Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/Y6Q4ViAGnsJmkB-fN2LN191Pw7c.roa
File: Y6Q4ViAGnsJmkB-fN2LN191Pw7c.roa (raw, json)
Hash identifier: jSK8tsHSQfmTslpTUmntlY8Nw0zk2XwQ2aQWTYIPv0A=
Subject key identifier: 63:A4:38:56:20:06:9E:C2:66:90:1F:9F:37:62:CD:D7:DD:4F:C3:B7
Certificate issuer: /CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Certificate serial: 018CC424666AB14DA5349083E6FD7A83EE83
Authority key identifier: 2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/Y6Q4ViAGnsJmkB-fN2LN191Pw7c.roa
Signing time: Mon 01 Jan 2024 08:29:29 +0000
ROA not before: Mon 01 Jan 2024 08:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47562
IP address blocks: 94.198.32.0/21 maxlen: 24
62.122.144.0/21 maxlen: 24
185.46.96.0/22 maxlen: 24
93.91.112.0/20 maxlen: 24
46.175.192.0/21 maxlen: 24
2a03:ce80::/32 maxlen: 56
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:66:6a:b1:4d:a5:34:90:83:e6:fd:7a:83:ee:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Validity
Not Before: Jan 1 08:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63a4385620069ec266901f9f3762cdd7dd4fc3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4e:b2:aa:57:8e:59:a7:d6:8c:36:96:39:f1:
f5:9e:8b:f0:e1:c5:8d:9d:cb:ad:8a:6a:55:23:2e:
62:14:6e:5d:d5:1b:fd:e9:8b:4f:fc:e5:de:e3:2b:
7c:8f:b9:d7:40:ed:7c:f8:e6:46:78:4b:a0:d8:82:
93:d8:2f:52:51:37:7f:9e:4f:44:b1:e3:4f:03:90:
53:16:b5:be:62:61:64:02:73:33:0f:26:a5:15:09:
8e:3c:73:52:2d:75:e5:77:45:cc:f7:97:96:76:1f:
24:87:e5:49:fd:d8:6d:67:81:01:7e:35:6c:3d:ff:
89:38:59:2c:f0:f5:74:e9:73:a9:53:09:3d:4e:45:
89:b2:f3:11:09:73:a0:c3:57:79:a1:f3:9f:a4:57:
25:52:e5:52:b9:ff:cb:0c:86:d1:87:bc:14:b9:9f:
06:c9:52:d7:f7:c9:be:e4:cb:65:cc:02:39:5a:7b:
00:ed:6e:f1:cd:d3:82:a7:51:4b:77:0f:96:e5:4d:
ca:12:83:18:08:db:ae:54:b5:a4:02:f7:fe:84:47:
50:e8:31:a2:e0:d6:95:4a:5b:5c:68:c2:6d:4f:d9:
66:91:72:85:56:2e:e9:12:d8:80:2a:07:7f:6e:14:
9f:11:98:71:28:16:07:73:f9:eb:0c:0e:f7:1b:32:
97:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A4:38:56:20:06:9E:C2:66:90:1F:9F:37:62:CD:D7:DD:4F:C3:B7
X509v3 Authority Key Identifier:
keyid:2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/Y6Q4ViAGnsJmkB-fN2LN191Pw7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.192.0/21
62.122.144.0/21
93.91.112.0/20
94.198.32.0/21
185.46.96.0/22
IPv6:
2a03:ce80::/32
Signature Algorithm: sha256WithRSAEncryption
05:6b:9d:b1:1c:4a:39:70:00:44:b8:a9:0d:1c:56:2a:30:a7:
