
a4:e0:c1:4a:bd:3f:2b:09:41:05:bd:2c:5c:53:21:
2f:6a:1a:91:2d:0e:8e:62:b4:ef:04:70:5b:75:82:
59:d9:e2:6d:cf:36:1b:5c:08:77:90:aa:81:07:27:
99:33:f4:bc:27:34:a7:02:01:11:35:68:a8:b6:d0:
cf:e1:7e:6e:08:27:50:97:b3:85:c9:7b:f6:d9:7e:
31:a2:ff:8f:1c:55:48:e7:86:dc:4f:fe:de:28:37:
ed:b0:19:4d:01:17:ca:f1:74:ab:1a:93:fd:64:66:
99:b2:c3:eb:ba:28:84:8d:5d:f2:2d:9f:4e:cf:ef:
b6:d8:e5:a1:22:8f:84:7d:72:ea:4b:43:a1:a6:96:
eb:c1:71:cc:f3:95:89:a1:df:63:a6:c1:b1:93:31:
85:5b:b3:a6:f9:79:54:16:dc:4d:b7:2b:f7:2f:a5:
91:42:e3:66:ae:30:89:8f:ca:89:6f:88:19:99:83:
71:69:f6:85:a2:db:4a:c4:71:8f:eb:a2:63:6e:03:
15:f2:14:e5:5d:22:a4:4f:db:b4:7b:45:a6:19:3c:
aa:8b:6f:f9:95:a7:fe:e1:4e:8d:76:52:8a:94:54:
e5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D1:93:0B:8C:B1:80:CE:55:0D:BE:68:32:D8:01:D3:B0:C2:7C:B6
X509v3 Authority Key Identifier:
keyid:2B:92:80:97:DC:9F:89:A7:A3:A8:A2:96:A7:8A:4F:9D:0C:BC:E1:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5KAl9yfiaejqKKWp4pPnQy84X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/zNGTC4yxgM5VDb5oMtgB07DCfLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a734a4-143d-461d-bfd6-45caa6ef6700/1/K5KAl9yfiaejqKKWp4pPnQy84X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.16.0/21
IPv6:
2a03:6dc0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:01:1b:9a:00:aa:8e:ec:a8:06:31:6b:c0:9c:6d:a4:25:50:
72:40:98:61:e8:f6:b6:15:36:5e:e6:d3:4c:ed:de:85:82:17:
7a:45:d8:9f:10:5d:40:6a:22:98:5a:2e:d7:bc:4c:89:24:24:
d6:1f:f7:7b:46:69:ca:c5:c4:1e:ad:a7:c2:4f:99:5b:b7:d1:
13:70:4b:6a:05:77:6f:d2:58:46:a3:99:e2:f5:ba:62:03:0b:
0c:22:62:b7:42:c3:82:d0:89:a5:de:0d:5a:f8:af:10:bd:a5:
06:bf:33:72:d5:2b:cb:8b:23:90:a9:5a:45:44:c9:df:85:96:
d7:61:79:47:15:49:3b:df:c2:d2:d7:de:3c:d9:4d:e6:c4:79:
c5:e8:db:a9:ab:70:cb:80:55:34:f6:e5:54:3d:1f:35:b6:a2:
d0:75:66:a3:cc:35:31:91:2f:61:bf:b4:46:f5:b6:ee:92:62:
7f:c1:d6:61:ab:6c:20:6b:1e:cd:40:16:9d:93:90:99:01:00:
69:4f:9f:29:1c:a6:51:7b:7d:cc:c8:c7:1c:a4:45:49:dc:11:
77:df:5a:ef:d3:61:d8:65:99:88:b7:ee:8c:50:7e:a6:a4:e4:
fb:cc:2c:22:09:6b:70:59:4c:6f:ad:df:0d:1f:21:40:48:00:
93:5b:13:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuOfkn6m0Qe80IqHdsRg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTI4MDk3ZGM5Zjg5YTdhM2E4YTI5NmE3OGE0ZjlkMGNi
Y2UxN2YwHhcNMjQwMTAxMjAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2QxOTMwYjhjYjE4MGNlNTUwZGJlNjgzMmQ4MDFkM2IwYzI3Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRLpgE8SntoEQMcLoykKAe0O6iVR
Gw54v6gXDUCk4MFKvT8rCUEFvSxcUyEvahqRLQ6OYrTvBHBbdYJZ2eJtzzYbXAh3
kKqBByeZM/S8JzSnAgERNWiottDP4X5uCCdQl7OFyXv22X4xov+PHFVI54bcT/7e
KDftsBlNARfK8XSrGpP9ZGaZssPruiiEjV3yLZ9Oz++22OWhIo+EfXLqS0Ohppbr
wXHM85WJod9jpsGxkzGFW7Om+XlUFtxNtyv3L6WRQuNmrjCJj8qJb4gZmYNxafaF
ottKxHGP66JjbgMV8hTlXSKkT9u0e0WmGTyqi2/5laf+4U6NdlKKlFTl2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMzRkwuMsYDOVQ2+aDLYAdOwwny2MB8GA1UdIwQY
MBaAFCuSgJfcn4mno6iilqeKT50MvOF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVLQWw5eWZpYWVqcUtLV3A0cFBuUXk4NFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNzM0YTQtMTQzZC00NjFkLWJmZDYt
NDVjYWE2ZWY2NzAwLzEvek5HVEM0eXhnTTVWRGI1b010Z0IwN0RDZkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNzM0YTQtMTQzZC00NjFkLWJmZDYtNDVjYWE2ZWY2NzAw
LzEvSzVLQWw5eWZpYWVqcUtLV3A0cFBuUXk4NFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLvMQMA0E
AgACMAcDBQAqA23AMA0GCSqGSIb3DQEBCwUAA4IBAQCsARuaAKqO7KgGMWvAnG2k
JVByQJhh6Pa2FTZe5tNM7d6Fghd6RdifEF1AaiKYWi7XvEyJJCTWH/d7RmnKxcQe
rafCT5lbt9ETcEtqBXdv0lhGo5ni9bpiAwsMImK3QsOC0Iml3g1a+K8QvaUGvzNy
1SvLiyOQqVpFRMnfhZbXYXlHFUk738LS19482U3mxHnF6Nupq3DLgFU09uVUPR81
tqLQdWajzDUxkS9hv7RG9bbukmJ/wdZhq2wgax7NQBadk5CZAQBpT58pHKZRe33M
yMccpEVJ3BF331rv02HYZZmIt+6MUH6mpOT7zCwiCWtwWUxvrd8NHyFASACTWxO9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:16 2024 by rpki-client on console-fra.rpki-client.org