Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/o_njx_6QV-jSqOp1Ham3KXNmrGc.roa
File: o_njx_6QV-jSqOp1Ham3KXNmrGc.roa (raw, json)
Hash identifier: qBZQkU0npdETy8NxpxBfZZtTNfwwQPuxG23LSr1An04=
Subject key identifier: A3:F9:E3:C7:FE:90:57:E8:D2:A8:EA:75:1D:A9:B7:29:73:66:AC:67
Certificate issuer: /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial: 01856ECB6998FB685EA57879E78F58194143
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/o_njx_6QV-jSqOp1Ham3KXNmrGc.roa
Signing time: Sun 01 Jan 2023 19:25:02 +0000
ROA not before: Sun 01 Jan 2023 19:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51788
IP address blocks: 46.148.32.0/24 maxlen: 24
46.148.37.0/24 maxlen: 24
46.148.33.0/24 maxlen: 24
46.148.34.0/24 maxlen: 24
46.148.42.0/24 maxlen: 24
46.148.40.0/24 maxlen: 24
46.148.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 13:27:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:69:98:fb:68:5e:a5:78:79:e7:8f:58:19:41:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Validity
Not Before: Jan 1 19:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3f9e3c7fe9057e8d2a8ea751da9b7297366ac67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a0:fa:42:2a:00:82:23:04:f2:6d:35:7d:ba:
b7:f7:b5:c3:85:1b:69:15:da:05:61:31:db:a0:1e:
76:c5:8c:26:b8:e2:13:ff:73:f9:33:44:ec:ed:f9:
36:b3:f6:56:96:1d:40:06:c4:a3:6a:e2:10:0c:d4:
9b:27:7c:51:af:9a:f3:e4:fa:52:45:b9:dd:c3:96:
23:f6:16:30:bb:f7:a2:6f:07:67:af:5e:2f:cc:a5:
d2:fe:23:26:b3:f9:a5:ee:e4:66:04:c9:6c:44:e6:
ba:5e:b1:f6:69:98:27:7c:21:3c:72:25:4d:05:77:
42:88:6d:6d:77:51:51:31:c4:a9:52:5f:1a:2c:27:
c8:ca:b6:0b:78:cc:49:8a:22:05:34:64:be:53:e0:
1b:21:63:a1:49:d1:54:d0:07:1c:06:c3:dd:f7:e7:
3f:07:e6:8f:9d:77:ba:00:23:98:48:3f:d5:74:62:
e6:99:25:14:c0:69:c2:c2:f0:9a:ad:7f:87:71:5e:
c5:80:c5:32:8d:ac:da:69:44:9b:fb:cc:a1:b1:72:
32:eb:af:aa:04:b9:6a:b2:82:67:d9:3e:de:b3:92:
1f:33:77:ec:ec:44:b1:ba:6c:90:8b:20:1f:07:24:
76:76:7c:4c:12:32:25:a7:4a:0c:d2:50:df:13:00:
53:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F9:E3:C7:FE:90:57:E8:D2:A8:EA:75:1D:A9:B7:29:73:66:AC:67
X509v3 Authority Key Identifier:
keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/o_njx_6QV-jSqOp1Ham3KXNmrGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.32.0-46.148.34.255
46.148.37.0/24
46.148.40.0/24
46.148.42.0/24
46.148.47.0/24
Signature Algorithm: sha256WithRSAEncryption
44:88:17:d1:fe:1e:b8:24:53:76:3e:d2:5c:53:08:26:2e:4c:
3f:b1:27:5f:56:63:5c:cc:ad:df:8a:11:50:b7:9c:13:68:9d:
dc:de:1f:c1:d6:3f:65:d9:6a:fc:24:a5:66:15:8d:c5:d4:da:
db:a7:0b:c7:7f:ab:d0:b3:25:47:36:98:3e:06:af:c5:45:b3:
d7:f5:a5:89:c8:dc:7c:fe:38:3f:b6:b6:d4:37:47:90:9c:34:
45:bb:32:98:ce:77:20:72:93:73:54:54:e3:47:72:df:8d:f9:
6c:6e:84:4a:a3:1c:51:7d:f6:7b:af:48:b4:ae:61:0b:f5:bc:
a4:3d:33:4c:2f:73:73:9a:6b:9e:42:90:c9:1f:64:ca:2c:28:
5b:f6:a4:d2:75:ca:e3:87:ac:e9:68:f0:9c:bb:fd:56:79:9f:
e8:40:56:59:44:f6:47:e4:6d:8c:c3:26:56:23:f5:da:56:8e:
9d:d8:96:92:4a:f4:d0:a4:9b:da:18:b2:69:1e:8e:68:0e:3f:
6d:a9:56:30:ac:eb:c1:cd:61:fc:7d:32:84:78:8d:7a:32:57:
6c:cf:09:4e:6f:31:cd:4f:19:cd:5a:be:79:0b:0e:61:c7:85:
31:20:43:35:19:2e:21:6b:56:2a:ec:df:0e:10:8f:7a:11:ea:
13:41:47:cf
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVuy2mY+2hepXh5549YGUFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjMwMTAxMTkyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y5ZTNjN2ZlOTA1N2U4ZDJhOGVhNzUxZGE5YjcyOTczNjZhYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6D6QioAgiME8m01fbq397XDhRtp
FdoFYTHboB52xYwmuOIT/3P5M0Ts7fk2s/ZWlh1ABsSjauIQDNSbJ3xRr5rz5PpS
Rbndw5Yj9hYwu/eibwdnr14vzKXS/iMms/ml7uRmBMlsROa6XrH2aZgnfCE8ciVN
BXdCiG1td1FRMcSpUl8aLCfIyrYLeMxJiiIFNGS+U+AbIWOhSdFU0AccBsPd9+c/
B+aPnXe6ACOYSD/VdGLmmSUUwGnCwvCarX+HcV7FgMUyjazaaUSb+8yhsXIy66+q
BLlqsoJn2T7es5IfM3fs7ESxumyQiyAfByR2dnxMEjIlp0oM0lDfEwBTlQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKP548f+kFfo0qjqdR2ptylzZqxnMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvb19uanhfNlFWLWpTcU9wMUhhbTNLWE5tckdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAUulCAD
BAAulCIDBAAulCUDBAAulCgDBAAulCoDBAAulC8wDQYJKoZIhvcNAQELBQADggEB
AESIF9H+HrgkU3Y+0lxTCCYuTD+xJ19WY1zMrd+KEVC3nBNondzeH8HWP2XZavwk
pWYVjcXU2tunC8d/q9CzJUc2mD4Gr8VFs9f1pYnI3Hz+OD+2ttQ3R5CcNEW7MpjO
dyByk3NUVONHct+N+WxuhEqjHFF99nuvSLSuYQv1vKQ9M0wvc3Oaa55CkMkfZMos
KFv2pNJ1yuOHrOlo8Jy7/VZ5n+hAVllE9kfkbYzDJlYj9dpWjp3YlpJK9NCkm9oY
smkejmgOP22pVjCs68HNYfx9MoR4jXoyV2zPCU5vMc1PGc1avnkLDmHHhTEgQzUZ
LiFrVirs3w4Qj3oR6hNBR88=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:47 2024 by rpki-client on console-ams.rpki-client.org