Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/LYpqL0sT5lT_QacOwpFTI4b7LZw.roa
File: LYpqL0sT5lT_QacOwpFTI4b7LZw.roa (raw, json)
Hash identifier: 1YWZllk3PwwU8zC9HeVCUj8hzfAPOAkLzI2dtkoppkM=
Subject key identifier: 2D:8A:6A:2F:4B:13:E6:54:FF:41:A7:0E:C2:91:53:23:86:FB:2D:9C
Certificate issuer: /CN=bdac8f33db4a4a0175d8f8ea7ca747507e7e81e0
Certificate serial: 0190E4F783E666E02176EAFFDD3723F53192
Authority key identifier: BD:AC:8F:33:DB:4A:4A:01:75:D8:F8:EA:7C:A7:47:50:7E:7E:81:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/LYpqL0sT5lT_QacOwpFTI4b7LZw.roa
Signing time: Wed 24 Jul 2024 13:39:04 +0000
ROA not before: Wed 24 Jul 2024 13:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53856
IP address blocks: 46.173.64.0/22 maxlen: 22
46.173.68.0/22 maxlen: 22
46.173.72.0/22 maxlen: 22
46.173.76.0/22 maxlen: 22
46.173.84.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 29 Jul 2024 17:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:f7:83:e6:66:e0:21:76:ea:ff:dd:37:23:f5:31:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdac8f33db4a4a0175d8f8ea7ca747507e7e81e0
Validity
Not Before: Jul 24 13:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d8a6a2f4b13e654ff41a70ec291532386fb2d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:34:85:96:13:aa:d3:2c:6f:b6:40:5a:49:b3:
ee:09:f7:9e:99:4a:64:16:f0:40:db:3a:fe:4d:38:
48:90:22:61:c7:82:0f:b8:fb:fa:07:ad:b6:3f:ba:
fe:1b:23:f2:c0:ad:f1:80:16:bd:d0:ff:00:ed:82:
a9:2f:c2:2b:ca:4b:fd:34:a6:73:1c:c9:be:92:f2:
11:40:8c:d4:21:d8:a4:17:8b:df:75:98:20:48:af:
5b:24:c4:68:04:c0:0f:64:9a:2b:cb:00:33:ab:d0:
af:aa:bf:c2:9a:32:31:7f:d0:06:ac:7e:ca:0f:26:
e4:18:36:39:e5:2a:2b:48:5e:22:00:c1:bd:7a:13:
0c:21:61:fb:a3:d0:fa:0f:01:01:88:cb:41:e3:ef:
e8:7e:49:c9:a8:c8:b0:b8:60:31:9f:05:36:e0:ba:
0a:0a:65:7a:56:44:4d:dd:f2:d6:1d:69:0e:36:85:
14:07:99:68:b4:5c:72:b1:11:5f:47:85:af:6b:b7:
a3:8d:95:43:08:39:88:12:37:fc:95:b1:9c:cc:14:
69:a8:30:ad:ce:38:69:9c:1d:2a:cf:db:64:52:a8:
67:99:7e:50:18:ab:e6:d7:2c:14:14:a1:ea:88:2a:
0c:5b:1b:0a:57:d4:b8:f1:0a:10:e1:ce:d8:35:4a:
a8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8A:6A:2F:4B:13:E6:54:FF:41:A7:0E:C2:91:53:23:86:FB:2D:9C
X509v3 Authority Key Identifier:
keyid:BD:AC:8F:33:DB:4A:4A:01:75:D8:F8:EA:7C:A7:47:50:7E:7E:81:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vayPM9tKSgF12PjqfKdHUH5-geA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/LYpqL0sT5lT_QacOwpFTI4b7LZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2e93fb-49b1-4b39-b252-250baf78e30e/1/vayPM9tKSgF12PjqfKdHUH5-geA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.64.0/20
