Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/X6X_P6yukrQPT4SMy-JLxECMeJ8.roa
File: X6X_P6yukrQPT4SMy-JLxECMeJ8.roa (raw, json)
Hash identifier: edTaObTXQVF5bmMlJ2TBmh1E+uSzpaQPM3bD2AXXfnY=
Subject key identifier: 5F:A5:FF:3F:AC:AE:92:B4:0F:4F:84:8C:CB:E2:4B:C4:40:8C:78:9F
Certificate issuer: /CN=4c988b93ab7a2999a3255eeae4e18ab23b2e0f3e
Certificate serial: 018CC94D9B1B327727AB1878E0C736D75337
Authority key identifier: 4C:98:8B:93:AB:7A:29:99:A3:25:5E:EA:E4:E1:8A:B2:3B:2E:0F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJiLk6t6KZmjJV7q5OGKsjsuDz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/X6X_P6yukrQPT4SMy-JLxECMeJ8.roa
Signing time: Tue 02 Jan 2024 08:32:35 +0000
ROA not before: Tue 02 Jan 2024 08:32:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51731
IP address blocks: 46.36.32.0/19 maxlen: 19
2a02:25b0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:9b:1b:32:77:27:ab:18:78:e0:c7:36:d7:53:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c988b93ab7a2999a3255eeae4e18ab23b2e0f3e
Validity
Not Before: Jan 2 08:32:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fa5ff3facae92b40f4f848ccbe24bc4408c789f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:92:b7:b7:c5:c4:cd:cd:fd:cf:3f:10:bb:d5:
2a:c0:85:8f:2e:7a:4a:c6:f2:64:79:c4:ea:f6:ae:
ae:c7:21:f6:55:54:87:13:02:8b:b3:20:7c:17:77:
e1:6c:d8:ba:32:bb:4b:21:73:74:4c:6e:60:97:65:
60:86:5b:79:30:75:bb:61:70:79:5f:c6:66:28:03:
2e:ec:ea:22:51:21:b4:9e:45:f3:3a:6b:92:c5:d2:
26:38:71:d0:c3:d4:a0:5a:52:5d:3b:48:4f:6b:15:
d0:30:1d:ee:4c:5a:66:e8:43:9f:71:d7:81:1b:a9:
f3:04:05:0c:13:f6:ca:01:d2:91:06:9a:ab:07:20:
21:58:0e:5e:ba:e9:10:2f:21:72:3d:38:2d:c6:0d:
1d:82:af:d2:0a:85:75:90:30:e4:bf:c4:3c:ef:af:
a8:c4:ee:e3:55:41:21:9f:c8:7a:39:2d:84:15:ef:
9a:e7:ce:2a:6f:be:2c:c2:28:7c:57:db:ed:42:1f:
c8:92:8f:db:1d:92:c5:9c:a4:e3:41:34:cc:29:ed:
53:9c:7f:38:71:b1:89:2c:34:0d:09:d7:e2:5d:b3:
0a:ac:db:d2:99:5c:6c:a4:b5:46:c9:ff:82:03:67:
18:c3:b9:eb:17:c9:1c:73:c5:b8:04:28:61:d1:1f:
80:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A5:FF:3F:AC:AE:92:B4:0F:4F:84:8C:CB:E2:4B:C4:40:8C:78:9F
X509v3 Authority Key Identifier:
keyid:4C:98:8B:93:AB:7A:29:99:A3:25:5E:EA:E4:E1:8A:B2:3B:2E:0F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJiLk6t6KZmjJV7q5OGKsjsuDz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/X6X_P6yukrQPT4SMy-JLxECMeJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/TJiLk6t6KZmjJV7q5OGKsjsuDz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.32.0/19
IPv6:
2a02:25b0::/32
