Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/SU5z61AFF3FXLzDBOux2qY9czB8.roa
File: SU5z61AFF3FXLzDBOux2qY9czB8.roa (raw, json)
Hash identifier: p3p4EE1cM4olM+S0p+HyPnQCiD6MZHGZy4cDRqeuQQA=
Subject key identifier: 49:4E:73:EB:50:05:17:71:57:2F:30:C1:3A:EC:76:A9:8F:5C:CC:1F
Certificate issuer: /CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Certificate serial: 018D88BE65B25196F3D3E6841F50194EE1A7
Authority key identifier: 60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/SU5z61AFF3FXLzDBOux2qY9czB8.roa
Signing time: Thu 08 Feb 2024 12:43:15 +0000
ROA not before: Thu 08 Feb 2024 12:43:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15924
IP address blocks: 46.235.15.0/24 maxlen: 32
103.209.228.0/24 maxlen: 32
103.209.229.0/24 maxlen: 32
2a00:9940::/30 maxlen: 128
2a00:9944::/30 maxlen: 128
2a04:e880::/30 maxlen: 128
2a04:e884::/30 maxlen: 128
2a06:8540::/30 maxlen: 128
2a06:8544::/30 maxlen: 128
2a09:2340::/30 maxlen: 128
2a09:2344::/30 maxlen: 128
2a0e:7fc0::/30 maxlen: 128
2a0e:7fc4::/30 maxlen: 128
2a10:c80::/30 maxlen: 128
2a10:c84::/30 maxlen: 128
2a10:7b80::/30 maxlen: 128
2a10:7b84::/30 maxlen: 128
2a14:2b80::/30 maxlen: 128
2a14:2b84::/30 maxlen: 128
2a14:5c80::/30 maxlen: 128
2a14:5c84::/30 maxlen: 128
2a14:6580::/30 maxlen: 128
2a14:6584::/30 maxlen: 128
2a14:7080::/30 maxlen: 128
2a14:7084::/30 maxlen: 128
Validation: Failed, certificate revoked on Tue 27 Aug 2024 16:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:be:65:b2:51:96:f3:d3:e6:84:1f:50:19:4e:e1:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Validity
Not Before: Feb 8 12:43:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=494e73eb50051771572f30c13aec76a98f5ccc1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c9:a2:a2:eb:f9:13:f0:79:f7:b5:e7:9f:bb:
6d:86:aa:f6:d7:81:cd:5c:6e:88:5b:13:5f:79:d9:
8b:45:b4:e7:3b:30:c4:cf:cd:13:22:96:8f:a7:45:
75:20:a1:89:0f:60:87:6e:0f:2c:d9:df:87:21:75:
38:f2:49:3d:a8:a4:8e:3f:ce:7d:10:77:53:54:ea:
93:83:3a:84:d8:43:9f:c7:13:49:6d:a6:2c:4f:15:
28:39:2b:85:ec:2c:39:0a:3f:1c:3a:67:43:f3:0f:
40:08:96:ce:f3:2b:bc:0b:9b:ee:ee:d1:39:0a:00:
c2:bc:9d:22:c2:e3:0e:38:cf:62:e1:3a:a3:4d:1b:
e8:fe:62:3a:ed:4a:84:18:90:b1:cb:65:4a:94:82:
68:87:a0:a2:f4:9d:44:38:3a:74:53:24:f9:ae:e8:
23:05:6e:d8:d0:66:26:42:51:61:9f:06:bf:ad:74:
2b:29:11:d5:df:b1:0a:3c:77:62:53:08:d1:b4:52:
4f:63:e7:e4:4f:c2:f3:a8:93:93:e7:4d:9d:4c:ee:
9f:2a:20:69:ae:d2:12:cb:ce:22:63:10:22:c7:37:
17:4c:d1:43:eb:7d:41:9c:6c:1c:06:1d:ae:d8:57:
64:d2:95:1d:0c:1e:bf:22:81:35:c0:1e:8a:ff:28:
ad:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:4E:73:EB:50:05:17:71:57:2F:30:C1:3A:EC:76:A9:8F:5C:CC:1F
X509v3 Authority Key Identifier:
keyid:60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/SU5z61AFF3FXLzDBOux2qY9czB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/YB3cYHmSY_-5vQ5e6whyhD3uanI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.15.0/24
