Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/3W52g2hF9-NNLh8DT76RvIJsk6g.roa
File: 3W52g2hF9-NNLh8DT76RvIJsk6g.roa (raw, json)
Hash identifier: HaD8ViODu/tet7L0lfaTlMxuZdS90gpB6Ih92CwwucY=
Subject key identifier: DD:6E:76:83:68:45:F7:E3:4D:2E:1F:03:4F:BE:91:BC:82:6C:93:A8
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 01894E4C9EE7B56D3B37BA253E01657437DB
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/3W52g2hF9-NNLh8DT76RvIJsk6g.roa
Signing time: Thu 13 Jul 2023 08:09:51 +0000
ROA not before: Thu 13 Jul 2023 08:09:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 85.159.228.0/24 maxlen: 24
46.29.238.0/24 maxlen: 24
46.29.234.0/24 maxlen: 24
46.29.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4e:4c:9e:e7:b5:6d:3b:37:ba:25:3e:01:65:74:37:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Jul 13 08:09:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd6e76836845f7e34d2e1f034fbe91bc826c93a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:96:d2:2b:30:f2:b2:65:3d:25:4c:43:05:a3:
68:a0:a0:ff:ee:ab:f2:60:21:33:eb:e0:9a:6c:6c:
6c:16:ba:b6:93:95:a5:c4:65:eb:b3:37:d7:b1:d7:
39:a5:d1:69:ee:5c:31:fe:f3:d6:06:bd:22:b1:bf:
fc:85:91:3b:b4:61:95:b7:f7:81:69:07:3e:53:15:
00:0e:92:ee:7c:53:6d:91:6c:70:5c:81:09:22:6b:
dc:91:9c:1f:29:45:d4:6b:4a:46:15:58:64:72:82:
71:3d:dc:40:11:1d:60:fe:50:83:b7:0b:0f:ef:12:
2c:b1:e2:91:32:3a:9a:91:f8:80:f9:a9:fe:32:80:
5c:77:05:fa:c5:54:6b:26:f8:a0:58:f4:0d:17:2e:
0a:6e:80:57:46:4c:f9:78:e2:bd:d4:4a:4b:0d:97:
ac:7e:1e:ca:26:d2:fe:9e:c1:ca:76:b8:e1:af:37:
e2:8d:6d:03:99:85:04:e3:ba:35:23:2d:83:5a:d6:
14:cf:07:68:55:1c:29:1c:e8:a1:e9:20:a0:05:cd:
d9:50:f9:c2:d3:13:73:73:97:3f:f1:a5:22:d3:b9:
cc:14:4b:35:cc:12:6a:e1:ca:a1:28:07:ad:d0:e1:
ba:86:05:f1:9d:1c:ad:57:11:ae:b7:ce:3f:3a:cf:
d7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:6E:76:83:68:45:F7:E3:4D:2E:1F:03:4F:BE:91:BC:82:6C:93:A8
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/3W52g2hF9-NNLh8DT76RvIJsk6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.234.0/23
46.29.238.0/24
85.159.228.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ec:7c:00:cf:60:6f:5a:a2:df:59:f2:0f:03:23:48:75:ee:
55:c0:b2:bf:3b:f9:9e:af:72:cb:3e:61:e4:a2:95:63:c7:2c:
4f:dd:65:11:e1:bb:15:96:82:9b:a4:81:9b:fa:9c:ab:47:3d:
6a:0a:5a:14:08:33:1b:bf:91:47:8b:ab:b0:8f:f1:ec:d1:a5:
96:19:86:b9:3f:f0:2e:69:b5:a7:2d:52:17:47:b1:44:54:d5:
68:1c:cb:ec:ae:94:ba:26:2c:21:27:de:35:eb:c7:b0:14:0b:
75:2b:82:ce:49:fb:4f:d1:ef:dd:2d:c0:c2:c6:3a:ef:f3:44:
80:1e:55:6e:e5:16:95:66:7f:e7:5a:62:61:2c:7f:07:53:01:
81:eb:0f:0f:70:ec:17:48:03:06:fd:b6:ff:6e:68:25:22:41:
11:22:ca:b8:d7:f4:6a:0c:a7:ee:d4:ca:74:6c:e8:03:1f:6e:
7b:d2:aa:96:97:9d:19:4f:80:f0:60:a0:0e:a8:c3:fb:06:e8:
61:68:bd:2b:65:21:52:12:b7:97:0d:aa:10:d7:ee:06:19:f5:
69:1f:8d:ae:34:0d:0e:3f:a5:c3:69:e9:ea:75:30:4e:ed:d5:
cd:93:11:ad:42:73:3d:9c:75:8d:1d:8d:e6:cb:a8:36:14:13:
9c:0c:74:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlOTJ7ntW07N7olPgFldDfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjMwNzEzMDgwOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDZlNzY4MzY4NDVmN2UzNGQyZTFmMDM0ZmJlOTFiYzgyNmM5M2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5bSKzDysmU9JUxDBaNooKD/7qvy
YCEz6+CabGxsFrq2k5WlxGXrszfXsdc5pdFp7lwx/vPWBr0isb/8hZE7tGGVt/eB
aQc+UxUADpLufFNtkWxwXIEJImvckZwfKUXUa0pGFVhkcoJxPdxAER1g/lCDtwsP
7xIsseKRMjqakfiA+an+MoBcdwX6xVRrJvigWPQNFy4KboBXRkz5eOK91EpLDZes
fh7KJtL+nsHKdrjhrzfijW0DmYUE47o1Iy2DWtYUzwdoVRwpHOih6SCgBc3ZUPnC
0xNzc5c/8aUi07nMFEs1zBJq4cqhKAet0OG6hgXxnRytVxGut84/Os/XgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN1udoNoRffjTS4fA0++kbyCbJOoMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvM1c1MmcyaEY5LU5OTGg4RFQ3NlJ2SUpzazZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLh3qAwQA
Lh3uAwQAVZ/kMA0GCSqGSIb3DQEBCwUAA4IBAQBR7HwAz2BvWqLfWfIPAyNIde5V
wLK/O/mer3LLPmHkopVjxyxP3WUR4bsVloKbpIGb+pyrRz1qCloUCDMbv5FHi6uw
j/Hs0aWWGYa5P/AuabWnLVIXR7FEVNVoHMvsrpS6JiwhJ94168ewFAt1K4LOSftP
0e/dLcDCxjrv80SAHlVu5RaVZn/nWmJhLH8HUwGB6w8PcOwXSAMG/bb/bmglIkER
Isq41/RqDKfu1Mp0bOgDH2570qqWl50ZT4DwYKAOqMP7BuhhaL0rZSFSEreXDaoQ
1+4GGfVpH42uNA0OP6XDaenqdTBO7dXNkxGtQnM9nHWNHY3my6g2FBOcDHTX
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:28 2024 by rpki-client on console-fra.rpki-client.org