Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/cQ1TJSIX_j5KIpeUD6S9P_AwGcE.roa
File: cQ1TJSIX_j5KIpeUD6S9P_AwGcE.roa (raw, json)
Hash identifier: MSyqWKjgKeDYT0m5+OVFwsq5IijZvZ2br1K+N8bOvYE=
Subject key identifier: 71:0D:53:25:22:17:FE:3E:4A:22:97:94:0F:A4:BD:3F:F0:30:19:C1
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 018CC9BB94AC938B4AE87A5AE40288AED1CF
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/cQ1TJSIX_j5KIpeUD6S9P_AwGcE.roa
Signing time: Tue 02 Jan 2024 10:32:42 +0000
ROA not before: Tue 02 Jan 2024 10:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25091
IP address blocks: 46.20.240.0/20 maxlen: 24
185.60.52.0/22 maxlen: 24
85.8.128.0/24 maxlen: 24
5.144.32.0/21 maxlen: 24
2a02:2528::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 May 2024 08:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:94:ac:93:8b:4a:e8:7a:5a:e4:02:88:ae:d1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Jan 2 10:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=710d53252217fe3e4a2297940fa4bd3ff03019c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:0d:df:23:4f:b6:b9:91:14:c1:09:46:e5:
47:49:b1:47:37:65:1a:24:5d:f7:3c:7c:d1:dd:8d:
53:66:ba:90:c9:a4:9d:4e:0a:3b:65:5c:82:8e:96:
50:af:87:32:86:a0:56:b1:e7:86:3e:c9:aa:ab:49:
cd:20:8b:20:3e:e6:ee:1e:44:ac:e3:2b:d6:06:ca:
e7:bb:61:dc:f3:21:32:bb:37:a0:12:9b:3c:ce:6e:
ef:91:87:a6:24:45:85:d1:d1:96:8f:2d:c2:06:14:
b9:b5:b5:72:8d:93:fd:91:bb:6f:75:cc:74:be:2c:
fc:04:26:37:cf:c9:aa:d4:26:f5:cb:b1:81:5c:80:
ea:7b:3c:fc:c8:f3:48:ea:91:ea:ea:65:7c:ca:c0:
b2:d7:f2:1c:1d:ca:29:46:c0:fe:c1:07:0d:5e:d1:
04:d7:b0:6a:37:56:8f:97:5f:cf:99:18:66:d4:65:
89:00:c9:a6:79:83:22:ab:83:a7:92:0a:6e:0b:bf:
a1:62:67:db:32:c5:bb:ce:d0:03:3a:eb:f2:df:b4:
ac:72:ac:1d:d6:75:f4:39:14:b0:46:aa:1b:9a:c3:
2b:db:88:a1:4d:e3:88:7f:18:71:62:da:fa:f9:73:
49:c7:db:31:8e:03:75:d5:57:fc:b4:85:58:6d:e7:
38:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0D:53:25:22:17:FE:3E:4A:22:97:94:0F:A4:BD:3F:F0:30:19:C1
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/cQ1TJSIX_j5KIpeUD6S9P_AwGcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.32.0/21
46.20.240.0/20
85.8.128.0/24
185.60.52.0/22
IPv6:
2a02:2528::/29
Signature Algorithm: sha256WithRSAEncryption
6e:35:10:b7:24:12:50:5e:10:c1:16:06:49:4d:00:b0:69:a3:
53:b7:4c:26:03:2c:ea:0d:92:00:31:0b:19:09:f1:ea:d7:6c:
4a:9b:c9:41:ea:f6:da:50:7a:68:51:f9:0b:23:78:eb:24:f1:
a4:bb:42:3b:fd:18:5e:57:fa:a9:f7:d8:91:ac:73:28:76:43:
a9:fc:47:13:55:02:8d:f8:50:98:f6:17:64:db:04:46:21:b0:
b4:ef:04:36:92:61:37:3e:e6:d0:b3:2a:a2:19:9e:51:83:47:
b9:da:7c:66:76:c3:a0:ba:02:73:4d:c6:4e:d5:03:ba:2b:10:
62:37:27:b0:88:a8:15:c3:ac:68:6c:41:79:f2:a3:4a:7f:11:
cd:d7:91:f8:32:1a:66:5e:bd:1e:ce:f0:e1:7f:5d:b2:22:ac:
58:aa:18:3d:58:da:da:85:23:cd:5a:77:25:85:95:4d:d9:3f:
c2:02:f7:9e:eb:53:03:d9:7d:00:03:6a:94:c4:3e:3c:9c:7f:
4e:d1:09:a9:0b:5e:c1:fc:d5:da:ba:92:8e:27:a2:a9:10:d1:
27:57:97:58:4f:0d:0d:19:09:55:89:68:3a:00:d1:2b:0b:66:
c6:4e:fd:e7:95:ef:27:43:82:62:63:b2:86:d8:98:8d:77:4e:
d4:7c:bd:3e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJu5Ssk4tK6Hpa5AKIrtHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjQwMTAyMTAzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTBkNTMyNTIyMTdmZTNlNGEyMjk3OTQwZmE0YmQzZmYwMzAxOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiUN3yNPtrmRFMEJRuVHSbFHN2Ua
JF33PHzR3Y1TZrqQyaSdTgo7ZVyCjpZQr4cyhqBWseeGPsmqq0nNIIsgPubuHkSs
4yvWBsrnu2Hc8yEyuzegEps8zm7vkYemJEWF0dGWjy3CBhS5tbVyjZP9kbtvdcx0
viz8BCY3z8mq1Cb1y7GBXIDqezz8yPNI6pHq6mV8ysCy1/IcHcopRsD+wQcNXtEE
17BqN1aPl1/PmRhm1GWJAMmmeYMiq4OnkgpuC7+hYmfbMsW7ztADOuvy37Sscqwd
1nX0ORSwRqobmsMr24ihTeOIfxhxYtr6+XNJx9sxjgN11Vf8tIVYbec40QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHENUyUiF/4+SiKXlA+kvT/wMBnBMB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvY1ExVEpTSVhfajVLSXBlVUQ2UzlQX0F3R2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZAgAwQE
LhTwAwQAVQiAAwQCuTw0MA0EAgACMAcDBQMqAiUoMA0GCSqGSIb3DQEBCwUAA4IB
AQBuNRC3JBJQXhDBFgZJTQCwaaNTt0wmAyzqDZIAMQsZCfHq12xKm8lB6vbaUHpo
UfkLI3jrJPGku0I7/RheV/qp99iRrHModkOp/EcTVQKN+FCY9hdk2wRGIbC07wQ2
kmE3PubQsyqiGZ5Rg0e52nxmdsOgugJzTcZO1QO6KxBiNyewiKgVw6xobEF58qNK
fxHN15H4MhpmXr0ezvDhf12yIqxYqhg9WNrahSPNWnclhZVN2T/CAvee61MD2X0A
A2qUxD48nH9O0QmpC17B/NXaupKOJ6KpENEnV5dYTw0NGQlViWg6ANErC2bGTv3n
le8nQ4JiY7KG2JiNd07UfL0+
-----END CERTIFICATE-----
Generated at Mon May 6 11:49:49 2024 by rpki-client on console-ams.rpki-client.org