Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/OZWhPzpcn3vZH34RA4N0spPabDI.roa
File: OZWhPzpcn3vZH34RA4N0spPabDI.roa (raw, json)
Hash identifier: JQMClNp96v0ByT2gOSO419ZmAPFGJKDKuQBVFX/nsBQ=
Subject key identifier: 39:95:A1:3F:3A:5C:9F:7B:D9:1F:7E:11:03:83:74:B2:93:DA:6C:32
Certificate issuer: /CN=23d8f620999506cc86d7548ea7282bb129f02d68
Certificate serial: 01856B6EA4014D5C6F89C7B7564F1A2770C4
Authority key identifier: 23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/OZWhPzpcn3vZH34RA4N0spPabDI.roa
Signing time: Sun 01 Jan 2023 03:44:51 +0000
ROA not before: Sun 01 Jan 2023 03:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 46.227.42.0/24 maxlen: 24
185.31.204.0/24 maxlen: 24
46.227.41.0/24 maxlen: 24
46.227.40.0/24 maxlen: 24
46.227.44.0/24 maxlen: 24
185.31.206.0/24 maxlen: 24
46.227.43.0/24 maxlen: 24
185.31.205.0/24 maxlen: 24
46.227.47.0/24 maxlen: 24
185.31.207.0/24 maxlen: 24
46.227.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:a4:01:4d:5c:6f:89:c7:b7:56:4f:1a:27:70:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8f620999506cc86d7548ea7282bb129f02d68
Validity
Not Before: Jan 1 03:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3995a13f3a5c9f7bd91f7e11038374b293da6c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c6:8b:16:5d:79:5b:23:35:6f:93:34:6b:a6:
f7:c5:c7:71:f0:d6:7e:ea:af:a2:90:3d:1b:8b:a3:
11:10:f3:77:c8:9e:ae:08:76:c7:5c:8a:c7:3a:ba:
ec:c9:de:56:e7:5f:a6:c4:4d:7f:51:87:c4:14:3e:
30:c1:6c:71:7d:3b:c0:44:32:55:8c:5b:5a:2a:38:
ad:f5:d8:6d:cb:75:87:80:40:42:09:7c:02:b0:91:
78:8a:57:25:58:0f:de:8c:cf:ca:bd:45:fd:18:08:
71:04:43:09:97:1f:9f:37:46:7b:0e:78:33:68:f8:
a1:45:cc:e5:c2:9b:f9:a1:43:ab:96:2d:0e:f2:09:
0f:9d:ae:0d:0d:ed:57:a9:42:56:69:92:a6:e0:1b:
b5:46:01:b8:1c:f3:a3:7a:8b:ed:87:39:57:fd:5e:
1c:0a:20:e4:e6:6a:78:93:88:ef:07:7d:34:b4:a3:
f8:b3:7d:a2:23:e0:37:12:4a:68:36:03:14:3d:c7:
5b:03:cc:3b:03:6f:70:a0:10:6b:59:a5:ad:2a:b6:
45:01:da:9c:0b:75:0a:22:0d:03:1a:8f:5e:ab:95:
41:fb:bd:a7:22:e5:71:46:b3:10:44:c7:35:54:4f:
8b:f2:df:eb:21:21:e2:ef:1d:c7:51:26:75:57:b6:
00:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:95:A1:3F:3A:5C:9F:7B:D9:1F:7E:11:03:83:74:B2:93:DA:6C:32
X509v3 Authority Key Identifier:
keyid:23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/OZWhPzpcn3vZH34RA4N0spPabDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/I9j2IJmVBsyG11SOpygrsSnwLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.40.0-46.227.45.255
46.227.47.0/24
185.31.204.0/22
Signature Algorithm: sha256WithRSAEncryption
