Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/93Zzk17tN2jeicXh68DQMxXebIU.roa
File: 93Zzk17tN2jeicXh68DQMxXebIU.roa (raw, json)
Hash identifier: wCA2xdduI3CVdzCr4HOL3ASknDUWXDe3ZRqlcqITanQ=
Subject key identifier: F7:76:73:93:5E:ED:37:68:DE:89:C5:E1:EB:C0:D0:33:15:DE:6C:85
Certificate issuer: /CN=a68ff9229efd8d12b4273f346f8c6454ea587ecc
Certificate serial: 018BD8365E14BBC793E0EF27856694403FB7
Authority key identifier: A6:8F:F9:22:9E:FD:8D:12:B4:27:3F:34:6F:8C:64:54:EA:58:7E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/po_5Ip79jRK0Jz80b4xkVOpYfsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/93Zzk17tN2jeicXh68DQMxXebIU.roa
Signing time: Thu 16 Nov 2023 12:58:43 +0000
ROA not before: Thu 16 Nov 2023 12:58:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 46.16.161.0/24 maxlen: 24
46.16.160.0/24 maxlen: 24
46.16.160.0/23 maxlen: 23
46.16.164.0/24 maxlen: 24
46.16.166.0/24 maxlen: 24
91.197.140.0/24 maxlen: 24
91.197.140.0/22 maxlen: 22
91.197.141.0/24 maxlen: 24
91.197.143.0/24 maxlen: 24
91.197.142.0/23 maxlen: 23
91.197.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:36:5e:14:bb:c7:93:e0:ef:27:85:66:94:40:3f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a68ff9229efd8d12b4273f346f8c6454ea587ecc
Validity
Not Before: Nov 16 12:58:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f77673935eed3768de89c5e1ebc0d03315de6c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:32:12:e2:77:bb:6a:b2:e1:35:60:4c:4e:dc:
3d:f5:0b:ce:12:6d:8a:30:07:ab:c7:31:ad:1d:be:
dc:62:6a:92:42:0d:a0:10:bc:35:c0:e5:94:c3:68:
e0:f2:e8:10:68:ce:b4:69:27:c1:c5:3f:05:97:46:
cc:2d:70:e2:5a:e7:a9:52:6f:22:4e:ef:41:26:d3:
4c:4d:97:24:bc:7b:dc:8d:83:6d:fc:b3:ea:80:e5:
e8:7d:59:3f:d3:33:de:d8:43:90:09:20:81:8e:78:
c3:1d:37:58:8b:42:41:b4:e6:43:9d:dc:21:a9:e5:
e6:7f:5c:11:5e:dd:de:3b:94:e3:8b:1e:4e:05:b8:
38:b7:d6:6d:30:5a:78:7a:2c:1f:c0:83:e3:79:50:
2b:7f:4d:f3:57:ad:81:3d:ae:7c:2f:52:75:6d:36:
ec:27:fa:b1:aa:06:d3:14:0f:d2:8e:42:c4:fb:d1:
9e:22:11:6b:8f:4d:ac:1b:61:38:00:6c:4b:bf:e2:
53:20:a3:e5:ee:dc:e7:39:b6:61:cb:ca:5c:eb:ae:
7b:f3:3d:3a:27:3a:a0:3e:1e:69:e3:b9:61:4f:ca:
c5:0a:9d:c2:b5:cf:7e:e2:69:e7:e5:bd:17:54:16:
d8:d0:70:1c:62:40:17:ce:47:29:86:da:dd:eb:9c:
bb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:76:73:93:5E:ED:37:68:DE:89:C5:E1:EB:C0:D0:33:15:DE:6C:85
X509v3 Authority Key Identifier:
keyid:A6:8F:F9:22:9E:FD:8D:12:B4:27:3F:34:6F:8C:64:54:EA:58:7E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/po_5Ip79jRK0Jz80b4xkVOpYfsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/93Zzk17tN2jeicXh68DQMxXebIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/po_5Ip79jRK0Jz80b4xkVOpYfsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.160.0/23
