Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f55b57-ecba-4d3d-9a81-bd802fc4aa94/1/bQ9zIHHBmXWxHxtra2_2hslp7u4.roa
File: bQ9zIHHBmXWxHxtra2_2hslp7u4.roa (raw, json)
Hash identifier: C0DgQ4c0ii6a06SRLILNGsiorV1yHFXEbI8zVE24/tg=
Subject key identifier: 6D:0F:73:20:71:C1:99:75:B1:1F:1B:6B:6B:6F:F6:86:C9:69:EE:EE
Certificate issuer: /CN=5c5d86974a7b624192ec8d834cf2906e1302e431
Certificate serial: 018CC56E876AA03D8C023FF6E87BA3601F25
Authority key identifier: 5C:5D:86:97:4A:7B:62:41:92:EC:8D:83:4C:F2:90:6E:13:02:E4:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XF2Gl0p7YkGS7I2DTPKQbhMC5DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f55b57-ecba-4d3d-9a81-bd802fc4aa94/1/bQ9zIHHBmXWxHxtra2_2hslp7u4.roa
Signing time: Mon 01 Jan 2024 14:30:04 +0000
ROA not before: Mon 01 Jan 2024 14:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60460
IP address blocks: 176.227.170.0/23 maxlen: 23
176.227.172.0/22 maxlen: 22
46.231.24.0/24 maxlen: 24
46.231.28.0/24 maxlen: 24
46.231.29.0/24 maxlen: 24
46.231.27.0/24 maxlen: 24
46.231.25.0/24 maxlen: 24
46.231.26.0/24 maxlen: 24
46.231.30.0/24 maxlen: 24
46.231.31.0/24 maxlen: 24
185.88.240.0/23 maxlen: 23
2a04:2640::/29 maxlen: 32
Validation: Failed, certificate revoked on Sun 21 Jan 2024 12:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:87:6a:a0:3d:8c:02:3f:f6:e8:7b:a3:60:1f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c5d86974a7b624192ec8d834cf2906e1302e431
Validity
Not Before: Jan 1 14:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d0f732071c19975b11f1b6b6b6ff686c969eeee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:06:14:29:d5:4c:1b:24:fa:e2:d4:19:ae:11:
ff:cf:fb:44:53:60:b5:14:7a:0f:e9:f4:16:d9:a4:
53:7e:d2:5e:03:c7:d3:c2:6f:cd:67:dc:1a:42:6f:
fd:63:f6:e4:04:9c:4f:63:a5:ab:ef:92:f1:df:97:
e3:ee:ba:ee:84:41:88:19:5e:42:1f:fe:bb:32:03:
dc:3b:70:68:c2:94:5f:d7:df:ec:94:30:a0:5c:4d:
a2:2b:ef:52:db:82:ee:cc:8c:de:72:d4:08:1e:16:
ef:0b:5f:df:d8:f0:43:f4:97:e8:d4:0c:c3:c0:38:
3a:01:66:40:53:af:b8:48:11:7b:3c:fd:e1:8f:06:
19:25:b4:a9:d8:ab:0c:ae:15:44:1e:ab:f3:61:96:
5e:9b:d7:43:f0:64:15:62:10:78:7a:1b:2f:09:4d:
d1:30:03:c4:40:d5:69:c5:e4:25:16:54:2e:69:00:
89:48:70:56:3c:01:dc:b3:3e:2b:a8:dd:a4:dc:a8:
39:89:8f:59:04:c2:84:77:cb:02:39:04:db:e6:95:
f7:9f:e8:ec:61:4d:9b:68:bd:7b:3f:bf:86:f6:10:
28:3a:3b:04:af:18:04:be:c1:95:34:10:69:16:a6:
f8:03:2c:2a:40:50:03:6f:b3:91:72:14:72:86:f3:
03:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0F:73:20:71:C1:99:75:B1:1F:1B:6B:6B:6F:F6:86:C9:69:EE:EE
X509v3 Authority Key Identifier:
keyid:5C:5D:86:97:4A:7B:62:41:92:EC:8D:83:4C:F2:90:6E:13:02:E4:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XF2Gl0p7YkGS7I2DTPKQbhMC5DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f55b57-ecba-4d3d-9a81-bd802fc4aa94/1/bQ9zIHHBmXWxHxtra2_2hslp7u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f55b57-ecba-4d3d-9a81-bd802fc4aa94/1/XF2Gl0p7YkGS7I2DTPKQbhMC5DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.24.0/21
