Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/oZ6OtI2LhvtHemQStWyd5yBQUjI.roa
File: oZ6OtI2LhvtHemQStWyd5yBQUjI.roa (raw, json)
Hash identifier: Ql3YCEPZy4pxuTaUBMCgyBktRj0+Go7ttwYLQ1R12uo=
Subject key identifier: A1:9E:8E:B4:8D:8B:86:FB:47:7A:64:12:B5:6C:9D:E7:20:50:52:32
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018BC307EAE2DF24FC2F203458946F88D70A
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/oZ6OtI2LhvtHemQStWyd5yBQUjI.roa
Signing time: Sun 12 Nov 2023 10:15:57 +0000
ROA not before: Sun 12 Nov 2023 10:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201771
IP address blocks: 46.49.128.0/24 maxlen: 24
46.49.133.0/24 maxlen: 24
95.177.147.0/24 maxlen: 24
95.177.146.0/24 maxlen: 24
95.177.151.0/24 maxlen: 24
95.177.150.0/24 maxlen: 24
46.49.154.0/24 maxlen: 24
95.177.160.0/19 maxlen: 19
2a02:df1::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 12 Nov 2023 10:58:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c3:07:ea:e2:df:24:fc:2f:20:34:58:94:6f:88:d7:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Nov 12 10:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a19e8eb48d8b86fb477a6412b56c9de720505232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:81:db:dc:cb:43:3f:0b:3b:7d:b8:be:63:dc:
e8:68:24:7d:dc:3f:3b:e8:56:20:00:4a:6f:ca:52:
29:09:35:f6:a3:a2:48:38:57:3e:be:c7:75:54:93:
4c:f8:05:aa:c3:80:a0:f8:51:da:b5:0e:01:10:30:
8f:95:42:13:06:3b:d9:a5:c3:b2:53:a1:90:2f:9a:
2e:ee:c8:12:b5:29:e5:12:42:c0:bd:c6:26:99:04:
8d:76:60:5e:14:05:5c:1c:2f:9c:c4:ed:db:3d:b5:
ad:da:c1:07:36:d8:f4:34:98:27:ed:5a:45:a0:aa:
fa:56:b1:d7:31:53:7a:7d:ec:58:43:f1:5c:db:80:
9f:0a:14:c5:14:75:94:3d:de:81:71:47:c6:ab:ab:
61:a2:3d:0a:38:00:39:15:30:09:62:4b:4e:36:9e:
94:b2:88:8e:3e:8f:35:9c:bd:c8:e3:74:6a:f2:09:
8c:ef:b0:9a:af:40:38:f1:91:89:97:8d:e3:c2:cc:
5b:03:da:1a:99:ef:2d:5b:49:c8:58:46:d2:e6:67:
66:91:89:7a:90:6e:f6:7a:79:44:41:c3:23:4b:92:
28:59:64:c5:c0:a6:bc:71:c1:de:5a:56:30:08:b0:
fe:ef:7e:c3:8b:33:40:4d:88:72:64:6e:63:8e:34:
4c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9E:8E:B4:8D:8B:86:FB:47:7A:64:12:B5:6C:9D:E7:20:50:52:32
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/oZ6OtI2LhvtHemQStWyd5yBQUjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.49.128.0/24
46.49.133.0/24
46.49.154.0/24
95.177.146.0/23
95.177.150.0/23
95.177.160.0/19
IPv6:
2a02:df1::/32
Signature Algorithm: sha256WithRSAEncryption
6d:6a:9e:03:2d:46:25:fb:05:9c:24:b5:a0:81:8c:5a:c6:d9:
c9:8a:04:3f:e8:34:f2:29:42:e0:09:7e:56:da:c7:7f:f3:65:
88:46:aa:03:8d:b7:1e:a2:44:a4:59:35:f3:09:c1:58:f4:89:
b9:a3:76:ff:71:c2:03:10:53:87:d8:92:28:ed:a2:ff:8a:79:
c5:6a:a9:03:69:3a:13:7a:49:81:37:25:af:09:a5:7f:85:f8:
15:60:fa:e0:43:91:53:e7:7f:93:59:cd:a7:37:44:f3:e8:6b:
9f:48:03:e2:8d:fa:de:d8:3a:f3:b1:d6:53:74:7b:73:56:83:
7e:31:63:ef:45:95:3c:36:62:6b:2f:06:20:de:a8:39:ce:98:
38:ef:0e:8f:12:86:1b:55:43:d1:1e:bb:ee:d7:9f:34:fe:de:
93:ff:d4:9a:8a:a9:3e:df:04:6d:64:ec:b7:13:45:5f:d3:23:
99:2d:9b:88:b8:b8:e4:fb:49:03:9d:fe:cd:1b:4f:7d:be:a3:
ba:ba:53:18:73:28:c4:6e:09:4a:b1:e3:c9:c2:68:d8:5a:6b:
b1:b1:fc:18:80:bb:d1:5f:f4:65:75:90:af:a8:02:59:69:4a:
97:03:06:ff:b8:5f:bf:66:d3:fb:35:7a:92:02:08:c4:c9:2b:
74:a8:ac:37
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYvDB+ri3yT8LyA0WJRviNcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjMxMTEyMTAxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTllOGViNDhkOGI4NmZiNDc3YTY0MTJiNTZjOWRlNzIwNTA1MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIHb3MtDPws7fbi+Y9zoaCR93D87
6FYgAEpvylIpCTX2o6JIOFc+vsd1VJNM+AWqw4Cg+FHatQ4BEDCPlUITBjvZpcOy
U6GQL5ou7sgStSnlEkLAvcYmmQSNdmBeFAVcHC+cxO3bPbWt2sEHNtj0NJgn7VpF
oKr6VrHXMVN6fexYQ/Fc24CfChTFFHWUPd6BcUfGq6thoj0KOAA5FTAJYktONp6U
soiOPo81nL3I43Rq8gmM77Car0A48ZGJl43jwsxbA9oame8tW0nIWEbS5mdmkYl6
kG72enlEQcMjS5IoWWTFwKa8ccHeWlYwCLD+737DizNATYhyZG5jjjRMTQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKGejrSNi4b7R3pkErVsnecgUFIyMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvb1o2T3RJMkxodnRIZW1RU3RXeWQ1eUJRVWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALjGAAwQA
LjGFAwQALjGaAwQBX7GSAwQBX7GWAwQFX7GgMA0EAgACMAcDBQAqAg3xMA0GCSqG
SIb3DQEBCwUAA4IBAQBtap4DLUYl+wWcJLWggYxaxtnJigQ/6DTyKULgCX5W2sd/
82WIRqoDjbceokSkWTXzCcFY9Im5o3b/ccIDEFOH2JIo7aL/innFaqkDaToTekmB
NyWvCaV/hfgVYPrgQ5FT53+TWc2nN0Tz6GufSAPijfre2DrzsdZTdHtzVoN+MWPv
RZU8NmJrLwYg3qg5zpg47w6PEoYbVUPRHrvu1580/t6T/9Saiqk+3wRtZOy3E0Vf
0yOZLZuIuLjk+0kDnf7NG099vqO6ulMYcyjEbglKsePJwmjYWmuxsfwYgLvRX/Rl
dZCvqAJZaUqXAwb/uF+/ZtP7NXqSAgjEySt0qKw3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:50 2024 by rpki-client on console-ams.rpki-client.org