Signature Algorithm: sha256WithRSAEncryption
c1:2a:70:24:61:8d:2b:4f:72:4f:62:a6:39:b0:5a:16:3f:f5:
23:97:82:e7:3c:d2:5e:9e:69:2f:4b:db:a3:11:67:f5:39:c7:
75:4d:fe:33:40:e9:79:21:6a:f0:9e:61:dc:c7:2f:94:78:57:
cf:f3:47:63:3c:28:5f:21:48:a4:68:f9:40:28:86:0f:86:c0:
b3:a6:91:78:41:0d:7c:3f:09:96:84:93:0e:1b:fa:db:2a:00:
61:60:a5:9d:4d:63:db:ce:2e:fe:b0:4e:f3:03:ca:bf:44:08:
8b:f3:77:cd:84:44:c0:85:4c:b9:29:68:a3:a7:07:b8:10:6c:
92:e2:be:f7:a4:be:71:76:58:37:c1:b7:9a:bd:ca:d7:fe:08:
b0:14:6b:ec:3e:c2:2f:95:a6:6f:0c:19:73:fe:ab:6f:9d:9a:
d9:91:95:61:e6:ca:8a:b6:22:46:39:1b:0c:fc:c7:e0:c7:ca:
03:07:fc:27:a5:b7:75:68:4b:4f:48:63:8c:3c:fc:f4:e9:ad:
2d:e2:a9:da:2d:b5:52:40:94:9c:41:ec:41:74:1e:6a:e8:8b:
b6:76:a1:16:11:d3:10:d4:74:37:99:e6:6c:4a:d8:41:2a:3a:
fe:cc:68:78:c9:b0:6f:4b:93:01:29:55:f3:a3:27:fe:90:1a:
c0:16:83:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTZsbMncnqxh44Mc211M3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTg4YjkzYWI3YTI5OTlhMzI1NWVlYWU0ZTE4YWIyM2Iy
ZTBmM2UwHhcNMjQwMTAyMDgzMjM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmE1ZmYzZmFjYWU5MmI0MGY0Zjg0OGNjYmUyNGJjNDQwOGM3ODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZK3t8XEzc39zz8Qu9UqwIWPLnpK
xvJkecTq9q6uxyH2VVSHEwKLsyB8F3fhbNi6MrtLIXN0TG5gl2Vghlt5MHW7YXB5
X8ZmKAMu7OoiUSG0nkXzOmuSxdImOHHQw9SgWlJdO0hPaxXQMB3uTFpm6EOfcdeB
G6nzBAUME/bKAdKRBpqrByAhWA5euukQLyFyPTgtxg0dgq/SCoV1kDDkv8Q876+o
xO7jVUEhn8h6OS2EFe+a584qb74swih8V9vtQh/Iko/bHZLFnKTjQTTMKe1TnH84
cbGJLDQNCdfiXbMKrNvSmVxspLVGyf+CA2cYw7nrF8kcc8W4BChh0R+A4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF+l/z+srpK0D0+EjMviS8RAjHifMB8GA1UdIwQY
MBaAFEyYi5OreimZoyVe6uThirI7Lg8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEppTGs2dDZLWm1qSlY3cTVPR0tzanN1RHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80YzFmNTktMGMxMi00MTUzLWExNWMt
NzE1ZjljZDYzMDg2LzEvWDZYX1A2eXVrclFQVDRTTXktSkx4RUNNZUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80YzFmNTktMGMxMi00MTUzLWExNWMtNzE1ZjljZDYzMDg2
LzEvVEppTGs2dDZLWm1qSlY3cTVPR0tzanN1RHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFLiQgMA0E
AgACMAcDBQAqAiWwMA0GCSqGSIb3DQEBCwUAA4IBAQDBKnAkYY0rT3JPYqY5sFoW
P/Ujl4LnPNJenmkvS9ujEWf1Ocd1Tf4zQOl5IWrwnmHcxy+UeFfP80djPChfIUik
aPlAKIYPhsCzppF4QQ18PwmWhJMOG/rbKgBhYKWdTWPbzi7+sE7zA8q/RAiL83fN
hETAhUy5KWijpwe4EGyS4r73pL5xdlg3wbeavcrX/giwFGvsPsIvlaZvDBlz/qtv
nZrZkZVh5sqKtiJGORsM/Mfgx8oDB/wnpbd1aEtPSGOMPPz06a0t4qnaLbVSQJSc
QexBdB5q6Iu2dqEWEdMQ1HQ3meZsSthBKjr+zGh4ybBvS5MBKVXzoyf+kBrAFoPh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:38 2025 by rpki-client