Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/aR4SE6RPe1Vs01-xIeIJVm8QNzU.roa
File: aR4SE6RPe1Vs01-xIeIJVm8QNzU.roa (raw, json)
Hash identifier: Ncz4NqrtkmQtdpFWWiPKKXKx89fNbMwoOD0qd9yNOLA=
Subject key identifier: 69:1E:12:13:A4:4F:7B:55:6C:D3:5F:B1:21:E2:09:56:6F:10:37:35
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 01856E666D29D16D0BF1A923A29E6F742A33
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/aR4SE6RPe1Vs01-xIeIJVm8QNzU.roa
Signing time: Sun 01 Jan 2023 17:34:44 +0000
ROA not before: Sun 01 Jan 2023 17:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25091
IP address blocks: 46.20.240.0/20 maxlen: 24
185.60.52.0/22 maxlen: 24
5.144.32.0/21 maxlen: 24
2a02:2528::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:66:6d:29:d1:6d:0b:f1:a9:23:a2:9e:6f:74:2a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Jan 1 17:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=691e1213a44f7b556cd35fb121e209566f103735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:11:b7:87:7a:47:ee:e1:e2:7f:4c:ef:93:
89:e6:21:52:66:6c:d1:dd:77:f1:0d:01:40:a1:26:
6a:f0:1a:a4:d6:2c:2a:cc:24:aa:cf:ea:bd:67:0c:
de:3d:e8:00:72:3e:28:bf:f5:a1:b3:bd:ae:b0:ff:
9c:09:22:c6:e1:60:1e:2a:bf:24:6b:2d:46:2c:e2:
e5:11:8d:84:53:c4:63:20:7b:44:54:ba:6a:51:e2:
7c:5d:c7:37:93:57:c3:a9:03:11:70:8d:b5:35:28:
ef:67:5b:ca:a8:62:6f:bf:65:59:2d:5b:7e:c4:e3:
89:82:72:64:8e:a5:70:d9:a2:2a:75:9e:22:fd:77:
89:44:c1:d3:c6:c5:91:b7:6f:1a:69:1f:ab:42:26:
aa:ab:65:4a:a3:6c:77:70:62:23:7c:7c:1a:21:0a:
88:3a:2e:f1:33:ed:8f:79:35:7f:e5:7e:86:7b:da:
b5:5e:2a:01:5d:e8:5c:c9:3b:d9:e0:7b:61:3e:9d:
46:c9:51:1b:a1:e1:a9:3e:ef:bc:43:ad:c3:d7:ab:
4d:9e:ab:06:5f:0d:16:e7:13:fc:41:38:70:10:7c:
66:3d:2b:73:ac:52:fb:80:dc:39:a6:86:fb:19:dc:
21:17:f3:46:0b:1c:3c:19:46:cd:da:33:fd:36:8d:
84:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1E:12:13:A4:4F:7B:55:6C:D3:5F:B1:21:E2:09:56:6F:10:37:35
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/aR4SE6RPe1Vs01-xIeIJVm8QNzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.32.0/21
46.20.240.0/20
185.60.52.0/22
IPv6:
2a02:2528::/29
Signature Algorithm: sha256WithRSAEncryption
0e:7c:45:91:8b:bf:16:46:bd:c4:5b:4a:de:52:33:35:d4:6a:
4e:7b:35:bd:a2:75:a1:82:cb:0e:c5:e6:f9:c2:90:33:62:f4:
07:0b:c8:f5:2b:08:eb:52:47:91:d1:7c:54:27:13:ec:1c:df:
73:02:7c:35:29:0b:b0:e0:4c:5c:ef:d1:3c:4b:db:44:95:d1:
50:f5:a0:be:4a:d0:95:36:0b:56:33:51:d5:b1:d1:81:a6:f8:
7a:21:c2:3a:7f:2b:12:1a:7c:05:d9:0f:68:f8:c8:fe:e6:bc:
2c:cf:3a:a9:7e:53:d6:b3:38:9e:1b:3c:cb:68:73:ed:32:21:
0b:d5:a1:e5:66:cf:37:81:63:32:dd:62:c2:87:02:57:52:00:
13:71:cd:a1:1b:db:6a:3c:7a:df:a0:72:3e:b4:4e:53:58:08:
63:c7:25:f3:9b:41:cc:9d:ea:fc:87:d3:2e:f3:44:ec:6e:2a:
dd:70:fb:71:1f:3d:6c:d3:47:f9:a1:eb:6e:7f:a9:89:75:7f:
58:d6:69:a1:d1:16:34:77:31:4a:7b:ec:e8:7e:83:0c:86:8e:
28:ea:28:6e:e0:b4:c9:3a:e6:54:ce:05:3b:61:77:fb:6c:14:
89:93:83:72:94:88:00:64:23:87:be:d6:38:0f:b2:e0:40:24:
dd:8a:7e:79
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuZm0p0W0L8akjop5vdCozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjMwMTAxMTczNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFlMTIxM2E0NGY3YjU1NmNkMzVmYjEyMWUyMDk1NjZmMTAzNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsikRt4d6R+7h4n9M75OJ5iFSZmzR
3XfxDQFAoSZq8Bqk1iwqzCSqz+q9ZwzePegAcj4ov/Whs72usP+cCSLG4WAeKr8k
ay1GLOLlEY2EU8RjIHtEVLpqUeJ8Xcc3k1fDqQMRcI21NSjvZ1vKqGJvv2VZLVt+
xOOJgnJkjqVw2aIqdZ4i/XeJRMHTxsWRt28aaR+rQiaqq2VKo2x3cGIjfHwaIQqI
Oi7xM+2PeTV/5X6Ge9q1XioBXehcyTvZ4HthPp1GyVEboeGpPu+8Q63D16tNnqsG
Xw0W5xP8QThwEHxmPStzrFL7gNw5pob7GdwhF/NGCxw8GUbN2jP9No2EkwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGkeEhOkT3tVbNNfsSHiCVZvEDc1MB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvYVI0U0U2UlBlMVZzMDEteEllSUpWbThRTnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBZAgAwQE
LhTwAwQCuTw0MA0EAgACMAcDBQMqAiUoMA0GCSqGSIb3DQEBCwUAA4IBAQAOfEWR
i78WRr3EW0reUjM11GpOezW9onWhgssOxeb5wpAzYvQHC8j1KwjrUkeR0XxUJxPs
HN9zAnw1KQuw4Exc79E8S9tEldFQ9aC+StCVNgtWM1HVsdGBpvh6IcI6fysSGnwF
2Q9o+Mj+5rwszzqpflPWszieGzzLaHPtMiEL1aHlZs83gWMy3WLChwJXUgATcc2h
G9tqPHrfoHI+tE5TWAhjxyXzm0HMner8h9Mu80TsbirdcPtxHz1s00f5oetuf6mJ
dX9Y1mmh0RY0dzFKe+zofoMMho4o6ihu4LTJOuZUzgU7YXf7bBSJk4NylIgAZCOH
vtY4D7LgQCTdin55
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:43 2023 by rpki-client on console-ams.rpki-client.org