Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/69045a-a5b1-4e59-9717-23f2263b9bd2/1/3lXhAbtCZ1Njw-WgsG9NmdrtCr0.roa
File: 3lXhAbtCZ1Njw-WgsG9NmdrtCr0.roa (raw, json)
Hash identifier: G+AD6XQk263gjq2CTRR8npFhxyKSFHI/JJcgjs1Yhv8=
Subject key identifier: DE:55:E1:01:BB:42:67:53:63:C3:E5:A0:B0:6F:4D:99:DA:ED:0A:BD
Certificate issuer: /CN=293f2ec74b4066ac67a8768d8e38606efcd64013
Certificate serial: 0194842BBCF47C2C0C36702E561BE47C9963
Authority key identifier: 29:3F:2E:C7:4B:40:66:AC:67:A8:76:8D:8E:38:60:6E:FC:D6:40:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT8ux0tAZqxnqHaNjjhgbvzWQBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/69045a-a5b1-4e59-9717-23f2263b9bd2/1/3lXhAbtCZ1Njw-WgsG9NmdrtCr0.roa
Signing time: Mon 20 Jan 2025 14:44:06 +0000
ROA not before: Mon 20 Jan 2025 14:44:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57608
IP address blocks: 185.46.168.0/22 maxlen: 22
2a04:9b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 29 Jan 2025 10:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:84:2b:bc:f4:7c:2c:0c:36:70:2e:56:1b:e4:7c:99:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293f2ec74b4066ac67a8768d8e38606efcd64013
Validity
Not Before: Jan 20 14:44:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de55e101bb42675363c3e5a0b06f4d99daed0abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b4:62:d4:4f:a7:30:71:24:9d:ee:3b:a2:77:
aa:53:45:d3:3e:0b:93:ce:2b:67:e8:c0:16:c5:2c:
7d:1e:9b:50:a3:96:ad:f5:84:cc:76:26:0d:47:7b:
8e:31:50:2e:40:4a:0a:59:a1:b4:fd:17:c9:86:a8:
20:62:ad:47:bc:3c:f9:d9:ec:12:a1:9d:81:67:93:
72:86:cd:f6:09:7f:68:21:11:65:3a:91:fe:8d:bf:
7a:cf:64:e5:cb:83:0d:51:3c:18:71:4e:2a:a5:f8:
4e:9d:a3:1c:8d:38:1f:25:4d:cf:07:97:22:60:00:
36:9f:a8:d4:c5:1d:e6:3f:0b:43:02:de:6d:a5:85:
ea:6e:f8:e9:1c:92:a9:09:45:5d:30:aa:87:98:9d:
9f:45:9f:b0:df:d9:7d:cd:59:69:5c:dc:b7:13:cd:
c5:29:50:64:8d:12:16:94:fe:16:4b:61:b9:47:d2:
0d:2f:80:79:45:42:b3:99:12:f3:ab:2a:df:94:71:
4d:89:cf:c0:82:31:bb:26:7e:8d:9e:87:52:b2:23:
7b:ae:55:cb:39:dd:d3:29:e5:bf:fb:77:69:8a:5d:
01:72:91:72:c0:f8:f8:ca:eb:3d:8d:40:08:b7:32:
80:82:da:de:61:41:39:10:d3:37:87:89:c0:af:5a:
00:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:55:E1:01:BB:42:67:53:63:C3:E5:A0:B0:6F:4D:99:DA:ED:0A:BD
X509v3 Authority Key Identifier:
keyid:29:3F:2E:C7:4B:40:66:AC:67:A8:76:8D:8E:38:60:6E:FC:D6:40:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT8ux0tAZqxnqHaNjjhgbvzWQBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69045a-a5b1-4e59-9717-23f2263b9bd2/1/3lXhAbtCZ1Njw-WgsG9NmdrtCr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69045a-a5b1-4e59-9717-23f2263b9bd2/1/KT8ux0tAZqxnqHaNjjhgbvzWQBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.168.0/22
