Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/T1HCumIrUCL1afGGCM7V3gGnMTs.roa
File: T1HCumIrUCL1afGGCM7V3gGnMTs.roa (raw, json)
Hash identifier: k2egh3FjDyD1xKvF/wyfzTqKuqrAkPTMi87SEoh5vQY=
Subject key identifier: 4F:51:C2:BA:62:2B:50:22:F5:69:F1:86:08:CE:D5:DE:01:A7:31:3B
Certificate issuer: /CN=b2735983dfb227a246df98876ec9d1af91f3d779
Certificate serial: 01856FC24E98E1878A6FA29454EFA779A8A3
Authority key identifier: B2:73:59:83:DF:B2:27:A2:46:DF:98:87:6E:C9:D1:AF:91:F3:D7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snNZg9-yJ6JG35iHbsnRr5Hz13k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/T1HCumIrUCL1afGGCM7V3gGnMTs.roa
Signing time: Sun 01 Jan 2023 23:54:43 +0000
ROA not before: Sun 01 Jan 2023 23:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197581
IP address blocks: 46.235.233.0/24 maxlen: 24
46.235.232.0/24 maxlen: 24
46.235.232.0/21 maxlen: 21
46.235.237.0/24 maxlen: 24
46.235.234.0/24 maxlen: 24
46.235.236.0/24 maxlen: 24
46.235.235.0/24 maxlen: 24
46.235.239.0/24 maxlen: 24
46.235.238.0/24 maxlen: 24
2a00:5ec0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:4e:98:e1:87:8a:6f:a2:94:54:ef:a7:79:a8:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2735983dfb227a246df98876ec9d1af91f3d779
Validity
Not Before: Jan 1 23:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f51c2ba622b5022f569f18608ced5de01a7313b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5a:b5:07:55:bb:33:98:81:9e:15:15:4c:a4:
68:10:66:12:c1:b1:e6:2b:53:bf:0f:93:92:08:3c:
59:67:b1:01:94:d6:45:61:8a:62:43:55:71:9b:ae:
bd:e1:59:21:de:f2:04:10:22:85:e8:ef:04:3f:59:
6c:8d:a9:c4:c3:78:57:fe:54:b3:e7:26:f7:99:c2:
44:ee:ef:cb:e1:95:81:d1:65:41:ab:b0:02:75:cd:
b8:1a:8e:bc:96:df:5f:e5:18:04:65:5c:90:1f:dd:
38:f4:52:ce:40:d1:f2:bf:8c:99:76:c3:c9:8c:f3:
2c:cb:50:a6:a3:3c:5e:78:30:2b:6d:40:6d:89:5d:
3d:a9:24:96:3d:93:96:44:bb:80:37:49:4c:47:c9:
9d:1d:c4:79:ca:be:be:d6:11:84:d6:62:c9:26:5d:
f9:c0:60:14:45:71:e9:57:11:84:83:8f:61:fe:e8:
84:62:05:3a:01:b9:29:c2:7b:0d:5d:b7:c9:13:9a:
a1:ca:8c:11:d6:ca:c9:6b:67:b7:40:b4:4e:a0:0b:
c2:16:26:69:e6:0d:9a:f7:e7:6d:8c:9f:2f:b1:7d:
f3:8b:d8:bd:11:78:78:31:82:a8:a5:fe:47:5a:a2:
02:5f:2f:01:8f:8d:99:36:a0:89:0d:c5:8f:f2:9c:
62:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:51:C2:BA:62:2B:50:22:F5:69:F1:86:08:CE:D5:DE:01:A7:31:3B
X509v3 Authority Key Identifier:
keyid:B2:73:59:83:DF:B2:27:A2:46:DF:98:87:6E:C9:D1:AF:91:F3:D7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snNZg9-yJ6JG35iHbsnRr5Hz13k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/T1HCumIrUCL1afGGCM7V3gGnMTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/snNZg9-yJ6JG35iHbsnRr5Hz13k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.232.0/21
