Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/YLtsh1Wcu8OhwahrX0HLnewznNw.roa
File: YLtsh1Wcu8OhwahrX0HLnewznNw.roa (raw, json)
Hash identifier: /7P9jUETq/r3MDu89kN8UsstZ32NnIP+zex36mNpiRI=
Subject key identifier: 60:BB:6C:87:55:9C:BB:C3:A1:C1:A8:6B:5F:41:CB:9D:EC:33:9C:DC
Certificate issuer: /CN=e1ac0322b3eab6572ece2a0ac5abf164a5bbff20
Certificate serial: 018CED52E05B1B13BC1A2CB21507E3A57B68
Authority key identifier: E1:AC:03:22:B3:EA:B6:57:2E:CE:2A:0A:C5:AB:F1:64:A5:BB:FF:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4awDIrPqtlcuzioKxavxZKW7_yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/YLtsh1Wcu8OhwahrX0HLnewznNw.roa
Signing time: Tue 09 Jan 2024 08:24:40 +0000
ROA not before: Tue 09 Jan 2024 08:24:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210611
IP address blocks: 46.31.183.0/24 maxlen: 24
2a00:df80:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:52:e0:5b:1b:13:bc:1a:2c:b2:15:07:e3:a5:7b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1ac0322b3eab6572ece2a0ac5abf164a5bbff20
Validity
Not Before: Jan 9 08:24:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60bb6c87559cbbc3a1c1a86b5f41cb9dec339cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e5:38:49:d6:b2:b2:1e:37:12:d7:84:bb:84:
1e:b5:8d:0a:b5:3d:62:88:cc:67:d0:0a:65:68:c2:
30:19:41:77:fe:2f:89:ef:a5:76:ae:da:c5:0d:90:
4d:b1:4e:79:34:63:31:d7:2d:fc:36:11:c1:30:56:
35:97:49:9f:2b:27:e7:2d:d2:ef:d0:cc:c1:5d:9e:
a9:76:cb:69:9f:26:fc:5b:df:7d:78:54:79:7f:20:
3a:42:a3:13:b5:e7:8c:af:40:34:02:6f:88:c5:6a:
28:2b:9b:59:7e:6a:a0:df:e8:95:c8:ca:ad:c1:c4:
18:84:17:d3:48:c1:80:42:7d:dd:7d:41:a2:fe:7d:
12:7c:5a:f0:f3:38:30:69:57:a7:d0:be:88:66:67:
da:c6:90:af:af:2a:7b:b2:0b:84:f9:08:b3:fb:b9:
12:ff:67:99:df:94:4f:39:69:88:a8:81:aa:dc:ff:
e2:eb:11:60:a6:bf:87:f5:b9:34:f9:df:cf:c6:a9:
ed:cb:4d:12:8a:43:d7:2c:0e:7f:2a:cf:82:05:53:
6f:2b:ef:e2:25:f0:da:5b:f3:e7:2b:1a:21:9d:65:
c9:7b:c5:a1:df:47:f8:b6:d8:25:6c:a3:ce:0f:62:
ee:c7:5f:e3:8f:9c:fa:23:e9:97:9f:51:88:0a:68:
98:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BB:6C:87:55:9C:BB:C3:A1:C1:A8:6B:5F:41:CB:9D:EC:33:9C:DC
X509v3 Authority Key Identifier:
keyid:E1:AC:03:22:B3:EA:B6:57:2E:CE:2A:0A:C5:AB:F1:64:A5:BB:FF:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4awDIrPqtlcuzioKxavxZKW7_yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/YLtsh1Wcu8OhwahrX0HLnewznNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/ff0036-8313-4b3d-ad7f-8d81fdc6f170/1/4awDIrPqtlcuzioKxavxZKW7_yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.183.0/24
IPv6:
