Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/24DMcvubcqzhxgnYObFRoAWFIds.roa
File: 24DMcvubcqzhxgnYObFRoAWFIds.roa (raw, json)
Hash identifier: 3YjZ6Qq72VaiD8l7wrqqc47wjLOvwZXrL4kJICJyDTU=
Subject key identifier: DB:80:CC:72:FB:9B:72:AC:E1:C6:09:D8:39:B1:51:A0:05:85:21:DB
Certificate issuer: /CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Certificate serial: 0189D593A4BECEB3F6A8176BC8615B7A45AA
Authority key identifier: 0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/24DMcvubcqzhxgnYObFRoAWFIds.roa
Signing time: Tue 08 Aug 2023 14:36:10 +0000
ROA not before: Tue 08 Aug 2023 14:36:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 85.158.143.0/24 maxlen: 24
85.158.142.0/24 maxlen: 24
195.245.231.0/24 maxlen: 24
195.245.230.0/24 maxlen: 24
193.109.255.0/24 maxlen: 24
46.226.52.0/23 maxlen: 23
193.109.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:93:a4:be:ce:b3:f6:a8:17:6b:c8:61:5b:7a:45:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1c6d0de70cc51805b63a5e2327622525d075b1
Validity
Not Before: Aug 8 14:36:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db80cc72fb9b72ace1c609d839b151a0058521db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:00:af:77:f7:d6:15:a4:6d:aa:32:97:46:6b:
48:59:c9:db:52:ab:82:66:f7:66:1b:e0:7c:c0:b1:
3b:71:4e:8c:88:3d:6e:7f:ca:8b:b9:ce:f1:b3:ea:
c0:c0:cd:31:e6:98:bd:5c:21:25:5e:4f:ba:f2:d3:
0d:fc:b9:9a:1e:77:43:88:bf:82:c0:91:cc:19:65:
27:8b:f5:06:4e:73:9d:50:65:7f:dd:4f:d6:27:ea:
ec:6c:26:d6:e4:aa:5d:78:74:0a:f2:ff:2f:2d:fc:
50:c3:cc:0f:19:96:55:2c:8b:41:e8:ef:e5:61:29:
ef:f9:0d:8c:fb:24:6f:8a:1e:89:0a:ba:b2:c1:d7:
83:78:2b:31:8d:e1:5c:26:65:cd:db:f8:9c:f5:7a:
a1:51:84:ff:2e:4f:61:e3:c7:ed:6b:90:9a:96:1a:
3e:3f:a4:4a:c8:f7:a2:23:77:33:7d:3a:51:8e:61:
b2:e8:7a:f1:75:4f:ca:e2:04:62:24:3d:8a:1e:ef:
38:c3:f4:82:f7:95:d5:db:21:31:e5:85:6a:f5:6d:
4d:5a:28:0b:92:07:e8:dc:e5:ce:54:8f:9f:a7:42:
2f:80:6d:98:b6:7e:4e:ad:64:c3:06:9a:ef:be:4b:
df:03:e1:04:87:b6:10:ce:bc:ed:26:9c:48:52:61:
55:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:80:CC:72:FB:9B:72:AC:E1:C6:09:D8:39:B1:51:A0:05:85:21:DB
X509v3 Authority Key Identifier:
keyid:0B:1C:6D:0D:E7:0C:C5:18:05:B6:3A:5E:23:27:62:25:25:D0:75:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxxtDecMxRgFtjpeIydiJSXQdbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/24DMcvubcqzhxgnYObFRoAWFIds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1972a-9e18-4791-8530-f774f1eafbff/1/CxxtDecMxRgFtjpeIydiJSXQdbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.52.0/23
