Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/83168b-6b40-4d12-8ed7-1f99317c6c94/1/nX1zYJakfg49pTEVrVyz8GL__5I.roa
File: nX1zYJakfg49pTEVrVyz8GL__5I.roa (raw, json)
Hash identifier: +lK7S91Ek8xj61jqTAJtauDQ+q/kJCDp2U3KQk34Akc=
Subject key identifier: 9D:7D:73:60:96:A4:7E:0E:3D:A5:31:15:AD:5C:B3:F0:62:FF:FF:92
Certificate issuer: /CN=28526132c4fcf6b4cdff740255602ccf9dcb042f
Certificate serial: 018CC5DC0219BAB1F4538DE354DCC751E76F
Authority key identifier: 28:52:61:32:C4:FC:F6:B4:CD:FF:74:02:55:60:2C:CF:9D:CB:04:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KFJhMsT89rTN_3QCVWAsz53LBC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/83168b-6b40-4d12-8ed7-1f99317c6c94/1/nX1zYJakfg49pTEVrVyz8GL__5I.roa
Signing time: Mon 01 Jan 2024 16:29:39 +0000
ROA not before: Mon 01 Jan 2024 16:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47337
IP address blocks: 46.16.152.0/21 maxlen: 24
2a02:2520::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:02:19:ba:b1:f4:53:8d:e3:54:dc:c7:51:e7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28526132c4fcf6b4cdff740255602ccf9dcb042f
Validity
Not Before: Jan 1 16:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d7d736096a47e0e3da53115ad5cb3f062ffff92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5c:9c:8e:2c:94:6b:d8:09:de:2e:c2:2c:51:
45:76:43:33:13:6f:76:18:7e:87:61:39:25:84:78:
33:56:ca:5a:d2:3e:dc:ef:22:f0:14:4a:0d:e8:52:
24:f7:70:f1:30:85:7c:e7:1d:d6:01:51:fc:aa:55:
73:bb:86:35:d5:25:5e:f6:d8:9f:f2:05:86:c9:1e:
9a:36:6d:f6:55:2f:d9:fd:1b:5f:e3:62:5a:03:6f:
25:39:b6:db:83:16:5e:a1:59:4f:dc:c6:70:a7:31:
35:99:5f:8a:e2:0b:9b:82:8c:f6:6a:f9:08:09:86:
8a:5d:3e:eb:9c:26:d0:64:93:cc:60:ec:87:02:70:
49:15:f2:99:e6:f0:ec:bd:41:e5:17:ff:c0:a9:26:
7f:c6:24:63:1c:ff:21:a1:0b:9f:6b:fe:8e:2c:d7:
33:48:66:13:a1:4f:fb:99:11:0d:d4:4b:03:9b:46:
6e:60:f0:79:e3:cf:a1:9d:4b:10:07:e9:00:0e:26:
fe:df:c9:f1:4b:90:1a:7e:54:dd:48:30:36:e7:52:
5d:21:50:cb:b4:46:f0:92:ba:2c:1a:5d:c7:f7:71:
c7:17:da:77:95:f6:e1:66:ba:63:8a:bb:ad:a7:e4:
dd:cc:85:d5:69:d6:12:68:c8:99:95:5d:1e:ba:9a:
fa:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7D:73:60:96:A4:7E:0E:3D:A5:31:15:AD:5C:B3:F0:62:FF:FF:92
X509v3 Authority Key Identifier:
keyid:28:52:61:32:C4:FC:F6:B4:CD:FF:74:02:55:60:2C:CF:9D:CB:04:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KFJhMsT89rTN_3QCVWAsz53LBC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/83168b-6b40-4d12-8ed7-1f99317c6c94/1/nX1zYJakfg49pTEVrVyz8GL__5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/83168b-6b40-4d12-8ed7-1f99317c6c94/1/KFJhMsT89rTN_3QCVWAsz53LBC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.152.0/21
