Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/sqE59Dxrni95w8zMr_RHhkwgwTI.roa
File: sqE59Dxrni95w8zMr_RHhkwgwTI.roa (raw, json)
Hash identifier: ziFWK7tt/IALfFQR9w/o9UAp2nu7B0GmlAvUfCMdGhI=
Subject key identifier: B2:A1:39:F4:3C:6B:9E:2F:79:C3:CC:CC:AF:F4:47:86:4C:20:C1:32
Certificate issuer: /CN=262341b433e1f8fcb796322d2fd926409396e7ad
Certificate serial: 018CC6B8FD2FA684B829C14EE406ED329F97
Authority key identifier: 26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/sqE59Dxrni95w8zMr_RHhkwgwTI.roa
Signing time: Mon 01 Jan 2024 20:31:01 +0000
ROA not before: Mon 01 Jan 2024 20:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43088
IP address blocks: 46.31.16.0/21 maxlen: 24
193.200.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 12:50:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:fd:2f:a6:84:b8:29:c1:4e:e4:06:ed:32:9f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=262341b433e1f8fcb796322d2fd926409396e7ad
Validity
Not Before: Jan 1 20:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2a139f43c6b9e2f79c3ccccaff447864c20c132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0f:4f:5b:25:cf:ea:c9:aa:4a:34:d5:2a:1f:
b0:76:6a:cb:b8:cd:d7:46:8f:8e:eb:90:f5:d8:85:
c5:c0:0b:81:82:61:03:5c:98:fe:a9:cd:f6:bd:fe:
07:c5:99:7a:3f:93:06:25:6e:42:54:86:0a:4d:f7:
5c:b3:c2:6f:be:2d:fb:5d:1c:0e:78:c7:42:63:4c:
d0:73:2d:f1:0b:8c:f6:c0:89:e1:b2:e9:61:9c:ed:
fd:41:7c:50:65:5c:c1:6e:36:54:8e:3d:50:80:9f:
39:00:23:85:ba:52:23:70:f1:05:c2:1f:28:05:d9:
d0:62:f0:55:45:f3:73:5b:72:c0:9d:b0:d7:b8:6a:
e2:3c:bf:02:68:4f:71:19:cd:90:0b:40:8a:d3:41:
4e:bc:83:c0:aa:37:8e:40:29:3d:23:81:8b:57:bf:
06:56:c8:77:8e:7e:e7:d9:b1:15:65:e1:4e:a8:61:
15:f9:97:7a:2b:66:5b:c6:3b:85:dc:89:34:e7:b6:
b1:1c:25:07:ca:10:f3:19:78:a0:74:5f:ae:fd:99:
ce:62:f8:0f:51:c0:17:b5:3e:96:4e:95:13:1b:08:
0f:c4:74:ba:92:23:b6:46:65:31:58:71:01:7a:90:
d6:42:ef:14:31:81:23:a1:20:27:b2:9e:01:e6:a9:
1e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A1:39:F4:3C:6B:9E:2F:79:C3:CC:CC:AF:F4:47:86:4C:20:C1:32
X509v3 Authority Key Identifier:
keyid:26:23:41:B4:33:E1:F8:FC:B7:96:32:2D:2F:D9:26:40:93:96:E7:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JiNBtDPh-Py3ljItL9kmQJOW560.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/sqE59Dxrni95w8zMr_RHhkwgwTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/568e21-53a4-4e55-9c57-98282c89f516/1/JiNBtDPh-Py3ljItL9kmQJOW560.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.16.0/21