85.158.142.0/23
193.109.254.0/23
195.245.230.0/23
Signature Algorithm: sha256WithRSAEncryption
12:94:0a:fc:d6:50:d3:a1:f4:79:46:ad:f7:55:fd:65:45:2f:
0f:b4:b0:1c:b1:a6:f2:44:84:df:6a:ca:3e:3d:63:78:e5:fe:
88:c2:cf:7e:d1:a2:1a:ca:65:d2:4a:46:a4:92:63:ff:fa:1a:
69:85:ae:99:1e:73:96:e0:22:42:3e:68:69:97:ee:ac:17:f5:
24:1c:28:d7:70:d4:ee:59:a7:53:a0:a7:9f:8d:98:72:26:28:
96:f3:b9:9b:fc:76:a5:fa:5b:79:32:14:15:bf:61:08:4c:70:
13:63:86:a3:05:a7:84:93:62:53:4f:ae:d2:6a:14:5c:53:61:
69:17:8e:6a:f4:ec:82:db:b7:aa:6c:46:e1:16:51:98:99:7e:
e5:90:4f:78:35:0a:1a:5a:d1:53:b6:7a:19:28:dc:c2:52:6a:
b5:a2:fe:c6:32:e4:61:27:af:ab:31:4a:d3:c5:56:0f:a8:40:
40:40:e7:6d:e5:74:be:62:11:24:4f:9d:39:4d:8f:87:21:66:
a9:ef:6b:5f:fd:78:b6:8c:8c:2d:c6:19:67:cb:9d:69:e1:a6:
f0:97:ce:4d:67:20:8b:ff:cc:6f:57:1b:58:45:84:12:98:dd:
76:2b:97:d5:07:d4:02:2e:8b:45:14:6d:19:52:59:3c:98:ef:
e0:8f:ad:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnVk6S+zrP2qBdryGFbekWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWM2ZDBkZTcwY2M1MTgwNWI2M2E1ZTIzMjc2MjI1MjVk
MDc1YjEwHhcNMjMwODA4MTQzNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgwY2M3MmZiOWI3MmFjZTFjNjA5ZDgzOWIxNTFhMDA1ODUyMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgACvd/fWFaRtqjKXRmtIWcnbUquC
ZvdmG+B8wLE7cU6MiD1uf8qLuc7xs+rAwM0x5pi9XCElXk+68tMN/LmaHndDiL+C
wJHMGWUni/UGTnOdUGV/3U/WJ+rsbCbW5KpdeHQK8v8vLfxQw8wPGZZVLItB6O/l
YSnv+Q2M+yRvih6JCrqywdeDeCsxjeFcJmXN2/ic9XqhUYT/Lk9h48fta5Calho+
P6RKyPeiI3czfTpRjmGy6HrxdU/K4gRiJD2KHu84w/SC95XV2yEx5YVq9W1NWigL
kgfo3OXOVI+fp0IvgG2Ytn5OrWTDBprvvkvfA+EEh7YQzrztJpxIUmFVhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNuAzHL7m3Ks4cYJ2DmxUaAFhSHbMB8GA1UdIwQY
MBaAFAscbQ3nDMUYBbY6XiMnYiUl0HWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAt
Zjc3NGYxZWFmYmZmLzEvMjRETWN2dWJjcXpoeGduWU9iRlJvQVdGSWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hMTk3MmEtOWUxOC00NzkxLTg1MzAtZjc3NGYxZWFmYmZm
LzEvQ3h4dERlY014UmdGdGpwZUl5ZGlKU1hRZGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLuI0AwQB
VZ6OAwQBwW3+AwQBw/XmMA0GCSqGSIb3DQEBCwUAA4IBAQASlAr81lDTofR5Rq33
Vf1lRS8PtLAcsabyRITfaso+PWN45f6Iws9+0aIaymXSSkakkmP/+hppha6ZHnOW
4CJCPmhpl+6sF/UkHCjXcNTuWadToKefjZhyJiiW87mb/Hal+lt5MhQVv2EITHAT
Y4ajBaeEk2JTT67SahRcU2FpF45q9OyC27eqbEbhFlGYmX7lkE94NQoaWtFTtnoZ
KNzCUmq1ov7GMuRhJ6+rMUrTxVYPqEBAQOdt5XS+YhEkT505TY+HIWap72tf/Xi2
jIwtxhlny51p4abwl85NZyCL/8xvVxtYRYQSmN12K5fVB9QCLotFFG0ZUlk8mO/g
j61D
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:57:02 2024 by rpki-client on console-fra.rpki-client.org