Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/YkCBcGexAnoHj0mdJ_P6zZEwd3w.roa
File: YkCBcGexAnoHj0mdJ_P6zZEwd3w.roa (raw, json)
Hash identifier: RoXBlMyuCOcZP8K2IpKgvk5Pg0caqLcTsvdpoDXlatA=
Subject key identifier: 62:40:81:70:67:B1:02:7A:07:8F:49:9D:27:F3:FA:CD:91:30:77:7C
Certificate issuer: /CN=23d8f620999506cc86d7548ea7282bb129f02d68
Certificate serial: 01856B6EA34AB23CDF786C8D1FF24D199DCA
Authority key identifier: 23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/YkCBcGexAnoHj0mdJ_P6zZEwd3w.roa
Signing time: Sun 01 Jan 2023 03:44:50 +0000
ROA not before: Sun 01 Jan 2023 03:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 46.227.40.0/24 maxlen: 24
46.227.41.0/24 maxlen: 24
185.31.206.0/24 maxlen: 24
46.227.44.0/24 maxlen: 24
46.227.42.0/24 maxlen: 24
185.31.204.0/24 maxlen: 24
46.227.43.0/24 maxlen: 24
185.31.205.0/24 maxlen: 24
46.227.47.0/24 maxlen: 24
185.31.207.0/24 maxlen: 24
46.227.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:a3:4a:b2:3c:df:78:6c:8d:1f:f2:4d:19:9d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8f620999506cc86d7548ea7282bb129f02d68
Validity
Not Before: Jan 1 03:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6240817067b1027a078f499d27f3facd9130777c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ac:bc:f3:b5:21:31:85:c6:0b:48:a0:c5:9c:
cb:fd:ee:39:47:29:ef:60:d2:3a:88:6e:22:66:54:
c0:fe:5f:4b:96:9e:8e:34:13:a4:87:14:9f:e3:d0:
9e:29:fc:5d:4d:30:46:65:86:32:99:02:be:81:68:
b7:06:a5:92:f4:65:3f:5e:83:fd:25:ba:e8:1c:4f:
a0:d8:7c:98:9e:04:5c:4f:d7:18:03:85:d2:f9:24:
c9:8c:68:b0:41:65:3a:94:62:2c:4c:64:11:f9:af:
05:ef:08:66:23:a3:82:31:d7:8f:a6:e4:04:40:20:
62:6f:49:0f:ad:62:d0:a2:94:56:d9:d9:9b:8d:62:
ed:e5:d1:f6:8f:5c:8d:86:81:1e:d5:1f:82:40:d5:
86:6e:72:91:fc:e7:d8:59:e8:c8:f7:8d:1d:ea:a7:
b2:f2:d7:09:36:95:05:fa:0d:8a:5e:97:e7:b9:4e:
93:8c:53:2e:06:5d:03:02:cb:4e:fd:0f:ae:18:e4:
2b:73:f5:02:07:06:38:e9:c5:c9:9c:a9:88:0c:37:
0e:43:7b:1c:d9:98:21:14:70:0f:c7:95:54:22:7a:
34:53:bc:e4:5b:51:64:21:07:cf:13:c4:68:dc:c3:
e9:2b:d7:d9:d7:e9:85:80:c7:4f:30:4b:22:99:e1:
9c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:40:81:70:67:B1:02:7A:07:8F:49:9D:27:F3:FA:CD:91:30:77:7C
X509v3 Authority Key Identifier:
keyid:23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/YkCBcGexAnoHj0mdJ_P6zZEwd3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/I9j2IJmVBsyG11SOpygrsSnwLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.40.0-46.227.45.255
46.227.47.0/24
185.31.204.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:7a:b4:9e:bf:9c:c6:f1:9f:de:35:34:bb:8f:36:2d:2d:53:
