Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/aYzSW1tH27vyqZMANtjLg2ConLM.roa
File: aYzSW1tH27vyqZMANtjLg2ConLM.roa (raw, json)
Hash identifier: FTKrVlrFsh+ZaXQVVVOD6SlIcIHUQq+hsKD8aDQbew0=
Subject key identifier: 69:8C:D2:5B:5B:47:DB:BB:F2:A9:93:00:36:D8:CB:83:60:A8:9C:B3
Certificate issuer: /CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Certificate serial: 018D6AB3F962785DD109504378204F3F239F
Authority key identifier: 60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/aYzSW1tH27vyqZMANtjLg2ConLM.roa
Signing time: Fri 02 Feb 2024 16:43:16 +0000
ROA not before: Fri 02 Feb 2024 16:43:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15924
IP address blocks: 46.235.15.0/25 maxlen: 32
46.235.15.128/25 maxlen: 32
2a00:9940::/30 maxlen: 128
2a00:9944::/30 maxlen: 128
2a04:e880::/30 maxlen: 128
2a04:e884::/30 maxlen: 128
2a06:8540::/30 maxlen: 128
2a06:8544::/30 maxlen: 128
2a09:2340::/30 maxlen: 128
2a09:2344::/30 maxlen: 128
2a0e:7fc0::/30 maxlen: 128
2a0e:7fc4::/30 maxlen: 128
2a14:2b80::/30 maxlen: 128
2a14:2b84::/30 maxlen: 128
2a14:5c80::/30 maxlen: 128
2a14:5c84::/30 maxlen: 128
2a14:6580::/30 maxlen: 128
2a14:6584::/30 maxlen: 128
2a14:7080::/30 maxlen: 128
2a14:7084::/30 maxlen: 128
Validation: Failed, certificate revoked on Mon 05 Feb 2024 22:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:b3:f9:62:78:5d:d1:09:50:43:78:20:4f:3f:23:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Validity
Not Before: Feb 2 16:43:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=698cd25b5b47dbbbf2a9930036d8cb8360a89cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:be:3a:ce:ac:fb:dc:35:45:c8:78:b4:13:12:
68:0a:76:45:73:a9:db:15:8a:68:56:83:9e:6c:da:
26:ee:e3:74:c5:10:ec:e6:8d:51:75:26:aa:da:7f:
1f:03:5b:e6:fe:46:89:d4:78:e4:8f:62:31:66:09:
9e:71:8a:06:ff:76:8c:82:73:53:a6:2f:e4:5d:9e:
d2:23:e8:ef:5c:2c:95:7c:53:33:69:62:e6:a1:24:
55:09:78:6f:57:f2:36:bc:75:4f:25:fd:00:26:9c:
4d:54:0e:7e:1c:a4:59:c2:ee:29:eb:a9:36:fb:e0:
9f:7b:c9:f8:f4:fc:b0:20:a9:31:18:e1:dc:6b:fd:
1b:e0:23:f4:bf:53:3d:62:dc:bf:23:5a:11:67:58:
95:fc:79:54:39:31:aa:09:da:12:9e:c8:cc:9e:67:
65:b9:2c:b7:07:a7:20:59:ec:4c:d3:d3:2c:1f:c4:
d1:39:5d:e1:b9:13:dd:89:dd:c5:35:39:44:44:a9:
d2:51:a4:f0:ee:43:4f:ea:a4:92:9a:ad:06:b8:ed:
c6:ef:9f:14:d5:e5:9f:f3:7c:c1:c9:45:e4:6a:36:
a0:0e:8c:3c:d7:d2:9e:52:2b:d9:59:8c:93:96:3d:
12:0a:15:3d:76:07:ca:69:d9:37:7c:34:7f:57:ac:
63:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:8C:D2:5B:5B:47:DB:BB:F2:A9:93:00:36:D8:CB:83:60:A8:9C:B3
X509v3 Authority Key Identifier:
keyid:60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/aYzSW1tH27vyqZMANtjLg2ConLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/YB3cYHmSY_-5vQ5e6whyhD3uanI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.15.0/24
