Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/CNiRsCqHT604UN0in2FCOKRE2wA.roa
File: CNiRsCqHT604UN0in2FCOKRE2wA.roa (raw, json)
Hash identifier: Ht4SePdApqh8ooyodCkAMSAU63iVXuKT806Vp6TKYus=
Subject key identifier: 08:D8:91:B0:2A:87:4F:AD:38:50:DD:22:9F:61:42:38:A4:44:DB:00
Certificate issuer: /CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Certificate serial: 0188A432CB74504EAC671F1434BA67BD6422
Authority key identifier: C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/CNiRsCqHT604UN0in2FCOKRE2wA.roa
Signing time: Sat 10 Jun 2023 07:26:12 +0000
ROA not before: Sat 10 Jun 2023 07:26:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207381
IP address blocks: 89.47.203.0/24 maxlen: 24
89.42.199.0/24 maxlen: 24
89.42.198.0/24 maxlen: 24
89.42.197.0/24 maxlen: 24
46.34.161.0/24 maxlen: 24
46.34.160.0/24 maxlen: 24
46.34.160.0/22 maxlen: 24
46.34.163.0/24 maxlen: 24
46.34.162.0/24 maxlen: 24
89.47.199.0/24 maxlen: 24
89.47.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:32:cb:74:50:4e:ac:67:1f:14:34:ba:67:bd:64:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Validity
Not Before: Jun 10 07:26:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08d891b02a874fad3850dd229f614238a444db00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a4:2a:71:50:72:22:7e:b1:84:ba:53:42:35:
fe:d9:52:fa:87:c6:a6:df:27:43:c5:f0:16:dc:c7:
e9:56:5d:2c:62:47:92:5d:a3:fd:92:b9:ae:86:7a:
7c:e7:4c:76:c9:09:da:06:f6:b7:27:da:6b:91:3c:
c2:c9:1d:26:2c:bc:d5:a8:dc:d7:21:94:b6:d7:e9:
0e:21:61:2b:22:31:ce:fe:ff:8c:ef:bd:ef:fb:df:
61:67:4e:cf:b8:d5:1f:ba:08:20:44:53:72:79:d1:
cd:fb:34:47:36:e9:b4:ba:61:0c:bd:f1:33:e9:0e:
e5:9f:93:97:e7:99:40:a9:ea:f1:95:6f:7e:f3:8a:
38:d3:e8:16:75:81:1a:1e:6e:70:19:dd:cd:17:94:
2d:2e:72:4e:59:54:3e:2a:3f:fd:15:de:0d:7f:44:
28:e7:62:54:36:29:e8:7c:e0:4d:f6:b4:02:e6:3a:
51:cb:d8:99:ed:e5:71:bf:48:74:66:dd:03:cc:64:
50:25:53:e0:75:fe:b7:f2:a6:94:e1:b2:76:23:b9:
3c:1b:8d:46:06:a0:7e:7a:71:96:b0:00:c5:1a:84:
ae:77:5a:5f:ce:04:28:87:a1:3d:89:cd:7a:60:b4:
2a:42:ff:04:72:3d:26:dd:da:17:ce:76:a5:84:e4:
8d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D8:91:B0:2A:87:4F:AD:38:50:DD:22:9F:61:42:38:A4:44:DB:00
X509v3 Authority Key Identifier:
keyid:C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/CNiRsCqHT604UN0in2FCOKRE2wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.160.0/22
89.42.197.0-89.42.199.255
89.47.196.0/24
89.47.199.0/24
