Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/4Anm8kxrEq-YLtpZiWFOkeKeQY8.roa
File: 4Anm8kxrEq-YLtpZiWFOkeKeQY8.roa (raw, json)
Hash identifier: tXv1+/U56bXCQxDQfYr363ErDjhqaZKmvkWuhpsbsMk=
Subject key identifier: E0:09:E6:F2:4C:6B:12:AF:98:2E:DA:59:89:61:4E:91:E2:9E:41:8F
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 01856E2FAE6C0B74D565CFD435E3DABB1B66
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/4Anm8kxrEq-YLtpZiWFOkeKeQY8.roa
Signing time: Sun 01 Jan 2023 16:34:56 +0000
ROA not before: Sun 01 Jan 2023 16:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202111
IP address blocks: 46.252.8.0/21 maxlen: 21
2a00:5900::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:ae:6c:0b:74:d5:65:cf:d4:35:e3:da:bb:1b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: Jan 1 16:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e009e6f24c6b12af982eda5989614e91e29e418f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e4:8d:49:3a:5c:98:84:7a:9e:bf:e7:f6:26:
6d:23:b9:01:fa:db:69:13:69:79:2d:f0:7c:87:29:
c0:e9:12:ba:30:5f:d8:91:d6:15:8f:80:9d:ee:f2:
75:96:36:f0:70:f3:c7:c4:1b:84:2d:47:ff:37:73:
2a:81:b3:a5:e8:a9:fe:48:41:ed:b6:ae:67:13:f9:
b7:8e:a9:b4:c1:a3:3a:1f:2e:14:24:23:64:05:5d:
01:5b:6d:39:ef:6b:a4:84:26:a3:91:84:5c:b0:08:
f7:01:4b:60:cd:0b:27:d8:05:1d:c6:c3:3e:c4:83:
f5:66:b5:5f:78:bf:7d:6b:ff:5d:0b:30:55:ac:e0:
62:a1:b4:31:4c:4f:44:78:d8:d4:a0:17:e4:e3:3f:
d5:cc:4f:e5:3c:3b:c1:ed:e9:47:6e:06:fb:0b:6a:
3d:2e:fa:a3:dd:86:d8:37:6a:d1:bd:2d:68:d9:7a:
af:0e:cc:e8:bf:2f:59:10:76:0a:b2:92:fd:86:91:
a4:a4:73:92:d5:da:39:7d:ed:2c:4f:a9:c3:07:c7:
32:cc:0b:d3:72:fa:ea:0a:92:88:7b:ef:dd:63:d4:
f7:cd:b0:78:63:ac:4d:20:94:37:69:9e:d1:1d:4b:
37:fb:a4:ea:97:92:24:bd:43:0f:fb:b9:97:74:00:
4c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:09:E6:F2:4C:6B:12:AF:98:2E:DA:59:89:61:4E:91:E2:9E:41:8F
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/4Anm8kxrEq-YLtpZiWFOkeKeQY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.8.0/21
IPv6:
2a00:5900::/32
Signature Algorithm: sha256WithRSAEncryption
a0:d0:9a:d9:d2:d4:e9:29:1b:eb:13:a8:3e:ed:89:82:e8:ee:
b8:49:fb:de:9a:a9:a7:6a:27:96:c5:5d:15:49:a9:81:22:f8:
6e:60:7f:e2:df:3d:07:ec:5a:e7:f2:69:2e:95:44:cb:a1:47:
a2:f7:26:11:2f:28:da:29:10:d7:69:2f:04:39:b8:bc:7f:2b:
f1:a1:86:72:a9:ef:76:07:48:9c:0d:aa:e5:9e:18:ac:a4:b3:
ed:be:7c:e1:1d:fe:9d:19:1a:77:45:9e:6d:11:33:8f:9b:9d:
c1:c8:bf:71:04:fa:04:b5:ad:99:06:4a:6b:8a:cd:3b:6a:80:
ae:f2:c5:67:cb:35:20:f0:77:7d:14:e0:9a:b1:a5:2d:27:24:
de:cb:fa:ac:e5:08:87:30:bc:02:fb:e0:32:17:78:4e:b2:4d:
f8:ce:59:13:a1:d0:4e:2c:66:c7:8b:f2:ef:6d:1f:7a:a3:03:
04:ba:e1:9e:13:be:da:65:d3:67:a2:dc:04:22:13:a7:32:f4:
4c:7f:82:45:13:67:6f:31:c6:e8:42:eb:43:f1:2e:4d:de:96:
ce:27:da:2e:53:8f:43:6b:1b:96:22:82:c0:1d:9a:3d:76:09:
40:82:0d:26:76:76:64:15:66:65:12:aa:87:a6:d3:11:71:5c:
34:e9:c4:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL65sC3TVZc/UNePauxtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2
YzQwZmQwHhcNMjMwMTAxMTYzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA5ZTZmMjRjNmIxMmFmOTgyZWRhNTk4OTYxNGU5MWUyOWU0MThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguSNSTpcmIR6nr/n9iZtI7kB+ttp
E2l5LfB8hynA6RK6MF/YkdYVj4Cd7vJ1ljbwcPPHxBuELUf/N3MqgbOl6Kn+SEHt
tq5nE/m3jqm0waM6Hy4UJCNkBV0BW20572ukhCajkYRcsAj3AUtgzQsn2AUdxsM+
xIP1ZrVfeL99a/9dCzBVrOBiobQxTE9EeNjUoBfk4z/VzE/lPDvB7elHbgb7C2o9
Lvqj3YbYN2rRvS1o2XqvDszovy9ZEHYKspL9hpGkpHOS1do5fe0sT6nDB8cyzAvT
cvrqCpKIe+/dY9T3zbB4Y6xNIJQ3aZ7RHUs3+6Tql5IkvUMP+7mXdABM0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOAJ5vJMaxKvmC7aWYlhTpHinkGPMB8GA1UdIwQY
MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt
Yzc4NjkxMjg1ODJjLzEvNEFubThreHJFcS1ZTHRwWmlXRk9rZUtlUVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj
LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLvwIMA0E
AgACMAcDBQAqAFkAMA0GCSqGSIb3DQEBCwUAA4IBAQCg0JrZ0tTpKRvrE6g+7YmC
6O64SfvemqmnaieWxV0VSamBIvhuYH/i3z0H7Frn8mkulUTLoUei9yYRLyjaKRDX
aS8EObi8fyvxoYZyqe92B0icDarlnhispLPtvnzhHf6dGRp3RZ5tETOPm53ByL9x
BPoEta2ZBkpris07aoCu8sVnyzUg8Hd9FOCasaUtJyTey/qs5QiHMLwC++AyF3hO
sk34zlkTodBOLGbHi/LvbR96owMEuuGeE77aZdNnotwEIhOnMvRMf4JFE2dvMcbo
QutD8S5N3pbOJ9ouU49DaxuWIoLAHZo9dglAgg0mdnZkFWZlEqqHptMRcVw06cRK
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:32 2024 by rpki-client on console.sobornost.net