Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/Ry9G9u4bB5OYSGXwaZ9fC3S2QXY.roa
File: Ry9G9u4bB5OYSGXwaZ9fC3S2QXY.roa (raw, json)
Hash identifier: sNGjLK3RN05ez7fGaH3iP53B9nOpczXxv5KUmtC/QlM=
Subject key identifier: 47:2F:46:F6:EE:1B:07:93:98:48:65:F0:69:9F:5F:0B:74:B6:41:76
Certificate issuer: /CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Certificate serial: 018D888FB438AFDCBAC1A113DC9568C6432B
Authority key identifier: 2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/Ry9G9u4bB5OYSGXwaZ9fC3S2QXY.roa
Signing time: Thu 08 Feb 2024 11:52:15 +0000
ROA not before: Thu 08 Feb 2024 11:52:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16645
IP address blocks: 46.236.56.0/24 maxlen: 24
46.236.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 13:11:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:8f:b4:38:af:dc:ba:c1:a1:13:dc:95:68:c6:43:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Validity
Not Before: Feb 8 11:52:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=472f46f6ee1b0793984865f0699f5f0b74b64176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:17:c5:7d:cd:c6:14:6b:0f:43:8a:bd:2e:bb:
46:04:89:da:d4:0a:5d:bf:1c:28:a1:a6:58:85:6f:
dd:49:08:53:ac:9b:d2:a1:32:3e:5a:d3:9e:da:91:
20:36:5f:2d:7d:e2:3a:d2:e5:aa:19:3d:08:11:bf:
72:04:bc:91:9e:90:a1:2f:13:6c:d9:9a:98:1a:c1:
b5:c0:5b:fc:b3:36:51:bd:c0:ea:0a:0d:bb:25:9d:
b5:d9:db:26:3e:f3:86:ae:d1:89:e1:6c:14:e7:eb:
3c:db:ed:d3:1c:12:66:66:6f:04:fa:39:ab:bb:e6:
c9:0a:7c:27:ef:67:98:47:8b:7b:21:be:e1:26:a0:
ff:4c:e6:c2:b2:d6:23:9f:a8:93:09:a4:bc:6c:27:
76:7b:9e:5f:48:80:b7:89:9d:50:0c:d2:80:06:6d:
2f:d8:86:f9:f5:96:fa:84:89:60:bb:60:eb:b8:b8:
03:91:88:df:7f:93:b3:a2:2e:bc:26:a2:f8:3a:ad:
08:3c:b1:f7:6e:50:0c:55:29:ac:7d:2f:a4:b6:9d:
24:2a:23:19:4d:1d:55:99:d6:f8:ec:e0:5d:7d:b8:
c6:72:97:25:c2:d7:74:e2:2a:40:bb:98:10:eb:c8:
46:be:e2:43:4d:52:74:5e:bb:e1:f9:60:e9:d0:67:
15:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2F:46:F6:EE:1B:07:93:98:48:65:F0:69:9F:5F:0B:74:B6:41:76
X509v3 Authority Key Identifier:
keyid:2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/Ry9G9u4bB5OYSGXwaZ9fC3S2QXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/K-U9NAqL9Hwb800yVeEC77GBrRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.56.0/24
46.236.60.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:91:fa:0e:94:b6:67:af:2c:18:24:da:0e:30:47:84:2c:43:
65:ac:7e:c0:75:97:8c:0b:ba:89:55:33:bf:93:e0:64:8c:72:
aa:27:00:f2:bd:c3:16:9f:6e:93:d7:7b:46:79:f3:9d:a7:11:
ea:70:91:fb:5c:5f:b2:d4:5c:d0:14:e8:40:af:4b:96:e7:d8:
77:8a:42:a8:24:5b:f1:3f:fc:68:f2:83:30:59:8c:79:cb:bf:
44:4f:8b:0d:17:fc:dc:bf:7f:22:d7:49:be:05:64:4c:b3:6d:
1a:68:66:6f:0c:5b:6a:87:9c:16:48:f2:1f:63:6c:80:0b:09:
ba:a1:65:59:1d:57:e7:a7:0e:2e:ed:5c:70:b5:3c:1b:6e:20:
5d:a7:9a:78:bf:0b:02:3f:b2:6d:14:12:5e:85:9e:97:75:a1:
f1:97:7d:ef:f4:ef:a4:f7:c0:67:fe:49:f3:96:c8:b2:ca:12:
50:37:eb:df:bc:75:93:56:5d:e9:5e:d3:44:95:43:75:54:a2:
78:8b:57:58:e5:39:b5:f6:bb:bc:41:41:60:06:c7:d5:84:4f:
35:76:7e:15:2f:2b:f6:f4:d9:ff:cc:8b:a6:1f:e3:2c:09:7e:
7c:a2:0a:b7:63:49:63:c3:6e:ae:d5:87:2f:06:d6:55:ab:5c:
66:a1:15:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2Ij7Q4r9y6waET3JVoxkMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZTUzZDM0MGE4YmY0N2MxYmYzNGQzMjU1ZTEwMmVmYjE4
MWFkMTkwHhcNMjQwMjA4MTE1MjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJmNDZmNmVlMWIwNzkzOTg0ODY1ZjA2OTlmNWYwYjc0YjY0MTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRfFfc3GFGsPQ4q9LrtGBIna1Apd
vxwooaZYhW/dSQhTrJvSoTI+WtOe2pEgNl8tfeI60uWqGT0IEb9yBLyRnpChLxNs
2ZqYGsG1wFv8szZRvcDqCg27JZ212dsmPvOGrtGJ4WwU5+s82+3THBJmZm8E+jmr
u+bJCnwn72eYR4t7Ib7hJqD/TObCstYjn6iTCaS8bCd2e55fSIC3iZ1QDNKABm0v
2Ib59Zb6hIlgu2DruLgDkYjff5Ozoi68JqL4Oq0IPLH3blAMVSmsfS+ktp0kKiMZ
TR1Vmdb47OBdfbjGcpclwtd04ipAu5gQ68hGvuJDTVJ0Xrvh+WDp0GcV8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEcvRvbuGweTmEhl8GmfXwt0tkF2MB8GA1UdIwQY
MBaAFCvlPTQKi/R8G/NNMlXhAu+xga0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEt
NzRmMGMzZTY2M2NiLzEvUnk5Rzl1NGJCNU9ZU0dYd2FaOWZDM1MyUVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEtNzRmMGMzZTY2M2Ni
LzEvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALuw4AwQA
Luw8MA0GCSqGSIb3DQEBCwUAA4IBAQA6kfoOlLZnrywYJNoOMEeELENlrH7AdZeM
C7qJVTO/k+BkjHKqJwDyvcMWn26T13tGefOdpxHqcJH7XF+y1FzQFOhAr0uW59h3
ikKoJFvxP/xo8oMwWYx5y79ET4sNF/zcv38i10m+BWRMs20aaGZvDFtqh5wWSPIf
Y2yACwm6oWVZHVfnpw4u7VxwtTwbbiBdp5p4vwsCP7JtFBJehZ6XdaHxl33v9O+k
98Bn/knzlsiyyhJQN+vfvHWTVl3pXtNElUN1VKJ4i1dY5Tm19ru8QUFgBsfVhE81
dn4VLyv29Nn/zIumH+MsCX58ogq3Y0ljw26u1YcvBtZVq1xmoRVb
-----END CERTIFICATE-----
Generated at Tue Feb 13 17:39:38 2024 by rpki-client on console-ams.rpki-client.org