Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/rxDXXFf0T7TvTpEdPxJy3lNkSuY.roa
File: rxDXXFf0T7TvTpEdPxJy3lNkSuY.roa (raw, json)
Hash identifier: /lQdUzxqHXNBny86mkdxHl4YYEd/j5RF52qcVTZgIoY=
Subject key identifier: AF:10:D7:5C:57:F4:4F:B4:EF:4E:91:1D:3F:12:72:DE:53:64:4A:E6
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018B808F496AC0967C960C94EBEF2E9D7926
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/rxDXXFf0T7TvTpEdPxJy3lNkSuY.roa
Signing time: Mon 30 Oct 2023 12:29:15 +0000
ROA not before: Mon 30 Oct 2023 12:29:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 85.159.226.0/24 maxlen: 24
85.159.229.0/24 maxlen: 24
85.159.231.0/24 maxlen: 24
85.159.230.0/24 maxlen: 24
46.29.237.0/24 maxlen: 24
46.29.236.0/24 maxlen: 24
46.29.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Oct 2023 13:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:8f:49:6a:c0:96:7c:96:0c:94:eb:ef:2e:9d:79:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Oct 30 12:29:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af10d75c57f44fb4ef4e911d3f1272de53644ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ff:aa:ea:2b:2c:ef:a2:40:42:98:da:ce:18:
80:88:a3:8f:0e:44:0f:5d:2f:6a:11:d5:03:2c:ff:
15:61:5f:f9:5d:08:dd:e1:bc:ec:8c:ce:dd:6a:73:
e4:ab:91:cf:44:de:4f:34:f6:af:90:29:71:19:74:
53:f8:ea:4d:81:c1:b3:c0:ab:c5:55:c5:be:60:79:
3a:35:c7:d0:eb:73:62:d1:f1:0f:86:dc:c4:ac:87:
31:3c:b8:ea:ac:92:2a:f7:01:66:ac:2c:77:5c:cd:
29:87:90:c3:b3:d8:69:19:ed:22:55:09:08:a9:81:
0f:44:40:a5:5d:a6:f4:c4:38:f9:a4:8e:84:05:18:
84:bd:40:a1:52:50:77:ea:d8:c1:fa:69:f5:0a:4e:
aa:7c:db:11:13:0a:a9:58:70:cc:88:03:3c:8f:24:
68:3b:a2:2e:cb:8d:c2:cf:66:d3:47:d8:e7:a0:59:
8f:02:e6:01:86:f9:c3:68:80:fa:89:ba:39:1e:7b:
36:3c:98:d7:ae:62:92:61:d0:09:38:7c:33:cf:21:
7f:74:0a:11:c7:27:58:5f:5a:98:18:d3:57:37:3e:
97:d8:e5:e1:7e:cd:a9:91:ff:a5:d6:51:55:5d:71:
7e:68:2d:aa:d5:7e:5f:65:a6:c2:a7:1f:e9:05:85:
ff:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:10:D7:5C:57:F4:4F:B4:EF:4E:91:1D:3F:12:72:DE:53:64:4A:E6
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/rxDXXFf0T7TvTpEdPxJy3lNkSuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.236.0/23
46.29.239.0/24
85.159.226.0/24
85.159.229.0-85.159.231.255
Signature Algorithm: sha256WithRSAEncryption
89:6d:99:90:82:7c:d5:3f:27:55:f9:87:e5:4f:e9:7b:76:ea:
1f:27:4d:53:80:87:8f:4b:b3:14:b4:d9:cc:01:91:fd:57:f4:
a9:b4:37:c0:c2:c0:6d:a3:50:18:aa:87:ca:54:71:cf:d3:e8:
1f:42:d2:71:d2:f7:56:45:01:e7:d3:7d:6b:88:ec:2b:ef:cd:
8e:ce:52:cd:04:cd:d8:77:e0:27:48:89:0d:f6:fb:43:56:f1:
27:71:73:04:6c:e8:c3:89:09:57:26:1c:a6:b0:58:49:c0:43:
04:eb:37:3d:1c:d3:e2:48:17:67:73:5f:42:77:61:74:85:19:
28:a4:e4:30:14:6d:a8:b0:4a:6c:e3:5c:62:bf:c4:e4:00:86:
f0:68:98:5e:49:2c:8f:10:a2:9f:bd:fd:69:3a:69:3b:01:94:
0a:bc:87:df:5a:6f:78:8e:f6:3e:dd:a6:a1:70:9d:4c:bc:52:
ed:1f:e9:d8:a0:c5:fe:7f:82:76:76:a7:12:d1:56:c2:60:4a:
fe:c6:33:9b:c3:56:54:76:84:62:7b:93:13:1b:c6:2c:70:5f:
46:46:59:38:89:88:39:1e:22:bd:17:5d:a1:d2:12:9d:59:e3:
86:e4:1d:e6:2e:ce:5f:4b:1a:81:d8:75:50:a9:df:19:09:2d:
0b:0f:93:16
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYuAj0lqwJZ8lgyU6+8unXkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjMxMDMwMTIyOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjEwZDc1YzU3ZjQ0ZmI0ZWY0ZTkxMWQzZjEyNzJkZTUzNjQ0YWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/+q6iss76JAQpjazhiAiKOPDkQP
XS9qEdUDLP8VYV/5XQjd4bzsjM7danPkq5HPRN5PNPavkClxGXRT+OpNgcGzwKvF
VcW+YHk6NcfQ63Ni0fEPhtzErIcxPLjqrJIq9wFmrCx3XM0ph5DDs9hpGe0iVQkI
qYEPREClXab0xDj5pI6EBRiEvUChUlB36tjB+mn1Ck6qfNsREwqpWHDMiAM8jyRo
O6Iuy43Cz2bTR9jnoFmPAuYBhvnDaID6ibo5Hns2PJjXrmKSYdAJOHwzzyF/dAoR
xydYX1qYGNNXNz6X2OXhfs2pkf+l1lFVXXF+aC2q1X5fZabCpx/pBYX/0QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK8Q11xX9E+0706RHT8Sct5TZErmMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvcnhEWFhGZjBUN1R2VHBFZFB4SnkzbE5rU3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLh3sAwQA
Lh3vAwQAVZ/iMAwDBABVn+UDBANVn+AwDQYJKoZIhvcNAQELBQADggEBAIltmZCC
fNU/J1X5h+VP6Xt26h8nTVOAh49LsxS02cwBkf1X9Km0N8DCwG2jUBiqh8pUcc/T
6B9C0nHS91ZFAefTfWuI7CvvzY7OUs0Ezdh34CdIiQ32+0NW8SdxcwRs6MOJCVcm
HKawWEnAQwTrNz0c0+JIF2dzX0J3YXSFGSik5DAUbaiwSmzjXGK/xOQAhvBomF5J
LI8Qop+9/Wk6aTsBlAq8h99ab3iO9j7dpqFwnUy8Uu0f6digxf5/gnZ2pxLRVsJg
Sv7GM5vDVlR2hGJ7kxMbxixwX0ZGWTiJiDkeIr0XXaHSEp1Z44bkHeYuzl9LGoHY
dVCp3xkJLQsPkxY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:21 2024 by rpki-client on console-fra.rpki-client.org