Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/hYRUEPyVV9sTVj91eCNIWDxyGsk.roa
File: hYRUEPyVV9sTVj91eCNIWDxyGsk.roa (raw, json)
Hash identifier: btISD8LA9BTIS9vQdT/1buL1AdbIkaaiwVBFytawMJU=
Subject key identifier: 85:84:54:10:FC:95:57:DB:13:56:3F:75:78:23:48:58:3C:72:1A:C9
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 01856F42D7FD7DB27F680BF6C554E4B6E4D9
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/hYRUEPyVV9sTVj91eCNIWDxyGsk.roa
Signing time: Sun 01 Jan 2023 21:35:29 +0000
ROA not before: Sun 01 Jan 2023 21:35:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49100
IP address blocks: 46.209.122.0/24 maxlen: 24
46.209.234.0/24 maxlen: 24
5.160.106.0/24 maxlen: 24
77.104.114.0/23 maxlen: 23
46.209.102.0/24 maxlen: 24
46.209.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d7:fd:7d:b2:7f:68:0b:f6:c5:54:e4:b6:e4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:35:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85845410fc9557db13563f75782348583c721ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:61:06:11:71:c5:fa:f5:97:46:bf:ca:32:04:
0d:a7:28:7f:be:bd:12:8f:94:01:14:4c:c2:b7:64:
55:3c:6e:62:f5:a5:ce:fb:85:9e:0e:c2:28:e3:5d:
80:73:b1:e0:24:4c:01:ff:25:0f:a4:8f:c4:50:98:
fa:03:69:4a:01:8d:68:e1:34:b7:cd:ab:26:29:e3:
46:c9:a3:e6:76:4e:9e:31:22:19:4d:43:7c:70:8e:
79:a9:30:74:cd:01:4c:cd:b5:71:94:75:b1:1b:59:
81:a2:ed:e1:b5:0a:31:59:4c:17:77:63:35:11:ed:
b3:46:bb:ab:79:cd:41:3b:ef:f7:51:1a:10:ce:d8:
31:c4:96:7c:57:9d:b1:c5:49:b0:2d:57:2d:d0:53:
49:36:fb:a4:43:7d:ac:df:24:14:c3:84:7c:f5:b7:
45:b8:03:86:bf:67:41:69:9c:12:45:c1:f2:29:c3:
dd:27:a6:ce:3d:c7:1d:37:85:ac:f1:d6:58:96:00:
25:e8:17:04:2b:6d:07:14:4f:e1:6d:07:ac:ee:b8:
4e:c6:18:66:08:93:84:b2:a6:e9:11:18:e5:fd:c4:
55:93:de:7e:14:da:0d:b3:d8:f4:25:60:45:aa:55:
c5:19:6c:cb:8c:37:68:b4:45:94:40:27:63:a3:99:
15:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:84:54:10:FC:95:57:DB:13:56:3F:75:78:23:48:58:3C:72:1A:C9
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/hYRUEPyVV9sTVj91eCNIWDxyGsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.106.0/24
46.209.10.0/24
46.209.102.0/24
46.209.122.0/24
46.209.234.0/24
77.104.114.0/23
Signature Algorithm: sha256WithRSAEncryption
73:67:37:57:7e:ae:82:cc:69:71:c6:c7:82:33:da:34:bc:9f:
ad:9d:51:76:25:bf:2a:ec:a5:ed:2e:f3:d6:a5:5b:fe:38:d1:
70:25:9e:5d:a5:ad:86:23:41:f2:45:20:87:83:9b:f3:91:89:
1a:c0:20:cc:a3:27:c5:b5:39:69:7d:7f:05:fe:25:0d:98:48:
60:7e:5a:4b:f5:06:79:a1:0b:44:95:d4:57:4c:f4:87:84:4f:
f2:25:d1:13:bc:74:86:96:fa:a1:13:08:31:e2:c7:5a:9c:77:
5e:b7:89:42:37:e9:8e:9f:33:7b:4e:15:9b:4f:f6:5e:87:9c:
95:e4:29:8e:cc:87:78:81:96:43:14:21:93:a3:31:9e:2b:90:
62:ec:9d:29:c8:74:68:da:ef:44:74:60:62:7b:8a:9c:e7:ee:
76:74:db:bf:5b:a2:01:3b:0b:0d:cd:d5:77:f4:24:7c:e1:43:
7e:74:97:f4:fd:92:b8:c9:71:d8:67:e5:ce:97:35:7c:ff:06:
fb:a1:d1:5e:ec:ec:19:c8:87:40:2c:9d:c6:9f:19:56:3f:14:
df:ef:0e:2b:41:d4:85:de:fc:4a:24:cc:70:79:8b:9b:0c:4d:
c1:c5:dc:73:c6:55:35:1e:e0:e1:52:f0:56:74:38:b4:db:74:
c4:22:03:31
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvQtf9fbJ/aAv2xVTktuTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTg0NTQxMGZjOTU1N2RiMTM1NjNmNzU3ODIzNDg1ODNjNzIxYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GEGEXHF+vWXRr/KMgQNpyh/vr0S
j5QBFEzCt2RVPG5i9aXO+4WeDsIo412Ac7HgJEwB/yUPpI/EUJj6A2lKAY1o4TS3
zasmKeNGyaPmdk6eMSIZTUN8cI55qTB0zQFMzbVxlHWxG1mBou3htQoxWUwXd2M1
Ee2zRrurec1BO+/3URoQztgxxJZ8V52xxUmwLVct0FNJNvukQ32s3yQUw4R89bdF
uAOGv2dBaZwSRcHyKcPdJ6bOPccdN4Ws8dZYlgAl6BcEK20HFE/hbQes7rhOxhhm
CJOEsqbpERjl/cRVk95+FNoNs9j0JWBFqlXFGWzLjDdotEWUQCdjo5kVEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIWEVBD8lVfbE1Y/dXgjSFg8chrJMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvaFlSVUVQeVZWOXNUVmo5MWVDTklXRHh5R3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABaBqAwQA
LtEKAwQALtFmAwQALtF6AwQALtHqAwQBTWhyMA0GCSqGSIb3DQEBCwUAA4IBAQBz
ZzdXfq6CzGlxxseCM9o0vJ+tnVF2Jb8q7KXtLvPWpVv+ONFwJZ5dpa2GI0HyRSCH
g5vzkYkawCDMoyfFtTlpfX8F/iUNmEhgflpL9QZ5oQtEldRXTPSHhE/yJdETvHSG
lvqhEwgx4sdanHdet4lCN+mOnzN7ThWbT/Zeh5yV5CmOzId4gZZDFCGTozGeK5Bi
7J0pyHRo2u9EdGBie4qc5+52dNu/W6IBOwsNzdV39CR84UN+dJf0/ZK4yXHYZ+XO
lzV8/wb7odFe7OwZyIdALJ3GnxlWPxTf7w4rQdSF3vxKJMxweYubDE3BxdxzxlU1
HuDhUvBWdDi023TEIgMx
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:51 2024 by rpki-client on console-ams.rpki-client.org