Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/4CaEypxkohtkEjrKQTOmHRNObpc.roa
File: 4CaEypxkohtkEjrKQTOmHRNObpc.roa (raw, json)
Hash identifier: +VTuFF44vXwiQiPxCNNpixpIuRTnWXJpnK7gWfsC8XI=
Subject key identifier: E0:26:84:CA:9C:64:A2:1B:64:12:3A:CA:41:33:A6:1D:13:4E:6E:97
Certificate issuer: /CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Certificate serial: 0193D5EF7D7F1292A5F99781012B4D5466C2
Authority key identifier: 01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/4CaEypxkohtkEjrKQTOmHRNObpc.roa
Signing time: Tue 17 Dec 2024 18:44:22 +0000
ROA not before: Tue 17 Dec 2024 18:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215830
IP address blocks: 46.149.168.0/22 maxlen: 24
185.111.76.0/22 maxlen: 24
2a06:5bc0::/29 maxlen: 48
2a0d:f7c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d5:ef:7d:7f:12:92:a5:f9:97:81:01:2b:4d:54:66:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01723506718dfcf2a8bd176d4ea24e275322fcfb
Validity
Not Before: Dec 17 18:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e02684ca9c64a21b64123aca4133a61d134e6e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9e:fe:9b:3d:8e:f9:83:e5:f1:a6:cd:34:88:
be:88:66:2d:d6:38:b9:cc:76:3f:05:02:98:d9:50:
4d:54:f4:a2:fa:bf:93:ca:f2:39:08:1b:5b:d2:a7:
37:ce:18:3c:73:0b:64:ab:3b:a7:38:f1:7e:23:f3:
f2:a5:2d:66:18:63:f5:8d:06:45:ae:be:13:ed:0c:
c2:02:d4:65:91:0b:10:47:cb:48:f4:3e:98:fb:41:
2d:f0:50:b4:dd:a7:0f:31:4a:4d:fa:17:fa:dd:b7:
52:b1:85:64:45:02:00:5f:40:5a:d0:80:cd:34:be:
58:f8:1e:af:3c:02:d7:16:57:c6:9f:7b:76:c1:da:
64:cf:54:c2:50:f3:aa:59:3f:12:eb:77:14:dc:91:
af:09:66:3c:31:3c:c2:76:d4:3b:a3:dc:c1:fb:9e:
6e:2d:67:28:98:8f:6a:cc:72:b2:ad:ed:cc:e2:a9:
7d:45:37:c7:6a:b8:b5:e2:7b:ac:1f:d3:76:e6:b1:
51:ef:71:91:bf:5f:d6:ba:6f:4c:19:02:85:94:1d:
54:52:4f:0f:0c:56:0c:74:e6:bd:a0:ce:4c:6a:27:
23:4f:a6:92:24:18:5d:70:0d:c9:cb:0f:6f:e3:3a:
80:b9:46:b7:6c:5b:53:ea:d6:5c:59:4f:38:b3:9e:
8d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:26:84:CA:9C:64:A2:1B:64:12:3A:CA:41:33:A6:1D:13:4E:6E:97
X509v3 Authority Key Identifier:
keyid:01:72:35:06:71:8D:FC:F2:A8:BD:17:6D:4E:A2:4E:27:53:22:FC:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/4CaEypxkohtkEjrKQTOmHRNObpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/83aa8c-0581-44d8-a5c1-05373ba9483d/1/AXI1BnGN_PKovRdtTqJOJ1Mi_Ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.168.0/22
185.111.76.0/22
IPv6:
2a06:5bc0::/29
2a0d:f7c0::/32
