Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/dlygQmtzC-ssn9a4ZuuzpnEmamU.roa
File: dlygQmtzC-ssn9a4ZuuzpnEmamU.roa (raw, json)
Hash identifier: LNIeY2VBtY9FAAZuolAQD9Fbm7LF80pdtbwAHl6izZI=
Subject key identifier: 76:5C:A0:42:6B:73:0B:EB:2C:9F:D6:B8:66:EB:B3:A6:71:26:6A:65
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 018CC2DB438085375243F2E241AD5CDADFDE
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/dlygQmtzC-ssn9a4ZuuzpnEmamU.roa
Signing time: Mon 01 Jan 2024 02:29:58 +0000
ROA not before: Mon 01 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206774
IP address blocks: 46.227.152.0/21 maxlen: 21
185.176.244.0/23 maxlen: 23
185.176.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 11:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:43:80:85:37:52:43:f2:e2:41:ad:5c:da:df:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Jan 1 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=765ca0426b730beb2c9fd6b866ebb3a671266a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:00:5e:62:1f:5c:4f:43:34:9c:cf:5f:7f:2e:
6d:ea:b3:de:fd:a7:18:6f:d1:56:4c:91:87:37:30:
a3:92:9c:28:9f:0c:00:7f:89:94:10:44:0e:82:b7:
02:87:51:6e:da:b8:78:a2:c7:e2:3d:bf:f2:95:be:
6c:73:bd:9b:2b:63:9d:17:08:c2:df:f8:d2:e1:13:
95:6c:34:19:c2:2d:a0:f0:7e:99:40:25:39:2f:18:
05:b4:55:d1:ca:14:0c:be:b6:ab:8b:ce:62:6c:85:
75:f4:1a:5c:0d:24:32:45:b6:31:e4:fe:2e:07:e7:
61:55:87:86:e0:84:15:36:b8:5c:f9:9a:c2:cc:15:
ef:b3:53:f7:f0:a7:81:35:f4:07:69:1a:1f:df:a4:
24:9f:9b:15:51:1d:df:65:ac:22:f0:16:b3:f7:f6:
40:04:de:ff:f5:2f:fe:98:29:49:c4:c7:fd:d7:1a:
c6:dd:08:4f:18:72:0a:fd:9c:84:e0:4d:32:66:d5:
95:1e:97:cd:09:e3:1f:8f:ba:7b:41:35:37:6f:10:
32:25:9e:bb:06:60:f3:31:26:38:d5:a1:d8:cf:a2:
97:73:7f:a4:dd:61:10:bf:fc:07:a3:80:35:ad:64:
3c:e0:47:fc:90:8e:8e:14:e4:9e:85:91:39:1d:39:
05:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:5C:A0:42:6B:73:0B:EB:2C:9F:D6:B8:66:EB:B3:A6:71:26:6A:65
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/dlygQmtzC-ssn9a4ZuuzpnEmamU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
185.176.244.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:a0:9d:b1:57:80:ba:da:3d:3f:f5:47:dd:bf:4e:47:00:2d:
2d:e2:ff:08:f6:3c:27:30:55:4b:f5:11:3b:cb:de:40:77:08:
9f:a5:1c:89:0c:91:5c:03:69:f9:0e:79:13:67:c7:90:a6:2e:
c6:5f:c5:9a:11:09:8d:40:c3:65:74:5e:fa:94:0c:ca:58:5c:
82:0c:87:ba:a0:5b:bd:d6:19:54:67:c8:0c:60:d2:d1:d2:9b:
db:76:e2:d6:65:ec:e3:81:96:fb:e6:1d:4f:1d:ba:25:85:70:
70:94:ce:64:aa:98:4c:04:bb:a2:bf:69:9c:4d:ca:63:3e:60:
e2:fa:07:dd:6e:0a:a2:3a:ef:d8:c7:48:ba:a0:6f:85:d2:de:
44:a9:77:7e:f7:c0:7d:c7:8c:3e:8a:08:20:51:52:b1:ea:5b:
db:f2:f5:38:4d:89:79:7a:65:d9:3f:9d:a5:4d:71:24:55:a0:
1d:5d:b7:03:1a:5c:42:c3:f7:c7:7b:a9:ed:fd:fa:73:ec:5b:
77:76:d9:72:92:dc:17:22:3b:a1:02:7a:3a:a0:8a:76:30:42:
1f:cc:ba:51:5b:50:25:a2:9d:9e:8e:3c:ff:14:94:3c:6d:7e:
2a:84:09:45:3c:56:a6:c6:b6:5c:a8:6d:e9:fc:d4:0a:60:bf:
00:11:2f:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC20OAhTdSQ/LiQa1c2t/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjVjYTA0MjZiNzMwYmViMmM5ZmQ2Yjg2NmViYjNhNjcxMjY2YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwBeYh9cT0M0nM9ffy5t6rPe/acY
b9FWTJGHNzCjkpwonwwAf4mUEEQOgrcCh1Fu2rh4osfiPb/ylb5sc72bK2OdFwjC
3/jS4ROVbDQZwi2g8H6ZQCU5LxgFtFXRyhQMvrari85ibIV19BpcDSQyRbYx5P4u
B+dhVYeG4IQVNrhc+ZrCzBXvs1P38KeBNfQHaRof36Qkn5sVUR3fZawi8Baz9/ZA
BN7/9S/+mClJxMf91xrG3QhPGHIK/ZyE4E0yZtWVHpfNCeMfj7p7QTU3bxAyJZ67
BmDzMSY41aHYz6KXc3+k3WEQv/wHo4A1rWQ84Ef8kI6OFOSehZE5HTkF+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHZcoEJrcwvrLJ/WuGbrs6ZxJmplMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvZGx5Z1FtdHpDLXNzbjlhNFp1dXpwbkVtYW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLuOYAwQB
ubD0MA0GCSqGSIb3DQEBCwUAA4IBAQCLoJ2xV4C62j0/9Ufdv05HAC0t4v8I9jwn
MFVL9RE7y95AdwifpRyJDJFcA2n5DnkTZ8eQpi7GX8WaEQmNQMNldF76lAzKWFyC
DIe6oFu91hlUZ8gMYNLR0pvbduLWZezjgZb75h1PHbolhXBwlM5kqphMBLuiv2mc
TcpjPmDi+gfdbgqiOu/Yx0i6oG+F0t5EqXd+98B9x4w+igggUVKx6lvb8vU4TYl5
emXZP52lTXEkVaAdXbcDGlxCw/fHe6nt/fpz7Ft3dtlyktwXIjuhAno6oIp2MEIf
zLpRW1Alop2ejjz/FJQ8bX4qhAlFPFamxrZcqG3p/NQKYL8AES8/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:55 2025 by rpki-client