Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/xfV7LKKHeiB79xLa-wCVyTnPqx8.roa
File: xfV7LKKHeiB79xLa-wCVyTnPqx8.roa (raw, json)
Hash identifier: XN0rQfLk24TS7x7uxQvBom4YywU9flGR1cA9UJIX2Lg=
Subject key identifier: C5:F5:7B:2C:A2:87:7A:20:7B:F7:12:DA:FB:00:95:C9:39:CF:AB:1F
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 018BD86B2179D4B84A7CA1478DEE40BE6C1E
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/xfV7LKKHeiB79xLa-wCVyTnPqx8.roa
Signing time: Thu 16 Nov 2023 13:56:21 +0000
ROA not before: Thu 16 Nov 2023 13:56:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
185.190.36.0/24 maxlen: 24
2a0a:2780::/31 maxlen: 31
2a0a:2781::/32 maxlen: 32
2a0a:2780::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 24 Nov 2023 08:32:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:6b:21:79:d4:b8:4a:7c:a1:47:8d:ee:40:be:6c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Nov 16 13:56:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5f57b2ca2877a207bf712dafb0095c939cfab1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ab:e0:2d:72:66:32:36:ae:ac:8f:a0:f9:ca:
eb:4e:98:6f:0d:a1:5c:0d:6f:d0:c8:4b:c5:15:3f:
5c:06:fe:9f:b0:eb:5f:aa:45:d1:76:af:58:92:8e:
50:b5:c7:bd:96:30:c0:9a:c1:b4:5a:ca:f4:ca:c7:
03:af:bc:19:79:8a:16:16:4e:01:c3:52:b3:03:5b:
b2:02:f9:15:e9:4c:26:1c:b0:23:e4:40:71:8d:4b:
03:6e:3b:e0:11:98:1c:9d:0b:0d:92:13:b4:7a:07:
21:96:43:76:fa:5d:c3:a3:f3:ff:01:98:db:50:3a:
69:65:61:11:d5:5a:8d:59:5b:42:7b:b8:d1:ab:25:
56:2a:3b:25:eb:dd:c1:75:6f:c9:e2:86:fc:e1:f5:
a4:be:72:44:bc:51:e8:6d:db:34:2e:51:a7:e2:4f:
0a:ba:38:ea:8e:eb:e4:d5:29:8d:6b:e2:69:b0:98:
58:d9:8b:9f:91:13:53:dc:38:f3:8e:67:34:d4:cc:
51:b0:d5:d5:b2:60:68:45:77:d5:e0:6a:e6:72:40:
67:27:12:55:13:8c:5f:33:32:86:3f:da:2e:38:fc:
4f:43:1e:95:a4:e4:a7:94:a9:89:c9:ea:67:88:cc:
a9:37:66:fc:03:75:f5:1b:d1:4b:fc:c1:9f:97:09:
37:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F5:7B:2C:A2:87:7A:20:7B:F7:12:DA:FB:00:95:C9:39:CF:AB:1F
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/xfV7LKKHeiB79xLa-wCVyTnPqx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
185.190.36.0/24
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
29:f6:45:7f:75:64:cc:6f:80:cb:66:00:b8:2c:d8:31:4b:da:
c3:b0:74:3b:90:c5:3e:f5:eb:70:b2:0a:1a:d1:b2:e5:00:36:
19:57:9d:1a:58:dc:f3:32:59:ce:6d:d6:cf:7d:49:e7:16:6b:
e8:22:f8:95:10:d3:a1:3a:e5:ca:cb:d0:7b:6f:b5:d4:31:81:
6b:3d:f1:d9:bc:17:2f:61:07:3c:32:d0:f4:ae:3c:8b:f9:c9:
fe:5c:6c:f5:39:85:7c:ed:2f:c6:e3:4b:98:42:b2:aa:ec:cb:
38:d0:c6:93:8b:93:55:fc:eb:ad:07:73:35:88:e4:af:93:21:
19:d0:3f:7f:1b:eb:f7:d7:07:61:8a:ba:75:70:85:ea:b2:36:
73:3e:e8:d3:2d:e0:ad:42:4a:ad:30:a7:13:83:bb:b9:57:b7:
b8:f2:23:92:f5:a1:3f:0b:ee:70:43:93:7f:a9:7e:d6:7a:1c:
02:45:0a:11:ab:87:f3:16:33:d1:d7:07:fb:69:26:d7:e1:54:
24:57:54:fd:a7:09:e7:bb:60:f2:ee:11:f6:17:4f:4c:aa:8a:
26:4c:51:76:cd:a8:1e:39:a5:e0:ba:cc:de:18:5f:b7:b9:92:
fc:e0:f6:c2:82:c5:88:a3:64:b0:52:29:30:d3:c8:79:dd:aa:
49:5f:51:51
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYvYayF51LhKfKFHje5AvmweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjMxMTE2MTM1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWY1N2IyY2EyODc3YTIwN2JmNzEyZGFmYjAwOTVjOTM5Y2ZhYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKvgLXJmMjaurI+g+crrTphvDaFc
DW/QyEvFFT9cBv6fsOtfqkXRdq9Yko5Qtce9ljDAmsG0Wsr0yscDr7wZeYoWFk4B
w1KzA1uyAvkV6UwmHLAj5EBxjUsDbjvgEZgcnQsNkhO0egchlkN2+l3Do/P/AZjb
UDppZWER1VqNWVtCe7jRqyVWKjsl693BdW/J4ob84fWkvnJEvFHobds0LlGn4k8K
ujjqjuvk1SmNa+JpsJhY2YufkRNT3Djzjmc01MxRsNXVsmBoRXfV4GrmckBnJxJV
E4xfMzKGP9ouOPxPQx6VpOSnlKmJyepniMypN2b8A3X1G9FL/MGflwk3FwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMX1eyyih3oge/cS2vsAlck5z6sfMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEveGZWN0xLS0hlaUI3OXhMYS13Q1Z5VG5QcXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQDLuOYAwQA
ub4kMBQEAgACMA4DBQEqCieAAwUDKhDWQDANBgkqhkiG9w0BAQsFAAOCAQEAKfZF
f3VkzG+Ay2YAuCzYMUvaw7B0O5DFPvXrcLIKGtGy5QA2GVedGljc8zJZzm3Wz31J
5xZr6CL4lRDToTrlysvQe2+11DGBaz3x2bwXL2EHPDLQ9K48i/nJ/lxs9TmFfO0v
xuNLmEKyquzLONDGk4uTVfzrrQdzNYjkr5MhGdA/fxvr99cHYYq6dXCF6rI2cz7o
0y3grUJKrTCnE4O7uVe3uPIjkvWhPwvucEOTf6l+1nocAkUKEauH8xYz0dcH+2km
1+FUJFdU/acJ57tg8u4R9hdPTKqKJkxRds2oHjml4LrM3hhft7mS/OD2woLFiKNk
sFIpMNPIed2qSV9RUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:28 2024 by rpki-client on console-ams.rpki-client.org