Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/J45wRcU1o5Ngo6JRh4VjfPLs4rk.roa
File: J45wRcU1o5Ngo6JRh4VjfPLs4rk.roa (raw, json)
Hash identifier: KOJY1/i9By6/ZBAoTlWFxDFW0Mfgt+o7elSCsh+OD7o=
Subject key identifier: 27:8E:70:45:C5:35:A3:93:60:A3:A2:51:87:85:63:7C:F2:EC:E2:B9
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 018BD86A3913C06A4EBE269BC5ED13E9B0CD
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/J45wRcU1o5Ngo6JRh4VjfPLs4rk.roa
Signing time: Thu 16 Nov 2023 13:55:21 +0000
ROA not before: Thu 16 Nov 2023 13:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
185.190.36.0/24 maxlen: 24
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 Nov 2023 13:56:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:6a:39:13:c0:6a:4e:be:26:9b:c5:ed:13:e9:b0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Nov 16 13:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=278e7045c535a39360a3a2518785637cf2ece2b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:54:f5:66:79:33:6c:ab:c0:f2:df:60:d6:20:
a4:11:a2:d9:1a:ba:97:26:3c:d5:f3:c8:02:37:01:
d6:92:59:b4:a5:c9:b7:68:e5:3c:db:86:81:0d:c2:
df:ce:f1:e0:34:61:5f:55:76:ed:9f:d7:7d:6f:85:
d8:40:7c:b9:91:2a:5e:84:06:bb:18:2f:5d:cc:db:
b5:0f:a2:05:10:f8:f3:c6:62:ab:f2:fc:92:c6:40:
a9:84:ec:f6:f1:17:fe:64:9e:8b:9f:78:2e:53:70:
f7:aa:6c:c3:62:1b:8c:8c:1e:44:8c:60:c8:34:0d:
66:e1:f8:94:04:4d:2f:9e:3d:2c:09:d3:5c:f5:27:
48:fb:31:75:70:41:a6:e8:01:e5:71:a4:82:dc:f3:
8e:26:db:77:56:dc:39:8e:f1:43:15:af:fc:a8:4e:
58:2c:bc:7a:e6:b6:d5:c3:11:15:6f:b5:24:d5:2e:
67:00:23:55:aa:54:80:f5:0d:cc:21:20:46:b0:55:
22:62:75:30:a1:10:75:e4:71:7b:65:b0:2c:90:75:
2f:14:83:84:0e:d5:20:eb:cf:27:91:0e:79:8f:12:
88:a4:af:06:8a:4b:cd:c9:f2:6e:de:0d:dd:52:7e:
77:01:fd:a4:de:13:97:9e:46:39:2b:1d:a5:34:a1:
4f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8E:70:45:C5:35:A3:93:60:A3:A2:51:87:85:63:7C:F2:EC:E2:B9
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/J45wRcU1o5Ngo6JRh4VjfPLs4rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
185.190.36.0/24
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
05:9b:5f:c4:d6:90:ce:49:4d:44:34:58:84:17:b0:fc:86:8b:
18:92:e1:d2:c1:25:78:79:9c:b7:58:3a:44:bb:a6:81:5d:7b:
a2:99:0e:68:d5:cd:f3:33:61:cb:02:30:0a:99:65:db:bc:0c:
3e:e8:e7:3f:31:9a:0c:f0:00:62:87:6d:c1:a1:b6:f5:48:bd:
ac:f5:10:60:c8:0f:08:4d:ff:0d:65:06:f5:40:56:2c:66:ee:
ec:27:c6:e3:ca:a9:e1:55:37:af:d5:44:1c:0b:ab:62:fc:4b:
f2:57:7f:60:1e:9a:cb:cd:4b:dd:03:76:c2:52:16:75:37:20:
7c:2d:61:93:88:4d:34:03:56:ee:87:11:7b:9c:28:12:31:43:
1f:80:64:23:d5:79:d2:60:77:db:e9:8e:4a:d1:a2:39:c8:29:
07:e1:41:ac:34:ff:ea:0b:9a:0b:54:23:48:84:55:32:4e:0e:
f1:1f:3a:78:4f:74:db:4f:77:00:d5:86:68:c6:5c:77:e5:ca:
43:4b:00:ba:30:8a:c9:ee:58:f8:9c:27:f5:7f:d7:d7:ae:05:
1a:16:f1:c4:8d:85:a5:ac:24:fb:89:d9:34:7a:95:7f:15:5e:
10:3f:a5:80:bf:b3:62:11:34:6b:62:f2:c9:bd:96:c6:0a:99:
75:33:22:3f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYvYajkTwGpOviabxe0T6bDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjMxMTE2MTM1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzhlNzA0NWM1MzVhMzkzNjBhM2EyNTE4Nzg1NjM3Y2YyZWNlMmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFT1ZnkzbKvA8t9g1iCkEaLZGrqX
JjzV88gCNwHWklm0pcm3aOU824aBDcLfzvHgNGFfVXbtn9d9b4XYQHy5kSpehAa7
GC9dzNu1D6IFEPjzxmKr8vySxkCphOz28Rf+ZJ6Ln3guU3D3qmzDYhuMjB5EjGDI
NA1m4fiUBE0vnj0sCdNc9SdI+zF1cEGm6AHlcaSC3POOJtt3Vtw5jvFDFa/8qE5Y
LLx65rbVwxEVb7Uk1S5nACNVqlSA9Q3MISBGsFUiYnUwoRB15HF7ZbAskHUvFIOE
DtUg688nkQ55jxKIpK8GikvNyfJu3g3dUn53Af2k3hOXnkY5Kx2lNKFPvQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCeOcEXFNaOTYKOiUYeFY3zy7OK5MB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvSjQ1d1JjVTFvNU5nbzZKUmg0VmpmUExzNHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQDLuOYAwQA
ub4kMBQEAgACMA4DBQEqCieAAwUDKhDWQDANBgkqhkiG9w0BAQsFAAOCAQEABZtf
xNaQzklNRDRYhBew/IaLGJLh0sEleHmct1g6RLumgV17opkOaNXN8zNhywIwCpll
27wMPujnPzGaDPAAYodtwaG29Ui9rPUQYMgPCE3/DWUG9UBWLGbu7CfG48qp4VU3
r9VEHAurYvxL8ld/YB6ay81L3QN2wlIWdTcgfC1hk4hNNANW7ocRe5woEjFDH4Bk
I9V50mB32+mOStGiOcgpB+FBrDT/6guaC1QjSIRVMk4O8R86eE902093ANWGaMZc
d+XKQ0sAujCKye5Y+Jwn9X/X164FGhbxxI2Fpawk+4nZNHqVfxVeED+lgL+zYhE0
a2Lyyb2WxgqZdTMiPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:09 2024 by rpki-client on console-fra.rpki-client.org