Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/x_tIUbzPxyOcnYtX77MxpguA8iU.roa
File: x_tIUbzPxyOcnYtX77MxpguA8iU.roa (raw, json)
Hash identifier: oNDIjMV7+CBsXqEVdpU4kg+6Ve3GMl6QizyHXDi4Ej4=
Subject key identifier: C7:FB:48:51:BC:CF:C7:23:9C:9D:8B:57:EF:B3:31:A6:0B:80:F2:25
Certificate issuer: /CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Certificate serial: 019169E3318814D651E52D1A23768CB5B895
Authority key identifier: 3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/x_tIUbzPxyOcnYtX77MxpguA8iU.roa
Signing time: Mon 19 Aug 2024 09:06:22 +0000
ROA not before: Mon 19 Aug 2024 09:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50758
IP address blocks: 46.31.160.0/21 maxlen: 24
213.190.12.0/24 maxlen: 24
213.190.13.0/24 maxlen: 24
213.190.15.0/24 maxlen: 24
2a0a:2a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 03 Sep 2024 15:03:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:69:e3:31:88:14:d6:51:e5:2d:1a:23:76:8c:b5:b8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Validity
Not Before: Aug 19 09:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7fb4851bccfc7239c9d8b57efb331a60b80f225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:88:8c:52:0b:be:05:3a:5c:0b:f5:19:4d:89:
e6:fa:a1:f0:66:4e:88:95:30:0a:ac:41:73:ef:a3:
c0:37:06:ed:1a:73:0d:83:85:11:90:18:ac:36:bc:
24:93:d8:b7:e3:20:37:2d:2b:c5:d8:82:46:0a:db:
91:63:81:5f:33:1d:bc:70:c4:08:84:99:16:0e:75:
e9:a8:43:9b:10:a6:37:37:90:af:94:75:fc:fb:36:
f5:9d:5c:ba:9d:58:b9:2a:25:1f:bc:9c:66:9c:c2:
05:06:05:f7:36:55:ae:1b:56:5a:22:cb:10:7a:af:
44:38:c6:15:23:04:fd:22:a7:80:36:62:87:4a:94:
ca:96:09:06:df:fa:75:9d:7a:8c:b4:1a:08:e2:e7:
90:49:a9:58:48:1f:e5:3a:3f:fb:30:44:02:1f:57:
12:2c:56:db:e9:a9:29:a5:e7:e7:a8:98:05:ce:b8:
c8:61:88:3d:47:09:aa:f1:2c:9c:94:db:74:c5:1c:
76:f0:5c:98:ed:1f:48:58:ba:3c:ee:12:9d:d4:67:
2e:f4:72:a1:0e:02:8a:20:6f:ac:39:89:d3:2e:e3:
ff:95:b3:7c:42:35:3b:39:21:ab:41:5d:30:68:ea:
56:ad:e7:17:5d:bc:57:d3:76:d7:77:e5:59:c1:10:
d9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FB:48:51:BC:CF:C7:23:9C:9D:8B:57:EF:B3:31:A6:0B:80:F2:25
X509v3 Authority Key Identifier:
keyid:3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/x_tIUbzPxyOcnYtX77MxpguA8iU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/O9mhd7td-26r5MrXne-PiwBd9lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.160.0/21
213.190.12.0/23
213.190.15.0/24
IPv6:
2a0a:2a40::/29
Signature Algorithm: sha256WithRSAEncryption
6f:21:9d:94:07:ab:81:f7:3b:34:d4:13:36:ef:89:e4:3c:a0:
70:51:2c:7c:65:eb:90:de:8e:b5:f1:1f:9b:c5:91:c3:7c:37:
99:c7:da:14:a8:1d:cb:26:c4:70:41:64:bd:f2:33:6a:38:ac:
1e:24:c3:16:53:4a:92:77:aa:99:3e:47:74:79:de:d9:75:40:
c1:19:0f:73:97:0d:e3:74:74:e1:97:10:15:d4:6c:93:1d:a5:
c6:1e:42:0d:90:99:55:aa:8a:ec:58:85:c2:df:a7:b3:78:4a:
c8:ee:11:17:bd:0c:18:cf:26:97:93:0c:99:af:d1:77:59:20:
fc:20:f6:31:ac:04:95:f5:88:c2:ba:43:72:fe:80:6b:9a:1e:
e2:ff:a8:e9:be:51:e9:e4:46:36:60:83:a9:4f:a6:b3:bb:65:
da:7d:58:d1:1b:3a:8a:80:a7:f2:58:af:79:51:08:2f:59:ed:
f8:c7:b4:3b:da:d9:7b:e8:96:ba:e0:67:12:92:5c:22:8f:00:
16:19:58:e5:a8:83:e2:d6:3d:19:a8:20:3b:05:60:50:d7:01:
f5:44:11:98:98:11:65:9c:a6:df:c8:a1:6c:e0:ce:29:d0:e5:
73:4d:1b:cc:85:60:4e:b3:1c:10:57:29:38:3f:d3:db:fc:11:
da:c1:20:29
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZFp4zGIFNZR5S0aI3aMtbiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDlhMTc3YmI1ZGZiNmVhYmU0Y2FkNzlkZWY4ZjhiMDA1
ZGY2NTYwHhcNMjQwODE5MDkwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ZiNDg1MWJjY2ZjNzIzOWM5ZDhiNTdlZmIzMzFhNjBiODBmMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoiMUgu+BTpcC/UZTYnm+qHwZk6I
lTAKrEFz76PANwbtGnMNg4URkBisNrwkk9i34yA3LSvF2IJGCtuRY4FfMx28cMQI
hJkWDnXpqEObEKY3N5CvlHX8+zb1nVy6nVi5KiUfvJxmnMIFBgX3NlWuG1ZaIssQ
eq9EOMYVIwT9IqeANmKHSpTKlgkG3/p1nXqMtBoI4ueQSalYSB/lOj/7MEQCH1cS
LFbb6akppefnqJgFzrjIYYg9Rwmq8SyclNt0xRx28FyY7R9IWLo87hKd1Gcu9HKh
DgKKIG+sOYnTLuP/lbN8QjU7OSGrQV0waOpWrecXXbxX03bXd+VZwRDZdwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMf7SFG8z8cjnJ2LV++zMaYLgPIlMB8GA1UdIwQY
MBaAFDvZoXe7Xftuq+TK153vj4sAXfZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUt
ZTM4MDMwYjY5ZDVhLzEveF90SVVielB4eU9jbll0WDc3TXhwZ3VBOGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUtZTM4MDMwYjY5ZDVh
LzEvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLh+gAwQB
1b4MAwQA1b4PMA0EAgACMAcDBQMqCipAMA0GCSqGSIb3DQEBCwUAA4IBAQBvIZ2U
B6uB9zs01BM274nkPKBwUSx8ZeuQ3o618R+bxZHDfDeZx9oUqB3LJsRwQWS98jNq
OKweJMMWU0qSd6qZPkd0ed7ZdUDBGQ9zlw3jdHThlxAV1GyTHaXGHkINkJlVqors
WIXC36ezeErI7hEXvQwYzyaXkwyZr9F3WSD8IPYxrASV9YjCukNy/oBrmh7i/6jp
vlHp5EY2YIOpT6azu2XafVjRGzqKgKfyWK95UQgvWe34x7Q72tl76Ja64GcSklwi
jwAWGVjlqIPi1j0ZqCA7BWBQ1wH1RBGYmBFlnKbfyKFs4M4p0OVzTRvMhWBOsxwQ
Vyk4P9Pb/BHawSAp
-----END CERTIFICATE-----
Generated at Fri Apr 18 13:43:12 2025 by rpki-client