Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/oQBYEyjXhE6G_LNdl7hpTi1j4MM.roa
File: oQBYEyjXhE6G_LNdl7hpTi1j4MM.roa (raw, json)
Hash identifier: s2wTzjGWqmcjJ0cVjDRPKyFF/qN6cetbQyXfAdtafXg=
Subject key identifier: A1:00:58:13:28:D7:84:4E:86:FC:B3:5D:97:B8:69:4E:2D:63:E0:C3
Certificate issuer: /CN=74aa9312af4c3d9cee082c9541a6b65ada569b3c
Certificate serial: 019344A42BFCF132446804A124121F652E51
Authority key identifier: 74:AA:93:12:AF:4C:3D:9C:EE:08:2C:95:41:A6:B6:5A:DA:56:9B:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKqTEq9MPZzuCCyVQaa2WtpWmzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/oQBYEyjXhE6G_LNdl7hpTi1j4MM.roa
Signing time: Tue 19 Nov 2024 13:37:10 +0000
ROA not before: Tue 19 Nov 2024 13:37:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205820
IP address blocks: 46.53.196.0/24 maxlen: 24
128.140.254.0/24 maxlen: 24
178.163.224.0/19 maxlen: 19
178.163.230.0/23 maxlen: 23
185.183.120.0/22 maxlen: 22
185.204.116.0/22 maxlen: 22
2a0a:f240::/29 maxlen: 29
2a0a:f241::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:a4:2b:fc:f1:32:44:68:04:a1:24:12:1f:65:2e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74aa9312af4c3d9cee082c9541a6b65ada569b3c
Validity
Not Before: Nov 19 13:37:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a100581328d7844e86fcb35d97b8694e2d63e0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:09:4a:23:fb:88:bb:18:8d:31:cc:84:25:32:
5b:73:bb:98:80:4a:9a:9f:fa:3c:2d:ea:da:94:61:
eb:df:1c:88:f5:8d:c5:72:0a:24:dd:84:04:e3:06:
2a:e7:b4:1f:66:fd:cf:1e:82:49:95:cb:bc:32:3c:
f1:1d:c1:31:eb:db:58:1d:e2:67:de:41:ec:9f:cd:
ef:df:d8:e8:36:ff:ab:da:db:59:11:69:58:44:e5:
ef:06:27:4b:61:35:c6:e6:cb:d8:59:35:1e:0d:8d:
70:73:cc:5c:fe:44:c1:f1:47:21:99:7f:40:d2:1f:
74:6c:a1:ff:78:b2:81:13:2c:9e:b7:a3:91:89:c4:
cb:b6:1e:f2:74:e3:f1:30:11:f7:72:d3:e2:97:f1:
da:07:47:68:8c:40:5d:22:a5:55:89:68:aa:94:9a:
2a:39:a4:f8:25:66:71:cc:5d:77:7a:30:53:9c:49:
ab:0c:a8:05:f6:ab:19:b9:42:9f:0c:6d:ee:40:2d:
cc:41:eb:6d:3c:d7:59:a6:66:cc:26:57:98:1d:44:
70:c4:bb:72:da:66:0c:06:ed:3f:5a:c9:23:32:ae:
47:f4:87:97:67:71:cd:a1:da:59:6f:1a:69:26:23:
b9:c7:26:f4:f1:a9:18:ac:ef:0e:15:4c:42:bd:62:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:00:58:13:28:D7:84:4E:86:FC:B3:5D:97:B8:69:4E:2D:63:E0:C3
X509v3 Authority Key Identifier:
keyid:74:AA:93:12:AF:4C:3D:9C:EE:08:2C:95:41:A6:B6:5A:DA:56:9B:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKqTEq9MPZzuCCyVQaa2WtpWmzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/oQBYEyjXhE6G_LNdl7hpTi1j4MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/dKqTEq9MPZzuCCyVQaa2WtpWmzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.53.196.0/24
