Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/1YtsEXnJEmeu_QrLr8xnEyoF6-c.roa
File: 1YtsEXnJEmeu_QrLr8xnEyoF6-c.roa (raw, json)
Hash identifier: wJIi7kPI06Ds6D0Ee88dnHrYZU+n9etN2+mxx9ZZ6AU=
Subject key identifier: D5:8B:6C:11:79:C9:12:67:AE:FD:0A:CB:AF:CC:67:13:2A:05:EB:E7
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 0191C1B88B4A07F841759230390728E7D0D6
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/1YtsEXnJEmeu_QrLr8xnEyoF6-c.roa
Signing time: Thu 05 Sep 2024 10:26:22 +0000
ROA not before: Thu 05 Sep 2024 10:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 46.226.160.0/21 maxlen: 32
89.169.32.0/22 maxlen: 32
89.169.52.0/22 maxlen: 32
92.246.136.0/22 maxlen: 32
217.144.185.0/24 maxlen: 32
217.144.186.0/24 maxlen: 32
217.144.187.0/24 maxlen: 32
217.144.188.0/24 maxlen: 32
217.144.189.0/24 maxlen: 32
217.144.190.0/24 maxlen: 32
217.144.191.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 08 Nov 2024 13:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:b8:8b:4a:07:f8:41:75:92:30:39:07:28:e7:d0:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Sep 5 10:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d58b6c1179c91267aefd0acbafcc67132a05ebe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:70:f4:2b:09:a1:d7:4f:1b:08:49:d4:0d:2f:
7c:20:cf:67:aa:68:19:ca:82:e1:00:01:ab:78:e0:
ce:86:ca:ba:94:0e:cc:6d:81:37:36:a6:12:52:a9:
69:d4:d8:c1:0b:45:e3:95:be:dc:f5:dd:58:79:85:
ba:b4:ad:37:b9:fd:7e:9c:42:e2:89:a3:7d:a2:44:
3e:2e:9e:a2:fd:a8:d2:40:51:f1:7a:f8:57:49:1f:
65:dc:9b:f1:33:64:71:c4:b0:3e:aa:f4:21:26:fc:
63:d3:4a:a4:97:eb:68:5b:e7:d4:72:b0:23:4b:0b:
b3:ca:5c:fb:68:66:89:e2:61:12:87:fa:0a:0d:2a:
b2:ad:0b:bb:79:80:2e:77:ca:c8:3e:c1:4c:99:88:
dd:05:b4:40:45:da:99:ee:a7:4b:75:3f:4e:09:5d:
2c:cb:64:2a:fc:28:f2:34:69:92:52:c3:ef:d2:73:
15:6a:57:64:e1:5a:a4:aa:4a:55:23:c7:ff:dc:d3:
26:c5:6d:d7:93:18:93:8d:f0:1d:0a:64:d0:18:99:
1a:1f:f9:af:50:3e:2d:98:ae:d0:9a:25:e5:d3:6a:
3e:83:6d:f4:b3:a8:c2:6c:13:e3:2a:73:52:d8:87:
80:cd:41:e3:f8:c6:64:cd:c3:04:a2:68:e7:70:d3:
a6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8B:6C:11:79:C9:12:67:AE:FD:0A:CB:AF:CC:67:13:2A:05:EB:E7
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/1YtsEXnJEmeu_QrLr8xnEyoF6-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.160.0/21
89.169.32.0/22
89.169.52.0/22
92.246.136.0/22
217.144.185.0-217.144.191.255
Signature Algorithm: sha256WithRSAEncryption
2a:7a:5b:a5:7e:46:ba:72:a5:62:48:21:96:6e:22:bd:54:9e:
a5:a1:d7:f2:57:c5:93:c7:f1:b3:15:fe:52:ac:d8:25:8e:04:
28:ff:b8:1c:8c:76:74:2f:12:a1:21:18:6b:fb:b6:bb:48:d4:
1c:b1:54:ff:81:60:e7:67:cb:3c:f5:26:72:79:93:27:ea:83:
b3:63:c6:d3:23:ac:75:39:71:95:ab:5e:a6:da:f5:6e:a6:48:
46:20:69:1d:c0:90:7c:41:fc:b2:1c:8d:bf:ae:65:f3:e3:65:
3a:2e:7f:df:87:24:3f:e6:9e:8c:42:f9:d0:83:55:37:30:af:
71:1c:d6:b3:53:b5:52:df:19:ef:b9:ef:c1:c2:0b:e9:ab:db:
76:19:c9:11:de:3a:79:4e:d4:2a:e5:8e:60:5e:d7:4a:cd:e3:
05:1a:ac:1d:7b:46:2a:24:e7:a1:3d:0e:ba:54:19:8c:a8:81:
7d:35:18:e5:ac:d3:85:89:12:09:23:e9:eb:ab:78:fb:b6:83:
86:92:30:4c:01:f2:cd:5a:96:24:61:a6:29:08:5c:e5:1d:34:
c7:0c:9f:28:d4:93:bd:82:2a:b7:d3:87:60:1b:75:7e:e6:7b:
36:cb:86:57:c5:a8:d7:29:c2:ca:af:85:7c:81:59:d2:99:80:
32:2b:5c:27
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHBuItKB/hBdZIwOQco59DWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwOTA1MTAyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNThiNmMxMTc5YzkxMjY3YWVmZDBhY2JhZmNjNjcxMzJhMDVlYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXD0Kwmh108bCEnUDS98IM9nqmgZ
yoLhAAGreODOhsq6lA7MbYE3NqYSUqlp1NjBC0Xjlb7c9d1YeYW6tK03uf1+nELi
iaN9okQ+Lp6i/ajSQFHxevhXSR9l3JvxM2RxxLA+qvQhJvxj00qkl+toW+fUcrAj
Swuzylz7aGaJ4mESh/oKDSqyrQu7eYAud8rIPsFMmYjdBbRARdqZ7qdLdT9OCV0s
y2Qq/CjyNGmSUsPv0nMValdk4VqkqkpVI8f/3NMmxW3XkxiTjfAdCmTQGJkaH/mv
UD4tmK7QmiXl02o+g230s6jCbBPjKnNS2IeAzUHj+MZkzcMEomjncNOmxQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNWLbBF5yRJnrv0Ky6/MZxMqBevnMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvMVl0c0VYbkpFbWV1X1FyTHI4eG5FeW9GNi1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDLuKgAwQC
WakgAwQCWak0AwQCXPaIMAwDBADZkLkDBAbZkIAwDQYJKoZIhvcNAQELBQADggEB
ACp6W6V+RrpypWJIIZZuIr1UnqWh1/JXxZPH8bMV/lKs2CWOBCj/uByMdnQvEqEh
GGv7trtI1ByxVP+BYOdnyzz1JnJ5kyfqg7NjxtMjrHU5cZWrXqba9W6mSEYgaR3A
kHxB/LIcjb+uZfPjZTouf9+HJD/mnoxC+dCDVTcwr3Ec1rNTtVLfGe+578HCC+mr
23YZyRHeOnlO1CrljmBe10rN4wUarB17Riok56E9DrpUGYyogX01GOWs04WJEgkj
6eurePu2g4aSMEwB8s1aliRhpikIXOUdNMcMnyjUk72CKrfTh2AbdX7mezbLhlfF
qNcpwsqvhXyBWdKZgDIrXCc=
-----END CERTIFICATE-----
Generated at Fri Nov 8 18:02:44 2024 by rpki-client on console-fra.rpki-client.org