IPv6:
2a04:9b80::/29
Signature Algorithm: sha256WithRSAEncryption
86:6c:bd:33:42:0e:63:28:6e:7c:d8:73:b2:d1:c9:c7:3d:43:
ce:01:bc:2b:01:cc:f4:d5:66:7b:7b:48:e2:6c:ea:96:fc:db:
69:b7:fd:cf:09:be:0b:81:b4:52:54:f7:ed:17:85:a2:66:4c:
75:d2:e1:e4:c1:43:ef:31:4a:d2:6c:49:f6:7f:6b:23:56:09:
ed:84:8d:ff:54:d4:63:b7:83:6a:fb:16:ee:02:a3:f1:60:51:
e5:15:d0:01:21:1f:77:c9:be:bb:8c:29:d7:26:e3:58:44:26:
0f:87:1c:32:69:a9:57:4a:f6:05:21:ac:b4:eb:4a:86:32:6b:
2a:32:45:cf:86:b4:f0:d6:e3:06:a3:b7:aa:25:7e:79:2c:88:
ec:b4:89:3c:1a:6f:3b:7f:50:d5:b0:fb:64:8d:fc:72:d7:63:
c3:40:f2:5a:42:22:b0:d6:8f:36:4d:2b:cf:6b:9f:80:f5:e6:
ee:8c:94:28:db:a4:6e:65:77:a2:b3:52:03:a6:ad:6d:cb:61:
72:ae:7a:59:be:8e:b8:3b:e8:a6:c4:dd:c4:67:b2:1d:21:29:
e8:8a:80:16:29:f0:ba:89:2f:67:fb:07:00:17:3b:c1:40:59:
21:47:bb:33:1d:f3:27:d2:8d:8e:9b:f1:8e:b4:56:a2:0b:00:
01:2a:ae:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSEK7z0fCwMNnAuVhvkfJljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2YyZWM3NGI0MDY2YWM2N2E4NzY4ZDhlMzg2MDZlZmNk
NjQwMTMwHhcNMjUwMTIwMTQ0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU1ZTEwMWJiNDI2NzUzNjNjM2U1YTBiMDZmNGQ5OWRhZWQwYWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLRi1E+nMHEkne47oneqU0XTPguT
zitn6MAWxSx9HptQo5at9YTMdiYNR3uOMVAuQEoKWaG0/RfJhqggYq1HvDz52ewS
oZ2BZ5Nyhs32CX9oIRFlOpH+jb96z2Tly4MNUTwYcU4qpfhOnaMcjTgfJU3PB5ci
YAA2n6jUxR3mPwtDAt5tpYXqbvjpHJKpCUVdMKqHmJ2fRZ+w39l9zVlpXNy3E83F
KVBkjRIWlP4WS2G5R9INL4B5RUKzmRLzqyrflHFNic/AgjG7Jn6NnodSsiN7rlXL
Od3TKeW/+3dpil0BcpFywPj4yus9jUAItzKAgtreYUE5ENM3h4nAr1oA2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN5V4QG7QmdTY8PloLBvTZna7Qq9MB8GA1UdIwQY
MBaAFCk/LsdLQGasZ6h2jY44YG781kATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q4dXgwdEFacXhucUhhTmpqaGdidnpXUUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82OTA0NWEtYTViMS00ZTU5LTk3MTct
MjNmMjI2M2I5YmQyLzEvM2xYaEFidENaMU5qdy1XZ3NHOU5tZHJ0Q3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82OTA0NWEtYTViMS00ZTU5LTk3MTctMjNmMjI2M2I5YmQy
LzEvS1Q4dXgwdEFacXhucUhhTmpqaGdidnpXUUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS6oMA0E
AgACMAcDBQMqBJuAMA0GCSqGSIb3DQEBCwUAA4IBAQCGbL0zQg5jKG582HOy0cnH
PUPOAbwrAcz01WZ7e0jibOqW/Ntpt/3PCb4LgbRSVPftF4WiZkx10uHkwUPvMUrS
bEn2f2sjVgnthI3/VNRjt4Nq+xbuAqPxYFHlFdABIR93yb67jCnXJuNYRCYPhxwy
aalXSvYFIay060qGMmsqMkXPhrTw1uMGo7eqJX55LIjstIk8Gm87f1DVsPtkjfxy
12PDQPJaQiKw1o82TSvPa5+A9ebujJQo26RuZXeis1IDpq1ty2FyrnpZvo64O+im
xN3EZ7IdISnoioAWKfC6iS9n+wcAFzvBQFkhR7szHfMn0o2Om/GOtFaiCwABKq7q
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:18:19 2025 by rpki-client