Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/698lxLSP_6ThXxiSjr8zKsiU4dw.roa
File: 698lxLSP_6ThXxiSjr8zKsiU4dw.roa (raw, json)
Hash identifier: Gk1PVREvohHbYBTfUif7hgu+JW3jrv/7Ex4GXfKs5ZM=
Subject key identifier: EB:DF:25:C4:B4:8F:FF:A4:E1:5F:18:92:8E:BF:33:2A:C8:94:E1:DC
Certificate issuer: /CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Certificate serial: 01856C53AC57814C7E819312CFE3A14E3B48
Authority key identifier: 15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/698lxLSP_6ThXxiSjr8zKsiU4dw.roa
Signing time: Sun 01 Jan 2023 07:55:00 +0000
ROA not before: Sun 01 Jan 2023 07:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39636
IP address blocks: 46.233.128.0/18 maxlen: 18
94.74.0.0/18 maxlen: 18
89.184.96.0/19 maxlen: 19
89.184.118.0/24 maxlen: 24
185.182.116.0/22 maxlen: 22
2a01:8320::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ac:57:81:4c:7e:81:93:12:cf:e3:a1:4e:3b:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Validity
Not Before: Jan 1 07:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebdf25c4b48fffa4e15f18928ebf332ac894e1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a9:99:48:d9:37:a0:dd:78:dc:7d:3c:b0:9d:
e3:28:39:d3:72:a8:47:c4:47:ea:14:06:a3:ce:c2:
0e:ee:0d:e8:d2:cb:09:68:9f:3e:a1:63:35:4d:79:
ea:6d:41:44:2d:a5:ab:68:de:f3:5c:72:05:b2:cd:
11:4d:f7:fd:e7:f7:ad:52:bb:71:97:76:af:c7:3d:
70:9b:9f:31:69:41:5e:8a:59:d0:09:99:2a:ef:c5:
da:17:b7:f0:34:98:9c:38:dd:ad:7c:d6:0b:88:a7:
ad:e2:55:41:3e:01:2e:ef:79:4b:53:3a:56:58:85:
00:6f:75:88:ea:30:db:f4:df:0e:55:aa:70:83:3b:
4c:86:11:d7:99:31:35:ac:75:bd:01:79:d7:95:9c:
80:26:c1:80:7e:51:aa:60:a0:b8:9c:6e:b1:40:5d:
c8:62:fa:74:d2:50:04:2f:09:35:58:00:2d:a0:0d:
25:d8:c2:b9:6e:36:7b:a0:01:06:d5:85:b2:99:44:
34:af:fd:ee:3d:f4:60:06:ce:19:21:c5:7d:7e:69:
9c:ef:d2:f8:ba:0e:d1:ac:8a:7c:23:64:4a:ab:27:
cf:82:76:49:75:68:cd:f7:76:29:75:f2:b5:21:e3:
02:24:aa:df:de:cf:de:fb:84:70:0c:88:0a:01:c5:
4c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DF:25:C4:B4:8F:FF:A4:E1:5F:18:92:8E:BF:33:2A:C8:94:E1:DC
X509v3 Authority Key Identifier:
keyid:15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/698lxLSP_6ThXxiSjr8zKsiU4dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.128.0/18
89.184.96.0/19
94.74.0.0/18
185.182.116.0/22
IPv6:
2a01:8320::/32
Signature Algorithm: sha256WithRSAEncryption