IPv6:
2a02:2520::/32
Signature Algorithm: sha256WithRSAEncryption
a4:aa:0d:66:dd:8d:25:38:dc:00:e7:a7:aa:14:9c:b0:86:56:
b5:5d:ee:79:ad:c7:d8:11:e5:e0:d7:36:75:e5:21:43:f1:f3:
aa:ff:eb:41:cb:39:eb:35:6d:66:da:3f:55:88:64:3c:7f:11:
87:61:72:fa:6c:c9:8b:c3:6f:7d:59:58:9b:a3:dc:ad:d6:70:
88:33:1a:57:73:99:aa:7c:45:c7:b7:e0:66:21:32:42:43:6d:
4a:b8:0c:90:4d:ee:5a:fe:c6:67:ad:ac:cd:00:e7:27:1b:74:
58:20:c6:d8:31:b9:ba:56:4c:f3:f9:66:37:f8:b2:95:7e:e4:
55:2a:cf:44:62:a9:33:e4:61:e5:5d:8d:74:73:09:b2:8e:0b:
d8:51:d5:ce:76:4c:16:98:2e:25:f1:b3:30:e1:6c:13:c7:9f:
42:6e:69:ae:33:a9:16:32:37:fe:d1:07:d1:72:ce:ec:e8:32:
a1:30:76:5b:6c:8d:21:a7:2b:44:a8:34:7a:52:df:43:6c:81:
6c:09:56:68:df:b0:48:bc:c8:da:ff:26:2c:eb:4b:72:2f:70:
74:09:10:8e:11:e7:e0:95:b5:df:fe:53:05:a1:5e:ef:88:9d:
a6:43:8e:2b:56:57:77:a2:07:00:0c:74:7d:aa:f0:f6:7e:c4:
2a:44:66:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3AIZurH0U43jVNzHUedvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NTI2MTMyYzRmY2Y2YjRjZGZmNzQwMjU1NjAyY2NmOWRj
YjA0MmYwHhcNMjQwMTAxMTYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdkNzM2MDk2YTQ3ZTBlM2RhNTMxMTVhZDVjYjNmMDYyZmZmZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1ycjiyUa9gJ3i7CLFFFdkMzE292
GH6HYTklhHgzVspa0j7c7yLwFEoN6FIk93DxMIV85x3WAVH8qlVzu4Y11SVe9tif
8gWGyR6aNm32VS/Z/Rtf42JaA28lObbbgxZeoVlP3MZwpzE1mV+K4gubgoz2avkI
CYaKXT7rnCbQZJPMYOyHAnBJFfKZ5vDsvUHlF//AqSZ/xiRjHP8hoQufa/6OLNcz
SGYToU/7mREN1EsDm0ZuYPB548+hnUsQB+kADib+38nxS5AaflTdSDA251JdIVDL
tEbwkrosGl3H93HHF9p3lfbhZrpjirutp+TdzIXVadYSaMiZlV0eupr6qwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ19c2CWpH4OPaUxFa1cs/Bi//+SMB8GA1UdIwQY
MBaAFChSYTLE/Pa0zf90AlVgLM+dywQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0ZKaE1zVDg5clROXzNRQ1ZXQXN6NTNMQkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC84MzE2OGItNmI0MC00ZDEyLThlZDct
MWY5OTMxN2M2Yzk0LzEvblgxellKYWtmZzQ5cFRFVnJWeXo4R0xfXzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC84MzE2OGItNmI0MC00ZDEyLThlZDctMWY5OTMxN2M2Yzk0
LzEvS0ZKaE1zVDg5clROXzNRQ1ZXQXN6NTNMQkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLhCYMA0E
AgACMAcDBQAqAiUgMA0GCSqGSIb3DQEBCwUAA4IBAQCkqg1m3Y0lONwA56eqFJyw
hla1Xe55rcfYEeXg1zZ15SFD8fOq/+tByznrNW1m2j9ViGQ8fxGHYXL6bMmLw299
WVibo9yt1nCIMxpXc5mqfEXHt+BmITJCQ21KuAyQTe5a/sZnrazNAOcnG3RYIMbY
Mbm6Vkzz+WY3+LKVfuRVKs9EYqkz5GHlXY10cwmyjgvYUdXOdkwWmC4l8bMw4WwT
x59CbmmuM6kWMjf+0QfRcs7s6DKhMHZbbI0hpytEqDR6Ut9DbIFsCVZo37BIvMja
/yYs60tyL3B0CRCOEefglbXf/lMFoV7viJ2mQ44rVld3ogcADHR9qvD2fsQqRGYo
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:37:46 2025 by rpki-client