89.47.203.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:ca:a6:c9:c0:7a:5f:bb:78:ee:bf:62:3f:72:34:ff:c4:d9:
0d:b4:67:4c:30:c8:79:b4:d8:5d:80:c1:f8:92:a3:5a:e8:89:
f1:85:32:ae:4e:eb:62:5d:f2:9e:fd:51:50:39:b5:79:16:28:
e1:32:91:1f:21:9d:95:87:f8:1a:a9:14:d5:bc:9c:ab:c9:48:
5b:ff:94:55:d3:13:20:99:b0:43:3b:46:75:9a:97:8c:10:cb:
0a:8d:f1:8c:cc:49:ab:d8:88:5e:e8:98:45:49:22:f7:18:65:
75:b7:44:f9:a0:c5:c2:f3:a3:68:59:5c:63:3d:21:6a:35:d7:
40:6d:c0:02:90:fc:89:13:85:51:00:17:32:d6:f3:80:b9:05:
84:3b:6e:74:f6:f5:03:de:de:3f:e2:c4:ec:1d:9f:1b:6a:68:
eb:5c:35:66:65:f3:9f:bb:77:a4:f5:6f:f2:6a:eb:e4:4c:73:
ac:70:c8:00:e7:4d:b0:90:d2:e5:58:65:24:7a:05:75:18:e0:
a9:a6:08:2b:a2:ef:a9:5e:71:51:7f:be:5f:fb:1f:0a:df:70:
83:d0:fb:90:a2:79:8d:52:a2:f6:0f:02:2d:74:d3:8a:be:a9:
5a:6c:90:cd:5c:33:ea:08:b4:88:3e:9f:9e:e2:1c:e1:a0:b1:
c4:f9:95:22
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYikMst0UE6sZx8UNLpnvWQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZTFjOGM2NWM4NmU4ZDI2ZGRiZWI2ODY1OGEzOWE3YThl
Mjc4NjYwHhcNMjMwNjEwMDcyNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ4OTFiMDJhODc0ZmFkMzg1MGRkMjI5ZjYxNDIzOGE0NDRkYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqQqcVByIn6xhLpTQjX+2VL6h8am
3ydDxfAW3MfpVl0sYkeSXaP9krmuhnp850x2yQnaBva3J9prkTzCyR0mLLzVqNzX
IZS21+kOIWErIjHO/v+M773v+99hZ07PuNUfugggRFNyedHN+zRHNum0umEMvfEz
6Q7ln5OX55lAqerxlW9+84o40+gWdYEaHm5wGd3NF5QtLnJOWVQ+Kj/9Fd4Nf0Qo
52JUNinofOBN9rQC5jpRy9iZ7eVxv0h0Zt0DzGRQJVPgdf638qaU4bJ2I7k8G41G
BqB+enGWsADFGoSud1pfzgQoh6E9ic16YLQqQv8Ecj0m3doXznalhOSNAQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAjYkbAqh0+tOFDdIp9hQjikRNsAMB8GA1UdIwQY
MBaAFMbhyMZchujSbdvraGWKOaeo4nhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEt
Y2U1ZTAxZTcxYzkxLzEvQ05pUnNDcUhUNjA0VU4waW4yRkNPS1JFMndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEtY2U1ZTAxZTcxYzkx
LzEveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCLiKgMAwD
BABZKsUDBANZKsADBABZL8QDBABZL8cDBABZL8swDQYJKoZIhvcNAQELBQADggEB
AH3KpsnAel+7eO6/Yj9yNP/E2Q20Z0wwyHm02F2AwfiSo1roifGFMq5O62Jd8p79
UVA5tXkWKOEykR8hnZWH+BqpFNW8nKvJSFv/lFXTEyCZsEM7RnWal4wQywqN8YzM
SavYiF7omEVJIvcYZXW3RPmgxcLzo2hZXGM9IWo110BtwAKQ/IkThVEAFzLW84C5
BYQ7bnT29QPe3j/ixOwdnxtqaOtcNWZl85+7d6T1b/Jq6+RMc6xwyADnTbCQ0uVY
ZSR6BXUY4KmmCCui76lecVF/vl/7HwrfcIPQ+5CieY1SovYPAi1004q+qVpskM1c
M+oItIg+n57iHOGgscT5lSI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:27 2024 by rpki-client on console-ams.rpki-client.org