Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/8QJsSyetUFhGSqx1-SfBNm8zPrk.roa
File: 8QJsSyetUFhGSqx1-SfBNm8zPrk.roa (raw, json)
Hash identifier: svCSUYb7ACcCC7Mp5kvvoIWrsC/qhhZH/hPlQRd0FbA=
Subject key identifier: F1:02:6C:4B:27:AD:50:58:46:4A:AC:75:F9:27:C1:36:6F:33:3E:B9
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 018D642B823D21E83F21F0BF1C04C4981403
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/8QJsSyetUFhGSqx1-SfBNm8zPrk.roa
Signing time: Thu 01 Feb 2024 10:16:29 +0000
ROA not before: Thu 01 Feb 2024 10:16:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
109.169.112.0/21 maxlen: 21
185.176.244.0/23 maxlen: 23
185.176.244.0/24 maxlen: 24
185.176.245.0/24 maxlen: 24
185.190.36.0/24 maxlen: 24
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 25 Mar 2024 14:37:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:2b:82:3d:21:e8:3f:21:f0:bf:1c:04:c4:98:14:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Feb 1 10:16:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1026c4b27ad5058464aac75f927c1366f333eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9b:a6:23:56:24:67:93:c9:c5:e2:4c:8d:f2:
5d:e9:a9:8d:54:ba:da:bf:7a:c6:b9:6c:42:58:04:
58:66:9e:09:53:b9:e1:45:1c:92:4b:08:1e:36:8c:
bc:31:26:53:cb:76:02:84:fe:8b:f4:83:a3:0e:b0:
5a:be:19:ab:e3:d3:cd:43:06:81:b3:13:92:24:ae:
54:ef:d1:bc:be:48:3f:22:22:a9:63:dd:15:8d:df:
a9:e3:fd:07:1c:0b:f9:fc:7d:0a:97:d9:34:93:71:
80:08:86:ec:dc:c6:dd:35:63:18:a9:9a:0a:3c:41:
29:f4:e7:ea:9a:14:08:78:7d:64:27:66:fc:27:ea:
25:96:e1:79:f8:b6:02:88:ec:fc:a2:07:51:92:f2:
67:bd:6f:c0:3f:28:04:6c:33:dd:a1:82:c5:8a:69:
11:14:eb:d9:27:84:10:c5:96:df:e1:c6:3c:14:06:
d5:b2:a8:7f:35:f8:e5:e2:7e:2c:c2:0f:4d:6e:b1:
8a:af:d8:a8:72:59:17:2d:7e:b9:ac:c4:14:a1:41:
31:14:da:8b:9e:10:97:56:48:e8:31:1b:3f:e9:12:
5d:38:28:bd:50:84:e4:16:27:0f:e1:21:e1:b3:4e:
87:a2:03:ab:df:8d:86:de:f0:61:06:f8:54:62:49:
df:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:02:6C:4B:27:AD:50:58:46:4A:AC:75:F9:27:C1:36:6F:33:3E:B9
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/8QJsSyetUFhGSqx1-SfBNm8zPrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
109.169.112.0/21
185.176.244.0/23
185.190.36.0/24
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
73:f0:3b:84:e8:86:ee:de:8e:56:b8:01:00:fb:98:4a:41:9d:
ec:e6:26:84:d4:77:07:f3:2e:63:f4:d0:f1:7f:e5:00:ff:bd:
3e:8b:d3:d7:7a:13:d6:13:86:60:da:7a:a5:fe:84:2a:b5:91:
d1:f3:a0:15:c4:50:67:b6:48:9f:7d:c9:1a:e5:1a:bf:13:00:
67:41:e3:23:9f:75:88:4e:e3:ce:41:fe:05:ff:7d:13:94:2f:
2a:cb:4d:c5:83:ee:99:30:41:48:5f:4f:65:bf:89:de:6f:e1:
23:8d:6a:f6:f5:54:ad:78:fd:36:fa:59:b4:55:d1:6d:71:d8:
c3:4e:7b:84:06:da:20:68:87:40:c7:ad:b4:a6:2f:09:4d:42:
ed:1f:17:96:30:12:6d:ef:f8:03:2e:a4:43:f5:a5:15:72:b3:
3e:0e:ed:c6:86:4e:08:f2:0a:27:84:14:11:00:a1:aa:ab:4e:
43:00:07:ff:34:a6:0a:45:a4:d3:54:7a:3e:40:54:c6:6f:f8:
1e:b8:d3:65:a5:e0:ac:05:6a:89:d8:1c:ce:03:fa:13:b2:95:
00:09:67:0c:62:aa:85:1d:e8:f8:00:b4:ed:95:b3:c7:17:c4:
6c:d5:cb:bf:35:eb:be:ca:72:c8:0c:2a:9c:95:9d:65:ad:1d:
fa:ca:a0:34
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY1kK4I9Ieg/IfC/HATEmBQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjQwMjAxMTAxNjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTAyNmM0YjI3YWQ1MDU4NDY0YWFjNzVmOTI3YzEzNjZmMzMzZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5umI1YkZ5PJxeJMjfJd6amNVLra
v3rGuWxCWARYZp4JU7nhRRySSwgeNoy8MSZTy3YChP6L9IOjDrBavhmr49PNQwaB
sxOSJK5U79G8vkg/IiKpY90Vjd+p4/0HHAv5/H0Kl9k0k3GACIbs3MbdNWMYqZoK
PEEp9OfqmhQIeH1kJ2b8J+olluF5+LYCiOz8ogdRkvJnvW/APygEbDPdoYLFimkR
FOvZJ4QQxZbf4cY8FAbVsqh/Nfjl4n4swg9NbrGKr9ioclkXLX65rMQUoUExFNqL
nhCXVkjoMRs/6RJdOCi9UITkFicP4SHhs06HogOr342G3vBhBvhUYknfTwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPECbEsnrVBYRkqsdfknwTZvMz65MB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvOFFKc1N5ZXRVRmhHU3F4MS1TZkJObTh6UHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLuOYAwQD
balwAwQBubD0AwQAub4kMBQEAgACMA4DBQEqCieAAwUDKhDWQDANBgkqhkiG9w0B
AQsFAAOCAQEAc/A7hOiG7t6OVrgBAPuYSkGd7OYmhNR3B/MuY/TQ8X/lAP+9PovT
13oT1hOGYNp6pf6EKrWR0fOgFcRQZ7ZIn33JGuUavxMAZ0HjI591iE7jzkH+Bf99
E5QvKstNxYPumTBBSF9PZb+J3m/hI41q9vVUrXj9NvpZtFXRbXHYw057hAbaIGiH
QMettKYvCU1C7R8XljASbe/4Ay6kQ/WlFXKzPg7txoZOCPIKJ4QUEQChqqtOQwAH
/zSmCkWk01R6PkBUxm/4HrjTZaXgrAVqidgczgP6E7KVAAlnDGKqhR3o+AC07ZWz
xxfEbNXLvzXrvspyyAwqnJWdZa0d+sqgNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:28 2024 by rpki-client on console-ams.rpki-client.org