2a00:df80:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
53:01:c7:16:01:58:de:6b:f9:1d:92:76:2c:91:74:74:d7:a0:
44:b8:3f:a9:e8:91:80:02:52:6f:34:1b:66:58:68:c0:62:a0:
80:83:38:ea:22:dc:c2:f3:e9:5f:f5:e3:87:7d:b2:0b:b7:47:
a1:35:dd:31:10:13:a4:d7:60:e8:3d:0e:52:f7:45:ed:db:79:
47:d2:78:d0:a9:ab:66:af:b1:a2:a4:22:28:ac:ed:e6:6c:2c:
47:87:7f:f6:b0:e7:68:9e:b1:f3:6b:93:7e:cc:aa:42:ed:b7:
15:4a:2a:85:21:98:66:f7:1b:58:25:7b:c9:82:ee:e0:eb:58:
31:42:43:e7:7d:e7:11:1c:57:58:9a:33:38:64:0c:d7:1b:12:
9b:36:38:b0:e7:37:44:01:11:f8:30:73:23:2e:f9:a1:4e:a6:
33:f9:d6:b1:b4:bc:04:16:7b:db:16:38:50:60:f6:10:d5:21:
81:0a:5c:1c:c4:4f:d0:c6:d1:7c:17:d4:9b:38:40:6d:54:7b:
6f:7d:c5:2d:04:58:49:46:4d:43:cf:64:a5:1e:08:66:2a:af:
2b:72:14:3c:65:bf:74:72:6a:fa:d6:14:6c:e8:28:c3:d4:0d:
bb:5a:e7:0b:07:74:9e:02:0f:85:52:d7:e1:bc:69:78:32:24:
31:8b:5f:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYztUuBbGxO8GiyyFQfjpXtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYWMwMzIyYjNlYWI2NTcyZWNlMmEwYWM1YWJmMTY0YTVi
YmZmMjAwHhcNMjQwMTA5MDgyNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGJiNmM4NzU1OWNiYmMzYTFjMWE4NmI1ZjQxY2I5ZGVjMzM5Y2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOU4Sdaysh43EteEu4QetY0KtT1i
iMxn0AplaMIwGUF3/i+J76V2rtrFDZBNsU55NGMx1y38NhHBMFY1l0mfKyfnLdLv
0MzBXZ6pdstpnyb8W999eFR5fyA6QqMTteeMr0A0Am+IxWooK5tZfmqg3+iVyMqt
wcQYhBfTSMGAQn3dfUGi/n0SfFrw8zgwaVen0L6IZmfaxpCvryp7sguE+Qiz+7kS
/2eZ35RPOWmIqIGq3P/i6xFgpr+H9bk0+d/Pxqnty00SikPXLA5/Ks+CBVNvK+/i
JfDaW/PnKxohnWXJe8Wh30f4ttglbKPOD2Lux1/jj5z6I+mXn1GICmiY1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGC7bIdVnLvDocGoa19By53sM5zcMB8GA1UdIwQY
MBaAFOGsAyKz6rZXLs4qCsWr8WSlu/8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGF3RElyUHF0bGN1emlvS3hhdnhaS1c3X3lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZjAwMzYtODMxMy00YjNkLWFkN2Yt
OGQ4MWZkYzZmMTcwLzEvWUx0c2gxV2N1OE9od2FoclgwSExuZXd6bk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZjAwMzYtODMxMy00YjNkLWFkN2YtOGQ4MWZkYzZmMTcw
LzEvNGF3RElyUHF0bGN1emlvS3hhdnhaS1c3X3lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALh+3MA8E
AgACMAkDBwAqAN+A//8wDQYJKoZIhvcNAQELBQADggEBAFMBxxYBWN5r+R2SdiyR
dHTXoES4P6nokYACUm80G2ZYaMBioICDOOoi3MLz6V/144d9sgu3R6E13TEQE6TX
YOg9DlL3Re3beUfSeNCpq2avsaKkIiis7eZsLEeHf/aw52iesfNrk37MqkLttxVK
KoUhmGb3G1gle8mC7uDrWDFCQ+d95xEcV1iaMzhkDNcbEps2OLDnN0QBEfgwcyMu
+aFOpjP51rG0vAQWe9sWOFBg9hDVIYEKXBzET9DG0XwX1Js4QG1Ue299xS0EWElG
TUPPZKUeCGYqrytyFDxlv3RyavrWFGzoKMPUDbta5wsHdJ4CD4VS1+G8aXgyJDGL
X8U=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:17:15 2025 by rpki-client