176.227.170.0-176.227.175.255
185.88.240.0/23
IPv6:
2a04:2640::/29
Signature Algorithm: sha256WithRSAEncryption
5b:42:87:54:24:9b:8f:d3:d4:c6:7f:60:a1:6e:6d:b0:06:d0:
b2:33:32:7c:30:55:6d:af:30:36:1b:dd:56:a0:74:b5:c6:95:
31:fd:4f:eb:11:1d:b4:cd:e0:46:d0:40:83:06:21:5f:0c:ab:
56:cb:16:cb:1a:5f:b9:03:eb:f2:45:91:38:b3:16:1a:dc:0c:
ec:99:a0:23:af:da:75:b1:dc:c7:7d:ca:b7:f8:c7:d6:50:a7:
24:9b:8e:37:9c:4d:25:4d:cf:46:4a:86:88:78:b6:40:f1:59:
aa:34:e7:f1:f3:b2:16:28:a8:9b:ec:a5:4e:ad:a1:17:9c:79:
80:d3:13:60:e8:88:0a:82:87:a4:ee:06:c9:b0:02:8d:d5:b2:
a8:e6:2d:bb:78:4f:ab:44:bd:ad:81:d6:d4:6c:b5:4c:bb:32:
ff:0b:ad:91:5f:cf:40:61:ce:e1:96:f3:65:a2:8d:a1:85:2f:
3e:b1:96:fa:35:22:b5:ec:82:c1:d2:2d:4f:73:20:26:08:ce:
06:b5:f5:33:84:0a:37:90:5b:04:90:21:26:23:0b:a9:03:dc:
0c:6b:a4:1c:96:4a:56:b3:85:60:a7:fe:48:75:af:09:c1:94:
da:00:34:57:6e:1f:40:ab:5d:79:89:52:6a:45:76:b0:31:7a:
9d:33:d9:60
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzFbodqoD2MAj/26HujYB8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNWQ4Njk3NGE3YjYyNDE5MmVjOGQ4MzRjZjI5MDZlMTMw
MmU0MzEwHhcNMjQwMTAxMTQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDBmNzMyMDcxYzE5OTc1YjExZjFiNmI2YjZmZjY4NmM5NjllZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgYUKdVMGyT64tQZrhH/z/tEU2C1
FHoP6fQW2aRTftJeA8fTwm/NZ9waQm/9Y/bkBJxPY6Wr75Lx35fj7rruhEGIGV5C
H/67MgPcO3BowpRf19/slDCgXE2iK+9S24LuzIzectQIHhbvC1/f2PBD9Jfo1AzD
wDg6AWZAU6+4SBF7PP3hjwYZJbSp2KsMrhVEHqvzYZZem9dD8GQVYhB4ehsvCU3R
MAPEQNVpxeQlFlQuaQCJSHBWPAHcsz4rqN2k3Kg5iY9ZBMKEd8sCOQTb5pX3n+js
YU2baL17P7+G9hAoOjsErxgEvsGVNBBpFqb4AywqQFADb7ORchRyhvMDPQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFG0PcyBxwZl1sR8ba2tv9obJae7uMB8GA1UdIwQY
MBaAFFxdhpdKe2JBkuyNg0zykG4TAuQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEYyR2wwcDdZa0dTN0kyRFRQS1FiaE1DNURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTViNTctZWNiYS00ZDNkLTlhODEt
YmQ4MDJmYzRhYTk0LzEvYlE5eklISEJtWFd4SHh0cmEyXzJoc2xwN3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTViNTctZWNiYS00ZDNkLTlhODEtYmQ4MDJmYzRhYTk0
LzEvWEYyR2wwcDdZa0dTN0kyRFRQS1FiaE1DNURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDLucYMAwD
BAGw46oDBASw46ADBAG5WPAwDQQCAAIwBwMFAyoEJkAwDQYJKoZIhvcNAQELBQAD
ggEBAFtCh1Qkm4/T1MZ/YKFubbAG0LIzMnwwVW2vMDYb3VagdLXGlTH9T+sRHbTN
4EbQQIMGIV8Mq1bLFssaX7kD6/JFkTizFhrcDOyZoCOv2nWx3Md9yrf4x9ZQpySb
jjecTSVNz0ZKhoh4tkDxWao05/HzshYoqJvspU6toReceYDTE2DoiAqCh6TuBsmw
Ao3VsqjmLbt4T6tEva2B1tRstUy7Mv8LrZFfz0BhzuGW82WijaGFLz6xlvo1IrXs
gsHSLU9zICYIzga19TOECjeQWwSQISYjC6kD3AxrpByWSlazhWCn/kh1rwnBlNoA
NFduH0CrXXmJUmpFdrAxep0z2WA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:45 2024 by rpki-client on console-fra.rpki-client.org