1a:3b:89:cc:86:ea:8c:a2:b6:67:6c:9d:16:53:29:2f:60:3a:
0c:25:12:8e:58:f6:ec:fa:bb:41:ad:9c:18:ef:b5:a8:2a:4d:
4f:ec:ab:56:a8:75:df:f5:da:1e:5b:c8:f1:f0:f7:29:c2:a1:
8b:e1:36:5b:4c:59:2d:a8:42:5a:7d:03:1e:33:31:84:b1:3d:
ac:cf:9b:12:6a:ee:e8:40:5e:c9:1c:f4:a5:49:76:38:f2:92:
34:d1:9c:25:ca:45:79:88:62:44:e4:2c:3b:be:e3:d5:98:f3:
2f:6e:e6:ad:83:3d:5e:da:0b:b5:4b:19:e7:a5:f2:55:ac:1f:
fb:24:0a:cd:65:f5:9f:54:d0:d8:89:c2:0c:7b:15:e9:c3:4c:
d1:3d:89:11:16:65:4f:44:15:41:6d:89:e3:c1:62:ed:fb:32:
f5:7c:a6:74:4a:3f:1b:20:9d:7b:27:1e:eb:f6:df:db:48:5f:
1e:95:2b:b9:f3:0b:0e:95:d9:1b:67:1c:cd:c2:67:ad:f9:3a:
b3:1e:0b:f4:7e:c9:16:e0:c2:88:b9:09:2e:73:55:0d:35:df:
a0:f9:92:da:40:ef:bb:6c:fc:0f:56:a6:b7:ee:71:80:5e:ba:
6e:d2:8d:55:d8:cc:bc:b9:b2:b7:32:57:37:16:a6:a7:ea:5a:
66:e7:93:53
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsU6xXgUx+gZMSz+OhTjtIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MDFjODQ1ZjEzZGQ0YWQ2ZTlkYWU0NzBkNWZmNjljNWNj
YTM3NzEwHhcNMjMwMTAxMDc1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmRmMjVjNGI0OGZmZmE0ZTE1ZjE4OTI4ZWJmMzMyYWM4OTRlMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6mZSNk3oN143H08sJ3jKDnTcqhH
xEfqFAajzsIO7g3o0ssJaJ8+oWM1TXnqbUFELaWraN7zXHIFss0RTff95/etUrtx
l3avxz1wm58xaUFeilnQCZkq78XaF7fwNJicON2tfNYLiKet4lVBPgEu73lLUzpW
WIUAb3WI6jDb9N8OVapwgztMhhHXmTE1rHW9AXnXlZyAJsGAflGqYKC4nG6xQF3I
Yvp00lAELwk1WAAtoA0l2MK5bjZ7oAEG1YWymUQ0r/3uPfRgBs4ZIcV9fmmc79L4
ug7RrIp8I2RKqyfPgnZJdWjN93YpdfK1IeMCJKrf3s/e+4RwDIgKAcVMoQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOvfJcS0j/+k4V8Yko6/MyrIlOHcMB8GA1UdIwQY
MBaAFBUByEXxPdStbp2uRw1f9pxcyjdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEt
ZWQ3OTE1NDM2YjI3LzEvNjk4bHhMU1BfNlRoWHhpU2pyOHpLc2lVNGR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEtZWQ3OTE1NDM2YjI3
LzEvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGLumAAwQF
WbhgAwQGXkoAAwQCubZ0MA0EAgACMAcDBQAqAYMgMA0GCSqGSIb3DQEBCwUAA4IB
AQAaO4nMhuqMorZnbJ0WUykvYDoMJRKOWPbs+rtBrZwY77WoKk1P7KtWqHXf9doe
W8jx8PcpwqGL4TZbTFktqEJafQMeMzGEsT2sz5sSau7oQF7JHPSlSXY48pI00Zwl
ykV5iGJE5Cw7vuPVmPMvbuatgz1e2gu1SxnnpfJVrB/7JArNZfWfVNDYicIMexXp
w0zRPYkRFmVPRBVBbYnjwWLt+zL1fKZ0Sj8bIJ17Jx7r9t/bSF8elSu58wsOldkb
ZxzNwmet+TqzHgv0fskW4MKIuQkuc1UNNd+g+ZLaQO+7bPwPVqa37nGAXrpu0o1V
2My8ubK3Mlc3Fqan6lpm55NT
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:49 2024 by rpki-client on console-ams.rpki-client.org