Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/tY_grLxLx4Mbo5jGcjerqRlbrsw.roa
File: tY_grLxLx4Mbo5jGcjerqRlbrsw.roa (raw, json)
Hash identifier: fo4zj/pcf++Tv6AdwFj6s/IF8PAiA4CmZIkKHe/mIow=
Subject key identifier: B5:8F:E0:AC:BC:4B:C7:83:1B:A3:98:C6:72:37:AB:A9:19:5B:AE:CC
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018C8D775A2A7C935F462FB80A96DF2ACDE6
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/tY_grLxLx4Mbo5jGcjerqRlbrsw.roa
Signing time: Thu 21 Dec 2023 17:40:58 +0000
ROA not before: Thu 21 Dec 2023 17:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206003
IP address blocks: 46.23.100.0/22 maxlen: 22
46.23.110.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8d:77:5a:2a:7c:93:5f:46:2f:b8:0a:96:df:2a:cd:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Dec 21 17:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b58fe0acbc4bc7831ba398c67237aba9195baecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:af:27:31:e8:d0:68:23:60:6e:c6:47:fe:f5:
09:cf:4c:fc:df:c4:84:9b:54:5b:fe:ef:ca:6b:85:
a0:58:5b:f8:fa:9c:07:c8:b7:8e:0d:a5:36:79:1b:
c2:47:c3:8d:ee:12:0a:95:4d:ee:e8:75:b5:8f:cc:
89:9c:f0:55:4a:db:3e:4a:ec:e5:95:62:e6:8f:7e:
01:8d:28:ef:d4:78:cd:53:a9:6c:09:aa:34:71:d3:
99:0c:6c:b7:c9:ed:77:6f:23:dd:1e:40:0e:f4:31:
0b:3d:01:b3:16:2a:e3:5b:61:3e:10:29:af:8a:52:
ff:af:90:21:5c:e8:94:6e:86:dd:6b:cb:43:4e:4f:
88:a6:3c:9b:49:a6:2d:af:d0:8d:3a:84:38:72:e8:
7e:92:38:3c:0b:72:61:74:b2:66:33:96:ea:5d:d6:
cb:76:30:49:86:ff:f7:b8:21:2f:23:0a:93:75:e7:
a7:aa:a0:d0:c3:d1:4f:5d:ed:7a:ce:be:f2:a0:f4:
dc:36:1c:67:4c:a8:4a:f5:ec:12:95:1b:f3:bd:03:
93:a9:e6:6b:8f:17:06:1e:80:33:8e:eb:ba:ec:31:
96:a2:3c:49:28:36:52:93:01:d2:3f:6f:28:a3:7c:
d3:b8:b1:bb:f1:03:29:79:fa:4b:59:de:47:14:a0:
d3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8F:E0:AC:BC:4B:C7:83:1B:A3:98:C6:72:37:AB:A9:19:5B:AE:CC
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/tY_grLxLx4Mbo5jGcjerqRlbrsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.100.0/22
46.23.110.0/24
185.81.217.0/24
Signature Algorithm: sha256WithRSAEncryption
47:27:c1:6e:e7:64:b0:36:cc:1d:64:83:14:78:bd:b5:21:ac:
07:c7:5f:e5:72:69:c0:f2:0f:8f:bd:b1:3b:29:5a:68:68:c3:
d0:2e:85:dc:31:4d:95:21:b2:68:1a:a5:af:16:b8:da:26:c6:
23:48:03:28:2b:dd:e4:4b:3e:e4:5e:81:86:4d:5a:89:d1:c3:
44:4a:fe:40:58:21:af:26:2c:b5:15:0c:5c:db:ef:dc:ea:7d:
72:3e:cd:38:55:29:47:13:66:eb:16:24:a3:56:14:d8:2e:17:
be:0b:fa:2b:29:64:ce:07:9e:92:f2:d6:d8:d2:87:ea:94:41:
fe:9c:fc:32:56:a1:3a:40:9d:dd:e2:86:7b:74:0f:7f:87:c1:
6d:e2:a2:47:99:ac:f8:ce:e1:e6:4b:24:47:35:c7:17:b2:f1:
b8:0f:1b:07:0c:18:b9:24:64:80:cf:2a:3b:3f:6b:cf:16:ff:
e8:33:71:cf:b4:5b:a2:a4:d1:d6:c1:13:c4:6c:65:75:6c:75:
1e:a4:1b:6b:ef:5a:80:a9:bd:12:45:fd:a9:07:25:6a:f2:03:
a9:35:c6:a2:a9:ca:53:ca:94:8e:cf:62:cf:70:8f:47:5e:0f:
75:67:39:9a:86:ce:bd:dc:17:a2:ca:d8:ed:6b:b5:d6:a5:63:
2b:9f:ca:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyNd1oqfJNfRi+4CpbfKs3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMxMjIxMTc0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNThmZTBhY2JjNGJjNzgzMWJhMzk4YzY3MjM3YWJhOTE5NWJhZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK8nMejQaCNgbsZH/vUJz0z838SE
m1Rb/u/Ka4WgWFv4+pwHyLeODaU2eRvCR8ON7hIKlU3u6HW1j8yJnPBVSts+Suzl
lWLmj34BjSjv1HjNU6lsCao0cdOZDGy3ye13byPdHkAO9DELPQGzFirjW2E+ECmv
ilL/r5AhXOiUbobda8tDTk+IpjybSaYtr9CNOoQ4cuh+kjg8C3JhdLJmM5bqXdbL
djBJhv/3uCEvIwqTdeenqqDQw9FPXe16zr7yoPTcNhxnTKhK9ewSlRvzvQOTqeZr
jxcGHoAzjuu67DGWojxJKDZSkwHSP28oo3zTuLG78QMpefpLWd5HFKDTAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLWP4Ky8S8eDG6OYxnI3q6kZW67MMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvdFlfZ3JMeEx4NE1ibzVqR2NqZXJxUmxicnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLhdkAwQA
LhduAwQAuVHZMA0GCSqGSIb3DQEBCwUAA4IBAQBHJ8Fu52SwNswdZIMUeL21IawH
x1/lcmnA8g+PvbE7KVpoaMPQLoXcMU2VIbJoGqWvFrjaJsYjSAMoK93kSz7kXoGG
TVqJ0cNESv5AWCGvJiy1FQxc2+/c6n1yPs04VSlHE2brFiSjVhTYLhe+C/orKWTO
B56S8tbY0ofqlEH+nPwyVqE6QJ3d4oZ7dA9/h8Ft4qJHmaz4zuHmSyRHNccXsvG4
DxsHDBi5JGSAzyo7P2vPFv/oM3HPtFuipNHWwRPEbGV1bHUepBtr71qAqb0SRf2p
ByVq8gOpNcaiqcpTypSOz2LPcI9HXg91Zzmahs693Beiytjta7XWpWMrn8rK
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:55 2024 by rpki-client on console-fra.rpki-client.org