Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/aKRHUUA24Z6mKRdLbEY_laisbrY.roa
File: aKRHUUA24Z6mKRdLbEY_laisbrY.roa (raw, json)
Hash identifier: jZzWlkDPBY+Qp+UzrasyKv/HHd3bacKCGg/ZgmCtJ0g=
Subject key identifier: 68:A4:47:51:40:36:E1:9E:A6:29:17:4B:6C:46:3F:95:A8:AC:6E:B6
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018CC5DC9B7279E3B68F968146578B8D1257
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/aKRHUUA24Z6mKRdLbEY_laisbrY.roa
Signing time: Mon 01 Jan 2024 16:30:18 +0000
ROA not before: Mon 01 Jan 2024 16:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50738
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 05:58:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:9b:72:79:e3:b6:8f:96:81:46:57:8b:8d:12:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 16:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68a447514036e19ea629174b6c463f95a8ac6eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9e:6e:12:3a:ea:eb:49:dd:a8:be:7d:fb:9f:
70:77:37:01:78:81:9e:30:9e:ee:42:a6:72:19:f2:
d2:4b:93:8b:41:3f:78:a0:41:b2:77:be:39:ae:4e:
65:e5:5a:a2:29:3b:35:ce:7f:6a:1f:15:3a:ad:fb:
d0:be:3e:8f:c7:93:9e:d3:a8:70:b2:64:b1:3f:83:
3a:1d:15:3b:c9:69:c4:33:56:b9:ae:25:fb:18:20:
96:fc:e5:58:0c:75:8e:49:ba:3f:90:fd:41:70:30:
65:e8:a8:dd:7c:59:f3:a1:6a:f2:fa:e1:67:7f:37:
d8:25:c9:1a:6c:22:51:cf:4c:39:65:b8:b8:ec:97:
88:1e:b4:36:05:a2:93:46:dd:ec:28:75:61:0f:a1:
71:ab:15:4e:46:35:ba:6e:8e:e5:7d:ba:e2:ba:38:
d2:b4:cb:15:7e:68:d2:13:e4:3a:8b:e2:b0:b3:b6:
c1:24:a2:ad:1d:75:30:ba:9f:e0:bd:92:0a:27:9c:
05:a4:8c:b2:24:ec:5a:53:0d:cb:4c:a2:41:26:5c:
94:83:8b:f9:a7:c3:44:24:db:8a:4a:37:cf:5b:75:
fb:3a:04:2e:9c:11:4f:c8:b8:c5:4e:3d:d6:b6:6d:
2b:58:06:21:ae:8c:dd:d0:c1:b0:41:55:54:60:88:
76:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A4:47:51:40:36:E1:9E:A6:29:17:4B:6C:46:3F:95:A8:AC:6E:B6
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/aKRHUUA24Z6mKRdLbEY_laisbrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
46.23.108.0/24
109.205.212.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:95:df:26:20:1a:c7:d8:a8:f4:9a:f7:82:f8:c6:76:d7:c3:
36:6b:db:45:e6:39:0a:bb:af:52:5b:20:6c:e8:a6:64:e5:84:
c8:8f:a9:8e:a9:03:14:5a:4d:de:06:ec:3c:4a:a7:56:1e:cb:
e2:1a:33:c1:c1:50:63:43:d5:94:aa:85:7a:12:34:bf:f2:5a:
eb:b5:8d:12:d5:eb:82:bf:3b:30:67:67:c2:5d:58:0d:cc:53:
b1:db:4c:fd:c2:39:a1:5e:bc:40:c2:cd:4d:e6:dc:68:8e:3c:
08:cc:db:b9:48:aa:8c:4b:6d:29:8b:c1:a9:a5:5d:35:bf:cd:
e7:2c:9c:9e:31:2e:d0:35:87:71:42:ac:52:87:a7:d7:16:d6:
57:20:0f:6a:a8:1a:92:f1:21:c8:d9:25:ad:fc:0b:03:e5:0c:
fd:63:1f:3f:7e:b1:a1:71:e3:6d:1f:56:0c:48:6f:92:f0:74:
7d:ff:99:59:b2:0f:b6:32:04:7e:b7:2f:d0:37:50:6d:43:86:
3b:06:b5:ab:1a:06:b7:33:0b:0e:57:05:ae:cc:13:ee:f1:44:
44:e9:1d:2a:d3:6e:cc:8c:ee:75:55:fb:7d:c4:b8:4a:3a:39:
ae:23:db:f1:42:e8:0a:0f:f2:7b:03:a1:db:3d:bf:66:f9:3d:
53:8f:b8:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3JtyeeO2j5aBRleLjRJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTAxMTYzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE0NDc1MTQwMzZlMTllYTYyOTE3NGI2YzQ2M2Y5NWE4YWM2ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjp5uEjrq60ndqL59+59wdzcBeIGe
MJ7uQqZyGfLSS5OLQT94oEGyd745rk5l5VqiKTs1zn9qHxU6rfvQvj6Px5Oe06hw
smSxP4M6HRU7yWnEM1a5riX7GCCW/OVYDHWOSbo/kP1BcDBl6KjdfFnzoWry+uFn
fzfYJckabCJRz0w5Zbi47JeIHrQ2BaKTRt3sKHVhD6FxqxVORjW6bo7lfbriujjS
tMsVfmjSE+Q6i+Kws7bBJKKtHXUwup/gvZIKJ5wFpIyyJOxaUw3LTKJBJlyUg4v5
p8NEJNuKSjfPW3X7OgQunBFPyLjFTj3Wtm0rWAYhrozd0MGwQVVUYIh2SQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGikR1FANuGepikXS2xGP5WorG62MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvYUtSSFVVQTI0WjZtS1JkTGJFWV9sYWlzYnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABbIDAwQA
LhdgAwQALhdiAwQALhdsAwQAbc3UMA0GCSqGSIb3DQEBCwUAA4IBAQDLld8mIBrH
2Kj0mveC+MZ218M2a9tF5jkKu69SWyBs6KZk5YTIj6mOqQMUWk3eBuw8SqdWHsvi
GjPBwVBjQ9WUqoV6EjS/8lrrtY0S1euCvzswZ2fCXVgNzFOx20z9wjmhXrxAws1N
5txojjwIzNu5SKqMS20pi8GppV01v83nLJyeMS7QNYdxQqxSh6fXFtZXIA9qqBqS
8SHI2SWt/AsD5Qz9Yx8/frGhceNtH1YMSG+S8HR9/5lZsg+2MgR+ty/QN1BtQ4Y7
BrWrGga3MwsOVwWuzBPu8URE6R0q027MjO51Vft9xLhKOjmuI9vxQugKD/J7A6Hb
Pb9m+T1Tj7he
-----END CERTIFICATE-----
Generated at Tue Jan 23 06:52:48 2024 by rpki-client on console-ams.rpki-client.org