15:8b:60:1b:f8:d8:d5:8e:9a:34:ae:cf:ed:25:c0:85:41:b3:
72:3d:e3:b9:a9:cf:46:a5:ab:26:ef:07:20:60:53:2c:b7:2e:
2b:9f:11:c8:30:8b:17:68:92:19:f8:16:66:da:3d:ce:fc:c9:
24:dc:83:0e:1f:cd:fd:d1:18:8c:83:36:95:aa:7d:a0:a0:ab:
b9:d1:5d:0f:89:8f:65:07:27:b3:e3:24:c4:9e:d4:f0:02:e8:
df:13:84:be:a5:91:25:06:d0:88:64:94:43:db:1a:93:e5:42:
25:62:d9:e2:10:b8:ba:7c:68:ad:94:44:ab:6a:df:2b:84:82:
5a:bc:88:09:a5:b9:96:fe:b7:1f:b4:93:36:f6:21:95:33:bb:
51:86:08:94:b7:a8:fe:9f:57:f7:bb:c6:9d:ea:71:72:37:c1:
53:fd:9d:08:30:1d:fd:22:0d:1d:72:3a:8b:69:c5:1c:eb:e2:
7c:15:26:f7:a3:45:6f:48:76:12:e3:0d:4a:66:e6:9e:3f:20:
8b:78:2f:eb:b3:03:bd:1c:4d:09:0d:c4:33:36:96:71:85:49:
f4:7a:31:7e:a5:14:2b:d5:87:03:08:2e:61:16:89:87:3a:d2:
44:6a:2f:b8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVrbqNKsjzfeGyNH/JNGZ3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDhmNjIwOTk5NTA2Y2M4NmQ3NTQ4ZWE3MjgyYmIxMjlm
MDJkNjgwHhcNMjMwMTAxMDM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjQwODE3MDY3YjEwMjdhMDc4ZjQ5OWQyN2YzZmFjZDkxMzA3NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKy887UhMYXGC0igxZzL/e45Rynv
YNI6iG4iZlTA/l9Llp6ONBOkhxSf49CeKfxdTTBGZYYymQK+gWi3BqWS9GU/XoP9
JbroHE+g2HyYngRcT9cYA4XS+STJjGiwQWU6lGIsTGQR+a8F7whmI6OCMdePpuQE
QCBib0kPrWLQopRW2dmbjWLt5dH2j1yNhoEe1R+CQNWGbnKR/OfYWejI940d6qey
8tcJNpUF+g2KXpfnuU6TjFMuBl0DAstO/Q+uGOQrc/UCBwY46cXJnKmIDDcOQ3sc
2ZghFHAPx5VUIno0U7zkW1FkIQfPE8Ro3MPpK9fZ1+mFgMdPMEsimeGchQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGJAgXBnsQJ6B49JnSfz+s2RMHd8MB8GA1UdIwQY
MBaAFCPY9iCZlQbMhtdUjqcoK7Ep8C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlqMklKbVZCc3lHMTFTT3B5Z3JzU253TFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80MDNlYzQtMjY2ZS00ZWE0LWJhM2Et
NGZkYzQ4ZGE4ZjMzLzEvWWtDQmNHZXhBbm9IajBtZEpfUDZ6WkV3ZDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80MDNlYzQtMjY2ZS00ZWE0LWJhM2EtNGZkYzQ4ZGE4ZjMz
LzEvSTlqMklKbVZCc3lHMTFTT3B5Z3JzU253TFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAMu4ygD
BAEu4ywDBAAu4y8DBAK5H8wwDQYJKoZIhvcNAQELBQADggEBALp6tJ6/nMbxn941
NLuPNi0tUxWLYBv42NWOmjSuz+0lwIVBs3I947mpz0alqybvByBgUyy3LiufEcgw
ixdokhn4FmbaPc78ySTcgw4fzf3RGIyDNpWqfaCgq7nRXQ+Jj2UHJ7PjJMSe1PAC
6N8ThL6lkSUG0IhklEPbGpPlQiVi2eIQuLp8aK2URKtq3yuEglq8iAmluZb+tx+0
kzb2IZUzu1GGCJS3qP6fV/e7xp3qcXI3wVP9nQgwHf0iDR1yOotpxRzr4nwVJvej
RW9IdhLjDUpm5p4/IIt4L+uzA70cTQkNxDM2lnGFSfR6MX6lFCvVhwMILmEWiYc6
0kRqL7g=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:07 2024 by rpki-client on console-fra.rpki-client.org