Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/8Ele97dYLQOJQTh-vj_NPEP8Dko.roa
File: 8Ele97dYLQOJQTh-vj_NPEP8Dko.roa (raw, json)
Hash identifier: qbAjelq0ajNUwbdTIpY4DJ5TpmYqIXjh1lwrlozsuy0=
Subject key identifier: F0:49:5E:F7:B7:58:2D:03:89:41:38:7E:BE:3F:CD:3C:43:FC:0E:4A
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 018E760BBED2A4A51ACE4C985AA9BE640127
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/8Ele97dYLQOJQTh-vj_NPEP8Dko.roa
Signing time: Mon 25 Mar 2024 14:37:44 +0000
ROA not before: Mon 25 Mar 2024 14:37:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
82.148.168.0/21 maxlen: 21
82.148.176.0/20 maxlen: 20
109.169.112.0/21 maxlen: 21
185.176.244.0/23 maxlen: 23
185.176.244.0/24 maxlen: 24
185.176.245.0/24 maxlen: 24
185.190.36.0/24 maxlen: 24
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 11 Apr 2024 23:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:0b:be:d2:a4:a5:1a:ce:4c:98:5a:a9:be:64:01:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Mar 25 14:37:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0495ef7b7582d038941387ebe3fcd3c43fc0e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f0:ee:cb:65:12:b8:90:15:39:45:e7:d8:ab:
39:83:c0:16:52:1d:29:ec:98:dd:80:5d:74:05:3e:
92:25:18:e2:12:2e:ac:f1:1a:d8:e7:d1:de:21:78:
3c:bd:1b:2b:a5:f7:c1:46:be:88:b5:bb:bb:cf:75:
07:e7:56:51:0b:ad:fb:88:03:3e:72:15:50:2d:ac:
21:37:b0:97:6b:cd:71:bd:26:cc:05:f5:f9:c6:78:
cd:f9:51:03:8f:20:f4:a3:57:19:c3:19:70:60:b3:
5f:26:b5:9e:63:73:e6:62:0f:25:4d:b3:9f:52:3d:
a0:70:26:52:7e:ec:3a:2e:6e:db:1a:5b:c1:0b:fd:
f4:9f:02:a9:4e:93:c4:38:45:c3:05:5c:32:d8:4b:
e7:a0:07:32:87:5b:46:85:91:eb:97:51:04:4a:ef:
5b:0a:7f:83:29:46:07:d7:11:a6:50:16:0e:d8:63:
ab:63:3b:d1:35:40:24:53:bf:80:54:55:2e:63:90:
5a:24:5a:d2:64:ea:b0:30:c8:ec:4e:20:10:f6:52:
8c:14:9d:e2:f8:68:f7:25:00:eb:97:73:c9:3e:ed:
7c:3a:2b:1c:09:86:87:84:2d:6f:0e:83:2f:aa:66:
30:6c:ff:19:e3:7c:fe:6b:75:42:ee:c1:b4:ac:d1:
86:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:49:5E:F7:B7:58:2D:03:89:41:38:7E:BE:3F:CD:3C:43:FC:0E:4A
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/8Ele97dYLQOJQTh-vj_NPEP8Dko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
82.148.168.0-82.148.191.255
109.169.112.0/21
185.176.244.0/23
185.190.36.0/24
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
99:19:db:50:3d:b6:44:98:34:e0:20:ae:72:8a:38:b2:9d:bc:
6c:99:bf:63:c8:b6:87:c8:34:fc:91:1e:2b:75:cb:7e:95:79:
e1:ba:16:bd:09:0d:c3:92:9e:9f:29:dc:95:bf:c8:d3:0b:81:
72:27:5e:4d:0c:8c:bc:22:42:ac:09:b1:f4:ce:69:aa:11:72:
cf:4d:fd:88:8e:aa:4a:e6:92:ab:09:5f:94:7c:87:bd:ba:bd:
a6:0a:3a:36:6e:51:57:42:e6:4a:ff:69:3a:56:2d:e9:9e:cf:
05:80:f7:a1:c0:c2:6f:d6:69:e7:f1:6e:96:7d:5e:bf:0a:05:
35:ac:c0:1a:24:82:c3:d9:3b:00:45:31:d1:d4:bb:c1:85:ff:
34:9c:36:1d:e8:f4:d1:71:47:ba:25:89:1a:9a:0d:e9:4c:ee:
67:86:90:6c:41:a0:7a:6f:75:de:c7:70:9d:30:4a:d4:73:15:
04:20:da:eb:e0:d6:e1:74:87:42:72:4b:b2:96:ea:f3:54:4d:
1f:3b:15:15:6f:74:c9:c0:d5:17:79:c0:c0:7e:fa:fb:5b:95:
2f:ac:10:e6:f1:7a:83:23:d5:a0:31:a6:13:81:a6:c6:8c:61:
5c:b2:8d:5f:db:17:2a:d9:c1:7a:70:0d:7c:e9:0a:98:43:01:
ea:c2:1a:6b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY52C77SpKUazkyYWqm+ZAEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjQwMzI1MTQzNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQ5NWVmN2I3NTgyZDAzODk0MTM4N2ViZTNmY2QzYzQzZmMwZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPDuy2USuJAVOUXn2Ks5g8AWUh0p
7JjdgF10BT6SJRjiEi6s8RrY59HeIXg8vRsrpffBRr6Itbu7z3UH51ZRC637iAM+
chVQLawhN7CXa81xvSbMBfX5xnjN+VEDjyD0o1cZwxlwYLNfJrWeY3PmYg8lTbOf
Uj2gcCZSfuw6Lm7bGlvBC/30nwKpTpPEOEXDBVwy2EvnoAcyh1tGhZHrl1EESu9b
Cn+DKUYH1xGmUBYO2GOrYzvRNUAkU7+AVFUuY5BaJFrSZOqwMMjsTiAQ9lKMFJ3i
+Gj3JQDrl3PJPu18OiscCYaHhC1vDoMvqmYwbP8Z43z+a3VC7sG0rNGGRwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPBJXve3WC0DiUE4fr4/zTxD/A5KMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvOEVsZTk3ZFlMUU9KUVRoLXZqX05QRVA4RGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmAwQDLuOYMAwD
BANSlKgDBAZSlIADBANtqXADBAG5sPQDBAC5viQwFAQCAAIwDgMFASoKJ4ADBQMq
ENZAMA0GCSqGSIb3DQEBCwUAA4IBAQCZGdtQPbZEmDTgIK5yijiynbxsmb9jyLaH
yDT8kR4rdct+lXnhuha9CQ3Dkp6fKdyVv8jTC4FyJ15NDIy8IkKsCbH0zmmqEXLP
Tf2IjqpK5pKrCV+UfIe9ur2mCjo2blFXQuZK/2k6Vi3pns8FgPehwMJv1mnn8W6W
fV6/CgU1rMAaJILD2TsARTHR1LvBhf80nDYd6PTRcUe6JYkamg3pTO5nhpBsQaB6
b3Xex3CdMErUcxUEINrr4NbhdIdCckuylurzVE0fOxUVb3TJwNUXecDAfvr7W5Uv
rBDm8XqDI9WgMaYTgabGjGFcso1f2xcq2cF6cA186QqYQwHqwhpr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:28 2024 by rpki-client on console-ams.rpki-client.org