Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/6egQZ2XbHNsLijECSo-ct4ZhUGc.roa
File: 6egQZ2XbHNsLijECSo-ct4ZhUGc.roa (raw, json)
Hash identifier: oMEQpLZJ+2O3S9pTjpfSPhiECPfGlHRbb3ubpttk0cM=
Subject key identifier: E9:E8:10:67:65:DB:1C:DB:0B:8A:31:02:4A:8F:9C:B7:86:61:50:67
Certificate issuer: /CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Certificate serial: 018CC5001C2F43D9D1D71421838F533F62DB
Authority key identifier: 02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/6egQZ2XbHNsLijECSo-ct4ZhUGc.roa
Signing time: Mon 01 Jan 2024 12:29:27 +0000
ROA not before: Mon 01 Jan 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16322
IP address blocks: 46.224.64.0/19 maxlen: 19
46.225.32.0/19 maxlen: 19
46.224.96.0/20 maxlen: 20
46.225.64.0/19 maxlen: 19
46.224.224.0/19 maxlen: 19
46.225.192.0/19 maxlen: 19
46.224.32.0/19 maxlen: 19
46.225.0.0/19 maxlen: 19
46.225.121.0/24 maxlen: 24
46.224.160.0/19 maxlen: 19
46.225.120.0/24 maxlen: 24
46.224.192.0/19 maxlen: 19
46.167.128.0/19 maxlen: 19
46.225.160.0/19 maxlen: 19
46.224.112.0/20 maxlen: 20
46.225.96.0/19 maxlen: 19
Validation: Failed, certificate revoked on Sun 21 Apr 2024 15:16:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1c:2f:43:d9:d1:d7:14:21:83:8f:53:3f:62:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Validity
Not Before: Jan 1 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9e8106765db1cdb0b8a31024a8f9cb786615067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b9:49:e7:d0:f0:61:1b:bf:fb:69:29:c0:1c:
7b:ef:55:70:a3:f6:f4:aa:8a:0b:ed:41:e5:c7:8d:
5b:83:ad:ba:5f:0c:44:0e:13:85:bf:20:f9:63:1f:
9d:14:4c:7d:83:ab:04:5f:14:d8:ea:49:a7:f8:4f:
0d:ca:00:c5:ab:2c:d5:30:26:e1:96:dd:dd:e0:70:
fd:60:87:94:18:9c:22:88:2e:89:9c:a9:cb:08:bf:
d8:f1:7e:0a:e9:84:33:d8:7c:39:43:9e:38:e0:18:
f8:c8:f8:ab:d3:b2:d4:b9:e7:a9:00:29:33:c7:3c:
b2:74:79:b8:84:84:1f:b5:d1:48:cf:9e:f0:7c:f6:
cc:19:cb:8c:e4:cc:d2:9a:a8:b3:98:bf:b2:f5:6b:
47:5f:4f:71:30:95:f5:46:ae:40:2b:eb:ba:03:b2:
ee:e0:75:44:a0:c2:81:f0:9b:e0:bb:4c:0b:fb:96:
2a:3f:5c:a0:41:f1:8b:43:b6:78:94:d0:ee:c7:06:
b0:b5:7d:09:f3:da:a9:9a:1e:5c:a8:62:fe:f9:32:
a1:8d:0e:74:69:82:90:2d:fc:5f:38:38:e3:87:02:
ea:27:51:7f:a0:3b:e1:16:42:61:e9:b0:46:57:45:
20:7d:99:52:1d:25:58:ae:a2:5d:80:99:14:da:00:
60:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E8:10:67:65:DB:1C:DB:0B:8A:31:02:4A:8F:9C:B7:86:61:50:67
X509v3 Authority Key Identifier:
keyid:02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/6egQZ2XbHNsLijECSo-ct4ZhUGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.128.0/19