3f:e2:5d:43:d0:39:ea:a2:cf:b7:e9:c1:0f:95:7a:2f:4c:67:
30:13:9b:16:e5:d2:a9:0c:0d:98:15:c4:f3:fe:0b:7c:8f:36:
85:85:28:67:44:22:54:cd:62:0a:07:97:68:0d:aa:74:e7:33:
8e:90:ea:95:09:c0:57:2f:93:d9:91:6a:79:96:dd:00:7c:31:
f7:bf:68:ea:1e:66:de:82:eb:61:53:f2:c2:fe:6e:b5:3d:69:
4c:53:dc:a6:68:3e:a7:1f:f0:8e:8e:e3:9d:9e:ce:00:af:f0:
4f:a0:da:05:63:b8:ce:41:fe:49:da:08:50:19:25:c7:64:86:
ec:46:75:a9:8d:bc:a8:e7:39:c7:74:54:87:f8:a9:43:4d:1c:
91:79:66:39:62:0a:08:81:25:3b:16:e5:5b:df:71:37:3d:d0:
c0:4b:5a:ef:01:d2:d4:0a:65:0a:cc:af:a8:98:1f:95:f9:e7:
bb:66:8c:69:20:9c:44:20:e5:29:b7:b4:02:6e:15:f2:5a:4c:
db:c0:7c:92:0a:46:a0:2f:97:2a:9c:5d:7b:7e:b9:63:ed:ab:
40:50:fc:65:fd:d0:43:cc:11:8e:7e:3c:e0:ad:0a:93:1f:8e:
9a:65:ba:d4
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEJGZqsU2lNJCD5v16g+6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTE0YmZmODM0ODBkMTBjZDBmYmViYjgwYjJjYjUwOTFm
Y2Y4MmYwHhcNMjQwMTAxMDgyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E0Mzg1NjIwMDY5ZWMyNjY5MDFmOWYzNzYyY2RkN2RkNGZjM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1E6yqleOWafWjDaWOfH1novw4cWN
ncutimpVIy5iFG5d1Rv96YtP/OXe4yt8j7nXQO18+OZGeEug2IKT2C9SUTd/nk9E
seNPA5BTFrW+YmFkAnMzDyalFQmOPHNSLXXld0XM95eWdh8kh+VJ/dhtZ4EBfjVs
Pf+JOFks8PV06XOpUwk9TkWJsvMRCXOgw1d5ofOfpFclUuVSuf/LDIbRh7wUuZ8G
yVLX98m+5MtlzAI5WnsA7W7xzdOCp1FLdw+W5U3KEoMYCNuuVLWkAvf+hEdQ6DGi
4NaVSltcaMJtT9lmkXKFVi7pEtiAKgd/bhSfEZhxKBYHc/nrDA73GzKXywIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGOkOFYgBp7CZpAfnzdizdfdT8O3MB8GA1UdIwQY
MBaAFCqhS/+DSA0QzQ++u4Cyy1CR/PgvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FGTF80TklEUkRORDc2N2dMTExVSkg4LUM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMTk4MTEtZmEyMy00N2IwLWI1Nzct
MTc2OThmODhjM2JkLzEvWTZRNFZpQUduc0pta0ItZk4yTE4xOTFQdzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMTk4MTEtZmEyMy00N2IwLWI1NzctMTc2OThmODhjM2Jk
LzEvS3FGTF80TklEUkRORDc2N2dMTExVSkg4LUM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLq/AAwQD
PnqQAwQEXVtwAwQDXsYgAwQCuS5gMA0EAgACMAcDBQAqA86AMA0GCSqGSIb3DQEB
CwUAA4IBAQAFa52xHEo5cABEuKkNHFYqMKc/4l1D0Dnqos+36cEPlXovTGcwE5sW
5dKpDA2YFcTz/gt8jzaFhShnRCJUzWIKB5doDap05zOOkOqVCcBXL5PZkWp5lt0A
fDH3v2jqHmbeguthU/LC/m61PWlMU9ymaD6nH/COjuOdns4Ar/BPoNoFY7jOQf5J
2ghQGSXHZIbsRnWpjbyo5znHdFSH+KlDTRyReWY5YgoIgSU7FuVb33E3PdDAS1rv
AdLUCmUKzK+omB+V+ee7ZoxpIJxEIOUpt7QCbhXyWkzbwHySCkagL5cqnF17frlj
7atAUPxl/dBDzBGOfjzgrQqTH46aZbrU
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:24 2025 by rpki-client