Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/Q9Xwuo9D7NNc93vLAEYPokyQmxs.roa
File: Q9Xwuo9D7NNc93vLAEYPokyQmxs.roa (raw, json)
Hash identifier: 0AaZ6KiMAZNn+aMjrzYYlNrOGK2JlMU4kDQY4GaUke0=
Subject key identifier: 43:D5:F0:BA:8F:43:EC:D3:5C:F7:7B:CB:00:46:0F:A2:4C:90:9B:1B
Certificate issuer: /CN=ff8dd5fe4179e8bda28532561919f6d07877c63d
Certificate serial: 018CC80184BD7D3F914A4BC1B21AEEF4974D
Authority key identifier: FF:8D:D5:FE:41:79:E8:BD:A2:85:32:56:19:19:F6:D0:78:77:C6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_43V_kF56L2ihTJWGRn20Hh3xj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/Q9Xwuo9D7NNc93vLAEYPokyQmxs.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204957
IP address blocks: 46.149.140.0/24 maxlen: 24
46.149.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:84:bd:7d:3f:91:4a:4b:c1:b2:1a:ee:f4:97:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8dd5fe4179e8bda28532561919f6d07877c63d
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43d5f0ba8f43ecd35cf77bcb00460fa24c909b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d7:aa:4d:54:fe:6f:a5:71:c4:5a:f4:67:d8:
30:5e:fa:23:d2:a9:0d:f2:5b:71:70:cf:aa:c6:0b:
e5:8b:47:94:50:0e:d1:78:71:47:7a:a5:24:5f:b3:
94:6d:fa:30:4f:2b:f0:4a:69:32:27:69:43:10:0a:
2e:54:7e:bc:7f:9a:59:b1:d8:16:b3:f3:62:3b:16:
3a:13:79:b8:d8:6a:76:23:64:5d:53:bf:37:c1:8e:
91:34:28:ff:e2:1e:17:29:4c:26:69:cf:e7:ad:21:
43:6c:88:05:ba:6c:8d:f4:70:db:43:9e:a0:3b:91:
1c:2f:31:68:8d:60:0f:02:d2:6f:ff:11:5e:bd:b9:
3b:dc:33:8d:e7:ac:fe:84:c0:29:b2:81:c8:c2:40:
69:be:d1:0b:3e:96:29:a4:bc:93:81:46:44:eb:a7:
7c:d8:ec:a6:df:78:67:18:a9:ae:d3:53:e4:ac:4c:
aa:ec:8f:b8:10:b7:e9:e9:c9:3d:d0:96:6f:56:83:
8a:06:20:28:9c:56:89:f0:ae:39:13:c7:58:d8:b5:
14:15:89:24:d9:42:38:5d:21:ce:20:8b:75:28:bc:
c3:3a:89:79:69:d4:d3:58:9c:49:5b:96:52:22:81:
e4:fe:0b:88:08:99:b7:b1:b7:1b:d6:6b:9d:73:fe:
ce:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D5:F0:BA:8F:43:EC:D3:5C:F7:7B:CB:00:46:0F:A2:4C:90:9B:1B
X509v3 Authority Key Identifier:
keyid:FF:8D:D5:FE:41:79:E8:BD:A2:85:32:56:19:19:F6:D0:78:77:C6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_43V_kF56L2ihTJWGRn20Hh3xj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/Q9Xwuo9D7NNc93vLAEYPokyQmxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/_43V_kF56L2ihTJWGRn20Hh3xj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.140.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:38:c6:64:c9:e2:38:1f:fd:b0:56:d7:75:bf:9c:ff:8a:6f:
