Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/YHsnAG0EdnvN0gD9DJyoep_vJVs.roa
File: YHsnAG0EdnvN0gD9DJyoep_vJVs.roa (raw, json)
Hash identifier: QFghRz7dmgkFjUE/RnwZZEZCq5tdLndI8biFEGtAaDY=
Subject key identifier: 60:7B:27:00:6D:04:76:7B:CD:D2:00:FD:0C:9C:A8:7A:9F:EF:25:5B
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 018CC9BC26380D1E1D5C5CF9902502AB70B9
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/YHsnAG0EdnvN0gD9DJyoep_vJVs.roa
Signing time: Tue 02 Jan 2024 10:33:20 +0000
ROA not before: Tue 02 Jan 2024 10:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42410
IP address blocks: 46.233.48.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:26:38:0d:1e:1d:5c:5c:f9:90:25:02:ab:70:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Jan 2 10:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=607b27006d04767bcdd200fd0c9ca87a9fef255b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6b:52:c1:ad:b2:ff:ce:e9:fe:19:14:d0:96:
26:80:a8:ee:5b:4c:dd:21:d9:f6:c9:f4:11:fe:b9:
43:3e:74:77:56:30:2e:19:9d:e0:7d:21:27:9e:6e:
0e:0f:8f:c8:3b:7b:28:42:a1:11:36:39:db:89:47:
f1:52:14:0f:d2:fe:69:77:65:ae:a9:55:f3:3b:7c:
a4:7f:b7:e9:c6:19:6a:d0:0b:a9:19:c2:6e:87:bf:
b5:d9:b4:20:ec:bc:bb:f1:85:94:08:e3:3b:42:93:
10:1b:0b:0c:c9:06:d2:3e:99:03:c8:18:f0:a2:7c:
c7:d8:26:6e:97:55:d5:be:43:e3:9d:91:55:57:3c:
6e:bf:ec:13:ad:06:f9:49:de:dc:33:31:49:6e:d6:
a3:d7:9d:55:29:46:54:fe:ad:25:d0:3d:57:6c:3c:
4e:83:1a:9c:10:56:57:ab:bc:4c:b0:09:16:58:0a:
6f:12:98:e4:ce:3c:e8:bc:f1:ee:5d:f2:c3:48:d3:
4a:9d:65:88:a4:99:ea:0d:86:a5:91:ab:81:af:4b:
33:37:ef:12:8b:30:50:ba:42:19:79:31:76:a7:0f:
12:5b:e3:7b:0b:67:ae:98:29:10:e4:0b:7f:74:fe:
8e:14:5b:0f:79:cc:48:ce:11:9d:cf:a5:1b:d4:9d:
f4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:7B:27:00:6D:04:76:7B:CD:D2:00:FD:0C:9C:A8:7A:9F:EF:25:5B
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/YHsnAG0EdnvN0gD9DJyoep_vJVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.48.0/21
Signature Algorithm: sha256WithRSAEncryption
56:a5:e3:9f:a2:63:f3:c7:be:e8:ec:88:e3:3c:54:b7:02:1b:
0d:fe:81:e3:31:1d:e2:87:fd:29:65:1e:58:46:a7:98:0b:7c:
64:9f:59:70:99:e6:87:2f:86:c6:46:fd:f3:57:9c:94:c6:8a:
aa:2c:e8:e8:e6:1f:0e:9e:57:ac:73:73:c7:60:71:73:48:07:
00:e4:a1:fd:dd:e7:82:ee:68:cf:07:ab:d7:b5:0d:70:1d:d5:
53:be:d0:99:ac:43:da:71:26:3f:b3:ff:bb:60:b1:4a:0e:d4:
b3:d9:b8:7d:c8:39:4f:c1:85:dc:72:b1:84:9a:eb:8b:bb:ce:
4b:73:77:f2:78:ad:b8:ed:c2:3f:98:be:09:cf:64:f6:80:36:
f1:13:f2:36:44:eb:b3:b0:b2:82:1d:d9:e3:df:b5:35:85:3f:
18:5f:02:30:20:21:b9:ba:ea:a0:98:f7:cf:1e:59:ed:07:55:
2b:da:67:bb:f1:78:77:27:49:12:8f:5c:9f:8a:86:d3:cf:75:
65:e8:49:56:66:6b:3c:5c:0a:62:b4:71:4f:58:b0:9d:ca:5b:
83:9a:4d:35:ff:c0:d3:b3:5e:00:0a:9c:41:b0:71:48:30:45:
92:34:44:ac:9d:31:8a:ae:b3:0f:38:af:ec:47:6a:3d:8e:4a:
4d:2f:9a:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvCY4DR4dXFz5kCUCq3C5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjQwMTAyMTAzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDdiMjcwMDZkMDQ3NjdiY2RkMjAwZmQwYzljYTg3YTlmZWYyNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGtSwa2y/87p/hkU0JYmgKjuW0zd
Idn2yfQR/rlDPnR3VjAuGZ3gfSEnnm4OD4/IO3soQqERNjnbiUfxUhQP0v5pd2Wu
qVXzO3ykf7fpxhlq0AupGcJuh7+12bQg7Ly78YWUCOM7QpMQGwsMyQbSPpkDyBjw
onzH2CZul1XVvkPjnZFVVzxuv+wTrQb5Sd7cMzFJbtaj151VKUZU/q0l0D1XbDxO
gxqcEFZXq7xMsAkWWApvEpjkzjzovPHuXfLDSNNKnWWIpJnqDYalkauBr0szN+8S
izBQukIZeTF2pw8SW+N7C2eumCkQ5At/dP6OFFsPecxIzhGdz6Ub1J30DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGB7JwBtBHZ7zdIA/QycqHqf7yVbMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvWUhzbkFHMEVkbnZOMGdEOURKeW9lcF92SlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLukwMA0G
CSqGSIb3DQEBCwUAA4IBAQBWpeOfomPzx77o7IjjPFS3AhsN/oHjMR3ih/0pZR5Y
RqeYC3xkn1lwmeaHL4bGRv3zV5yUxoqqLOjo5h8Onlesc3PHYHFzSAcA5KH93eeC
7mjPB6vXtQ1wHdVTvtCZrEPacSY/s/+7YLFKDtSz2bh9yDlPwYXccrGEmuuLu85L
c3fyeK247cI/mL4Jz2T2gDbxE/I2ROuzsLKCHdnj37U1hT8YXwIwICG5uuqgmPfP
HlntB1Ur2me78Xh3J0kSj1yfiobTz3Vl6ElWZms8XApitHFPWLCdyluDmk01/8DT
s14ACpxBsHFIMEWSNESsnTGKrrMPOK/sR2o9jkpNL5ol
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:32 2025 by rpki-client