Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/e413d8-d389-473e-b63a-204d76eee661/1/G7b15xYNfohyY6LbOL96KSWKlKw.roa
File: G7b15xYNfohyY6LbOL96KSWKlKw.roa (raw, json)
Hash identifier: Qzp0zUgnz3vCnIPITd3+fRh5x/SQv1OvGn3c0X6/IP8=
Subject key identifier: 1B:B6:F5:E7:16:0D:7E:88:72:63:A2:DB:38:BF:7A:29:25:8A:94:AC
Certificate issuer: /CN=8095e0cc6e4a8de8acd3b07cce5ea0c040c47ff1
Certificate serial: 018CC26D7AACA6A31C99E5E04503F90C8C8B
Authority key identifier: 80:95:E0:CC:6E:4A:8D:E8:AC:D3:B0:7C:CE:5E:A0:C0:40:C4:7F:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gJXgzG5Kjeis07B8zl6gwEDEf_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/e413d8-d389-473e-b63a-204d76eee661/1/G7b15xYNfohyY6LbOL96KSWKlKw.roa
Signing time: Mon 01 Jan 2024 00:30:03 +0000
ROA not before: Mon 01 Jan 2024 00:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29686
IP address blocks: 46.243.74.0/23 maxlen: 24
46.243.73.0/24 maxlen: 24
46.243.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 23:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:7a:ac:a6:a3:1c:99:e5:e0:45:03:f9:0c:8c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8095e0cc6e4a8de8acd3b07cce5ea0c040c47ff1
Validity
Not Before: Jan 1 00:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bb6f5e7160d7e887263a2db38bf7a29258a94ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d6:38:b6:9b:7c:c3:d4:9e:d9:45:47:41:12:
10:04:27:b7:db:2a:59:8e:35:75:a4:59:6d:d0:8a:
f0:1a:e2:cd:aa:4e:a2:e7:b5:94:72:89:9a:15:8e:
4a:a6:da:d9:54:6d:1c:0d:15:9f:3c:c2:1b:aa:50:
6f:c1:19:86:56:7a:93:18:30:4d:bd:9f:a1:b2:bc:
8e:05:a5:4c:46:46:62:ab:86:23:90:f8:a0:8c:9d:
fb:6f:d0:e3:dd:af:80:c2:a2:0c:f8:72:a7:44:d1:
8d:d4:3f:b6:20:e1:5e:1a:90:d4:a8:85:0e:e8:d4:
17:c0:91:ea:d6:80:bc:c7:2d:92:e1:98:b3:fb:50:
6c:a9:41:34:e0:c8:8a:a0:1b:f2:4f:91:b8:3c:73:
71:4f:5b:11:a4:7d:7f:8b:db:f9:83:b6:bf:6c:69:
94:17:37:73:6a:f4:80:78:34:07:5f:13:df:4f:ce:
80:90:a9:fa:21:6e:90:22:82:b3:00:6e:5d:7e:7f:
7f:c4:bd:80:6e:0e:56:56:eb:60:83:49:97:d5:6a:
12:1c:f6:68:8d:6c:d9:fa:dd:98:77:09:ff:4c:8d:
c8:16:8f:9a:d5:7a:3b:5b:f2:98:6f:61:5a:21:f1:
8a:0b:ee:95:b5:39:cf:94:43:cf:c1:92:d2:a8:72:
39:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B6:F5:E7:16:0D:7E:88:72:63:A2:DB:38:BF:7A:29:25:8A:94:AC
X509v3 Authority Key Identifier:
keyid:80:95:E0:CC:6E:4A:8D:E8:AC:D3:B0:7C:CE:5E:A0:C0:40:C4:7F:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gJXgzG5Kjeis07B8zl6gwEDEf_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e413d8-d389-473e-b63a-204d76eee661/1/G7b15xYNfohyY6LbOL96KSWKlKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e413d8-d389-473e-b63a-204d76eee661/1/gJXgzG5Kjeis07B8zl6gwEDEf_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.72.0/22
