Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/jDN6XzhShefYdb9tEeW0enzqqxE.roa
File: jDN6XzhShefYdb9tEeW0enzqqxE.roa (raw, json)
Hash identifier: gXWtALQiZyhpjFX+4azUsFy9r6dG0yBzpiL0wY1dckw=
Subject key identifier: 8C:33:7A:5F:38:52:85:E7:D8:75:BF:6D:11:E5:B4:7A:7C:EA:AB:11
Certificate issuer: /CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Certificate serial: 018D1BC40320A63611EFF56E7DF1F2FC4CE4
Authority key identifier: 60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/jDN6XzhShefYdb9tEeW0enzqqxE.roa
Signing time: Thu 18 Jan 2024 08:50:47 +0000
ROA not before: Thu 18 Jan 2024 08:50:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15924
IP address blocks: 46.235.15.0/24 maxlen: 32
2a00:9940::/29 maxlen: 128
2a09:2340::/29 maxlen: 128
2a14:2b80::/29 maxlen: 128
2a14:5c80::/29 maxlen: 128
2a14:6580::/29 maxlen: 128
2a14:7080::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 22 Jan 2024 11:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:c4:03:20:a6:36:11:ef:f5:6e:7d:f1:f2:fc:4c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601ddc60799263ffb9bd0e5eeb0872843dee6a72
Validity
Not Before: Jan 18 08:50:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c337a5f385285e7d875bf6d11e5b47a7ceaab11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ed:f7:0d:4b:25:e8:3d:5f:d9:d5:5b:7a:e1:
e3:3b:57:f8:32:c3:df:46:e7:66:73:e5:95:ca:5d:
23:f1:1e:3f:93:0b:d4:c3:f0:7d:67:13:59:16:b5:
21:a2:f4:ca:5f:40:f0:0e:3c:15:8d:15:e4:91:27:
93:27:0e:51:06:f3:68:8b:9d:88:46:e3:0c:41:cc:
5a:12:47:19:d1:35:15:06:b5:d7:b1:39:55:74:2a:
19:fb:8d:95:49:0d:37:9f:a5:c7:46:3e:56:b5:29:
9e:13:3d:d2:80:4a:df:68:9a:48:82:da:2d:01:1b:
66:3a:83:c9:ac:d0:54:3e:a6:69:ab:f9:63:dc:b4:
8b:1d:1c:61:9d:e0:d4:5a:6d:e7:04:6b:64:f0:c6:
c1:35:e5:67:dd:a6:59:4d:64:72:45:20:a3:59:60:
8f:36:21:ee:cb:d5:7c:f7:de:96:42:da:dc:40:f9:
ae:a9:a5:6a:8e:fb:03:1f:7a:9c:4d:ef:b7:53:4e:
4b:22:f3:5f:f7:65:cd:1c:d2:c9:a7:0b:4a:e5:8e:
b9:58:8c:71:c6:f9:aa:db:11:ba:23:57:85:d6:1c:
76:a7:73:5c:b6:a4:62:83:ef:58:5f:1a:cd:ec:11:
fd:98:ed:cf:54:cf:58:cc:22:c5:e7:c9:0d:42:f7:
96:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:33:7A:5F:38:52:85:E7:D8:75:BF:6D:11:E5:B4:7A:7C:EA:AB:11
X509v3 Authority Key Identifier:
keyid:60:1D:DC:60:79:92:63:FF:B9:BD:0E:5E:EB:08:72:84:3D:EE:6A:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3cYHmSY_-5vQ5e6whyhD3uanI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/jDN6XzhShefYdb9tEeW0enzqqxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/a45e7e-5dc3-49d3-aa3f-367e170e7128/1/YB3cYHmSY_-5vQ5e6whyhD3uanI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.15.0/24
