Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/dH2-1iSRmPuF7snUf4Ycc4vZoig.roa
File: dH2-1iSRmPuF7snUf4Ycc4vZoig.roa (raw, json)
Hash identifier: PfxxZ21lSyLr7D7+UfeyaeCnAyh/D/Ng361Nz84+DQ4=
Subject key identifier: 74:7D:BE:D6:24:91:98:FB:85:EE:C9:D4:7F:86:1C:73:8B:D9:A2:28
Certificate issuer: /CN=4b61cc8a365cc40382a31dad54f6cb723f58758a
Certificate serial: 01856F5DD51D68C324A2C7904DBB54AA7DD0
Authority key identifier: 4B:61:CC:8A:36:5C:C4:03:82:A3:1D:AD:54:F6:CB:72:3F:58:75:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2HMijZcxAOCox2tVPbLcj9YdYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/dH2-1iSRmPuF7snUf4Ycc4vZoig.roa
Signing time: Sun 01 Jan 2023 22:04:58 +0000
ROA not before: Sun 01 Jan 2023 22:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42339
IP address blocks: 46.28.224.0/21 maxlen: 21
77.72.120.0/21 maxlen: 21
185.22.204.0/22 maxlen: 22
2a00:60a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:d5:1d:68:c3:24:a2:c7:90:4d:bb:54:aa:7d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b61cc8a365cc40382a31dad54f6cb723f58758a
Validity
Not Before: Jan 1 22:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=747dbed6249198fb85eec9d47f861c738bd9a228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:05:11:c8:63:77:2d:a3:61:4e:82:44:ff:81:
42:7c:14:c2:bd:96:e5:b9:19:86:de:9b:d5:5f:bc:
c7:ad:d1:3b:b5:15:59:b8:cb:ad:4f:2a:15:3e:d2:
59:02:df:53:36:12:f1:72:d3:34:87:d6:93:43:de:
0c:4e:9e:f6:51:1b:39:0f:0e:e6:c1:0a:7a:07:83:
41:ca:63:2a:71:48:16:c6:e8:1e:cf:b5:8e:b5:8d:
a8:dc:da:78:9f:7e:ee:28:d0:b5:be:84:ad:64:aa:
7d:25:db:92:9d:27:a4:f7:15:2e:9f:8d:9a:b4:ae:
cd:5f:cf:2c:89:36:86:64:23:02:65:bf:86:21:46:
31:fa:6e:c5:cf:d0:95:74:ce:bc:a1:66:80:d0:d0:
a8:29:a9:22:ef:12:f4:44:58:aa:61:90:8b:5b:3c:
83:e7:1c:f4:de:5c:61:b5:b4:a1:0f:78:0a:ca:a4:
ac:49:7a:15:e4:09:d8:88:9a:4b:d5:c4:ac:17:9a:
cf:1b:0e:03:d8:79:6f:44:80:dd:a4:07:ed:ac:ac:
a7:f6:a1:27:08:5f:40:22:83:a5:3d:46:c7:30:e6:
76:2e:fe:c6:52:1d:08:f4:c7:53:f8:46:5f:e0:fc:
d7:8b:34:66:4e:8e:e0:5e:eb:e2:07:c0:2b:a2:67:
f6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7D:BE:D6:24:91:98:FB:85:EE:C9:D4:7F:86:1C:73:8B:D9:A2:28
X509v3 Authority Key Identifier:
keyid:4B:61:CC:8A:36:5C:C4:03:82:A3:1D:AD:54:F6:CB:72:3F:58:75:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2HMijZcxAOCox2tVPbLcj9YdYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/dH2-1iSRmPuF7snUf4Ycc4vZoig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/S2HMijZcxAOCox2tVPbLcj9YdYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.224.0/21
77.72.120.0/21
185.22.204.0/22
IPv6:
2a00:60a0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:2c:f0:6d:ed:d0:f5:89:03:42:f1:35:d7:02:a7:df:a7:3e:
aa:a9:eb:3a:d1:bf:68:16:93:b4:fb:1a:8a:8e:67:79:2c:1b:
46:97:c7:0e:ac:19:9e:af:d0:e4:77:12:70:a5:4b:4d:a1:26:
e3:ac:41:f7:36:af:4f:0d:31:84:e6:c7:57:b1:eb:db:fc:1d:
36:da:82:71:dd:3c:ae:fd:24:bb:97:07:b6:48:11:9c:90:aa:
76:9d:f1:79:81:92:12:75:97:91:eb:5d:42:e9:18:3b:37:86:
db:ed:bc:6f:b4:5e:0f:83:14:ae:f8:2b:8d:35:62:c3:a7:7f:
5a:35:20:1e:d6:72:fd:48:0d:91:70:9c:73:53:d8:a0:a1:8c:
19:bb:dc:1f:38:fb:66:e1:20:ad:67:24:91:22:2e:a0:34:a3:
a8:d2:d2:d7:e3:56:b9:b6:7f:17:44:7c:3d:ac:88:c9:4d:5f:
26:47:42:83:cc:9f:ea:c5:4f:7f:55:79:d7:d9:a2:98:1e:9a:
8c:82:9d:34:fd:48:2a:31:da:a4:5a:3c:5e:27:b3:bc:64:7d:
14:b9:a1:69:25:2c:59:b7:47:a8:71:30:6d:9c:42:4c:9e:0f:
4d:70:45:1a:89:4e:22:30:7c:c3:9e:38:33:88:99:5d:66:93:
eb:51:ca:86
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvXdUdaMMkoseQTbtUqn3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjFjYzhhMzY1Y2M0MDM4MmEzMWRhZDU0ZjZjYjcyM2Y1
ODc1OGEwHhcNMjMwMTAxMjIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdkYmVkNjI0OTE5OGZiODVlZWM5ZDQ3Zjg2MWM3MzhiZDlhMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgURyGN3LaNhToJE/4FCfBTCvZbl
uRmG3pvVX7zHrdE7tRVZuMutTyoVPtJZAt9TNhLxctM0h9aTQ94MTp72URs5Dw7m
wQp6B4NBymMqcUgWxugez7WOtY2o3Np4n37uKNC1voStZKp9JduSnSek9xUun42a
tK7NX88siTaGZCMCZb+GIUYx+m7Fz9CVdM68oWaA0NCoKaki7xL0RFiqYZCLWzyD
5xz03lxhtbShD3gKyqSsSXoV5AnYiJpL1cSsF5rPGw4D2HlvRIDdpAftrKyn9qEn
CF9AIoOlPUbHMOZ2Lv7GUh0I9MdT+EZf4PzXizRmTo7gXuviB8Aromf2cQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHR9vtYkkZj7he7J1H+GHHOL2aIoMB8GA1UdIwQY
MBaAFEthzIo2XMQDgqMdrVT2y3I/WHWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJITWlqWmN4QU9Db3gydFZQYkxjajlZZFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82YjllYzAtOWIxMC00NDQzLWI1ZTYt
YzRmZDUzZWJlYjY3LzEvZEgyLTFpU1JtUHVGN3NuVWY0WWNjNHZab2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82YjllYzAtOWIxMC00NDQzLWI1ZTYtYzRmZDUzZWJlYjY3
LzEvUzJITWlqWmN4QU9Db3gydFZQYkxjajlZZFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLhzgAwQD
TUh4AwQCuRbMMA0EAgACMAcDBQAqAGCgMA0GCSqGSIb3DQEBCwUAA4IBAQCdLPBt
7dD1iQNC8TXXAqffpz6qqes60b9oFpO0+xqKjmd5LBtGl8cOrBmer9DkdxJwpUtN
oSbjrEH3Nq9PDTGE5sdXsevb/B022oJx3Tyu/SS7lwe2SBGckKp2nfF5gZISdZeR
611C6Rg7N4bb7bxvtF4PgxSu+CuNNWLDp39aNSAe1nL9SA2RcJxzU9igoYwZu9wf
OPtm4SCtZySRIi6gNKOo0tLX41a5tn8XRHw9rIjJTV8mR0KDzJ/qxU9/VXnX2aKY
HpqMgp00/UgqMdqkWjxeJ7O8ZH0UuaFpJSxZt0eocTBtnEJMng9NcEUaiU4iMHzD
njgziJldZpPrUcqG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:01 2024 by rpki-client on console-fra.rpki-client.org