Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/S5epo7cifB6aX-NY1NuIylym10k.roa
File: S5epo7cifB6aX-NY1NuIylym10k.roa (raw, json)
Hash identifier: E1R4Ll4ihBJ/A1To3tkyOoH+5zLC9wAhnDcQC7FzTZw=
Subject key identifier: 4B:97:A9:A3:B7:22:7C:1E:9A:5F:E3:58:D4:DB:88:CA:5C:A6:D7:49
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018E1983DBB265F00F957253433D373BE992
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/S5epo7cifB6aX-NY1NuIylym10k.roa
Signing time: Thu 07 Mar 2024 15:24:15 +0000
ROA not before: Thu 07 Mar 2024 15:24:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.110.0/24 maxlen: 24
62.217.129.0/24 maxlen: 24
62.217.131.0/24 maxlen: 24
62.217.134.0/24 maxlen: 24
62.217.138.0/24 maxlen: 24
62.217.141.0/24 maxlen: 24
62.217.142.0/24 maxlen: 24
62.217.146.0/24 maxlen: 24
62.217.147.0/24 maxlen: 24
62.217.148.0/24 maxlen: 24
62.217.149.0/24 maxlen: 24
62.217.151.0/24 maxlen: 24
62.217.156.0/24 maxlen: 24
62.217.157.0/24 maxlen: 24
62.217.158.0/24 maxlen: 24
62.217.159.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
188.64.8.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 11 Mar 2024 11:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:83:db:b2:65:f0:0f:95:72:53:43:3d:37:3b:e9:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Mar 7 15:24:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b97a9a3b7227c1e9a5fe358d4db88ca5ca6d749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:44:10:f4:9f:8a:76:02:fe:0e:fd:2c:02:b9:
7f:a9:93:06:1a:d5:e9:e7:23:1f:da:56:3f:85:bd:
c2:a3:5a:7d:87:b9:09:bd:c9:ac:f2:ca:0e:99:98:
c5:e9:1d:44:9c:28:c1:50:9b:1c:40:eb:24:e1:92:
cc:23:48:02:bc:e9:72:16:a5:62:62:f9:2b:d9:9b:
60:76:ad:9b:8f:ff:f0:43:20:23:d2:8e:a3:9d:40:
8e:83:a6:b2:6a:e6:54:13:7a:65:bc:38:18:3e:c1:
91:59:8b:04:89:2b:53:21:3a:3a:4e:1e:92:51:00:
d0:12:dc:90:eb:98:f2:bb:36:93:3f:c7:9b:c5:d8:
43:ca:c9:6b:4e:c8:ec:c9:76:87:b7:c0:bd:0c:67:
bd:71:66:d7:48:76:a6:df:e8:28:4e:2d:b8:aa:05:
dd:cc:82:63:c0:51:55:b5:16:bb:43:fd:7f:02:95:
be:55:50:d7:c4:86:18:40:48:b8:bb:c6:f0:33:7f:
3d:3c:0f:15:db:80:8c:37:8b:b8:18:85:53:2b:16:
cf:a9:01:76:f5:db:e9:01:c0:0e:8c:48:aa:6e:0f:
68:24:dd:8d:95:1e:4b:ae:44:aa:77:58:87:fb:3b:
b7:29:c1:14:82:a0:e1:4b:75:9f:51:39:6c:b8:ef:
e1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:97:A9:A3:B7:22:7C:1E:9A:5F:E3:58:D4:DB:88:CA:5C:A6:D7:49
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/S5epo7cifB6aX-NY1NuIylym10k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.110.0/24
