Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/359zg35GNuzrdktJ8bQEMc8Y4IM.roa
File: 359zg35GNuzrdktJ8bQEMc8Y4IM.roa (raw, json)
Hash identifier: eIwAspusS4Kove8hd6rWGO40TV80cgeRl6V2FP5DQak=
Subject key identifier: DF:9F:73:83:7E:46:36:EC:EB:76:4B:49:F1:B4:04:31:CF:18:E0:83
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018CC5DC9C2EE7B9DABE5142B6C866BDC3E6
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/359zg35GNuzrdktJ8bQEMc8Y4IM.roa
Signing time: Mon 01 Jan 2024 16:30:18 +0000
ROA not before: Mon 01 Jan 2024 16:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61302
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
46.23.110.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 10:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:9c:2e:e7:b9:da:be:51:42:b6:c8:66:bd:c3:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 16:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df9f73837e4636eceb764b49f1b40431cf18e083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7e:9a:6e:cb:70:ad:4f:d6:87:eb:ef:9c:0d:
40:4c:38:43:bf:a1:7e:fd:36:36:61:8d:7b:d3:06:
40:8c:06:d7:ae:4d:f9:76:03:fe:b9:b2:aa:69:55:
9c:f4:97:89:4a:27:db:a0:56:cc:d1:1a:42:60:60:
b2:3f:a9:d2:40:fa:5e:c7:dd:60:4c:6d:8b:01:f0:
35:17:be:dc:dd:47:86:7c:93:aa:ea:2b:02:f6:26:
de:14:ee:db:25:77:33:2d:ff:89:4b:cf:32:4f:cd:
dd:90:10:7e:fa:e1:44:9e:7a:ca:5a:c3:b8:c9:06:
20:6e:fb:5e:7e:d8:28:7c:b6:d4:47:8c:1c:a9:c4:
54:de:6c:c4:a1:f6:fd:5e:5a:f7:33:9e:72:13:4d:
c3:8c:50:f4:27:bb:80:01:e2:f3:23:d8:f7:16:fd:
77:6f:36:a9:de:04:d5:e5:1f:cc:64:7f:bb:b2:db:
27:bc:49:13:d6:66:b9:98:74:2a:9a:fc:a6:e1:83:
00:9e:93:b8:40:b2:74:1d:18:59:a4:22:6f:62:a0:
2b:7e:5d:34:1b:0d:ea:50:17:6e:50:e4:2e:d3:74:
df:b0:51:cf:66:c0:f3:6e:ed:a1:ad:04:0e:71:e6:
de:cf:07:bf:86:78:0c:ac:7b:06:9a:38:32:48:dc:
df:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9F:73:83:7E:46:36:EC:EB:76:4B:49:F1:B4:04:31:CF:18:E0:83
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/359zg35GNuzrdktJ8bQEMc8Y4IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
46.23.100.0/22
46.23.110.0/24
109.205.212.0/24
185.81.217.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:3e:e9:93:bc:88:91:9b:3c:31:61:61:a2:89:8e:69:b0:38:
c9:8c:6f:b5:80:a2:0c:06:12:93:6e:3c:71:2a:00:18:80:30:
a1:cc:84:c0:11:b8:ff:77:60:e0:f1:a5:a0:5b:b8:64:e6:84:
89:9a:2c:2e:e1:77:7c:6a:9e:a1:7f:90:6b:ab:39:af:f3:27:
f9:b8:5a:69:13:f8:1d:41:38:71:4b:15:18:67:82:d3:e0:09:
bc:64:e1:b2:44:ed:4d:e3:8e:2b:e8:4b:8b:0a:08:f4:03:15:
a3:c5:dd:ab:7f:d5:a1:e3:31:52:72:77:59:fe:f4:2c:f7:d3:
a4:ff:cc:77:16:cd:f7:ab:2b:42:99:54:ab:f6:47:e3:6d:36:
9d:c7:08:68:d9:41:d7:32:56:4a:de:dd:77:69:64:fc:90:4f:
fc:d7:ae:3b:4b:0e:9e:d6:91:82:99:c7:35:ce:ba:d3:ce:7b:
9f:19:6c:39:af:f0:43:b6:05:a0:c1:80:2f:62:85:1d:54:4f:
03:55:97:de:37:6a:68:17:9b:e6:b8:e6:e9:94:5c:24:9b:03:
7a:09:04:3a:12:ad:64:6e:0d:eb:f3:19:30:a1:da:9b:4a:d7:
01:87:bb:77:62:84:2a:53:a7:69:e2:cb:29:f2:83:b3:47:2f:
d1:24:1d:fa
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzF3Jwu57navlFCtshmvcPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTAxMTYzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjlmNzM4MzdlNDYzNmVjZWI3NjRiNDlmMWI0MDQzMWNmMThlMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp36abstwrU/Wh+vvnA1ATDhDv6F+
/TY2YY170wZAjAbXrk35dgP+ubKqaVWc9JeJSifboFbM0RpCYGCyP6nSQPpex91g
TG2LAfA1F77c3UeGfJOq6isC9ibeFO7bJXczLf+JS88yT83dkBB++uFEnnrKWsO4
yQYgbvteftgofLbUR4wcqcRU3mzEofb9Xlr3M55yE03DjFD0J7uAAeLzI9j3Fv13
bzap3gTV5R/MZH+7stsnvEkT1ma5mHQqmvym4YMAnpO4QLJ0HRhZpCJvYqArfl00
Gw3qUBduUOQu03TfsFHPZsDzbu2hrQQOcebezwe/hngMrHsGmjgySNzflQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN+fc4N+Rjbs63ZLSfG0BDHPGOCDMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvMzU5emczNUdOdXpyZGt0SjhiUUVNYzhZNElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABbIDAwQA
LhdgAwQALhdiAwQCLhdkAwQALhduAwQAbc3UAwQAuVHZMA0GCSqGSIb3DQEBCwUA
A4IBAQDSPumTvIiRmzwxYWGiiY5psDjJjG+1gKIMBhKTbjxxKgAYgDChzITAEbj/
d2Dg8aWgW7hk5oSJmiwu4Xd8ap6hf5Brqzmv8yf5uFppE/gdQThxSxUYZ4LT4Am8
ZOGyRO1N444r6EuLCgj0AxWjxd2rf9Wh4zFScndZ/vQs99Ok/8x3Fs33qytCmVSr
9kfjbTadxwho2UHXMlZK3t13aWT8kE/81647Sw6e1pGCmcc1zrrTznufGWw5r/BD
tgWgwYAvYoUdVE8DVZfeN2poF5vmuObplFwkmwN6CQQ6Eq1kbg3r8xkwodqbStcB
h7t3YoQqU6dp4ssp8oOzRy/RJB36
-----END CERTIFICATE-----
Generated at Tue Jan 23 14:58:10 2024 by rpki-client on console-ams.rpki-client.org