Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/yLnSCMcbtGPJwb1zblfr5w5pjgY.roa
File: yLnSCMcbtGPJwb1zblfr5w5pjgY.roa (raw, json)
Hash identifier: 9OUbpSlzMXrXo+VYgHyRq785UgoZTCMUrE39hIL4NUY=
Subject key identifier: C8:B9:D2:08:C7:1B:B4:63:C9:C1:BD:73:6E:57:EB:E7:0E:69:8E:06
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 01856C65CF7FC94E2AB68C4EFFFC4C747CF7
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/yLnSCMcbtGPJwb1zblfr5w5pjgY.roa
Signing time: Sun 01 Jan 2023 08:14:49 +0000
ROA not before: Sun 01 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62393
IP address blocks: 46.20.52.0/23 maxlen: 23
46.20.56.0/23 maxlen: 23
46.20.60.0/23 maxlen: 23
46.20.59.0/24 maxlen: 24
213.109.34.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 04 Apr 2023 09:55:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:cf:7f:c9:4e:2a:b6:8c:4e:ff:fc:4c:74:7c:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8b9d208c71bb463c9c1bd736e57ebe70e698e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:58:ca:ac:84:12:86:39:28:47:00:6f:e3:55:
4b:47:46:de:8f:bc:3f:33:71:99:13:69:9a:33:cb:
d2:1d:ec:10:e4:2b:34:50:2d:2f:cc:98:89:94:71:
50:16:33:7b:d1:b2:7a:c7:70:6c:b4:0a:62:e4:86:
4b:d5:3e:92:ad:63:7d:27:46:a1:e8:df:d7:9b:e9:
e6:b9:df:0b:21:46:c6:b9:fa:45:e7:d4:40:bb:51:
a1:d6:be:d6:e1:0d:d3:26:45:59:d4:9e:36:1a:7e:
a4:aa:01:41:bf:97:28:82:a1:e2:d8:5b:bc:74:7a:
f9:7e:c1:9a:2d:06:74:d8:6d:6d:75:2e:2f:eb:3c:
5c:de:8a:a5:91:78:96:bc:e5:cb:27:20:61:ce:0a:
da:bf:a8:b0:f9:87:f7:e4:16:ee:4e:a9:45:e3:4d:
8c:a7:2e:5c:2d:10:5c:73:af:d0:d9:0b:93:23:aa:
f4:b7:f4:69:b7:3d:43:41:e2:48:35:33:6c:5a:f8:
9c:dc:f7:8a:23:6c:01:d6:9a:30:b0:a5:88:0d:c3:
56:49:21:42:34:fe:63:3a:4e:ea:74:7a:f3:9e:79:
f5:cf:c5:ee:79:c8:b9:b0:cf:24:c1:b5:58:0e:42:
59:d6:40:f3:cb:5a:e0:6e:3e:aa:b8:19:ff:cc:aa:
53:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B9:D2:08:C7:1B:B4:63:C9:C1:BD:73:6E:57:EB:E7:0E:69:8E:06
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/yLnSCMcbtGPJwb1zblfr5w5pjgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.52.0/23
46.20.56.0/23
46.20.59.0-46.20.61.255
213.109.34.0/23
Signature Algorithm: sha256WithRSAEncryption
08:6a:49:e2:12:80:e1:42:3a:0a:e0:27:bf:00:27:03:c9:8d:
61:50:58:48:da:8c:d7:bd:5f:9a:b2:5a:29:65:e3:95:d3:4e:
9c:0e:fc:da:0f:f1:28:af:58:6f:fb:ad:f6:52:14:32:fe:3f:
f4:1e:3b:8c:c2:0a:e2:fc:77:35:ac:22:bc:aa:74:87:b8:bd:
fd:c5:6e:96:d5:79:c4:62:85:dd:e6:a1:12:df:e3:a9:1b:eb:
6b:58:e2:9d:30:2e:f0:f9:bf:e8:10:a8:b2:96:a2:15:db:50:
f3:2c:f2:6a:0c:e3:d1:00:08:f1:fb:bc:4d:d2:13:b3:c0:7e:
cb:76:4c:1d:52:a9:80:bd:8d:1c:90:92:97:2e:f3:a2:38:47:
3f:3b:8c:a5:9a:47:57:57:72:4f:a4:00:f5:b4:3a:56:de:f9:
88:9b:5a:0d:25:ac:6e:53:e2:e2:60:ba:c3:ba:b3:02:12:14:
a3:aa:83:ec:5e:2a:cb:68:17:fb:ca:8e:bb:f7:d1:b1:01:ff:
94:93:16:98:43:4d:91:30:d4:b3:b0:be:b9:30:1b:fe:ac:ee:
4d:45:08:33:fe:c8:6d:ff:49:aa:45:c5:fc:b3:1e:46:fb:a8:
55:96:39:ce:34:f1:49:96:82:0c:61:37:ee:cc:2a:a9:93:78:
e4:99:0f:d4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVsZc9/yU4qtoxO//xMdHz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjMwMTAxMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGI5ZDIwOGM3MWJiNDYzYzljMWJkNzM2ZTU3ZWJlNzBlNjk4ZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFjKrIQShjkoRwBv41VLR0bej7w/
M3GZE2maM8vSHewQ5Cs0UC0vzJiJlHFQFjN70bJ6x3BstApi5IZL1T6SrWN9J0ah
6N/Xm+nmud8LIUbGufpF59RAu1Gh1r7W4Q3TJkVZ1J42Gn6kqgFBv5cogqHi2Fu8
dHr5fsGaLQZ02G1tdS4v6zxc3oqlkXiWvOXLJyBhzgrav6iw+Yf35BbuTqlF402M
py5cLRBcc6/Q2QuTI6r0t/Rptz1DQeJINTNsWvic3PeKI2wB1powsKWIDcNWSSFC
NP5jOk7qdHrznnn1z8Xueci5sM8kwbVYDkJZ1kDzy1rgbj6quBn/zKpTuwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMi50gjHG7RjycG9c25X6+cOaY4GMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEveUxuU0NNY2J0R1BKd2IxemJsZnI1dzVwamdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLhQ0AwQB
LhQ4MAwDBAAuFDsDBAEuFDwDBAHVbSIwDQYJKoZIhvcNAQELBQADggEBAAhqSeIS
gOFCOgrgJ78AJwPJjWFQWEjajNe9X5qyWill45XTTpwO/NoP8SivWG/7rfZSFDL+
P/QeO4zCCuL8dzWsIryqdIe4vf3FbpbVecRihd3moRLf46kb62tY4p0wLvD5v+gQ
qLKWohXbUPMs8moM49EACPH7vE3SE7PAfst2TB1SqYC9jRyQkpcu86I4Rz87jKWa
R1dXck+kAPW0Olbe+YibWg0lrG5T4uJgusO6swISFKOqg+xeKstoF/vKjrv30bEB
/5STFphDTZEw1LOwvrkwG/6s7k1FCDP+yG3/SapFxfyzHkb7qFWWOc408UmWggxh
N+7MKqmTeOSZD9Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:26 2024 by rpki-client on console-ams.rpki-client.org