128.140.254.0/24
178.163.224.0/19
185.183.120.0/22
185.204.116.0/22
IPv6:
2a0a:f240::/29
Signature Algorithm: sha256WithRSAEncryption
e0:c1:e4:fd:11:e7:c6:65:0e:35:ae:d5:b0:08:4b:ad:46:56:
a3:88:a8:07:3b:08:0d:1f:8b:10:64:7c:70:c2:31:9b:c5:3e:
bf:c8:b6:af:00:f9:2d:02:e0:49:23:58:a7:09:0b:d8:46:73:
75:44:c2:92:27:40:8c:93:92:73:f1:29:44:99:1c:57:94:43:
36:5c:84:78:1a:fa:71:f0:d8:d8:4e:8d:4b:29:b1:27:c7:0c:
1d:da:75:21:55:4c:71:7c:59:e0:61:a1:09:3a:69:df:5e:e6:
0a:94:fd:bd:d9:3e:9b:5a:e3:90:35:40:4d:60:cf:2b:35:f6:
e4:01:1e:b6:66:7e:c4:f1:c3:79:68:e7:a4:16:68:4b:81:1f:
7f:f0:76:ee:8c:9d:b3:3d:bd:60:60:f0:18:a6:a7:6a:d8:92:
d5:ce:40:64:ec:04:38:2a:71:ea:9c:38:9c:fa:cb:47:a6:d5:
41:9b:99:28:fe:32:a2:e8:d0:b9:59:f7:ba:36:fa:50:87:f8:
9f:e8:61:76:8f:55:b4:84:05:44:d9:d0:9e:4b:9e:69:a6:de:
5d:8c:f0:5f:b8:bf:64:bd:86:84:00:f1:ba:96:1f:5f:b4:13:
73:e2:03:a3:e6:76:21:fa:4f:eb:39:a0:19:da:a6:88:2e:e5:
1c:c1:39:d6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZNEpCv88TJEaAShJBIfZS5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWE5MzEyYWY0YzNkOWNlZTA4MmM5NTQxYTZiNjVhZGE1
NjliM2MwHhcNMjQxMTE5MTMzNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTAwNTgxMzI4ZDc4NDRlODZmY2IzNWQ5N2I4Njk0ZTJkNjNlMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQlKI/uIuxiNMcyEJTJbc7uYgEqa
n/o8LeralGHr3xyI9Y3Fcgok3YQE4wYq57QfZv3PHoJJlcu8MjzxHcEx69tYHeJn
3kHsn83v39joNv+r2ttZEWlYROXvBidLYTXG5svYWTUeDY1wc8xc/kTB8UchmX9A
0h90bKH/eLKBEyyet6ORicTLth7ydOPxMBH3ctPil/HaB0dojEBdIqVViWiqlJoq
OaT4JWZxzF13ejBTnEmrDKgF9qsZuUKfDG3uQC3MQettPNdZpmbMJleYHURwxLty
2mYMBu0/WskjMq5H9IeXZ3HNodpZbxppJiO5xyb08akYrO8OFUxCvWJSAwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKEAWBMo14ROhvyzXZe4aU4tY+DDMB8GA1UdIwQY
MBaAFHSqkxKvTD2c7ggslUGmtlraVps8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtxVEVxOU1QWnp1Q0N5VlFhYTJXdHBXbXp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYTQxNWEtYzcyOC00MmU5LWJlNDUt
OThhMWQ2NWNmZTZmLzEvb1FCWUV5alhoRTZHX0xOZGw3aHBUaTFqNE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYTQxNWEtYzcyOC00MmU5LWJlNDUtOThhMWQ2NWNmZTZm
LzEvZEtxVEVxOU1QWnp1Q0N5VlFhYTJXdHBXbXp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALjXEAwQA
gIz+AwQFsqPgAwQCubd4AwQCucx0MA0EAgACMAcDBQMqCvJAMA0GCSqGSIb3DQEB
CwUAA4IBAQDgweT9EefGZQ41rtWwCEutRlajiKgHOwgNH4sQZHxwwjGbxT6/yLav
APktAuBJI1inCQvYRnN1RMKSJ0CMk5Jz8SlEmRxXlEM2XIR4Gvpx8NjYTo1LKbEn
xwwd2nUhVUxxfFngYaEJOmnfXuYKlP292T6bWuOQNUBNYM8rNfbkAR62Zn7E8cN5
aOekFmhLgR9/8HbujJ2zPb1gYPAYpqdq2JLVzkBk7AQ4KnHqnDic+stHptVBm5ko
/jKi6NC5Wfe6NvpQh/if6GF2j1W0hAVE2dCeS55ppt5djPBfuL9kvYaEAPG6lh9f
tBNz4gOj5nYh+k/rOaAZ2qaILuUcwTnW
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:34 2025 by rpki-client