Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/YGjU5Zz6QqoQt8j_lqsD0xokxAQ.roa
File: YGjU5Zz6QqoQt8j_lqsD0xokxAQ.roa (raw, json)
Hash identifier: osseeez7mdK5bi6gfDMm31ZkYn7I/cWgQTsGn971DHE=
Subject key identifier: 60:68:D4:E5:9C:FA:42:AA:10:B7:C8:FF:96:AB:03:D3:1A:24:C4:04
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 018BD846828D46FA6FE41B1C088A35C1EB0D
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/YGjU5Zz6QqoQt8j_lqsD0xokxAQ.roa
Signing time: Thu 16 Nov 2023 13:16:21 +0000
ROA not before: Thu 16 Nov 2023 13:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
185.190.36.0/24 maxlen: 24
2a0a:2780::/31 maxlen: 31
2a10:d640::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 Nov 2023 13:55:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:46:82:8d:46:fa:6f:e4:1b:1c:08:8a:35:c1:eb:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Nov 16 13:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6068d4e59cfa42aa10b7c8ff96ab03d31a24c404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2d:a1:ca:9e:58:46:ba:28:bf:3f:9b:0c:7b:
14:24:85:dd:f6:cd:6d:44:8f:29:fb:f4:40:0e:29:
bd:3f:7d:68:09:1e:ac:3a:a8:a2:d0:38:d1:59:94:
7d:21:c9:92:a0:bf:30:90:17:36:e1:b2:87:a7:d4:
99:05:54:ab:d2:39:9b:3f:a3:13:c9:8c:bd:cb:31:
d9:64:d4:51:30:67:89:86:bb:10:be:68:ce:4f:e0:
da:6a:c9:52:a1:68:3f:8e:5b:0d:64:f8:9a:a8:ae:
60:87:2c:a9:df:0d:ef:99:2c:57:7c:7a:88:43:35:
f5:58:cf:7d:44:f4:b7:20:5b:90:f8:88:18:5e:5f:
34:49:ca:8e:1b:f9:ba:6a:da:de:2c:d7:f6:f6:72:
a8:ed:75:cd:18:04:d9:8c:02:6b:39:7f:ea:8a:8c:
71:8c:99:4c:95:65:42:8c:9b:70:1b:56:60:c1:20:
81:31:55:0b:5c:bc:55:4f:96:82:02:62:a8:4a:cd:
1f:f4:3d:73:f2:e1:25:9f:74:6c:68:40:b4:c7:cb:
9f:1b:ff:1d:ce:39:86:86:6a:58:f0:4c:7c:ac:85:
7c:37:35:8d:ea:e7:4a:a9:a9:39:bb:d2:2e:be:af:
73:62:63:41:b4:d3:1f:0a:31:42:c8:69:62:13:ae:
75:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:68:D4:E5:9C:FA:42:AA:10:B7:C8:FF:96:AB:03:D3:1A:24:C4:04
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/YGjU5Zz6QqoQt8j_lqsD0xokxAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
185.190.36.0/24
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
18:78:a1:a0:c1:1e:1a:f3:be:65:95:ce:30:af:c1:48:89:12:
20:b8:ab:3d:65:b3:f8:82:5f:35:df:b6:fe:e5:f6:85:f4:c7:
cf:79:ee:27:03:08:ec:58:c3:3c:38:21:3c:79:dd:91:cf:a0:
34:ea:a8:ee:08:26:90:32:59:97:f9:e5:2c:2a:48:79:f2:8f:
04:21:9c:30:c1:23:d8:fb:76:3b:28:ca:1d:a1:40:88:4e:9c:
e8:7e:d4:f8:b8:77:31:07:13:86:7b:52:83:a2:6f:c5:4f:c4:
b4:f2:d0:fa:fe:73:25:28:9e:25:f2:ca:d7:6a:a1:86:16:39:
4b:f5:4e:c1:09:77:a8:87:1a:05:84:59:b6:5f:ef:8c:de:3f:
7f:2f:e7:69:aa:54:cd:0d:ef:fa:0d:9e:a0:d2:f3:68:96:2a:
7d:29:c0:b9:6e:1a:e6:c8:a7:d1:79:0b:f4:73:11:6f:39:a4:
4a:5a:20:50:27:08:80:e2:8a:42:58:f0:a6:eb:00:bc:a6:9c:
36:e0:bb:6a:60:23:c9:e4:5d:c2:5c:7b:b9:72:c6:2e:b3:14:
b9:61:ef:74:66:29:28:9c:62:ee:c0:5a:74:d4:72:92:f1:9a:
9d:e5:d6:a5:b2:78:de:c1:27:97:96:d2:98:9c:d3:d5:c3:87:
04:4e:9e:15
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYvYRoKNRvpv5BscCIo1wesNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjMxMTE2MTMxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDY4ZDRlNTljZmE0MmFhMTBiN2M4ZmY5NmFiMDNkMzFhMjRjNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgC2hyp5YRroovz+bDHsUJIXd9s1t
RI8p+/RADim9P31oCR6sOqii0DjRWZR9IcmSoL8wkBc24bKHp9SZBVSr0jmbP6MT
yYy9yzHZZNRRMGeJhrsQvmjOT+DaaslSoWg/jlsNZPiaqK5ghyyp3w3vmSxXfHqI
QzX1WM99RPS3IFuQ+IgYXl80ScqOG/m6atreLNf29nKo7XXNGATZjAJrOX/qioxx
jJlMlWVCjJtwG1ZgwSCBMVULXLxVT5aCAmKoSs0f9D1z8uEln3RsaEC0x8ufG/8d
zjmGhmpY8Ex8rIV8NzWN6udKqak5u9Iuvq9zYmNBtNMfCjFCyGliE651zwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGBo1OWc+kKqELfI/5arA9MaJMQEMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvWUdqVTVaejZRcW9RdDhqX2xxc0QweG9reEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQDLuOYAwQA
ub4kMBQEAgACMA4DBQEqCieAAwUDKhDWQDANBgkqhkiG9w0BAQsFAAOCAQEAGHih
oMEeGvO+ZZXOMK/BSIkSILirPWWz+IJfNd+2/uX2hfTHz3nuJwMI7FjDPDghPHnd
kc+gNOqo7ggmkDJZl/nlLCpIefKPBCGcMMEj2Pt2OyjKHaFAiE6c6H7U+Lh3MQcT
hntSg6JvxU/EtPLQ+v5zJSieJfLK12qhhhY5S/VOwQl3qIcaBYRZtl/vjN4/fy/n
aapUzQ3v+g2eoNLzaJYqfSnAuW4a5sin0XkL9HMRbzmkSlogUCcIgOKKQljwpusA
vKacNuC7amAjyeRdwlx7uXLGLrMUuWHvdGYpKJxi7sBadNRykvGaneXWpbJ43sEn
l5bSmJzT1cOHBE6eFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:28 2024 by rpki-client on console-ams.rpki-client.org