103.209.228.0/23
IPv6:
2a00:9940::/29
2a04:e880::/29
2a06:8540::/29
2a09:2340::/29
2a0e:7fc0::/29
2a10:c80::/29
2a10:7b80::/29
2a14:2b80::/29
2a14:5c80::/29
2a14:6580::/29
2a14:7080::/29
Signature Algorithm: sha256WithRSAEncryption
1d:7c:81:15:e9:d1:c6:93:cc:47:1a:a7:36:7e:df:a9:ab:d6:
e5:dd:fd:5b:17:2c:0e:c5:16:af:03:9f:c8:4e:71:a9:43:f1:
42:79:1d:11:34:a0:76:55:2d:7f:86:3b:53:96:45:0f:06:d1:
2a:3c:eb:7a:b3:53:bc:a1:b1:06:22:2d:3e:72:63:39:f3:2b:
99:ec:12:2f:66:09:fe:ef:4f:fa:f9:7c:ac:e7:d4:b2:6c:5c:
78:f2:3e:67:e4:12:05:c7:81:25:63:8f:20:39:76:9e:7c:59:
53:62:68:4f:b0:2d:15:11:80:a5:ec:c9:e1:4a:36:d7:8d:35:
4a:15:d7:27:09:38:88:25:d5:88:29:86:b0:40:52:9b:51:d4:
b6:06:e7:7f:a5:9d:1c:7c:e4:97:be:23:6d:a6:87:70:e2:62:
7a:11:3f:08:69:36:b4:3e:b5:c9:d5:a4:8e:29:de:89:65:f4:
f6:c9:62:99:69:8b:67:fa:77:bc:d9:64:9e:6b:56:99:ce:9e:
35:1e:e3:1f:d5:81:47:d4:e1:d7:2c:6c:d9:d2:a7:7e:92:92:
4e:fb:94:76:cd:1a:12:b2:bf:d0:48:94:a9:15:c0:6e:f8:e8:
c4:67:58:88:0f:27:0b:19:a0:2d:58:d0:9f:4f:a9:1e:98:1d:
5b:66:57:96
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAY2IvmWyUZbz0+aEH1AZTuGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRkYzYwNzk5MjYzZmZiOWJkMGU1ZWViMDg3Mjg0M2Rl
ZTZhNzIwHhcNMjQwMjA4MTI0MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTRlNzNlYjUwMDUxNzcxNTcyZjMwYzEzYWVjNzZhOThmNWNjYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMmiouv5E/B597Xnn7tthqr214HN
XG6IWxNfedmLRbTnOzDEz80TIpaPp0V1IKGJD2CHbg8s2d+HIXU48kk9qKSOP859
EHdTVOqTgzqE2EOfxxNJbaYsTxUoOSuF7Cw5Cj8cOmdD8w9ACJbO8yu8C5vu7tE5
CgDCvJ0iwuMOOM9i4TqjTRvo/mI67UqEGJCxy2VKlIJoh6Ci9J1EODp0UyT5rugj
BW7Y0GYmQlFhnwa/rXQrKRHV37EKPHdiUwjRtFJPY+fkT8LzqJOT502dTO6fKiBp
rtISy84iYxAixzcXTNFD631BnGwcBh2u2Fdk0pUdDB6/IoE1wB6K/yitqwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFElOc+tQBRdxVy8wwTrsdqmPXMwfMB8GA1UdIwQY
MBaAFGAd3GB5kmP/ub0OXusIcoQ97mpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2Yt
MzY3ZTE3MGU3MTI4LzEvU1U1ejYxQUZGM0ZYTHpEQk91eDJxWTljekI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2YtMzY3ZTE3MGU3MTI4
LzEvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTASBAIAATAMAwQALusPAwQB
Z9HkMFMEAgACME0DBQMqAJlAAwUDKgTogAMFAyoGhUADBQMqCSNAAwUDKg5/wAMF
AyoQDIADBQMqEHuAAwUDKhQrgAMFAyoUXIADBQMqFGWAAwUDKhRwgDANBgkqhkiG
9w0BAQsFAAOCAQEAHXyBFenRxpPMRxqnNn7fqavW5d39WxcsDsUWrwOfyE5xqUPx
QnkdETSgdlUtf4Y7U5ZFDwbRKjzrerNTvKGxBiItPnJjOfMrmewSL2YJ/u9P+vl8
rOfUsmxcePI+Z+QSBceBJWOPIDl2nnxZU2JoT7AtFRGApezJ4Uo21401ShXXJwk4
iCXViCmGsEBSm1HUtgbnf6WdHHzkl74jbaaHcOJiehE/CGk2tD61ydWkjineiWX0
9slimWmLZ/p3vNlknmtWmc6eNR7jH9WBR9Th1yxs2dKnfpKSTvuUds0aErK/0EiU
qRXAbvjoxGdYiA8nCxmgLVjQn0+pHpgdW2ZXlg==
-----END CERTIFICATE-----
Generated at Tue Aug 27 19:31:36 2024 by rpki-client on console-ams.rpki-client.org