Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/tYZkUe5bK5AwiZAoxpUQI9S8rmM.roa
File: tYZkUe5bK5AwiZAoxpUQI9S8rmM.roa (raw, json)
Hash identifier: 7oS3Zqn+W0+Fz8rEPSSl3vjR7op/6LI0aK6eFDeQvZ0=
Subject key identifier: B5:86:64:51:EE:5B:2B:90:30:89:90:28:C6:95:10:23:D4:BC:AE:63
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 0186A0F448CBB982EF90E09FEA250F505FE2
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/tYZkUe5bK5AwiZAoxpUQI9S8rmM.roa
Signing time: Thu 02 Mar 2023 06:13:29 +0000
ROA not before: Thu 02 Mar 2023 06:13:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39593
IP address blocks: 46.191.180.0/23 maxlen: 23
46.191.180.0/24 maxlen: 24
136.169.210.0/24 maxlen: 24
136.169.210.0/23 maxlen: 23
46.191.182.0/23 maxlen: 23
46.191.183.0/24 maxlen: 24
46.191.182.0/24 maxlen: 24
136.169.208.0/24 maxlen: 24
136.169.209.0/24 maxlen: 24
46.191.180.0/22 maxlen: 22
136.169.208.0/23 maxlen: 23
136.169.211.0/24 maxlen: 24
136.169.208.0/22 maxlen: 22
46.191.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a0:f4:48:cb:b9:82:ef:90:e0:9f:ea:25:0f:50:5f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Mar 2 06:13:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5866451ee5b2b9030899028c6951023d4bcae63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8a:87:cc:cb:90:ce:42:df:33:ec:02:d4:65:
9d:b6:32:f0:19:5b:d6:1d:65:a7:ac:ab:48:60:25:
11:98:3a:1e:c4:e9:a4:94:c0:fa:88:be:8e:66:ba:
7b:f2:1d:7a:2f:08:49:d1:90:5f:40:6b:86:64:16:
a4:15:63:20:83:b3:16:12:23:51:0c:23:62:1d:16:
d4:67:94:64:17:a7:38:9b:9d:34:dc:e9:84:ac:14:
d5:f4:bf:b1:7d:40:e3:de:16:13:d5:21:34:03:3d:
50:78:b6:30:05:b5:5d:4b:28:09:0a:d1:02:bb:04:
50:ea:fc:89:56:07:1f:0f:c4:1c:5e:ea:28:92:01:
25:b2:e8:07:15:25:12:f6:48:33:cf:80:4c:a7:76:
e7:82:67:a6:24:3c:fb:57:cb:3b:43:3d:2b:88:64:
39:87:ce:bc:05:79:36:36:89:bf:65:d5:f8:20:cf:
9a:dc:4f:86:e8:df:8f:ce:22:2e:c0:d4:06:df:4c:
04:88:58:b6:7c:22:ed:cb:6d:d6:75:17:d2:c1:63:
2e:a3:c6:a6:b3:ea:46:7c:4f:e9:3d:b1:de:a7:a4:
87:10:d4:01:a0:30:08:4b:1d:14:64:fb:76:a4:ae:
f0:b6:4d:67:c5:49:27:86:86:c9:6f:4d:39:29:de:
68:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:86:64:51:EE:5B:2B:90:30:89:90:28:C6:95:10:23:D4:BC:AE:63
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/tYZkUe5bK5AwiZAoxpUQI9S8rmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.191.180.0/22
136.169.208.0/22
Signature Algorithm: sha256WithRSAEncryption
77:45:67:f2:ba:f2:0f:82:57:32:b5:91:d2:33:56:9f:f2:a2:
17:fe:1c:cb:07:c4:88:90:a9:7c:29:f8:45:a4:39:ab:f1:4c:
2d:2d:24:6c:77:28:6f:35:96:7d:ca:2c:34:9b:84:44:7c:c0:
12:22:08:4f:f2:d3:8d:bd:8c:66:5c:3c:ca:e6:9e:90:5e:59:
4f:98:71:61:50:de:72:fb:9c:12:0c:b8:9a:ec:5e:81:55:e3:
62:c4:93:2c:b4:09:24:e6:3d:00:e6:e4:cf:01:4a:85:b5:8c:
87:7d:16:e5:02:5b:1c:af:d3:77:5a:6f:d2:6b:74:c3:93:8f:
f6:29:d7:fd:f6:ca:b1:ad:fb:7f:83:fa:93:62:3f:63:fb:76:
ac:80:9e:1b:ca:2b:38:fa:6f:c7:9d:f7:46:aa:c2:16:ce:32:
60:8f:6b:b0:d2:61:99:dc:04:5b:2c:96:f5:df:fa:9c:b8:91:
9c:d7:1a:37:46:86:12:8c:36:58:9d:c0:bf:5c:04:2e:f1:d7:
70:19:5e:1b:a7:24:1a:0c:48:72:d6:b8:56:4f:60:76:6a:bf:
67:87:0c:02:c1:c1:0e:51:e6:9a:58:15:dc:93:2b:d7:03:20:
21:04:b0:68:77:d0:8f:24:89:e6:12:80:e3:d9:2d:03:c1:41:
cd:84:e1:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYag9EjLuYLvkOCf6iUPUF/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjMwMzAyMDYxMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg2NjQ1MWVlNWIyYjkwMzA4OTkwMjhjNjk1MTAyM2Q0YmNhZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIqHzMuQzkLfM+wC1GWdtjLwGVvW
HWWnrKtIYCURmDoexOmklMD6iL6OZrp78h16LwhJ0ZBfQGuGZBakFWMgg7MWEiNR
DCNiHRbUZ5RkF6c4m5003OmErBTV9L+xfUDj3hYT1SE0Az1QeLYwBbVdSygJCtEC
uwRQ6vyJVgcfD8QcXuookgElsugHFSUS9kgzz4BMp3bngmemJDz7V8s7Qz0riGQ5
h868BXk2Nom/ZdX4IM+a3E+G6N+PziIuwNQG30wEiFi2fCLty23WdRfSwWMuo8am
s+pGfE/pPbHep6SHENQBoDAISx0UZPt2pK7wtk1nxUknhobJb005Kd5okwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLWGZFHuWyuQMImQKMaVECPUvK5jMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvdFlaa1VlNWJLNUF3aVpBb3hwVVFJOVM4cm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLr+0AwQC
iKnQMA0GCSqGSIb3DQEBCwUAA4IBAQB3RWfyuvIPglcytZHSM1af8qIX/hzLB8SI
kKl8KfhFpDmr8UwtLSRsdyhvNZZ9yiw0m4REfMASIghP8tONvYxmXDzK5p6QXllP
mHFhUN5y+5wSDLia7F6BVeNixJMstAkk5j0A5uTPAUqFtYyHfRblAlscr9N3Wm/S
a3TDk4/2Kdf99sqxrft/g/qTYj9j+3asgJ4byis4+m/HnfdGqsIWzjJgj2uw0mGZ
3ARbLJb13/qcuJGc1xo3RoYSjDZYncC/XAQu8ddwGV4bpyQaDEhy1rhWT2B2ar9n
hwwCwcEOUeaaWBXckyvXAyAhBLBod9CPJInmEoDj2S0DwUHNhOH9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org