Signature Algorithm: sha256WithRSAEncryption
03:4a:4c:66:c2:30:bb:73:96:7e:e0:25:90:4f:b9:4e:ad:76:
d1:48:31:5b:1b:c1:30:89:ec:96:45:9e:78:c1:a5:34:be:9d:
c9:7d:6f:c0:22:52:74:93:22:fa:fb:7b:db:7c:82:4e:19:42:
0d:b2:01:eb:07:6b:e3:e5:28:07:f0:f4:bd:79:59:9b:6a:66:
0c:04:44:2a:2e:8a:ae:e3:83:f5:d9:fe:50:ca:e5:fd:11:1c:
a1:a3:25:29:30:11:ff:3c:18:f4:e0:73:30:2e:5d:12:4e:d9:
2a:24:43:a1:ec:fc:cd:26:a3:ad:95:d6:16:ba:87:c7:42:4a:
fd:3a:9f:3b:0f:88:9b:83:81:8d:89:c8:4a:fe:06:c2:7f:94:
30:b9:67:27:a4:a8:c0:5c:61:b8:81:b8:63:7d:08:88:97:8d:
df:56:22:3d:59:56:f0:8a:b1:a3:00:54:ed:b8:a6:82:c1:41:
ee:0c:63:5a:01:a0:da:04:d2:7a:21:44:ba:25:e5:5e:89:c6:
8d:f0:31:aa:ef:cb:96:6c:db:16:7f:21:2e:ac:e5:b4:31:97:
91:ca:94:bb:a7:62:24:cb:1e:19:07:a6:7f:b7:05:d7:fa:89:
cf:35:d8:f8:1a:a0:d3:41:fc:c7:20:72:6b:f1:07:42:f7:73:
e9:bf:e5:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbXqspqMcmeXgRQP5DIyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOTVlMGNjNmU0YThkZThhY2QzYjA3Y2NlNWVhMGMwNDBj
NDdmZjEwHhcNMjQwMTAxMDAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmI2ZjVlNzE2MGQ3ZTg4NzI2M2EyZGIzOGJmN2EyOTI1OGE5NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NY4tpt8w9Se2UVHQRIQBCe32ypZ
jjV1pFlt0IrwGuLNqk6i57WUcomaFY5KptrZVG0cDRWfPMIbqlBvwRmGVnqTGDBN
vZ+hsryOBaVMRkZiq4YjkPigjJ37b9Dj3a+AwqIM+HKnRNGN1D+2IOFeGpDUqIUO
6NQXwJHq1oC8xy2S4Ziz+1BsqUE04MiKoBvyT5G4PHNxT1sRpH1/i9v5g7a/bGmU
FzdzavSAeDQHXxPfT86AkKn6IW6QIoKzAG5dfn9/xL2Abg5WVutgg0mX1WoSHPZo
jWzZ+t2Ydwn/TI3IFo+a1Xo7W/KYb2FaIfGKC+6VtTnPlEPPwZLSqHI5sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBu29ecWDX6IcmOi2zi/eiklipSsMB8GA1UdIwQY
MBaAFICV4MxuSo3orNOwfM5eoMBAxH/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0pYZ3pHNUtqZWlzMDdCOHpsNmd3RURFZl9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lNDEzZDgtZDM4OS00NzNlLWI2M2Et
MjA0ZDc2ZWVlNjYxLzEvRzdiMTV4WU5mb2h5WTZMYk9MOTZLU1dLbEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lNDEzZDgtZDM4OS00NzNlLWI2M2EtMjA0ZDc2ZWVlNjYx
LzEvZ0pYZ3pHNUtqZWlzMDdCOHpsNmd3RURFZl9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLvNIMA0G
CSqGSIb3DQEBCwUAA4IBAQADSkxmwjC7c5Z+4CWQT7lOrXbRSDFbG8EwieyWRZ54
waU0vp3JfW/AIlJ0kyL6+3vbfIJOGUINsgHrB2vj5SgH8PS9eVmbamYMBEQqLoqu
44P12f5QyuX9ERyhoyUpMBH/PBj04HMwLl0STtkqJEOh7PzNJqOtldYWuofHQkr9
Op87D4ibg4GNichK/gbCf5QwuWcnpKjAXGG4gbhjfQiIl43fViI9WVbwirGjAFTt
uKaCwUHuDGNaAaDaBNJ6IUS6JeVeicaN8DGq78uWbNsWfyEurOW0MZeRypS7p2Ik
yx4ZB6Z/twXX+onPNdj4GqDTQfzHIHJr8QdC93Ppv+Uo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:30 2024 by rpki-client on console-ams.rpki-client.org