IPv6:
2a00:9940::/29
2a09:2340::/29
2a14:2b80::/29
2a14:5c80::/29
2a14:6580::/29
2a14:7080::/29
Signature Algorithm: sha256WithRSAEncryption
85:db:55:2f:13:fa:ba:ac:96:cd:b5:e1:4c:6f:70:cf:15:32:
86:2e:9f:2d:71:a6:d6:f2:85:be:14:ea:08:3c:fe:df:25:a2:
20:ef:78:ad:0f:86:13:5a:ce:ba:44:8b:f3:47:4f:86:cf:58:
b2:2d:d4:35:c9:3a:31:4c:3b:10:3e:a5:30:f6:ee:53:56:41:
ad:56:05:5b:97:d9:98:c4:67:d4:18:71:a0:33:15:9a:96:b8:
ce:65:6b:63:7d:55:ac:a5:a7:13:01:37:17:f5:6a:c9:0d:84:
98:47:5f:67:4e:45:37:0e:36:cf:ff:c8:0c:8f:8b:09:0f:f3:
b5:d4:2f:fc:7c:6b:4d:6c:c6:90:fa:1b:9f:9d:52:a5:f7:ed:
6b:1d:62:df:9f:87:81:3b:f9:4b:b3:4f:f5:40:07:6c:e0:cc:
d7:5c:e5:d6:31:6e:8b:2b:31:45:12:4d:3e:a1:3e:ac:fc:15:
da:dd:17:c0:11:71:b6:ef:6f:74:fb:6d:05:93:57:0c:4a:15:
50:2c:05:77:06:6c:e7:8c:98:c3:dc:91:20:31:1a:6d:5d:35:
df:67:58:09:41:0d:73:09:a3:8a:f1:c9:0f:41:7e:05:3f:71:
da:bc:c4:c6:10:ae:3e:78:7b:64:ab:0b:60:b6:bd:70:e2:1e:
38:a2:7c:6f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY0bxAMgpjYR7/VuffHy/EzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWRkYzYwNzk5MjYzZmZiOWJkMGU1ZWViMDg3Mjg0M2Rl
ZTZhNzIwHhcNMjQwMTE4MDg1MDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzMzN2E1ZjM4NTI4NWU3ZDg3NWJmNmQxMWU1YjQ3YTdjZWFhYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+33DUsl6D1f2dVbeuHjO1f4MsPf
Rudmc+WVyl0j8R4/kwvUw/B9ZxNZFrUhovTKX0DwDjwVjRXkkSeTJw5RBvNoi52I
RuMMQcxaEkcZ0TUVBrXXsTlVdCoZ+42VSQ03n6XHRj5WtSmeEz3SgErfaJpIgtot
ARtmOoPJrNBUPqZpq/lj3LSLHRxhneDUWm3nBGtk8MbBNeVn3aZZTWRyRSCjWWCP
NiHuy9V8996WQtrcQPmuqaVqjvsDH3qcTe+3U05LIvNf92XNHNLJpwtK5Y65WIxx
xvmq2xG6I1eF1hx2p3NctqRig+9YXxrN7BH9mO3PVM9YzCLF58kNQveW4wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIwzel84UoXn2HW/bRHltHp86qsRMB8GA1UdIwQY
MBaAFGAd3GB5kmP/ub0OXusIcoQ97mpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2Yt
MzY3ZTE3MGU3MTI4LzEvakRONlh6aFNoZWZZZGI5dEVlVzBlbnpxcXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hNDVlN2UtNWRjMy00OWQzLWFhM2YtMzY3ZTE3MGU3MTI4
LzEvWUIzY1lIbVNZXy01dlE1ZTZ3aHloRDN1YW5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAMBAIAATAGAwQALusPMDAE
AgACMCoDBQMqAJlAAwUDKgkjQAMFAyoUK4ADBQMqFFyAAwUDKhRlgAMFAyoUcIAw
DQYJKoZIhvcNAQELBQADggEBAIXbVS8T+rqsls214UxvcM8VMoYuny1xptbyhb4U
6gg8/t8loiDveK0PhhNazrpEi/NHT4bPWLIt1DXJOjFMOxA+pTD27lNWQa1WBVuX
2ZjEZ9QYcaAzFZqWuM5la2N9VaylpxMBNxf1askNhJhHX2dORTcONs//yAyPiwkP
87XUL/x8a01sxpD6G5+dUqX37WsdYt+fh4E7+UuzT/VAB2zgzNdc5dYxbosrMUUS
TT6hPqz8FdrdF8ARcbbvb3T7bQWTVwxKFVAsBXcGbOeMmMPckSAxGm1dNd9nWAlB
DXMJo4rxyQ9BfgU/cdq8xMYQrj54e2SrC2C2vXDiHjiifG8=
-----END CERTIFICATE-----
Generated at Mon Jan 22 16:40:17 2024 by rpki-client on console-ams.rpki-client.org