03:d1:ef:64:26:82:08:d5:9a:c4:59:52:90:80:99:4a:20:f7:
7f:96:24:ea:37:77:be:88:df:24:76:40:21:8a:24:cb:cb:21:
f1:c4:59:cd:08:27:ac:90:e3:1e:dd:24:b4:b1:90:e4:8a:02:
b4:45:92:5e:68:d2:83:97:82:dc:27:70:f5:0b:8b:80:d3:71:
a9:be:13:35:ee:ef:01:d5:f6:9e:ff:51:a3:8e:c4:09:a3:dc:
51:11:5b:de:90:a7:37:1c:f4:4f:80:5d:eb:af:9e:6b:ff:59:
24:22:e3:b5:cf:04:55:04:05:89:04:fe:38:82:86:03:36:97:
f7:a1:bc:6f:bf:a0:dc:67:53:78:0f:74:c2:04:b8:5b:60:00:
30:8a:cb:ac:f9:4f:ce:07:f1:c3:00:dd:77:75:ce:0b:eb:47:
2c:e0:5c:28:91:d7:c8:bf:3a:3c:35:33:7e:aa:74:fa:4d:c5:
5d:17:b1:35:70:73:9b:6c:18:a3:6a:28:e2:b8:7e:c7:b2:38:
4c:d1:4b:ae:e9:b6:08:82:e0:63:15:39:8c:85:a4:dd:1f:65:
a3:c9:c6:a7:73:1c:17:b5:d1:eb:1d:21:ef:6f:c4:36:76:82:
ef:f8:21:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYS9fT+RSkvBshru9JdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmOGRkNWZlNDE3OWU4YmRhMjg1MzI1NjE5MTlmNmQwNzg3
N2M2M2QwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q1ZjBiYThmNDNlY2QzNWNmNzdiY2IwMDQ2MGZhMjRjOTA5YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNeqTVT+b6VxxFr0Z9gwXvoj0qkN
8ltxcM+qxgvli0eUUA7ReHFHeqUkX7OUbfowTyvwSmkyJ2lDEAouVH68f5pZsdgW
s/NiOxY6E3m42Gp2I2RdU783wY6RNCj/4h4XKUwmac/nrSFDbIgFumyN9HDbQ56g
O5EcLzFojWAPAtJv/xFevbk73DON56z+hMApsoHIwkBpvtELPpYppLyTgUZE66d8
2Oym33hnGKmu01PkrEyq7I+4ELfp6ck90JZvVoOKBiAonFaJ8K45E8dY2LUUFYkk
2UI4XSHOIIt1KLzDOol5adTTWJxJW5ZSIoHk/guICJm3sbcb1mudc/7O4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPV8LqPQ+zTXPd7ywBGD6JMkJsbMB8GA1UdIwQY
MBaAFP+N1f5Beei9ooUyVhkZ9tB4d8Y9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzQzVl9rRjU2TDJpaFRKV0dSbjIwSGgzeGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80YjJmODgtM2UyMC00YWZhLWI3NTQt
MDZhNDA0NDM1ZTUwLzEvUTlYd3VvOUQ3Tk5jOTN2TEFFWVBva3lRbXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80YjJmODgtM2UyMC00YWZhLWI3NTQtMDZhNDA0NDM1ZTUw
LzEvXzQzVl9rRjU2TDJpaFRKV0dSbjIwSGgzeGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLpWMMA0G
CSqGSIb3DQEBCwUAA4IBAQAPOMZkyeI4H/2wVtd1v5z/im8D0e9kJoII1ZrEWVKQ
gJlKIPd/liTqN3e+iN8kdkAhiiTLyyHxxFnNCCeskOMe3SS0sZDkigK0RZJeaNKD
l4LcJ3D1C4uA03GpvhM17u8B1fae/1GjjsQJo9xREVvekKc3HPRPgF3rr55r/1kk
IuO1zwRVBAWJBP44goYDNpf3obxvv6DcZ1N4D3TCBLhbYAAwisus+U/OB/HDAN13
dc4L60cs4FwokdfIvzo8NTN+qnT6TcVdF7E1cHObbBijaijiuH7HsjhM0Uuu6bYI
guBjFTmMhaTdH2WjycancxwXtdHrHSHvb8Q2doLv+CFg
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:58:08 2025 by rpki-client