193.200.225.0/24
Signature Algorithm: sha256WithRSAEncryption
71:45:1b:48:8d:f9:7d:7b:0f:09:4c:cc:86:3f:5e:3d:5b:81:
93:6b:5c:3c:94:ac:3f:9f:7d:21:22:32:72:01:08:49:de:70:
ad:92:4f:0b:86:84:af:4d:b6:91:34:42:5a:5d:0d:18:5c:87:
63:6f:f2:11:b9:89:90:9e:38:3d:7c:a0:c9:6d:a8:15:01:0b:
e1:29:f1:ed:1a:97:90:c5:35:b4:ae:f8:97:ec:f4:e3:ab:9d:
16:af:e9:4e:d0:93:9a:24:2b:9b:21:1d:76:23:f5:c2:a5:cc:
31:bc:6d:72:01:2e:2d:30:72:c7:d6:9d:ce:1b:36:00:9a:26:
16:69:2b:84:f8:30:36:89:67:8f:a6:d7:32:11:ed:1c:31:46:
e3:50:a3:15:ef:09:50:c9:6a:6d:27:db:df:bc:f1:17:45:e0:
d3:69:1f:4f:3e:59:96:cb:73:08:6a:16:f0:3b:20:9d:82:e8:
7a:51:e4:2e:8d:01:ae:9b:65:5e:a7:1a:35:b8:41:69:fb:1a:
b2:8e:59:fa:26:e3:3d:31:0c:19:06:9d:d7:1f:98:ed:cf:1b:
d4:9f:ea:5b:2b:05:c4:95:e4:57:c6:c9:4f:30:cb:fb:3b:67:
f2:d7:eb:5a:2a:ed:fe:79:45:44:b8:84:6b:18:c7:a3:4b:24:
f2:e5:91:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuP0vpoS4KcFO5AbtMp+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MjM0MWI0MzNlMWY4ZmNiNzk2MzIyZDJmZDkyNjQwOTM5
NmU3YWQwHhcNMjQwMTAxMjAzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmExMzlmNDNjNmI5ZTJmNzljM2NjY2NhZmY0NDc4NjRjMjBjMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg9PWyXP6smqSjTVKh+wdmrLuM3X
Ro+O65D12IXFwAuBgmEDXJj+qc32vf4HxZl6P5MGJW5CVIYKTfdcs8Jvvi37XRwO
eMdCY0zQcy3xC4z2wInhsulhnO39QXxQZVzBbjZUjj1QgJ85ACOFulIjcPEFwh8o
BdnQYvBVRfNzW3LAnbDXuGriPL8CaE9xGc2QC0CK00FOvIPAqjeOQCk9I4GLV78G
Vsh3jn7n2bEVZeFOqGEV+Zd6K2ZbxjuF3Ik057axHCUHyhDzGXigdF+u/ZnOYvgP
UcAXtT6WTpUTGwgPxHS6kiO2RmUxWHEBepDWQu8UMYEjoSAnsp4B5qkemwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLKhOfQ8a54vecPMzK/0R4ZMIMEyMB8GA1UdIwQY
MBaAFCYjQbQz4fj8t5YyLS/ZJkCTluetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTct
OTgyODJjODlmNTE2LzEvc3FFNTlEeHJuaTk1dzh6TXJfUkhoa3dnd1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81NjhlMjEtNTNhNC00ZTU1LTljNTctOTgyODJjODlmNTE2
LzEvSmlOQnREUGgtUHkzbGpJdEw5a21RSk9XNTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLh8QAwQA
wcjhMA0GCSqGSIb3DQEBCwUAA4IBAQBxRRtIjfl9ew8JTMyGP149W4GTa1w8lKw/
n30hIjJyAQhJ3nCtkk8LhoSvTbaRNEJaXQ0YXIdjb/IRuYmQnjg9fKDJbagVAQvh
KfHtGpeQxTW0rviX7PTjq50Wr+lO0JOaJCubIR12I/XCpcwxvG1yAS4tMHLH1p3O
GzYAmiYWaSuE+DA2iWePptcyEe0cMUbjUKMV7wlQyWptJ9vfvPEXReDTaR9PPlmW
y3MIahbwOyCdguh6UeQujQGum2Vepxo1uEFp+xqyjln6JuM9MQwZBp3XH5jtzxvU
n+pbKwXEleRXxslPMMv7O2fy1+taKu3+eUVEuIRrGMejSyTy5ZG0
-----END CERTIFICATE-----
Generated at Wed Jan 24 16:06:00 2024 by rpki-client on console-fra.rpki-client.org