Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/f81a66-6706-495b-9e0a-b089d18fc09b/1/rI2y5Pay4Xjo8DxXzpJKRMNTvNQ.roa
File: rI2y5Pay4Xjo8DxXzpJKRMNTvNQ.roa (raw, json)
Hash identifier: L2j+i+nljDzJMJxpXGdSXiZ6IIhkCOK6/JXMUOgqjyQ=
Subject key identifier: AC:8D:B2:E4:F6:B2:E1:78:E8:F0:3C:57:CE:92:4A:44:C3:53:BC:D4
Certificate issuer: /CN=576ee02ac605f0bb98bbcd637a9adfae483a6e84
Certificate serial: 018CC56E8B75B4F59E5E5B5239376580C344
Authority key identifier: 57:6E:E0:2A:C6:05:F0:BB:98:BB:CD:63:7A:9A:DF:AE:48:3A:6E:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V27gKsYF8LuYu81jeprfrkg6boQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/f81a66-6706-495b-9e0a-b089d18fc09b/1/rI2y5Pay4Xjo8DxXzpJKRMNTvNQ.roa
Signing time: Mon 01 Jan 2024 14:30:05 +0000
ROA not before: Mon 01 Jan 2024 14:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61418
IP address blocks: 46.18.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:8b:75:b4:f5:9e:5e:5b:52:39:37:65:80:c3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576ee02ac605f0bb98bbcd637a9adfae483a6e84
Validity
Not Before: Jan 1 14:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac8db2e4f6b2e178e8f03c57ce924a44c353bcd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:30:34:3b:b2:d7:f6:d7:56:13:b1:4b:44:55:
96:50:ff:b5:0d:73:11:f1:30:b0:4e:cc:b9:d8:4d:
de:67:f4:8b:dc:67:82:ef:3e:2f:4c:3b:eb:2b:e5:
d5:45:5b:46:60:09:77:62:8a:16:55:e8:05:43:4f:
9c:43:91:da:2f:32:0f:89:37:2d:37:0f:2d:b1:d9:
73:c6:a1:77:05:f4:5a:e4:76:93:d4:d0:25:df:b5:
5d:c9:a6:44:48:77:37:6d:b5:ac:3f:e9:90:9b:b2:
4d:72:8d:af:a3:44:7c:a5:58:34:d4:51:c2:c3:c8:
dc:28:21:ce:0d:6b:2f:5d:89:1a:22:02:a5:7b:77:
3c:42:45:0c:55:92:87:71:e6:0a:e0:ac:25:cc:32:
f9:94:ea:90:5e:89:24:af:32:de:e9:ab:70:8e:24:
46:7f:05:04:64:c7:ec:ed:2b:0f:81:da:87:59:66:
0c:bc:32:db:c0:97:1b:22:4f:ae:7c:c5:8f:09:59:
cb:dd:81:a7:9a:93:39:cf:e1:6a:e5:30:cc:45:71:
4e:a8:49:1d:51:6f:b6:2f:15:08:b6:a3:a6:52:a3:
f2:dd:28:e4:c8:8c:04:44:5b:2b:34:cf:fb:8d:bf:
40:e0:af:06:4a:4c:be:0f:09:22:2a:4b:93:8d:fc:
8b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8D:B2:E4:F6:B2:E1:78:E8:F0:3C:57:CE:92:4A:44:C3:53:BC:D4
X509v3 Authority Key Identifier:
keyid:57:6E:E0:2A:C6:05:F0:BB:98:BB:CD:63:7A:9A:DF:AE:48:3A:6E:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V27gKsYF8LuYu81jeprfrkg6boQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f81a66-6706-495b-9e0a-b089d18fc09b/1/rI2y5Pay4Xjo8DxXzpJKRMNTvNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f81a66-6706-495b-9e0a-b089d18fc09b/1/V27gKsYF8LuYu81jeprfrkg6boQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.105.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:d7:61:f7:93:00:eb:8e:55:b8:42:81:4a:a2:e6:8b:cc:dc:
5e:0f:48:1b:b2:fd:6a:e0:34:fd:56:d6:ae:11:80:71:f3:54:
88:e4:d1:72:8b:83:57:64:b5:ff:d9:bd:ac:1d:18:aa:92:ed:
54:69:cb:d5:82:e0:36:4d:6e:5e:01:13:73:9e:dc:f2:e2:43:
38:e7:86:53:a8:1b:38:35:ff:31:e8:45:fa:52:6d:6e:ea:0c:
ce:98:16:34:e2:b6:f3:3f:24:3b:16:77:fd:b7:19:1d:31:93:
59:8d:54:12:b7:79:7d:57:13:c2:c5:8c:8d:83:95:5d:77:22:
b7:e3:1b:fd:37:0b:bb:da:e4:be:a8:38:ae:a0:99:43:3e:12:
43:8e:99:9b:fe:8d:87:67:e3:d6:9e:85:4e:b6:c9:25:fc:da:
e2:c6:de:74:1e:ea:1d:2c:40:8c:c5:fa:30:27:12:32:b4:89:
71:34:be:f2:2d:b0:64:1a:8e:ab:0c:86:10:e9:6d:43:a5:d3:
b0:15:a0:1a:7b:14:35:e9:24:ca:ba:d6:9a:5f:99:84:48:47:
da:c5:12:fd:3f:22:57:78:4f:32:9e:3e:ba:5b:24:d9:fe:b8:
48:17:e0:d3:d9:80:7b:4d:2b:7f:83:3d:61:de:8b:2f:4d:4b:
2b:e4:2e:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbot1tPWeXltSOTdlgMNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmVlMDJhYzYwNWYwYmI5OGJiY2Q2MzdhOWFkZmFlNDgz
YTZlODQwHhcNMjQwMTAxMTQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzhkYjJlNGY2YjJlMTc4ZThmMDNjNTdjZTkyNGE0NGMzNTNiY2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TA0O7LX9tdWE7FLRFWWUP+1DXMR
8TCwTsy52E3eZ/SL3GeC7z4vTDvrK+XVRVtGYAl3YooWVegFQ0+cQ5HaLzIPiTct
Nw8tsdlzxqF3BfRa5HaT1NAl37VdyaZESHc3bbWsP+mQm7JNco2vo0R8pVg01FHC
w8jcKCHODWsvXYkaIgKle3c8QkUMVZKHceYK4KwlzDL5lOqQXokkrzLe6atwjiRG
fwUEZMfs7SsPgdqHWWYMvDLbwJcbIk+ufMWPCVnL3YGnmpM5z+Fq5TDMRXFOqEkd
UW+2LxUItqOmUqPy3SjkyIwERFsrNM/7jb9A4K8GSky+DwkiKkuTjfyLwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKyNsuT2suF46PA8V86SSkTDU7zUMB8GA1UdIwQY
MBaAFFdu4CrGBfC7mLvNY3qa365IOm6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjI3Z0tzWUY4THVZdTgxamVwcmZya2c2Ym9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9mODFhNjYtNjcwNi00OTViLTllMGEt
YjA4OWQxOGZjMDliLzEvckkyeTVQYXk0WGpvOER4WHpwSktSTU5Udk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9mODFhNjYtNjcwNi00OTViLTllMGEtYjA4OWQxOGZjMDli
LzEvVjI3Z0tzWUY4THVZdTgxamVwcmZya2c2Ym9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhJpMA0G
CSqGSIb3DQEBCwUAA4IBAQB712H3kwDrjlW4QoFKouaLzNxeD0gbsv1q4DT9Vtau
EYBx81SI5NFyi4NXZLX/2b2sHRiqku1UacvVguA2TW5eARNzntzy4kM454ZTqBs4
Nf8x6EX6Um1u6gzOmBY04rbzPyQ7Fnf9txkdMZNZjVQSt3l9VxPCxYyNg5VddyK3
4xv9Nwu72uS+qDiuoJlDPhJDjpmb/o2HZ+PWnoVOtskl/Nrixt50HuodLECMxfow
JxIytIlxNL7yLbBkGo6rDIYQ6W1DpdOwFaAaexQ16STKutaaX5mESEfaxRL9PyJX
eE8ynj66WyTZ/rhIF+DT2YB7TSt/gz1h3osvTUsr5C6t
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:14:59 2025 by rpki-client