IPv6:
2a00:9940::/29
2a04:e880::/29
2a06:8540::/29
2a09:2340::/29
2a0e:7fc0::/29
2a14:2b80::/29
2a14:5c80::/29
2a14:6580::/29
2a14:7080::/29
Signature Algorithm: sha256WithRSAEncryption
0c:14:3e:18:df:7a:72:2f:59:cd:5f:a7:5d:f6:8d:88:f1:7b:
e4:db:29:3a:64:76:03:68:c9:dc:46:48:6a:0b:91:2d:93:fc:
1a:3e:d0:66:1c:20:51:6b:69:95:05:c3:7c:f8:43:30:04:74:
1f:5f:d0:5e:0a:86:75:1b:0b:b4:52:d2:b9:dc:97:a6:c7:74:
08:2b:50:d3:18:fe:8e:76:46:74:a2:67:c1:27:9e:0d:e7:1f:
62:e4:86:bf:7f:7a:47:0d:3c:1e:be:17:9b:56:70:3e:5c:9a:
0c:24:97:f7:7a:14:5d:0c:33:27:ad:f5:7b:df:bf:ca:aa:73:
68:8b:8f:59:9e:84:eb:5b:d6:87:5c:f2:cd:25:d1:10:c2:36:
2d:74:e0:9d:02:e6:96:22:52:43:26:67:76:e4:9c:91:21:19:
9f:3a:ce:a9:55:4a:0e:82:9e:98:ef:ec:be:1d:4f:a4:4f:4c:
b7:2e:cc:bf:53:7d:1f:b9:a0:c0:25:05:05:11:3f:b7:44:89:
0a:4c:6c:80:48:30:19:27:2a:0b:a9:2a:a4:e3:17:3c:44:a1:
65:69:11:86:1b:05:16:58:70:cc:f0:d4:6a:b5:3f:ef:9c:1a:
22:96:6b:99:7c:a5:67:b4:6b:72:b1:20:b5:d8:57:ef:80:e9:
67:5a:b7:0e
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY1qs/lieF3RCVBDeCBPPyOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRkYzYwNzk5MjYzZmZiOWJkMGU1ZWViMDg3Mjg0M2Rl
ZTZhNzIwHhcNMjQwMjAyMTY0MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThjZDI1YjViNDdkYmJiZjJhOTkzMDAzNmQ4Y2I4MzYwYTg5Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL46zqz73DVFyHi0ExJoCnZFc6nb
FYpoVoOebNom7uN0xRDs5o1RdSaq2n8fA1vm/kaJ1Hjkj2IxZgmecYoG/3aMgnNT
pi/kXZ7SI+jvXCyVfFMzaWLmoSRVCXhvV/I2vHVPJf0AJpxNVA5+HKRZwu4p66k2
++Cfe8n49PywIKkxGOHca/0b4CP0v1M9Yty/I1oRZ1iV/HlUOTGqCdoSnsjMnmdl
uSy3B6cgWexM09MsH8TROV3huRPdid3FNTlERKnSUaTw7kNP6qSSmq0GuO3G758U
1eWf83zByUXkajagDow819KeUivZWYyTlj0SChU9dgfKadk3fDR/V6xjhQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFGmM0ltbR9u78qmTADbYy4NgqJyzMB8GA1UdIwQY
MBaAFGAd3GB5kmP/ub0OXusIcoQ97mpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2Yt
MzY3ZTE3MGU3MTI4LzEvYVl6U1cxdEgyN3Z5cVpNQU50akxnMkNvbkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2YtMzY3ZTE3MGU3MTI4
LzEvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAMBAIAATAGAwQALusPMEUE
AgACMD8DBQMqAJlAAwUDKgTogAMFAyoGhUADBQMqCSNAAwUDKg5/wAMFAyoUK4AD
BQMqFFyAAwUDKhRlgAMFAyoUcIAwDQYJKoZIhvcNAQELBQADggEBAAwUPhjfenIv
Wc1fp132jYjxe+TbKTpkdgNoydxGSGoLkS2T/Bo+0GYcIFFraZUFw3z4QzAEdB9f
0F4KhnUbC7RS0rncl6bHdAgrUNMY/o52RnSiZ8Enng3nH2Lkhr9/ekcNPB6+F5tW
cD5cmgwkl/d6FF0MMyet9Xvfv8qqc2iLj1mehOtb1odc8s0l0RDCNi104J0C5pYi
UkMmZ3bknJEhGZ86zqlVSg6Cnpjv7L4dT6RPTLcuzL9TfR+5oMAlBQURP7dEiQpM
bIBIMBknKgupKqTjFzxEoWVpEYYbBRZYcMzw1Gq1P++cGiKWa5l8pWe0a3KxILXY
V++A6Wdatw4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:27 2024 by rpki-client on console-fra.rpki-client.org