46.16.164.0/24
46.16.166.0/24
91.197.140.0/22
Signature Algorithm: sha256WithRSAEncryption
50:bd:2f:ca:52:ba:ee:e9:bb:e7:80:99:e1:d1:88:e7:ff:6f:
8b:b1:79:ec:cb:eb:25:34:73:d5:11:8e:88:2b:a1:68:78:a7:
2e:1f:ab:5e:30:10:71:1e:29:1a:cb:d0:e1:08:25:32:94:26:
cd:d6:5d:3f:d0:5f:38:a5:fd:d5:59:bc:18:e6:bc:47:06:26:
fc:53:96:75:51:3c:3d:2f:ac:bf:7b:a1:cc:a4:01:15:a7:0e:
47:a0:47:af:76:d3:75:de:aa:cd:83:79:07:1a:58:03:c2:5c:
66:a0:85:a5:be:22:09:19:78:e7:6b:c6:78:96:6b:11:f4:73:
43:a3:ba:56:78:6a:7f:26:b4:30:17:57:35:da:86:2b:9a:49:
48:eb:f5:86:4f:e7:5e:aa:9f:e1:3f:9a:89:86:e2:d9:af:97:
6f:fc:1d:46:5a:ae:68:fd:20:48:01:c5:d4:bf:bb:56:9d:29:
29:7c:82:1b:66:9a:d1:7a:a4:15:59:77:da:2f:81:67:d2:e4:
73:ee:8f:5b:a8:bc:64:23:30:26:5b:ca:a7:9c:e4:4e:5b:b1:
87:8d:31:91:b5:5a:6f:c3:ad:da:23:74:8b:41:15:84:13:61:
45:cf:15:aa:88:4c:f9:04:1b:dd:b3:31:a9:da:28:31:d8:96:
b5:fa:d3:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvYNl4Uu8eT4O8nhWaUQD+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OGZmOTIyOWVmZDhkMTJiNDI3M2YzNDZmOGM2NDU0ZWE1
ODdlY2MwHhcNMjMxMTE2MTI1ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzc2NzM5MzVlZWQzNzY4ZGU4OWM1ZTFlYmMwZDAzMzE1ZGU2Yzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTIS4ne7arLhNWBMTtw99QvOEm2K
MAerxzGtHb7cYmqSQg2gELw1wOWUw2jg8ugQaM60aSfBxT8Fl0bMLXDiWuepUm8i
Tu9BJtNMTZckvHvcjYNt/LPqgOXofVk/0zPe2EOQCSCBjnjDHTdYi0JBtOZDndwh
qeXmf1wRXt3eO5Tjix5OBbg4t9ZtMFp4eiwfwIPjeVArf03zV62BPa58L1J1bTbs
J/qxqgbTFA/SjkLE+9GeIhFrj02sG2E4AGxLv+JTIKPl7tznObZhy8pc66578z06
JzqgPh5p47lhT8rFCp3Ctc9+4mnn5b0XVBbY0HAcYkAXzkcphtrd65y7LwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPd2c5Ne7Tdo3onF4evA0DMV3myFMB8GA1UdIwQY
MBaAFKaP+SKe/Y0StCc/NG+MZFTqWH7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG9fNUlwNzlqUkswSno4MGI0eGtWT3BZZnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yZmY5OGUtNmZmOS00MjMzLWI5ZjEt
MjI3ZTIxZTY5MWU3LzEvOTNaemsxN3ROMmplaWNYaDY4RFFNeFhlYklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yZmY5OGUtNmZmOS00MjMzLWI5ZjEtMjI3ZTIxZTY5MWU3
LzEvcG9fNUlwNzlqUkswSno4MGI0eGtWT3BZZnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLhCgAwQA
LhCkAwQALhCmAwQCW8WMMA0GCSqGSIb3DQEBCwUAA4IBAQBQvS/KUrru6bvngJnh
0Yjn/2+LsXnsy+slNHPVEY6IK6FoeKcuH6teMBBxHikay9DhCCUylCbN1l0/0F84
pf3VWbwY5rxHBib8U5Z1UTw9L6y/e6HMpAEVpw5HoEevdtN13qrNg3kHGlgDwlxm
oIWlviIJGXjna8Z4lmsR9HNDo7pWeGp/JrQwF1c12oYrmklI6/WGT+deqp/hP5qJ
huLZr5dv/B1GWq5o/SBIAcXUv7tWnSkpfIIbZprReqQVWXfaL4Fn0uRz7o9bqLxk
IzAmW8qnnOROW7GHjTGRtVpvw63aI3SLQRWEE2FFzxWqiEz5BBvdszGp2igx2Ja1
+tP7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:24 2024 by rpki-client on console-ams.rpki-client.org