Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/szWtkEEKbblosqP5Hvz2_RrjqNs.roa
File: szWtkEEKbblosqP5Hvz2_RrjqNs.roa (raw, json)
Hash identifier: AV4hQMzR0U5evLp4zsEWTkvaol5fsxvE9vP2LauReQA=
Subject key identifier: B3:35:AD:90:41:0A:6D:B9:68:B2:A3:F9:1E:FC:F6:FD:1A:E3:A8:DB
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 018A5F5DE8B5DD70797A80D9064115E80F2A
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/szWtkEEKbblosqP5Hvz2_RrjqNs.roa
Signing time: Mon 04 Sep 2023 08:45:04 +0000
ROA not before: Mon 04 Sep 2023 08:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 46.140.0.0/17 maxlen: 17
46.140.0.0/16 maxlen: 16
62.2.0.0/17 maxlen: 17
62.2.0.0/16 maxlen: 16
178.82.0.0/16 maxlen: 16
31.10.128.0/18 maxlen: 18
31.10.128.0/17 maxlen: 17
31.10.192.0/18 maxlen: 18
46.127.0.0/16 maxlen: 16
46.140.128.0/17 maxlen: 17
62.2.128.0/17 maxlen: 17
46.126.0.0/16 maxlen: 16
46.126.0.0/15 maxlen: 15
Validation: Failed, certificate revoked on Mon 04 Sep 2023 08:59:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:5d:e8:b5:dd:70:79:7a:80:d9:06:41:15:e8:0f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Sep 4 08:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b335ad90410a6db968b2a3f91efcf6fd1ae3a8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0c:17:b6:1b:59:0c:49:04:24:de:e4:29:d4:
52:e6:b2:d2:3a:ad:14:59:be:54:c7:62:e1:08:57:
d4:31:15:33:81:46:53:a8:b7:b3:aa:d6:d7:e6:ab:
b6:0b:63:74:3c:6f:c5:f1:02:fc:74:33:d3:1f:d2:
ab:63:29:f8:1b:c6:0b:e6:61:b3:7a:2d:72:be:84:
2f:b4:cc:c1:f1:56:03:7c:f6:bf:2c:30:c5:c6:d3:
69:fe:1d:26:aa:7e:f3:35:c0:d6:a8:01:ee:a4:47:
dd:59:5f:74:dd:ee:87:9f:2b:ef:06:e6:25:02:ba:
25:6d:07:07:8b:76:71:6f:94:7f:da:c1:0b:38:ac:
ae:0c:63:30:2a:c4:78:fa:3d:78:fb:83:cc:fa:65:
08:fb:7d:bb:fb:15:87:58:2d:31:0c:5d:f3:71:d3:
32:d0:82:df:bf:d7:ac:df:a5:00:f7:86:53:8b:39:
3c:d4:08:da:39:07:08:4e:ac:5a:5d:2d:b7:ff:25:
65:53:8b:af:c4:a3:6c:4d:7a:70:cb:d3:e2:fe:f6:
f7:a1:87:6a:46:02:15:c5:93:ea:f6:5d:1c:25:ac:
a9:14:d4:a1:01:88:4b:f7:f1:d9:d1:3d:b2:ca:e5:
2d:10:6a:b1:10:50:ce:12:b6:72:d6:25:6d:bf:c4:
1a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:35:AD:90:41:0A:6D:B9:68:B2:A3:F9:1E:FC:F6:FD:1A:E3:A8:DB
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/szWtkEEKbblosqP5Hvz2_RrjqNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
46.126.0.0/15
46.140.0.0/16
62.2.0.0/16
178.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:98:9d:20:18:f1:9f:02:28:45:70:4a:d9:f1:33:02:b5:b5:
bb:d1:39:3e:24:e7:4f:ff:15:00:42:b4:ab:0b:3e:50:c3:14:
62:6d:8c:30:1e:a8:41:4d:fc:d8:6f:4b:9d:45:49:11:4a:0d:
4b:6c:2a:9c:ad:5e:e3:48:ea:c1:6a:ed:70:0a:4f:0e:0e:92:
9f:aa:6d:4e:a9:1b:3c:06:96:fa:33:2e:02:70:0c:fc:7a:de:
a4:63:df:7e:1b:c5:51:32:a7:3b:5f:f4:f3:73:6f:00:bf:9d:
21:4b:7b:1e:8c:30:93:e2:5e:d2:4d:a9:9c:f7:5d:8c:ad:33:
ad:67:2c:c1:32:50:5b:57:5b:56:8f:64:8e:f0:23:37:ed:e7:
f2:2d:b9:a8:80:b7:90:a6:b1:3f:69:3d:b7:d4:2b:14:ce:6c:
97:63:47:72:79:9f:c0:19:af:9a:08:5a:4b:aa:6c:84:45:1c:
de:94:42:88:3b:fe:c9:5b:73:32:ce:34:e2:29:c8:ab:21:84:
70:c3:fd:7b:4e:66:18:f5:20:16:f8:9a:36:99:3a:bc:b1:76:
1d:54:9f:f0:8b:1d:2d:5b:f3:c2:f9:9a:10:58:81:c1:1c:f7:
0c:04:d4:98:9d:d3:bf:79:b0:62:63:14:aa:fe:23:4e:85:43:
b2:5d:38:b2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYpfXei13XB5eoDZBkEV6A8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjMwOTA0MDg0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM1YWQ5MDQxMGE2ZGI5NjhiMmEzZjkxZWZjZjZmZDFhZTNhOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAwXthtZDEkEJN7kKdRS5rLSOq0U
Wb5Ux2LhCFfUMRUzgUZTqLezqtbX5qu2C2N0PG/F8QL8dDPTH9KrYyn4G8YL5mGz
ei1yvoQvtMzB8VYDfPa/LDDFxtNp/h0mqn7zNcDWqAHupEfdWV903e6HnyvvBuYl
ArolbQcHi3Zxb5R/2sELOKyuDGMwKsR4+j14+4PM+mUI+327+xWHWC0xDF3zcdMy
0ILfv9es36UA94ZTizk81AjaOQcITqxaXS23/yVlU4uvxKNsTXpwy9Pi/vb3oYdq
RgIVxZPq9l0cJaypFNShAYhL9/HZ0T2yyuUtEGqxEFDOErZy1iVtv8Qa5wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLM1rZBBCm25aLKj+R789v0a46jbMB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvc3pXdGtFRUtiYmxvc3FQNUh2ejJfUnJqcU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQHHwqAAwMB
Ln4DAwAujAMDAD4CAwMAslIwDQYJKoZIhvcNAQELBQADggEBAEiYnSAY8Z8CKEVw
StnxMwK1tbvROT4k50//FQBCtKsLPlDDFGJtjDAeqEFN/NhvS51FSRFKDUtsKpyt
XuNI6sFq7XAKTw4Okp+qbU6pGzwGlvozLgJwDPx63qRj334bxVEypztf9PNzbwC/
nSFLex6MMJPiXtJNqZz3XYytM61nLMEyUFtXW1aPZI7wIzft5/ItuaiAt5CmsT9p
PbfUKxTObJdjR3J5n8AZr5oIWkuqbIRFHN6UQog7/slbczLONOIpyKshhHDD/XtO
Zhj1IBb4mjaZOryxdh1Un/CLHS1b88L5mhBYgcEc9wwE1Jid0795sGJjFKr+I06F
Q7JdOLI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:19 2024 by rpki-client on console-ams.rpki-client.org