Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/S17_Zy1liiIeFjLW8obLWI88ltU.roa
File: S17_Zy1liiIeFjLW8obLWI88ltU.roa (raw, json)
Hash identifier: 9loNDTnDNcS6C2uK4WfxOnFABS6wq6WLTR0wqhhI0yc=
Subject key identifier: 4B:5E:FF:67:2D:65:8A:22:1E:16:32:D6:F2:86:CB:58:8F:3C:96:D5
Certificate issuer: /CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Certificate serial: 018D83AB427320E1BD3295589FFF0C66957C
Authority key identifier: 60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/S17_Zy1liiIeFjLW8obLWI88ltU.roa
Signing time: Wed 07 Feb 2024 13:04:15 +0000
ROA not before: Wed 07 Feb 2024 13:04:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15924
IP address blocks: 46.235.15.0/25 maxlen: 32
46.235.15.128/25 maxlen: 32
103.209.228.0/24 maxlen: 32
103.209.229.0/24 maxlen: 32
2a00:9940::/30 maxlen: 128
2a00:9944::/30 maxlen: 128
2a04:e880::/30 maxlen: 128
2a04:e884::/30 maxlen: 128
2a06:8540::/30 maxlen: 128
2a06:8544::/30 maxlen: 128
2a09:2340::/30 maxlen: 128
2a09:2344::/30 maxlen: 128
2a0e:7fc0::/30 maxlen: 128
2a0e:7fc4::/30 maxlen: 128
2a10:c80::/30 maxlen: 128
2a10:c84::/30 maxlen: 128
2a10:7b80::/30 maxlen: 128
2a10:7b84::/30 maxlen: 128
2a14:2b80::/30 maxlen: 128
2a14:2b84::/30 maxlen: 128
2a14:5c80::/30 maxlen: 128
2a14:5c84::/30 maxlen: 128
2a14:6580::/30 maxlen: 128
2a14:6584::/30 maxlen: 128
2a14:7080::/30 maxlen: 128
2a14:7084::/30 maxlen: 128
Validation: Failed, certificate revoked on Thu 08 Feb 2024 12:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:ab:42:73:20:e1:bd:32:95:58:9f:ff:0c:66:95:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Validity
Not Before: Feb 7 13:04:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b5eff672d658a221e1632d6f286cb588f3c96d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4a:ea:ae:33:e0:2d:68:09:81:c9:c7:4a:de:
5c:4a:1e:7d:22:58:11:5a:bc:cd:22:52:39:6c:7c:
77:d1:43:14:e8:01:92:b1:32:fa:df:cc:e0:e9:7e:
87:4d:c8:fd:44:13:5e:4b:d6:21:68:13:97:4b:38:
1c:70:20:8c:81:d8:6d:f9:26:fa:94:da:2e:39:e9:
bb:f9:10:7a:b2:9e:76:97:2c:e4:9c:50:0f:e2:ae:
9f:24:17:74:bf:49:d7:a9:7b:33:5c:e4:4a:1a:82:
83:89:8f:47:b8:87:f9:6e:94:10:6e:33:2b:a7:50:
e6:54:9e:66:c3:c8:4d:f6:eb:9f:e1:96:54:37:61:
8f:59:eb:81:55:3f:1b:3f:45:8f:a5:18:5e:98:ec:
85:4e:74:ae:eb:e8:e1:fc:80:dc:d2:b7:95:9b:6d:
77:3b:48:c0:65:3e:6a:00:12:56:ee:71:65:4f:b3:
62:64:a4:d8:c1:23:c7:1c:c2:5f:70:3b:22:b0:28:
28:1f:4a:3d:0d:c1:9b:68:70:37:0c:e0:f8:cd:50:
73:ff:69:26:ce:b0:e3:e0:c6:84:90:67:54:6b:d1:
bc:26:fb:10:33:cf:ae:0c:bb:66:dc:85:9f:fe:fd:
0e:4a:b1:a5:8a:f5:41:3a:29:ab:81:ec:87:f2:6a:
be:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5E:FF:67:2D:65:8A:22:1E:16:32:D6:F2:86:CB:58:8F:3C:96:D5
X509v3 Authority Key Identifier:
keyid:60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/S17_Zy1liiIeFjLW8obLWI88ltU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/YB3cYHmSY_-5vQ5e6whyhD3uanI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.15.0/24
