Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/C9rdaCclOasZbXZzNm9jL2wgXHM.roa
File: C9rdaCclOasZbXZzNm9jL2wgXHM.roa (raw, json)
Hash identifier: emMcDORDT6ZocFxUfQcnpsNvabkXdnpF6UibalEXHKs=
Subject key identifier: 0B:DA:DD:68:27:25:39:AB:19:6D:76:73:36:6F:63:2F:6C:20:5C:73
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 018CC5001C519241F43C35D44C73F5E96844
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/C9rdaCclOasZbXZzNm9jL2wgXHM.roa
Signing time: Mon 01 Jan 2024 12:29:27 +0000
ROA not before: Mon 01 Jan 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197324
IP address blocks: 46.17.120.0/21 maxlen: 24
185.157.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 11:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1c:51:92:41:f4:3c:35:d4:4c:73:f5:e9:68:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Jan 1 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bdadd68272539ab196d7673366f632f6c205c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0b:34:fe:51:cb:79:fc:0a:3f:b3:b1:90:1e:
46:0f:f2:56:aa:8c:58:a9:22:21:a4:50:e2:d7:10:
73:db:f2:d9:7c:19:36:a8:ae:6c:19:18:e5:29:58:
08:3b:54:f7:70:23:41:ac:72:9b:b9:6e:50:e5:67:
9a:87:bb:7f:3a:7f:66:2a:23:b1:08:89:dc:c7:a0:
43:40:f8:9b:cf:cb:c8:c3:58:d0:59:79:b4:5c:58:
c2:2a:3f:79:d0:5c:e6:bc:b8:60:72:25:d2:9a:0b:
03:79:98:0c:8d:41:a7:d1:5c:2c:c7:95:59:65:b1:
23:8a:6f:65:42:ed:91:09:ef:51:54:c0:31:c6:d1:
b9:34:b6:4e:66:af:11:2b:7e:65:45:54:4d:d9:25:
c2:28:5a:62:e8:97:26:5a:b2:e1:9e:9f:2e:36:ff:
28:a8:99:61:4d:f8:c5:1d:19:09:16:fe:fc:fd:0a:
85:3a:83:46:bd:1d:57:4e:89:97:27:69:f2:22:42:
ff:b5:17:c5:6f:21:4b:b6:1f:ab:c7:58:b9:88:2b:
98:13:fa:b7:45:3b:35:d4:09:2c:e0:bc:b5:6f:b2:
7b:45:4a:d0:51:2a:2e:26:e6:2d:c5:d9:e0:2d:ed:
bd:a9:fe:7a:73:af:fd:96:6e:1e:49:a8:2a:5f:53:
87:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DA:DD:68:27:25:39:AB:19:6D:76:73:36:6F:63:2F:6C:20:5C:73
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/C9rdaCclOasZbXZzNm9jL2wgXHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.120.0/21
185.157.104.0/22
Signature Algorithm: sha256WithRSAEncryption
94:62:49:70:81:d0:cd:26:68:a2:68:e8:a2:41:9e:1b:48:ee:
23:75:81:fd:f0:af:a1:bd:73:01:03:38:bd:38:59:5b:d8:38:
3f:d5:57:f5:05:bd:9a:d8:5f:d5:6d:cc:1c:21:bd:e1:f7:ae:
36:49:e8:4e:a0:8d:2f:1d:02:09:d4:98:39:c5:c1:50:d6:48:
4f:20:4e:22:2c:7a:7e:c1:d4:29:27:a4:21:f3:e6:c2:e5:b5:
07:31:c0:ec:99:4c:0f:1f:e3:47:d6:45:d9:7c:3b:e5:86:f3:
75:58:ca:15:66:51:82:2c:64:6b:d7:0a:53:3b:fb:29:25:87:
93:79:a1:b2:09:93:34:09:53:a9:88:43:69:89:50:69:49:a5:
99:cd:6a:ba:67:37:09:f3:70:9f:38:6e:3d:17:75:29:23:15:
96:01:2e:fa:63:5e:11:d1:d4:5d:82:98:31:84:88:cc:0c:af:
b6:b3:2e:92:ae:5f:76:b9:e6:27:9a:03:a0:f7:77:09:1c:1a:
be:56:b6:c2:b2:b9:d1:18:82:3d:dc:d0:96:59:5b:a8:a0:08:
25:91:5a:db:8c:00:c3:20:75:24:8c:5c:d0:b6:51:47:01:e5:
22:29:6f:bf:2a:fe:38:11:47:50:02:78:75:e9:a6:63:02:cc:
39:1c:2e:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFABxRkkH0PDXUTHP16WhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQwMTAxMTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmRhZGQ2ODI3MjUzOWFiMTk2ZDc2NzMzNjZmNjMyZjZjMjA1YzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7As0/lHLefwKP7OxkB5GD/JWqoxY
qSIhpFDi1xBz2/LZfBk2qK5sGRjlKVgIO1T3cCNBrHKbuW5Q5Weah7t/On9mKiOx
CIncx6BDQPibz8vIw1jQWXm0XFjCKj950FzmvLhgciXSmgsDeZgMjUGn0Vwsx5VZ
ZbEjim9lQu2RCe9RVMAxxtG5NLZOZq8RK35lRVRN2SXCKFpi6JcmWrLhnp8uNv8o
qJlhTfjFHRkJFv78/QqFOoNGvR1XTomXJ2nyIkL/tRfFbyFLth+rx1i5iCuYE/q3
RTs11Aks4Ly1b7J7RUrQUSouJuYtxdngLe29qf56c6/9lm4eSagqX1OH8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAva3WgnJTmrGW12czZvYy9sIFxzMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvQzlyZGFDY2xPYXNaYlhaek5tOWpMMndnWEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhF4AwQC
uZ1oMA0GCSqGSIb3DQEBCwUAA4IBAQCUYklwgdDNJmiiaOiiQZ4bSO4jdYH98K+h
vXMBAzi9OFlb2Dg/1Vf1Bb2a2F/VbcwcIb3h9642SehOoI0vHQIJ1Jg5xcFQ1khP
IE4iLHp+wdQpJ6Qh8+bC5bUHMcDsmUwPH+NH1kXZfDvlhvN1WMoVZlGCLGRr1wpT
O/spJYeTeaGyCZM0CVOpiENpiVBpSaWZzWq6ZzcJ83CfOG49F3UpIxWWAS76Y14R
0dRdgpgxhIjMDK+2sy6Srl92ueYnmgOg93cJHBq+VrbCsrnRGII93NCWWVuooAgl
kVrbjADDIHUkjFzQtlFHAeUiKW+/Kv44EUdQAnh16aZjAsw5HC6g
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:21:11 2024 by rpki-client on console-ams.rpki-client.org