46.224.32.0-46.224.127.255
46.224.160.0-46.225.127.255
46.225.160.0-46.225.223.255
Signature Algorithm: sha256WithRSAEncryption
2c:1b:ff:53:1e:26:fb:2f:20:13:67:0d:29:7e:cc:5d:64:e3:
65:60:a8:81:11:fe:54:91:23:ab:6c:6d:a6:73:6f:27:58:82:
6d:c2:94:ce:85:48:d0:11:2d:07:1b:0c:7c:59:0e:ff:60:0a:
81:80:85:be:d3:6d:03:70:b0:33:65:e0:52:fc:5d:61:3d:b9:
ae:c6:72:be:f7:62:5d:0e:1c:cd:bd:27:36:6c:9a:22:d2:cf:
4f:fb:c5:e5:70:7d:00:26:3e:43:10:01:65:4e:af:0f:87:01:
54:71:b0:da:33:7a:1d:f3:3b:1a:2e:17:a2:c8:7f:aa:2c:43:
98:3f:a3:01:c8:27:02:37:f1:11:1e:c3:52:02:8e:9a:73:88:
39:3b:d0:c3:9b:e6:1b:5e:ad:46:3e:6f:b4:8f:2d:95:ab:0e:
cb:db:f3:87:ef:d5:c0:67:fe:8f:77:b3:92:71:94:22:9f:34:
83:22:05:2d:46:dc:4b:99:6b:5c:18:fc:79:94:91:7c:2a:ad:
0a:cb:5c:1c:a6:7c:6a:fe:9c:da:6c:f7:0b:98:90:ae:22:28:
ec:88:1c:d0:89:33:b0:35:6a:99:7a:a1:7b:9b:1f:39:bb:0f:
c3:d5:19:d2:79:90:da:76:0a:57:45:6a:13:84:87:c9:a4:f2:
0d:c4:5d:db
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzFABwvQ9nR1xQhg49TP2LbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODNhOGM2OWEyNjMwY2Q4ZjZmYTcwYWYyYTUzZmUwMTlm
MmNjMDcwHhcNMjQwMTAxMTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWU4MTA2NzY1ZGIxY2RiMGI4YTMxMDI0YThmOWNiNzg2NjE1MDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LlJ59DwYRu/+2kpwBx771Vwo/b0
qooL7UHlx41bg626XwxEDhOFvyD5Yx+dFEx9g6sEXxTY6kmn+E8NygDFqyzVMCbh
lt3d4HD9YIeUGJwiiC6JnKnLCL/Y8X4K6YQz2Hw5Q5444Bj4yPir07LUueepACkz
xzyydHm4hIQftdFIz57wfPbMGcuM5MzSmqizmL+y9WtHX09xMJX1Rq5AK+u6A7Lu
4HVEoMKB8Jvgu0wL+5YqP1ygQfGLQ7Z4lNDuxwawtX0J89qpmh5cqGL++TKhjQ50
aYKQLfxfODjjhwLqJ1F/oDvhFkJh6bBGV0UgfZlSHSVYrqJdgJkU2gBgFwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOnoEGdl2xzbC4oxAkqPnLeGYVBnMB8GA1UdIwQY
MBaAFAKDqMaaJjDNj2+nCvKlP+AZ8swHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTkt
NTkyYzBkY2RhZjc5LzEvNmVnUVoyWGJITnNMaWpFQ1NvLWN0NFpoVUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTktNTkyYzBkY2RhZjc5
LzEvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQFLqeAMAwD
BAUu4CADBAcu4AAwDAMEBS7goAMEBy7hADAMAwQFLuGgAwQFLuHAMA0GCSqGSIb3
DQEBCwUAA4IBAQAsG/9THib7LyATZw0pfsxdZONlYKiBEf5UkSOrbG2mc28nWIJt
wpTOhUjQES0HGwx8WQ7/YAqBgIW+020DcLAzZeBS/F1hPbmuxnK+92JdDhzNvSc2
bJoi0s9P+8XlcH0AJj5DEAFlTq8PhwFUcbDaM3od8zsaLheiyH+qLEOYP6MByCcC
N/ERHsNSAo6ac4g5O9DDm+YbXq1GPm+0jy2Vqw7L2/OH79XAZ/6Pd7OScZQinzSD
IgUtRtxLmWtcGPx5lJF8Kq0Ky1wcpnxq/pzabPcLmJCuIijsiBzQiTOwNWqZeqF7
mx85uw/D1RnSeZDadgpXRWoThIfJpPINxF3b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org