62.217.129.0/24
62.217.131.0/24
62.217.134.0/24
62.217.138.0/24
62.217.141.0-62.217.142.255
62.217.146.0-62.217.149.255
62.217.151.0/24
62.217.156.0/22
164.215.97.0/24
185.81.217.0/24
188.64.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:0f:a9:af:0f:78:0b:b4:ca:b5:4f:aa:66:2c:83:2b:3c:d9:
76:72:42:29:c8:03:df:3b:fb:ed:2a:a2:e3:76:0b:4c:8b:ae:
89:be:9d:54:4b:34:e7:10:03:59:39:0a:6f:53:a0:1f:d8:8b:
4a:0d:d8:ea:e4:54:78:d2:d8:0c:94:0a:00:fe:c4:9f:f7:41:
50:81:1e:95:a4:31:41:3b:a3:9a:a5:7b:8e:3e:ff:81:bf:59:
73:a4:69:d9:41:23:4a:23:ef:e3:e6:0d:38:8c:2f:76:66:38:
8a:38:3a:4d:0c:b9:4e:7f:a3:c3:5a:9a:f9:7b:20:0a:fb:9a:
d3:d3:7a:f3:4b:46:36:c2:7f:38:39:3a:5a:a9:b0:fa:82:4f:
53:9c:c6:ba:7a:41:29:08:49:0d:12:ff:53:a2:e0:dd:02:6f:
7b:c5:36:68:46:86:0a:2f:43:a2:d6:ed:0f:4f:85:87:f8:6a:
c1:0a:39:1b:71:be:11:6f:d2:a5:ce:77:da:cf:bd:68:72:2f:
bc:ed:d0:6d:36:a2:b3:1f:43:e2:0f:ad:37:33:fb:2d:c9:41:
60:d3:31:31:d1:9f:c7:ae:79:43:eb:db:f4:1a:33:7e:11:0b:
79:d7:9d:ed:04:23:b9:e3:e0:d6:5c:b1:86:f6:e7:a1:95:f6:
cf:cd:47:ad
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY4Zg9uyZfAPlXJTQz03O+mSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMzA3MTUyNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjk3YTlhM2I3MjI3YzFlOWE1ZmUzNThkNGRiODhjYTVjYTZkNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0QQ9J+KdgL+Dv0sArl/qZMGGtXp
5yMf2lY/hb3Co1p9h7kJvcms8soOmZjF6R1EnCjBUJscQOsk4ZLMI0gCvOlyFqVi
Yvkr2Ztgdq2bj//wQyAj0o6jnUCOg6ayauZUE3plvDgYPsGRWYsEiStTITo6Th6S
UQDQEtyQ65jyuzaTP8ebxdhDyslrTsjsyXaHt8C9DGe9cWbXSHam3+goTi24qgXd
zIJjwFFVtRa7Q/1/ApW+VVDXxIYYQEi4u8bwM389PA8V24CMN4u4GIVTKxbPqQF2
9dvpAcAOjEiqbg9oJN2NlR5LrkSqd1iH+zu3KcEUgqDhS3WfUTlsuO/huQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFEuXqaO3Inweml/jWNTbiMpcptdJMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvUzVlcG83Y2lmQjZhWC1OWTFOdUl5bHltMTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQALhduAwQA
PtmBAwQAPtmDAwQAPtmGAwQAPtmKMAwDBAA+2Y0DBAA+2Y4wDAMEAT7ZkgMEAT7Z
lAMEAD7ZlwMEAj7ZnAMEAKTXYQMEALlR2QMEArxACDANBgkqhkiG9w0BAQsFAAOC
AQEASw+prw94C7TKtU+qZiyDKzzZdnJCKcgD3zv77Sqi43YLTIuuib6dVEs05xAD
WTkKb1OgH9iLSg3Y6uRUeNLYDJQKAP7En/dBUIEelaQxQTujmqV7jj7/gb9Zc6Rp
2UEjSiPv4+YNOIwvdmY4ijg6TQy5Tn+jw1qa+XsgCvua09N680tGNsJ/ODk6Wqmw
+oJPU5zGunpBKQhJDRL/U6Lg3QJve8U2aEaGCi9DotbtD0+Fh/hqwQo5G3G+EW/S
pc532s+9aHIvvO3QbTaisx9D4g+tNzP7LclBYNMxMdGfx655Q+vb9BozfhELeded
7QQjuePg1lyxhvbnoZX2z81HrQ==
-----END CERTIFICATE-----
Generated at Mon Mar 11 15:12:38 2024 by rpki-client on console-ams.rpki-client.org