Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/eRIZLTVdFLzUODEHcoyI7ZWwrH8.roa
File: eRIZLTVdFLzUODEHcoyI7ZWwrH8.roa (raw, json)
Hash identifier: HSIXj44u/naDS+YkuK3qqbYbKlms4EhfYWFwfZJuSsc=
Subject key identifier: 79:12:19:2D:35:5D:14:BC:D4:38:31:07:72:8C:88:ED:95:B0:AC:7F
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 018CC9BBE8D2B5EEC10FAD61D6FA169770EE
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/eRIZLTVdFLzUODEHcoyI7ZWwrH8.roa
Signing time: Tue 02 Jan 2024 10:33:04 +0000
ROA not before: Tue 02 Jan 2024 10:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202111
IP address blocks: 46.252.8.0/21 maxlen: 21
2a00:5900::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 May 2024 04:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:e8:d2:b5:ee:c1:0f:ad:61:d6:fa:16:97:70:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: Jan 2 10:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7912192d355d14bcd4383107728c88ed95b0ac7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3b:79:20:4f:80:1e:6c:14:bb:e9:2a:e9:ed:
fa:e5:ae:1a:05:e8:9e:24:67:bd:48:67:d8:9b:38:
2c:6f:2b:26:02:e3:7c:63:96:be:c5:e0:9c:0d:89:
32:2c:45:8e:d8:01:96:3c:c3:38:d6:67:88:3e:2e:
4c:ba:4a:cb:a4:00:59:a9:bc:a0:80:f8:7c:2a:3f:
32:28:e7:bf:c5:36:8f:93:1c:74:f0:e1:7e:ed:67:
87:ae:48:dc:8c:96:45:61:dd:d8:65:c2:26:37:89:
6d:05:d7:d2:12:dd:5e:5b:e0:cc:e0:cc:b8:fa:8e:
12:b6:1b:dc:4a:0f:11:65:5f:4c:59:4e:55:4e:c3:
e1:ae:bc:f0:31:5a:c9:dd:59:e1:26:16:48:64:12:
8d:55:2b:c2:38:60:31:df:11:0d:b0:b8:71:c9:a9:
ee:be:f9:46:74:0b:9d:42:b2:f1:7b:b4:cb:74:9e:
78:da:fd:5e:2b:5a:06:6d:9f:a1:87:0f:c0:9e:8f:
07:1e:11:49:38:c9:2f:55:21:1c:a4:eb:41:cc:82:
f8:b6:9e:57:4e:88:b0:8e:ea:37:23:11:1e:39:77:
c5:4b:b3:22:c9:bb:e6:c2:65:ea:99:1e:0a:de:1a:
7c:f4:ae:ba:36:65:75:64:7c:70:72:70:3e:6a:1a:
b6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:12:19:2D:35:5D:14:BC:D4:38:31:07:72:8C:88:ED:95:B0:AC:7F
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/eRIZLTVdFLzUODEHcoyI7ZWwrH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.8.0/21
IPv6:
2a00:5900::/32
Signature Algorithm: sha256WithRSAEncryption
9f:58:8e:c1:f9:4f:19:a6:d5:64:22:3c:39:95:42:13:db:9c:
fb:47:0e:86:b5:62:76:fa:61:bc:db:28:e5:c1:a8:f2:89:3e:
74:29:eb:52:e5:86:a7:27:41:58:03:ee:5c:ea:a8:84:bc:03:
69:dd:b9:9a:0c:a2:a1:06:c6:96:8c:05:6a:fc:fa:3f:58:1e:
5f:4c:d5:f9:35:eb:e3:01:ca:05:ea:00:e9:2d:49:fe:e8:d5:
ae:29:34:03:3c:3c:65:ca:2d:a3:b8:1c:63:54:22:d8:f8:eb:
f3:71:f5:22:84:2f:06:68:e7:cb:0b:50:e6:42:83:39:a9:bd:
af:1f:f7:21:00:82:10:c0:1d:33:52:ac:3e:4d:b3:7d:9d:90:
09:19:e9:a1:34:87:46:8b:e2:bb:79:e2:9f:f4:aa:b1:fd:95:
2e:f5:79:ac:0e:bb:9c:a5:90:8f:2e:27:0d:fc:73:10:4b:eb:
2f:71:76:a6:8c:87:08:90:3a:eb:34:c4:26:b0:ee:9f:83:e3:
bd:18:ac:2e:b5:32:a7:5a:7c:d7:4d:db:d1:e7:25:fb:0b:ed:
ef:07:61:cd:93:66:04:4f:5d:53:07:ec:78:71:01:b0:0f:be:
1a:73:21:bb:9f:da:0d:93:79:74:9a:df:e1:88:bd:70:ce:24:
17:39:56:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJu+jSte7BD61h1voWl3DuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2
YzQwZmQwHhcNMjQwMTAyMTAzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTEyMTkyZDM1NWQxNGJjZDQzODMxMDc3MjhjODhlZDk1YjBhYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzt5IE+AHmwUu+kq6e365a4aBeie
JGe9SGfYmzgsbysmAuN8Y5a+xeCcDYkyLEWO2AGWPMM41meIPi5MukrLpABZqbyg
gPh8Kj8yKOe/xTaPkxx08OF+7WeHrkjcjJZFYd3YZcImN4ltBdfSEt1eW+DM4My4
+o4SthvcSg8RZV9MWU5VTsPhrrzwMVrJ3VnhJhZIZBKNVSvCOGAx3xENsLhxyanu
vvlGdAudQrLxe7TLdJ542v1eK1oGbZ+hhw/Ano8HHhFJOMkvVSEcpOtBzIL4tp5X
Toiwjuo3IxEeOXfFS7MiybvmwmXqmR4K3hp89K66NmV1ZHxwcnA+ahq2pwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHkSGS01XRS81DgxB3KMiO2VsKx/MB8GA1UdIwQY
MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt
Yzc4NjkxMjg1ODJjLzEvZVJJWkxUVmRGTHpVT0RFSGNveUk3Wld3ckg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj
LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLvwIMA0E
AgACMAcDBQAqAFkAMA0GCSqGSIb3DQEBCwUAA4IBAQCfWI7B+U8ZptVkIjw5lUIT
25z7Rw6GtWJ2+mG82yjlwajyiT50KetS5YanJ0FYA+5c6qiEvANp3bmaDKKhBsaW
jAVq/Po/WB5fTNX5NevjAcoF6gDpLUn+6NWuKTQDPDxlyi2juBxjVCLY+OvzcfUi
hC8GaOfLC1DmQoM5qb2vH/chAIIQwB0zUqw+TbN9nZAJGemhNIdGi+K7eeKf9Kqx
/ZUu9XmsDrucpZCPLicN/HMQS+svcXamjIcIkDrrNMQmsO6fg+O9GKwutTKnWnzX
TdvR5yX7C+3vB2HNk2YET11TB+x4cQGwD74acyG7n9oNk3l0mt/hiL1wziQXOVbZ
-----END CERTIFICATE-----
Generated at Mon May 20 10:09:10 2024 by rpki-client on console.sobornost.net