IPv6:
2a00:5ec0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:11:ea:18:89:0b:8a:75:f0:c4:7b:4d:0d:25:06:71:2d:10:
a8:21:8f:b3:2d:5e:85:27:28:6d:1b:6a:c8:98:85:a2:6a:0a:
bf:49:a1:4a:76:9a:83:2c:34:05:0b:10:ac:6a:d9:b1:92:e6:
31:90:09:5a:17:dd:c7:8d:2b:03:0f:47:b8:a5:30:ab:e6:b3:
f7:e4:f8:12:8e:3b:25:bc:a5:59:95:5b:0b:bb:77:27:c3:fb:
6e:b5:6c:2d:54:d0:de:02:70:12:79:87:c0:8a:09:2f:7a:28:
22:cf:91:f8:66:f2:f3:00:d6:65:a3:64:c4:d6:4f:0a:84:27:
ba:9a:b5:c4:db:83:7b:7b:9d:5f:82:91:1b:c2:3a:80:89:7b:
fa:59:a2:e3:35:0f:bf:f2:2e:5f:08:1c:ea:2b:b0:58:0c:72:
31:a4:75:be:95:fa:ac:b4:bb:6f:30:0d:da:45:0b:53:0c:5c:
e6:ad:59:cb:42:30:a2:9f:46:d4:06:d3:00:5c:27:25:53:e6:
45:d6:a0:d9:f7:7a:7d:c9:89:55:8b:67:7f:15:e2:f1:7c:4b:
f6:7f:3d:2a:86:4b:c1:5f:46:b1:c6:8d:3b:ce:48:a6:c2:e1:
75:2b:1f:05:fc:b5:00:52:18:0b:7a:4a:e6:32:d7:9a:0c:01:
6f:36:84:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvwk6Y4YeKb6KUVO+neaijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzM1OTgzZGZiMjI3YTI0NmRmOTg4NzZlYzlkMWFmOTFm
M2Q3NzkwHhcNMjMwMTAxMjM1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjUxYzJiYTYyMmI1MDIyZjU2OWYxODYwOGNlZDVkZTAxYTczMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVq1B1W7M5iBnhUVTKRoEGYSwbHm
K1O/D5OSCDxZZ7EBlNZFYYpiQ1Vxm6694Vkh3vIEECKF6O8EP1lsjanEw3hX/lSz
5yb3mcJE7u/L4ZWB0WVBq7ACdc24Go68lt9f5RgEZVyQH9049FLOQNHyv4yZdsPJ
jPMsy1CmozxeeDArbUBtiV09qSSWPZOWRLuAN0lMR8mdHcR5yr6+1hGE1mLJJl35
wGAURXHpVxGEg49h/uiEYgU6AbkpwnsNXbfJE5qhyowR1srJa2e3QLROoAvCFiZp
5g2a9+dtjJ8vsX3zi9i9EXh4MYKopf5HWqICXy8Bj42ZNqCJDcWP8pxiIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE9RwrpiK1Ai9WnxhgjO1d4BpzE7MB8GA1UdIwQY
MBaAFLJzWYPfsieiRt+Yh27J0a+R89d5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25OWmc5LXlKNkpHMzVpSGJzblJyNUh6MTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi80NzVlMTktOWZiZi00ZDQzLTkyODUt
ZWM1YjMyNWM2ZWIyLzEvVDFIQ3VtSXJVQ0wxYWZHR0NNN1YzZ0duTVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi80NzVlMTktOWZiZi00ZDQzLTkyODUtZWM1YjMyNWM2ZWIy
LzEvc25OWmc5LXlKNkpHMzVpSGJzblJyNUh6MTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuvoMA0E
AgACMAcDBQAqAF7AMA0GCSqGSIb3DQEBCwUAA4IBAQBqEeoYiQuKdfDEe00NJQZx
LRCoIY+zLV6FJyhtG2rImIWiagq/SaFKdpqDLDQFCxCsatmxkuYxkAlaF93HjSsD
D0e4pTCr5rP35PgSjjslvKVZlVsLu3cnw/tutWwtVNDeAnASeYfAigkveigiz5H4
ZvLzANZlo2TE1k8KhCe6mrXE24N7e51fgpEbwjqAiXv6WaLjNQ+/8i5fCBzqK7BY
DHIxpHW+lfqstLtvMA3aRQtTDFzmrVnLQjCin0bUBtMAXCclU+ZF1qDZ93p9yYlV
i2d/FeLxfEv2fz0qhkvBX0axxo07zkimwuF1Kx8F/LUAUhgLekrmMteaDAFvNoR/
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:56 2024 by rpki-client on console.sobornost.net