08:10:aa:96:51:d6:a0:d0:c4:40:24:0d:8d:cf:3b:42:d8:43:
0f:8d:0e:69:15:68:d5:81:f1:b4:6b:81:4f:27:ef:2e:45:65:
fe:28:36:db:72:c7:cc:95:28:6e:fd:50:e7:07:a6:2f:f8:4e:
71:a8:31:3c:de:b0:70:ed:a4:80:23:81:90:cf:b8:d8:5f:b9:
72:d4:2d:81:36:0a:49:7a:ce:19:12:c1:d4:fc:4f:19:5b:a0:
2e:f3:7c:6c:be:bc:b2:b1:07:f4:86:83:35:de:bf:4b:d9:0b:
04:b1:38:0d:a2:7c:11:17:f4:c4:64:92:01:f1:b0:85:fa:aa:
c3:71:03:f1:96:ef:41:32:3f:7e:76:62:8c:2c:e7:f4:f8:b5:
26:47:5c:b6:e2:10:11:7f:aa:f1:b0:9d:54:21:73:85:d1:5e:
1a:9e:10:c3:0a:4d:b7:ec:25:a2:7e:af:65:73:d4:95:06:c8:
c4:99:e3:01:7a:43:cc:71:be:a7:44:75:45:79:f0:17:f9:56:
99:e2:c9:cd:13:72:b9:5d:e5:2c:14:db:1f:2c:22:8c:d2:4f:
8a:44:0b:81:91:73:fe:e3:bf:a1:09:a6:df:00:81:0b:79:14:
4c:23:95:25:12:59:50:75:76:f3:79:76:2e:47:69:9f:73:33:
4e:c6:e4:6f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVrbqQBTVxvice3Vk8aJ3DEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDhmNjIwOTk5NTA2Y2M4NmQ3NTQ4ZWE3MjgyYmIxMjlm
MDJkNjgwHhcNMjMwMTAxMDM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTk1YTEzZjNhNWM5ZjdiZDkxZjdlMTEwMzgzNzRiMjkzZGE2YzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsaLFl15WyM1b5M0a6b3xcdx8NZ+
6q+ikD0bi6MREPN3yJ6uCHbHXIrHOrrsyd5W51+mxE1/UYfEFD4wwWxxfTvARDJV
jFtaKjit9dhty3WHgEBCCXwCsJF4ilclWA/ejM/KvUX9GAhxBEMJlx+fN0Z7Dngz
aPihRczlwpv5oUOrli0O8gkPna4NDe1XqUJWaZKm4Bu1RgG4HPOjeovthzlX/V4c
CiDk5mp4k4jvB300tKP4s32iI+A3EkpoNgMUPcdbA8w7A29woBBrWaWtKrZFAdqc
C3UKIg0DGo9eq5VB+72nIuVxRrMQRMc1VE+L8t/rISHi7x3HUSZ1V7YANQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDmVoT86XJ972R9+EQODdLKT2mwyMB8GA1UdIwQY
MBaAFCPY9iCZlQbMhtdUjqcoK7Ep8C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlqMklKbVZCc3lHMTFTT3B5Z3JzU253TFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80MDNlYzQtMjY2ZS00ZWE0LWJhM2Et
NGZkYzQ4ZGE4ZjMzLzEvT1pXaFB6cGNuM3ZaSDM0UkE0TjBzcFBhYkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80MDNlYzQtMjY2ZS00ZWE0LWJhM2EtNGZkYzQ4ZGE4ZjMz
LzEvSTlqMklKbVZCc3lHMTFTT3B5Z3JzU253TFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAMu4ygD
BAEu4ywDBAAu4y8DBAK5H8wwDQYJKoZIhvcNAQELBQADggEBAAgQqpZR1qDQxEAk
DY3PO0LYQw+NDmkVaNWB8bRrgU8n7y5FZf4oNttyx8yVKG79UOcHpi/4TnGoMTze
sHDtpIAjgZDPuNhfuXLULYE2Ckl6zhkSwdT8TxlboC7zfGy+vLKxB/SGgzXev0vZ
CwSxOA2ifBEX9MRkkgHxsIX6qsNxA/GW70EyP352Yows5/T4tSZHXLbiEBF/qvGw
nVQhc4XRXhqeEMMKTbfsJaJ+r2Vz1JUGyMSZ4wF6Q8xxvqdEdUV58Bf5Vpniyc0T
crld5SwU2x8sIozST4pEC4GRc/7jv6EJpt8AgQt5FEwjlSUSWVB1dvN5di5HaZ9z
M07G5G8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:42 2024 by rpki-client on console-fra.rpki-client.org