Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/DSsRI5hyXbqbrB81gRawTMdDwII.roa
File: DSsRI5hyXbqbrB81gRawTMdDwII.roa (raw, json)
Hash identifier: xSkGQb5ZUhnqR/9jRjMRxTgy95U8pJ1gzZ6YNTukCj4=
Subject key identifier: 0D:2B:11:23:98:72:5D:BA:9B:AC:1F:35:81:16:B0:4C:C7:43:C0:82
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 018F77B59B9C64F64A0FFE442B6C78126A74
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/DSsRI5hyXbqbrB81gRawTMdDwII.roa
Signing time: Tue 14 May 2024 15:25:41 +0000
ROA not before: Tue 14 May 2024 15:25:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 146.19.50.0/24 maxlen: 24
146.19.142.0/24 maxlen: 24
185.253.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:77:b5:9b:9c:64:f6:4a:0f:fe:44:2b:6c:78:12:6a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: May 14 15:25:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d2b112398725dba9bac1f358116b04cc743c082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ce:3c:cd:a4:83:87:ca:cb:f6:a0:e7:d2:7c:
ae:38:97:30:98:66:c5:16:56:38:65:b5:50:01:45:
93:bc:94:e1:2a:88:f7:fa:6c:c8:bc:b3:97:e7:31:
70:d9:76:a8:b1:6b:1a:0b:b7:9c:fe:47:0f:2e:40:
c0:d9:8b:d2:a9:f8:b7:49:bf:a6:34:51:1f:ea:7a:
48:73:65:00:9c:14:58:e9:d1:b3:4e:25:05:ea:27:
4c:c8:6e:a1:03:ef:a9:97:46:cb:d7:18:c7:13:ba:
0e:50:41:da:ed:31:16:c6:5e:04:37:d4:f9:3e:a8:
7f:ac:a5:17:cd:fd:c5:42:5f:f9:e4:6b:7b:14:31:
7c:71:76:4d:b6:d6:5f:6e:2b:39:55:e9:45:8a:0c:
2a:d1:e0:f0:e9:44:d2:4c:58:25:60:b3:c8:de:8d:
1f:92:68:d1:0d:4a:a6:bf:39:00:fa:e7:62:75:7e:
fd:93:9c:63:62:f1:cb:11:82:94:85:18:af:3a:c5:
97:16:6a:9d:ae:37:da:5f:7c:3e:fa:03:86:b4:f6:
36:9e:48:2f:33:69:16:8d:4a:16:f7:2d:e9:ee:d0:
e4:d2:62:d6:e7:5f:09:0e:63:a5:9c:6f:d6:88:93:
13:ff:61:e3:cf:5f:fa:0c:57:ae:3c:44:70:69:6b:
cd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2B:11:23:98:72:5D:BA:9B:AC:1F:35:81:16:B0:4C:C7:43:C0:82
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/DSsRI5hyXbqbrB81gRawTMdDwII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.50.0/24
146.19.142.0/24
185.253.3.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:52:81:68:fd:c8:4e:d3:cb:34:9d:0b:d6:ec:24:0c:49:c8:
70:68:c2:93:eb:fe:44:12:db:da:fb:dd:3c:7b:6b:a5:11:e0:
44:eb:5f:bc:09:e2:15:57:b7:f5:38:d1:d9:81:4e:00:91:3a:
cb:42:89:fe:e0:25:26:f3:75:59:c0:c1:f9:02:9e:f4:4c:5c:
f5:1c:f8:a1:02:f6:f4:79:83:69:ad:88:d5:f3:fd:44:a8:ae:
e6:c0:45:59:e4:a6:22:82:a4:3a:fb:81:6e:e0:c4:c3:df:d6:
ba:38:9a:99:20:0b:55:77:ec:12:45:36:16:82:4b:cb:61:09:
b6:d1:d8:ba:b5:0d:99:cb:90:5e:6f:2e:1b:bf:51:58:52:7c:
85:fe:9a:17:be:3a:1d:2b:e4:7d:9f:3c:08:75:1c:4b:88:f5:
d9:bc:a2:bc:63:0f:cd:c2:37:46:e9:2c:ae:bd:3f:5a:2d:c5:
52:e6:6c:f4:9a:dd:d1:60:69:23:49:b6:4e:46:58:51:9f:e1:
5d:9b:30:56:f9:bc:17:d1:98:ab:2a:aa:a9:b3:a5:0f:0e:a3:
40:f2:4d:c2:7a:13:fc:1c:36:55:8f:36:2b:a6:9c:e3:69:37:
35:ad:1a:eb:ce:42:10:dc:bc:6a:a6:37:f8:90:fb:af:ab:cd:
ab:45:66:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY93tZucZPZKD/5EK2x4Emp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQwNTE0MTUyNTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJiMTEyMzk4NzI1ZGJhOWJhYzFmMzU4MTE2YjA0Y2M3NDNjMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts48zaSDh8rL9qDn0nyuOJcwmGbF
FlY4ZbVQAUWTvJThKoj3+mzIvLOX5zFw2XaosWsaC7ec/kcPLkDA2YvSqfi3Sb+m
NFEf6npIc2UAnBRY6dGzTiUF6idMyG6hA++pl0bL1xjHE7oOUEHa7TEWxl4EN9T5
Pqh/rKUXzf3FQl/55Gt7FDF8cXZNttZfbis5VelFigwq0eDw6UTSTFglYLPI3o0f
kmjRDUqmvzkA+udidX79k5xjYvHLEYKUhRivOsWXFmqdrjfaX3w++gOGtPY2nkgv
M2kWjUoW9y3p7tDk0mLW518JDmOlnG/WiJMT/2Hjz1/6DFeuPERwaWvNWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA0rESOYcl26m6wfNYEWsEzHQ8CCMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvRFNzUkk1aHlYYnFickI4MWdSYXdUTWREd0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkhMyAwQA
khOOAwQAuf0DMA0GCSqGSIb3DQEBCwUAA4IBAQBrUoFo/chO08s0nQvW7CQMSchw
aMKT6/5EEtva+908e2ulEeBE61+8CeIVV7f1ONHZgU4AkTrLQon+4CUm83VZwMH5
Ap70TFz1HPihAvb0eYNprYjV8/1EqK7mwEVZ5KYigqQ6+4Fu4MTD39a6OJqZIAtV
d+wSRTYWgkvLYQm20di6tQ2Zy5Beby4bv1FYUnyF/poXvjodK+R9nzwIdRxLiPXZ
vKK8Yw/NwjdG6SyuvT9aLcVS5mz0mt3RYGkjSbZORlhRn+FdmzBW+bwX0ZirKqqp
s6UPDqNA8k3CehP8HDZVjzYrppzjaTc1rRrrzkIQ3Lxqpjf4kPuvq82rRWYZ
-----END CERTIFICATE-----
Generated at Thu Jun 27 00:14:25 2024 by rpki-client on console-fra.rpki-client.org