46.173.84.0/22
Signature Algorithm: sha256WithRSAEncryption
65:a2:08:6f:c4:41:61:5c:48:34:b5:a0:35:47:8b:3f:89:b1:
3a:7b:d5:6d:8a:90:d6:da:8b:4a:75:23:7b:be:44:94:d2:78:
83:da:2e:88:5c:a2:04:7f:84:ed:b6:c7:b3:12:a2:0b:95:15:
5a:c4:68:44:a1:dd:74:ab:c5:3c:70:cd:12:33:e8:0f:43:f3:
c7:a6:31:f7:cf:ca:67:8a:20:c1:05:68:6e:e4:21:3b:1d:6c:
8a:18:7f:4d:28:ae:4e:58:d4:7e:30:a0:2c:07:ef:13:04:06:
d0:12:92:bb:ab:ec:d6:d7:d7:01:1d:7e:8c:2e:2a:13:77:fd:
76:e9:24:43:a3:c0:9d:8c:e3:e4:9c:27:fd:49:d4:06:76:18:
81:48:d2:2e:4a:4c:68:03:bf:b8:3c:3b:19:2e:0f:02:25:dc:
e1:b4:f1:8c:fb:00:dc:79:a2:44:da:7b:4f:a7:be:0b:2c:f5:
0e:e9:4c:d5:f1:8f:2a:f7:e3:d4:31:ac:a5:88:a9:a8:d1:b8:
50:3f:6a:4d:0e:76:02:8a:9c:4a:57:ee:b8:8f:0c:48:a5:d9:
a2:45:76:40:39:a7:3a:16:23:71:7e:26:62:08:58:75:96:2e:
55:68:bb:87:ad:c5:fe:48:a1:fa:4a:8e:26:4e:56:3f:ae:9a:
59:11:c0:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDk94PmZuAhdur/3Tcj9TGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYWM4ZjMzZGI0YTRhMDE3NWQ4ZjhlYTdjYTc0NzUwN2U3
ZTgxZTAwHhcNMjQwNzI0MTMzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDhhNmEyZjRiMTNlNjU0ZmY0MWE3MGVjMjkxNTMyMzg2ZmIyZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDSFlhOq0yxvtkBaSbPuCfeemUpk
FvBA2zr+TThIkCJhx4IPuPv6B622P7r+GyPywK3xgBa90P8A7YKpL8Irykv9NKZz
HMm+kvIRQIzUIdikF4vfdZggSK9bJMRoBMAPZJorywAzq9Cvqr/CmjIxf9AGrH7K
DybkGDY55SorSF4iAMG9ehMMIWH7o9D6DwEBiMtB4+/ofknJqMiwuGAxnwU24LoK
CmV6VkRN3fLWHWkONoUUB5lotFxysRFfR4Wva7ejjZVDCDmIEjf8lbGczBRpqDCt
zjhpnB0qz9tkUqhnmX5QGKvm1ywUFKHqiCoMWxsKV9S48QoQ4c7YNUqoWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC2Kai9LE+ZU/0GnDsKRUyOG+y2cMB8GA1UdIwQY
MBaAFL2sjzPbSkoBddj46nynR1B+foHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmF5UE05dEtTZ0YxMlBqcWZLZEhVSDUtZ2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8yZTkzZmItNDliMS00YjM5LWIyNTIt
MjUwYmFmNzhlMzBlLzEvTFlwcUwwc1Q1bFRfUWFjT3dwRlRJNGI3TFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8yZTkzZmItNDliMS00YjM5LWIyNTItMjUwYmFmNzhlMzBl
LzEvdmF5UE05dEtTZ0YxMlBqcWZLZEhVSDUtZ2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQELq1AAwQC
Lq1UMA0GCSqGSIb3DQEBCwUAA4IBAQBloghvxEFhXEg0taA1R4s/ibE6e9VtipDW
2otKdSN7vkSU0niD2i6IXKIEf4TttsezEqILlRVaxGhEod10q8U8cM0SM+gPQ/PH
pjH3z8pniiDBBWhu5CE7HWyKGH9NKK5OWNR+MKAsB+8TBAbQEpK7q+zW19cBHX6M
LioTd/126SRDo8CdjOPknCf9SdQGdhiBSNIuSkxoA7+4PDsZLg8CJdzhtPGM+wDc
eaJE2ntPp74LLPUO6UzV8Y8q9+PUMayliKmo0bhQP2pNDnYCipxKV+64jwxIpdmi
RXZAOac6FiNxfiZiCFh1li5VaLuHrcX+SKH6So4mTlY/rppZEcCZ
-----END CERTIFICATE-----
Generated at Mon Jul 29 19:29:06 2024 by rpki-client on console-ams.rpki-client.org