Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/ouS0zA4yGsUyYNMardkT5ECo7zg.roa
File: ouS0zA4yGsUyYNMardkT5ECo7zg.roa (raw, json)
Hash identifier: RaOEckYCH+ITYClMB6ImO8WWyvOO2UbQzlyliyw6NFs=
Subject key identifier: A2:E4:B4:CC:0E:32:1A:C5:32:60:D3:1A:AD:D9:13:E4:40:A8:EF:38
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018CC42549C386EBF92FEE5476E5F9519B5E
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/ouS0zA4yGsUyYNMardkT5ECo7zg.roa
Signing time: Mon 01 Jan 2024 08:30:27 +0000
ROA not before: Mon 01 Jan 2024 08:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6712
IP address blocks: 46.160.64.0/20 maxlen: 24
91.250.0.0/19 maxlen: 24
46.160.80.0/21 maxlen: 24
46.160.96.0/19 maxlen: 24
82.117.240.0/24 maxlen: 24
91.250.32.0/19 maxlen: 24
82.117.246.0/24 maxlen: 24
2a00:1210:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 24 Feb 2024 09:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:49:c3:86:eb:f9:2f:ee:54:76:e5:f9:51:9b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Jan 1 08:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2e4b4cc0e321ac53260d31aadd913e440a8ef38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:29:97:88:9d:3b:04:0d:6a:1c:d0:6b:ee:5a:
f2:84:82:28:08:be:25:53:23:8f:8b:3f:85:e6:30:
83:1b:9b:78:53:bf:cd:80:48:af:ad:f2:31:7d:7b:
40:70:67:ca:e4:72:c9:0c:35:da:df:fc:2c:ab:cf:
22:22:56:8e:b9:54:37:d8:31:cf:d4:04:05:22:fe:
56:47:04:40:44:a6:86:bd:30:06:93:e1:9d:52:09:
64:64:be:2a:14:6f:06:1b:26:48:07:c9:e0:8f:a1:
26:f7:53:09:7c:54:0a:89:b2:e6:60:9e:ce:cd:a5:
b8:56:54:c1:5b:a7:d9:7c:e9:83:f6:a7:49:f4:1b:
62:fa:f6:f9:49:a1:3d:27:ae:3c:e4:bd:c7:9d:db:
ab:98:e3:b4:e8:5e:92:b2:d1:dd:13:dc:98:d4:85:
0a:56:19:3a:9f:35:61:cf:15:79:e7:e5:0a:89:b3:
5f:c2:e5:e3:ea:32:9e:73:7a:7a:b6:8e:4c:bb:47:
a9:ea:5f:e5:05:d7:12:65:b9:1a:a2:64:a5:6b:d0:
c7:1c:bb:b9:b8:14:d0:54:81:62:57:9c:cf:e1:9a:
22:16:bc:0a:44:23:68:49:da:34:44:c3:cf:3a:e4:
55:84:78:48:06:37:74:52:af:85:10:a3:17:86:54:
77:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E4:B4:CC:0E:32:1A:C5:32:60:D3:1A:AD:D9:13:E4:40:A8:EF:38
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/ouS0zA4yGsUyYNMardkT5ECo7zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.160.64.0-46.160.87.255
46.160.96.0/19
82.117.240.0/24
82.117.246.0/24
91.250.0.0/18
IPv6:
2a00:1210:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
90:39:2b:0d:44:48:5b:96:6d:4f:a7:d3:e4:c9:50:5b:2e:9f:
1e:1f:4c:32:12:4a:f3:80:71:64:47:fd:29:61:db:84:e9:8a:
aa:54:91:9a:0b:7f:54:29:32:d3:ed:86:34:03:a3:b8:ab:a6:
45:21:29:9c:37:f1:55:56:26:26:3f:e3:9b:b0:55:27:20:27:
07:b1:b7:f3:8f:89:4f:a9:66:3e:c0:aa:0b:c3:f0:e8:05:0a:
25:63:ab:6d:3d:c6:4f:06:20:59:f5:f8:5a:3b:59:73:29:49:
92:8e:81:17:6d:b2:04:24:1b:af:02:15:96:b6:e6:92:5d:be:
0c:22:11:50:6b:fb:a6:11:a2:ab:ac:9d:85:d6:34:9d:ed:19:
9d:be:02:89:87:ce:97:72:76:9e:62:ab:67:e8:f1:c1:77:d6:
19:2e:9d:ba:92:86:ac:a1:eb:9b:22:8f:1a:1c:4e:13:4c:4b:
53:99:aa:31:eb:77:56:d6:23:1a:fa:28:73:69:53:eb:b1:2f:
5f:df:95:49:24:fd:50:ef:cc:d3:f6:c5:f5:c1:30:98:54:37:
83:79:c6:36:e0:66:81:72:d0:de:0e:c4:f2:03:94:6e:5e:55:
8d:01:cb:55:da:5c:b9:ad:41:ac:d3:a0:35:ff:a5:8c:ee:81:
66:1f:d1:a7
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzEJUnDhuv5L+5UduX5UZteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmU0YjRjYzBlMzIxYWM1MzI2MGQzMWFhZGQ5MTNlNDQwYThlZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCmXiJ07BA1qHNBr7lryhIIoCL4l
UyOPiz+F5jCDG5t4U7/NgEivrfIxfXtAcGfK5HLJDDXa3/wsq88iIlaOuVQ32DHP
1AQFIv5WRwRARKaGvTAGk+GdUglkZL4qFG8GGyZIB8ngj6Em91MJfFQKibLmYJ7O
zaW4VlTBW6fZfOmD9qdJ9Bti+vb5SaE9J6485L3HndurmOO06F6SstHdE9yY1IUK
Vhk6nzVhzxV55+UKibNfwuXj6jKec3p6to5Mu0ep6l/lBdcSZbkaomSla9DHHLu5
uBTQVIFiV5zP4ZoiFrwKRCNoSdo0RMPPOuRVhHhIBjd0Uq+FEKMXhlR3+wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFKLktMwOMhrFMmDTGq3ZE+RAqO84MB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvb3VTMHpBNHlHc1V5WU5NYXJka1Q1RUNvN3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmMAwDBAYuoEAD
BAMuoFADBAUuoGADBABSdfADBABSdfYDBAZb+gAwDwQCAAIwCQMHACoAEhD//zAN
BgkqhkiG9w0BAQsFAAOCAQEAkDkrDURIW5ZtT6fT5MlQWy6fHh9MMhJK84BxZEf9
KWHbhOmKqlSRmgt/VCky0+2GNAOjuKumRSEpnDfxVVYmJj/jm7BVJyAnB7G384+J
T6lmPsCqC8Pw6AUKJWOrbT3GTwYgWfX4WjtZcylJko6BF22yBCQbrwIVlrbmkl2+
DCIRUGv7phGiq6ydhdY0ne0Znb4CiYfOl3J2nmKrZ+jxwXfWGS6dupKGrKHrmyKP
GhxOE0xLU5mqMet3VtYjGvooc2lT67EvX9+VSST9UO/M0/bF9cEwmFQ3g3nGNuBm
gXLQ3g7E8gOUbl5VjQHLVdpcua1BrNOgNf+ljO6BZh/Rpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:49 2024 by rpki-client on console-fra.rpki-client.org