Signature Algorithm: sha256WithRSAEncryption
13:40:26:15:97:de:f5:92:16:20:3c:ab:a5:1d:a3:d0:87:52:
a1:e1:d5:70:d7:6d:67:9d:7e:ba:e2:94:11:e5:7a:39:8e:ec:
98:bb:7d:a4:09:a2:19:0b:5b:df:be:ad:dd:0f:ea:08:b2:11:
26:3e:4e:b8:6c:fe:ed:0d:1e:f0:2b:d3:84:da:21:5e:3e:b3:
5e:38:a5:df:7a:c2:24:94:00:70:f8:1a:ec:c2:5f:04:75:16:
39:e4:22:8a:22:ee:b9:4a:32:98:93:7e:4a:af:bb:df:77:0b:
ca:9c:66:8d:f1:4e:f8:f4:5b:53:65:22:23:2e:ce:5e:3e:b8:
7e:e1:0b:aa:ef:64:bb:ef:e3:c6:9a:5b:26:8d:d5:12:f1:fe:
18:c5:12:d4:21:b4:41:67:9f:21:e5:9c:5e:2a:0e:1e:0b:72:
e8:13:9c:fe:9b:4f:e3:9a:99:42:cd:0e:a5:dd:be:82:2e:94:
f2:5c:fa:4d:31:59:03:e2:14:e0:45:73:52:16:de:00:ba:e6:
5f:27:f8:65:09:a2:84:d6:5d:d7:b4:d0:87:f8:d1:10:c2:0c:
d4:1a:fa:6e:31:fa:02:76:75:db:da:a0:51:88:9d:98:25:b6:
76:72:7f:57:7e:3d:d9:4c:89:cc:9f:f5:75:18:a8:8b:5c:18:
0a:fa:b6:e8
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZPV731/EpKl+ZeBAStNVGbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzIzNTA2NzE4ZGZjZjJhOGJkMTc2ZDRlYTI0ZTI3NTMy
MmZjZmIwHhcNMjQxMjE3MTg0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI2ODRjYTljNjRhMjFiNjQxMjNhY2E0MTMzYTYxZDEzNGU2ZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ7+mz2O+YPl8abNNIi+iGYt1ji5
zHY/BQKY2VBNVPSi+r+TyvI5CBtb0qc3zhg8cwtkqzunOPF+I/PypS1mGGP1jQZF
rr4T7QzCAtRlkQsQR8tI9D6Y+0Et8FC03acPMUpN+hf63bdSsYVkRQIAX0Ba0IDN
NL5Y+B6vPALXFlfGn3t2wdpkz1TCUPOqWT8S63cU3JGvCWY8MTzCdtQ7o9zB+55u
LWcomI9qzHKyre3M4ql9RTfHari14nusH9N25rFR73GRv1/Wum9MGQKFlB1UUk8P
DFYMdOa9oM5MaicjT6aSJBhdcA3Jyw9v4zqAuUa3bFtT6tZcWU84s56NqQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOAmhMqcZKIbZBI6ykEzph0TTm6XMB8GA1UdIwQY
MBaAFAFyNQZxjfzyqL0XbU6iTidTIvz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEt
MDUzNzNiYTk0ODNkLzEvNENhRXlweGtvaHRrRWpyS1FUT21IUk5PYnBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi84M2FhOGMtMDU4MS00NGQ4LWE1YzEtMDUzNzNiYTk0ODNk
LzEvQVhJMUJuR05fUEtvdlJkdFRxSk9KMU1pX1BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLpWoAwQC
uW9MMBQEAgACMA4DBQMqBlvAAwUAKg33wDANBgkqhkiG9w0BAQsFAAOCAQEAE0Am
FZfe9ZIWIDyrpR2j0IdSoeHVcNdtZ51+uuKUEeV6OY7smLt9pAmiGQtb376t3Q/q
CLIRJj5OuGz+7Q0e8CvThNohXj6zXjil33rCJJQAcPga7MJfBHUWOeQiiiLuuUoy
mJN+Sq+733cLypxmjfFO+PRbU2UiIy7OXj64fuELqu9ku+/jxppbJo3VEvH+GMUS
1CG0QWefIeWcXioOHgty6BOc/ptP45qZQs0Opd2+gi6U8lz6TTFZA+IU4EVzUhbe
ALrmXyf4ZQmihNZd17TQh/jREMIM1Br6bjH6AnZ129qgUYidmCW2dnJ/V3492UyJ
zJ/1dRioi1wYCvq26A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:11:24 2025 by rpki-client