Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/DSI3jvfmD7U118oleKW2vcvKNvI.roa
File: DSI3jvfmD7U118oleKW2vcvKNvI.roa (raw, json)
Hash identifier: +9B0gKZI69WUPVBDUKg28EnfvqYw4ZtKhtkaPZsyC1c=
Subject key identifier: 0D:22:37:8E:F7:E6:0F:B5:35:D7:CA:25:78:A5:B6:BD:CB:CA:36:F2
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018DF0718738B17DAC689FED97537C13541A
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/DSI3jvfmD7U118oleKW2vcvKNvI.roa
Signing time: Wed 28 Feb 2024 15:59:48 +0000
ROA not before: Wed 28 Feb 2024 15:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 46.18.72.0/21 maxlen: 24
194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 29 Feb 2024 11:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:71:87:38:b1:7d:ac:68:9f:ed:97:53:7c:13:54:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Feb 28 15:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d22378ef7e60fb535d7ca2578a5b6bdcbca36f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:17:25:0e:d5:14:ec:b9:71:a7:1c:46:91:cd:
47:87:e4:5d:d4:e1:99:26:0c:d7:92:c6:9f:ed:33:
86:ad:90:cf:ff:3f:8d:c5:92:16:2b:1b:58:0e:97:
95:65:d2:d8:8c:64:f4:d2:47:41:72:6c:6f:86:e3:
25:80:60:8a:84:2d:bb:71:34:ad:f3:aa:70:14:a9:
a5:9e:73:08:19:e9:88:38:d6:9f:b3:f2:d0:61:2c:
b0:26:e8:ae:a5:2a:ef:e3:0f:ac:a3:81:25:c6:62:
62:b1:d4:39:26:67:48:28:44:57:d0:b5:aa:50:80:
17:80:fe:57:96:f0:e3:2a:85:88:57:87:50:f7:52:
3b:5d:70:e6:3f:72:76:9f:1f:2f:9d:8e:86:21:7d:
cc:38:1f:21:b5:a1:73:93:30:58:c8:c5:2d:17:e9:
af:d8:09:b1:91:66:3a:62:56:70:e4:27:c4:6e:bb:
15:92:1f:d6:7c:40:2d:1e:a3:ff:56:ee:46:8f:10:
f4:e7:f2:11:0b:06:fb:ea:5e:88:a9:06:a3:1c:73:
b3:29:7b:fe:cc:8b:46:ca:28:09:93:cf:a1:ef:2b:
87:9b:6a:41:d1:f4:ab:f8:24:1b:6a:ef:6a:55:21:
62:06:b6:1d:15:4c:47:99:ce:01:44:70:12:93:55:
ff:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:22:37:8E:F7:E6:0F:B5:35:D7:CA:25:78:A5:B6:BD:CB:CA:36:F2
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/DSI3jvfmD7U118oleKW2vcvKNvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.72.0/21
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
25:14:c1:ad:ec:d8:41:2d:d8:68:81:30:41:31:f8:74:9a:d0:
37:34:ae:ad:4a:67:91:02:1b:99:93:15:e3:65:fe:e6:96:54:
4c:41:8e:47:ce:a6:1c:fb:b8:c7:9b:cf:b5:e9:5a:2e:12:85:
7b:33:6c:60:7f:17:df:29:55:1d:28:2d:34:ac:4b:8e:c4:cf:
04:90:27:8a:95:79:0c:38:7c:1d:b6:a5:d5:4c:82:da:03:5c:
b6:e3:22:67:bf:56:76:2b:f6:61:54:56:60:b1:73:f1:2a:4e:
bf:2a:74:a1:c1:8f:6a:0c:ad:f0:6d:71:76:f9:7f:75:51:37:
8a:f5:8e:d7:eb:64:eb:29:b8:7d:9a:a1:cc:85:28:d5:01:07:
bd:df:73:e6:8d:c4:15:34:11:2b:1c:d3:23:13:3a:24:20:4e:
2f:a2:b5:41:a2:d2:40:92:57:12:51:53:af:b6:50:fe:96:77:
8a:dc:97:1e:0d:ab:48:d1:75:81:28:a6:da:00:66:30:cb:7d:
d3:b9:0d:98:40:fd:db:16:ff:d7:04:f7:96:66:5b:60:4e:06:
0d:ae:d4:0d:0c:c8:96:f0:a3:9d:bc:d0:91:63:dd:69:22:f0:
de:99:70:fd:97:03:de:28:6a:b2:a4:9b:30:0f:a0:75:f9:ce:
d8:24:8f:94
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY3wcYc4sX2saJ/tl1N8E1QaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMjI4MTU1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDIyMzc4ZWY3ZTYwZmI1MzVkN2NhMjU3OGE1YjZiZGNiY2EzNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhclDtUU7LlxpxxGkc1Hh+Rd1OGZ
JgzXksaf7TOGrZDP/z+NxZIWKxtYDpeVZdLYjGT00kdBcmxvhuMlgGCKhC27cTSt
86pwFKmlnnMIGemIONafs/LQYSywJuiupSrv4w+so4ElxmJisdQ5JmdIKERX0LWq
UIAXgP5XlvDjKoWIV4dQ91I7XXDmP3J2nx8vnY6GIX3MOB8htaFzkzBYyMUtF+mv
2AmxkWY6YlZw5CfEbrsVkh/WfEAtHqP/Vu5GjxD05/IRCwb76l6IqQajHHOzKXv+
zItGyigJk8+h7yuHm2pB0fSr+CQbau9qVSFiBrYdFUxHmc4BRHASk1X//wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFA0iN4735g+1NdfKJXiltr3LyjbyMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvRFNJM2p2Zm1EN1UxMThvbGVLVzJ2Y3ZLTnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQDLhJIAwQC
wjjsAwQBwn+eAwQBwn+iMBsEAgACMBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJ
KoZIhvcNAQELBQADggEBACUUwa3s2EEt2GiBMEEx+HSa0Dc0rq1KZ5ECG5mTFeNl
/uaWVExBjkfOphz7uMebz7XpWi4ShXszbGB/F98pVR0oLTSsS47EzwSQJ4qVeQw4
fB22pdVMgtoDXLbjIme/VnYr9mFUVmCxc/EqTr8qdKHBj2oMrfBtcXb5f3VRN4r1
jtfrZOspuH2aocyFKNUBB73fc+aNxBU0ESsc0yMTOiQgTi+itUGi0kCSVxJRU6+2
UP6Wd4rclx4Nq0jRdYEoptoAZjDLfdO5DZhA/dsW/9cE95ZmW2BOBg2u1A0MyJbw
o5280JFj3Wki8N6ZcP2XA94oarKkmzAPoHX5ztgkj5Q=
-----END CERTIFICATE-----
Generated at Thu Feb 29 17:38:19 2024 by rpki-client on console.sobornost.net