Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/46iUDvraiVk8q0tvdBLJnj6Q3Kw.roa
File: 46iUDvraiVk8q0tvdBLJnj6Q3Kw.roa (raw, json)
Hash identifier: BcJ8e/hyTAlQ52gImP6LHMOdO1gritj4n6z1dSxQDtg=
Subject key identifier: E3:A8:94:0E:FA:DA:89:59:3C:AB:4B:6F:74:12:C9:9E:3E:90:DC:AC
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0192DC7AA296D82FC504F44B2FB821D9818F
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/46iUDvraiVk8q0tvdBLJnj6Q3Kw.roa
Signing time: Wed 30 Oct 2024 08:11:17 +0000
ROA not before: Wed 30 Oct 2024 08:11:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 194.163.69.0/24 maxlen: 24
194.195.101.0/24 maxlen: 24
195.252.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:7a:a2:96:d8:2f:c5:04:f4:4b:2f:b8:21:d9:81:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Oct 30 08:11:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3a8940efada89593cab4b6f7412c99e3e90dcac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2e:f4:67:f8:7b:1c:1d:83:32:ce:8e:31:63:
e9:0a:c2:cf:64:37:a1:3c:fc:ab:7f:ce:0b:ea:11:
ee:82:38:85:d5:33:85:64:03:f4:8f:3d:56:09:5b:
51:89:0a:8b:b4:3f:e2:fd:72:78:3e:41:b7:4a:c2:
6d:f5:e6:f1:52:7f:bb:19:c4:f7:13:e4:17:62:d5:
ee:40:28:1d:4d:ef:ee:28:74:d9:eb:5e:cb:23:4b:
ba:a9:02:8f:13:69:c8:3f:76:04:d5:50:c8:94:23:
dc:a8:49:d6:4c:ac:c9:9e:ed:db:49:d1:e1:46:1c:
74:06:97:23:7e:c5:48:d0:76:23:72:d3:5e:17:56:
51:57:16:69:88:fe:58:36:13:73:dc:3b:af:2f:46:
9c:18:33:c6:0c:0f:ac:97:3e:74:ca:5b:75:45:88:
fd:19:c1:75:c1:5c:8d:c6:e1:70:3c:1e:14:4e:0a:
c6:46:1d:83:5e:86:c7:2e:dc:ee:45:b6:cb:62:cd:
73:56:68:c4:01:85:93:7c:8f:77:e7:2d:f6:9e:b6:
c7:47:7a:4d:e1:19:a3:7e:af:d2:e0:1d:39:f0:46:
92:9d:ab:1b:80:bb:1d:72:81:f4:41:c0:33:f9:22:
24:8c:35:5d:7a:29:a5:f1:7e:f0:9d:62:ce:f8:ce:
06:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A8:94:0E:FA:DA:89:59:3C:AB:4B:6F:74:12:C9:9E:3E:90:DC:AC
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/46iUDvraiVk8q0tvdBLJnj6Q3Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.69.0/24
194.195.101.0/24
195.252.172.0/24
Signature Algorithm: sha256WithRSAEncryption
33:95:f3:d0:a2:98:b6:0e:fd:d4:ec:00:82:93:d4:97:3d:5a:
ed:14:e2:d4:6f:37:3f:e3:4a:f7:bf:be:70:f8:ee:ea:10:e5:
39:75:d9:b1:03:6a:f0:1d:9d:29:45:83:1f:45:8f:92:2a:6e:
65:37:3e:cd:63:6e:79:e8:96:e5:2c:f8:68:78:38:33:d3:97:
78:4f:0e:f6:a1:9b:ea:1e:6f:ba:bf:bf:55:b5:84:af:e2:fd:
d7:23:64:ac:ec:8c:68:fb:e6:10:8c:a9:17:09:23:f9:49:d9:
45:52:3c:25:c0:4e:7b:4b:3b:c8:b8:cd:3d:ec:85:f5:44:f0:
39:eb:a1:ad:40:11:0d:41:79:2b:a6:7a:66:99:80:3c:2a:78:
9c:08:df:54:3e:d8:63:0f:4c:24:96:76:99:59:86:1b:dd:ed:
2c:f4:a6:b9:96:8c:a6:9e:60:cb:2e:3e:80:70:72:a2:aa:33:
17:c5:73:e9:fd:40:7f:4b:a0:a8:48:57:09:37:09:d6:67:9a:
45:a0:93:a1:91:13:08:9d:5e:52:fb:fa:84:86:b0:e8:f9:e1:
c8:66:d5:44:9f:d1:02:bd:15:7f:c3:fc:66:5c:90:3f:d2:28:
93:d4:02:f2:23:e3:9e:72:de:95:a6:a1:52:50:97:c1:18:34:
e2:4b:f2:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLceqKW2C/FBPRLL7gh2YGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjQxMDMwMDgxMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2E4OTQwZWZhZGE4OTU5M2NhYjRiNmY3NDEyYzk5ZTNlOTBkY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwC70Z/h7HB2DMs6OMWPpCsLPZDeh
PPyrf84L6hHugjiF1TOFZAP0jz1WCVtRiQqLtD/i/XJ4PkG3SsJt9ebxUn+7GcT3
E+QXYtXuQCgdTe/uKHTZ617LI0u6qQKPE2nIP3YE1VDIlCPcqEnWTKzJnu3bSdHh
Rhx0BpcjfsVI0HYjctNeF1ZRVxZpiP5YNhNz3DuvL0acGDPGDA+slz50ylt1RYj9
GcF1wVyNxuFwPB4UTgrGRh2DXobHLtzuRbbLYs1zVmjEAYWTfI935y32nrbHR3pN
4Rmjfq/S4B058EaSnasbgLsdcoH0QcAz+SIkjDVdeiml8X7wnWLO+M4G9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOOolA762olZPKtLb3QSyZ4+kNysMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvNDZpVUR2cmFpVms4cTB0dmRCTEpuajZRM0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwqNFAwQA
wsNlAwQAw/ysMA0GCSqGSIb3DQEBCwUAA4IBAQAzlfPQopi2Dv3U7ACCk9SXPVrt
FOLUbzc/40r3v75w+O7qEOU5ddmxA2rwHZ0pRYMfRY+SKm5lNz7NY2556JblLPho
eDgz05d4Tw72oZvqHm+6v79VtYSv4v3XI2Ss7Ixo++YQjKkXCSP5SdlFUjwlwE57
SzvIuM097IX1RPA566GtQBENQXkrpnpmmYA8KnicCN9UPthjD0wklnaZWYYb3e0s
9Ka5loymnmDLLj6AcHKiqjMXxXPp/UB/S6CoSFcJNwnWZ5pFoJOhkRMInV5S+/qE
hrDo+eHIZtVEn9ECvRV/w/xmXJA/0iiT1ALyI+Oect6VpqFSUJfBGDTiS/Jb
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:08 2025 by rpki-client