Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/rP8XEKHHZzBb67N-nT6C2hua4dk.roa
File: rP8XEKHHZzBb67N-nT6C2hua4dk.roa (raw, json)
Hash identifier: cgOG60kzOrNj0Vmxs+SAcovcEZfx9HD34Ej5/MdLJh8=
Subject key identifier: AC:FF:17:10:A1:C7:67:30:5B:EB:B3:7E:9D:3E:82:DA:1B:9A:E1:D9
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01857246F4228F341CC01621D2A2A63D65A9
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/rP8XEKHHZzBb67N-nT6C2hua4dk.roa
Signing time: Mon 02 Jan 2023 11:38:50 +0000
ROA not before: Mon 02 Jan 2023 11:38:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210154
IP address blocks: 46.254.135.0/24 maxlen: 24
151.237.22.0/24 maxlen: 24
151.237.20.0/24 maxlen: 24
151.237.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:f4:22:8f:34:1c:c0:16:21:d2:a2:a6:3d:65:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 11:38:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acff1710a1c767305bebb37e9d3e82da1b9ae1d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:74:3a:f9:f6:b0:29:cc:ae:5f:b5:04:09:cb:
af:17:0f:85:da:f0:d0:c9:d1:e9:82:b1:bf:18:f5:
9b:3a:b7:d5:a0:f3:a0:3e:a2:e7:18:41:db:6b:b0:
02:b7:3b:6a:b6:3b:98:91:91:c9:89:e3:20:a4:a2:
ab:43:9f:2c:1a:be:b3:1b:89:8a:fa:70:f0:29:ff:
3f:46:48:39:d5:b5:27:42:cd:37:61:8a:1b:24:92:
9d:06:ce:50:37:7e:f4:f9:92:de:5d:60:11:4a:85:
f6:26:fb:94:32:af:40:3c:59:3a:36:1e:3d:44:40:
b6:39:78:3b:f5:5a:3e:2e:9d:34:a2:24:d2:8d:17:
74:60:4a:2c:1b:64:43:25:37:5f:22:62:19:0f:e9:
93:e9:f0:59:49:c8:33:9f:4b:6c:86:46:a9:af:08:
f5:74:a9:42:da:16:a5:61:e5:44:1a:40:87:89:7f:
32:cc:11:85:60:0d:c6:97:30:ac:a2:8d:62:9d:d9:
29:f7:dc:de:81:ff:d4:91:85:59:b2:b6:dc:58:a4:
53:ed:70:88:a1:1a:27:b1:b1:66:bc:36:98:ed:54:
bb:5b:b0:91:ed:c4:47:d3:8b:45:d8:96:bd:47:fd:
59:44:c8:9b:7a:5f:56:34:ff:60:7d:93:ed:c6:da:
cb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FF:17:10:A1:C7:67:30:5B:EB:B3:7E:9D:3E:82:DA:1B:9A:E1:D9
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/rP8XEKHHZzBb67N-nT6C2hua4dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.135.0/24
151.237.20.0-151.237.22.255
Signature Algorithm: sha256WithRSAEncryption
da:4f:09:2e:8f:62:94:5e:19:70:a0:1d:81:77:e7:61:3f:33:
f1:3e:e7:1a:f3:f2:ae:d3:42:54:78:53:fe:01:f2:cb:e9:f8:
24:46:f6:65:03:3b:79:25:12:0c:ef:76:e1:ad:13:da:f3:11:
b8:a2:6d:7e:8f:af:fa:91:d5:22:57:ba:4c:c2:a3:f9:b2:29:
19:db:c3:4a:ad:7d:ec:56:2b:14:6a:69:ff:08:c9:9f:78:fd:
83:7e:7c:9b:42:84:37:16:be:73:8f:b0:55:b6:21:22:12:c6:
18:d6:19:0e:e4:0c:40:67:7f:a6:70:e3:82:9e:56:62:a8:d2:
1e:b0:7b:d1:e8:75:36:7c:05:e7:e0:76:59:4c:c9:0e:3c:bb:
61:7a:e3:27:db:9b:a8:b9:a6:38:dc:7f:ae:c9:8d:79:87:79:
c9:c7:49:4a:ef:2a:c6:88:8b:a9:43:e0:57:f4:34:66:36:2b:
05:d0:cb:e2:8a:53:d7:bb:9d:1a:bc:1d:33:56:b4:3e:14:3f:
74:8c:2f:01:72:6c:f4:37:7f:86:60:50:bb:f3:01:63:5b:9f:
96:1b:1c:f8:d7:3b:b3:f3:9d:c1:72:14:6f:53:82:a6:42:42:
79:b6:45:e8:ad:bd:62:a4:0f:2e:bf:8c:b0:b2:f4:54:2e:b1:
a1:9f:8f:2c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyRvQijzQcwBYh0qKmPWWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwMTAyMTEzODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ZmMTcxMGExYzc2NzMwNWJlYmIzN2U5ZDNlODJkYTFiOWFlMWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XQ6+fawKcyuX7UECcuvFw+F2vDQ
ydHpgrG/GPWbOrfVoPOgPqLnGEHba7ACtztqtjuYkZHJieMgpKKrQ58sGr6zG4mK
+nDwKf8/Rkg51bUnQs03YYobJJKdBs5QN370+ZLeXWARSoX2JvuUMq9APFk6Nh49
REC2OXg79Vo+Lp00oiTSjRd0YEosG2RDJTdfImIZD+mT6fBZScgzn0tshkaprwj1
dKlC2halYeVEGkCHiX8yzBGFYA3GlzCsoo1indkp99zegf/UkYVZsrbcWKRT7XCI
oRonsbFmvDaY7VS7W7CR7cRH04tF2Ja9R/1ZRMibel9WNP9gfZPtxtrLyQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKz/FxChx2cwW+uzfp0+gtobmuHZMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvclA4WEVLSEhaekJiNjdOLW5UNkMyaHVhNGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALv6HMAwD
BAKX7RQDBACX7RYwDQYJKoZIhvcNAQELBQADggEBANpPCS6PYpReGXCgHYF352E/
M/E+5xrz8q7TQlR4U/4B8svp+CRG9mUDO3klEgzvduGtE9rzEbiibX6Pr/qR1SJX
ukzCo/myKRnbw0qtfexWKxRqaf8IyZ94/YN+fJtChDcWvnOPsFW2ISISxhjWGQ7k
DEBnf6Zw44KeVmKo0h6we9HodTZ8BefgdllMyQ48u2F64yfbm6i5pjjcf67JjXmH
ecnHSUrvKsaIi6lD4Ff0NGY2KwXQy+KKU9e7nRq8HTNWtD4UP3SMLwFybPQ3f4Zg
ULvzAWNbn5YbHPjXO7PzncFyFG9TgqZCQnm2ReitvWKkDy6/jLCy9FQusaGfjyw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:41 2024 by rpki-client on console-ams.rpki-client.org