103.209.228.0/23
IPv6:
2a00:9940::/29
2a04:e880::/29
2a06:8540::/29
2a09:2340::/29
2a0e:7fc0::/29
2a10:c80::/29
2a10:7b80::/29
2a14:2b80::/29
2a14:5c80::/29
2a14:6580::/29
2a14:7080::/29
Signature Algorithm: sha256WithRSAEncryption
bc:03:8b:b3:f3:f8:55:1f:c4:c1:b3:75:3b:99:82:7e:14:7a:
d4:ac:75:84:0b:d5:9f:99:ea:5b:fa:0f:c8:bf:27:8c:65:99:
78:aa:81:31:91:62:8e:ef:e3:11:b7:0d:74:b4:f0:23:35:f0:
35:77:9c:60:f2:61:6c:eb:91:92:66:a2:e7:f3:da:2f:5b:83:
17:9d:89:7c:46:81:8d:fb:b4:0e:62:b5:4f:62:59:ff:11:cd:
81:28:6a:46:cf:51:23:15:d2:9b:bd:63:27:24:78:4d:40:ff:
b6:52:cb:f8:b5:68:73:71:62:89:8d:13:17:02:c6:eb:d4:c7:
cc:64:65:2f:4b:1e:8f:63:8e:b5:64:57:46:3f:91:e5:a9:d0:
55:95:df:41:37:91:6b:6f:46:10:27:0e:2b:32:ad:b8:87:6c:
93:82:d8:ce:48:6c:6e:8b:a5:c6:a5:98:01:36:f1:67:d8:d4:
80:d2:58:bd:10:99:21:0f:83:57:f9:f6:80:d4:83:4f:a7:15:
17:26:43:de:14:a5:ba:b7:09:a3:d1:b4:35:ad:05:3f:28:38:
84:e4:d3:44:f5:dd:60:d4:6b:79:27:9c:c4:1d:2e:88:70:95:
4a:78:83:d0:42:53:a7:03:28:f6:73:f2:5c:02:6d:3b:4c:e4:
92:62:9a:11
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAY2Dq0JzIOG9MpVYn/8MZpV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRkYzYwNzk5MjYzZmZiOWJkMGU1ZWViMDg3Mjg0M2Rl
ZTZhNzIwHhcNMjQwMjA3MTMwNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVlZmY2NzJkNjU4YTIyMWUxNjMyZDZmMjg2Y2I1ODhmM2M5NmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0rqrjPgLWgJgcnHSt5cSh59IlgR
WrzNIlI5bHx30UMU6AGSsTL638zg6X6HTcj9RBNeS9YhaBOXSzgccCCMgdht+Sb6
lNouOem7+RB6sp52lyzknFAP4q6fJBd0v0nXqXszXORKGoKDiY9HuIf5bpQQbjMr
p1DmVJ5mw8hN9uuf4ZZUN2GPWeuBVT8bP0WPpRhemOyFTnSu6+jh/IDc0reVm213
O0jAZT5qABJW7nFlT7NiZKTYwSPHHMJfcDsisCgoH0o9DcGbaHA3DOD4zVBz/2km
zrDj4MaEkGdUa9G8JvsQM8+uDLtm3IWf/v0OSrGlivVBOimrgeyH8mq+KwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFEte/2ctZYoiHhYy1vKGy1iPPJbVMB8GA1UdIwQY
MBaAFGAd3GB5kmP/ub0OXusIcoQ97mpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2Yt
MzY3ZTE3MGU3MTI4LzEvUzE3X1p5MWxpaUllRmpMVzhvYkxXSTg4bHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2YtMzY3ZTE3MGU3MTI4
LzEvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTASBAIAATAMAwQALusPAwQB
Z9HkMFMEAgACME0DBQMqAJlAAwUDKgTogAMFAyoGhUADBQMqCSNAAwUDKg5/wAMF
AyoQDIADBQMqEHuAAwUDKhQrgAMFAyoUXIADBQMqFGWAAwUDKhRwgDANBgkqhkiG
9w0BAQsFAAOCAQEAvAOLs/P4VR/EwbN1O5mCfhR61Kx1hAvVn5nqW/oPyL8njGWZ
eKqBMZFiju/jEbcNdLTwIzXwNXecYPJhbOuRkmai5/PaL1uDF52JfEaBjfu0DmK1
T2JZ/xHNgShqRs9RIxXSm71jJyR4TUD/tlLL+LVoc3FiiY0TFwLG69THzGRlL0se
j2OOtWRXRj+R5anQVZXfQTeRa29GECcOKzKtuIdsk4LYzkhsboulxqWYATbxZ9jU
gNJYvRCZIQ+DV/n2gNSDT6cVFyZD3hSlurcJo9G0Na0FPyg4hOTTRPXdYNRreSec
xB0uiHCVSniD0EJTpwMo9nPyXAJtO0zkkmKaEQ==
-----END CERTIFICATE-----
Generated at Thu Feb 8 16:50:28 2024 by rpki-client on console-ams.rpki-client.org