Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/5A_IKzQ-mt1FtBoj_D1jvhHkuE8.roa
File: 5A_IKzQ-mt1FtBoj_D1jvhHkuE8.roa (raw, json)
Hash identifier: ztcwbV4rypghLW16Natzz6G7XSHttqmqK8mE60utS3w=
Subject key identifier: E4:0F:C8:2B:34:3E:9A:DD:45:B4:1A:23:FC:3D:63:BE:11:E4:B8:4F
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 01912E6B87A6F7B371417B3D112CE6641921
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/5A_IKzQ-mt1FtBoj_D1jvhHkuE8.roa
Signing time: Wed 07 Aug 2024 19:58:04 +0000
ROA not before: Wed 07 Aug 2024 19:58:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48789
IP address blocks: 46.238.212.0/22 maxlen: 22
46.238.228.0/22 maxlen: 22
46.238.236.0/22 maxlen: 22
46.238.240.0/21 maxlen: 21
46.238.248.0/23 maxlen: 23
89.191.152.0/23 maxlen: 23
89.191.154.0/24 maxlen: 24
94.101.16.0/20 maxlen: 21
94.101.24.0/21 maxlen: 21
94.141.135.0/24 maxlen: 24
94.141.152.0/23 maxlen: 23
185.174.152.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 19 Nov 2024 11:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2e:6b:87:a6:f7:b3:71:41:7b:3d:11:2c:e6:64:19:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Aug 7 19:58:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e40fc82b343e9add45b41a23fc3d63be11e4b84f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ba:92:12:36:54:67:1b:d4:bb:17:4e:65:f0:
d4:66:fb:14:09:1a:16:1f:b2:e3:06:79:01:55:5d:
9e:cb:9b:5b:aa:eb:db:3b:3e:0a:61:86:7b:be:3b:
de:0f:83:6c:ac:5a:ae:a0:87:e8:7d:19:95:c9:62:
75:db:87:9f:2c:6c:d0:c7:da:6c:33:69:71:db:67:
09:a4:4e:35:26:8b:a6:32:17:86:76:9c:57:b8:12:
95:f3:ff:1f:39:9f:0c:35:ad:7f:14:1d:ce:5d:99:
4e:05:11:c6:b9:53:e8:2c:ab:5e:eb:34:c0:ef:38:
fe:4b:a9:eb:7f:63:2c:ac:19:57:23:7d:8a:f3:0a:
b0:dd:95:cf:19:29:80:bd:81:2b:24:2b:2f:ac:96:
92:d5:74:bd:06:d4:de:5c:11:ef:cb:60:a2:7f:0f:
79:a4:c9:5c:c4:db:3c:96:90:7e:45:64:20:1c:d3:
30:e6:17:9d:ad:94:86:0b:1c:14:5f:d4:55:23:c0:
4f:32:4c:25:28:9d:1d:93:b0:eb:b1:5f:11:86:be:
42:92:97:38:91:ad:b1:ea:c3:f8:8f:35:b9:d6:5b:
e1:13:69:dc:df:0b:fb:19:a0:5b:0b:85:ea:07:b7:
b4:9e:df:cd:2d:9f:24:84:a3:55:89:5f:e3:5c:38:
9a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0F:C8:2B:34:3E:9A:DD:45:B4:1A:23:FC:3D:63:BE:11:E4:B8:4F
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/5A_IKzQ-mt1FtBoj_D1jvhHkuE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.212.0/22
46.238.228.0/22
46.238.236.0-46.238.249.255
89.191.152.0-89.191.154.255
94.101.16.0/20
94.141.135.0/24
94.141.152.0/23
185.174.152.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:a4:c5:41:ee:5b:d8:f5:25:aa:3f:e1:4a:91:e2:5b:77:fe:
ab:15:64:93:08:c1:3f:82:6f:b4:b6:28:7d:ee:3a:84:64:64:
e6:20:dc:b3:0d:88:e9:65:d1:a9:55:43:70:8e:b2:93:05:34:
88:da:e4:7a:07:34:fe:50:af:3e:53:90:78:52:e7:2c:4b:14:
9b:58:4d:16:1f:c2:26:1f:2d:6a:4f:90:14:df:6d:16:a7:f9:
69:3b:8f:d5:41:47:41:70:6c:68:50:0b:ed:52:17:2f:8e:5e:
dd:ff:04:46:a5:f4:a9:8e:c1:bc:e8:8b:14:52:b9:a5:5f:66:
72:45:a9:e5:1b:da:88:8a:73:32:95:d8:a4:2c:18:97:c1:79:
21:db:be:6d:dd:2e:ae:c2:af:48:c4:f7:37:70:69:80:ab:b7:
37:1d:5c:a1:37:68:6e:da:d3:8c:7c:52:5a:18:68:0a:39:cd:
46:f3:da:73:0a:d7:c5:16:55:1b:ad:c3:9f:1c:8c:49:50:12:
53:77:26:3c:be:b9:4b:95:57:5e:3f:79:21:86:59:f7:94:9c:
05:0f:f1:ff:6b:a0:b9:44:17:63:72:a1:74:6c:61:6b:13:b4:
fa:0c:6a:41:ab:a2:d1:2f:9e:02:df:85:bc:59:4b:cf:dc:c1:
ff:48:33:b3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZEua4em97NxQXs9ESzmZBkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjQwODA3MTk1ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDBmYzgyYjM0M2U5YWRkNDViNDFhMjNmYzNkNjNiZTExZTRiODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLqSEjZUZxvUuxdOZfDUZvsUCRoW
H7LjBnkBVV2ey5tbquvbOz4KYYZ7vjveD4NsrFquoIfofRmVyWJ124efLGzQx9ps
M2lx22cJpE41JoumMheGdpxXuBKV8/8fOZ8MNa1/FB3OXZlOBRHGuVPoLKte6zTA
7zj+S6nrf2MsrBlXI32K8wqw3ZXPGSmAvYErJCsvrJaS1XS9BtTeXBHvy2Cifw95
pMlcxNs8lpB+RWQgHNMw5hedrZSGCxwUX9RVI8BPMkwlKJ0dk7DrsV8Rhr5Ckpc4
ka2x6sP4jzW51lvhE2nc3wv7GaBbC4XqB7e0nt/NLZ8khKNViV/jXDiaxQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFOQPyCs0PprdRbQaI/w9Y74R5LhPMB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEvNUFfSUt6US1tdDFGdEJval9EMWp2aEhrdUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQCLu7UAwQC
Lu7kMAwDBAIu7uwDBAEu7vgwDAMEA1m/mAMEAFm/mgMEBF5lEAMEAF6NhwMEAV6N
mAMEAbmumDANBgkqhkiG9w0BAQsFAAOCAQEAt6TFQe5b2PUlqj/hSpHiW3f+qxVk
kwjBP4JvtLYofe46hGRk5iDcsw2I6WXRqVVDcI6ykwU0iNrkegc0/lCvPlOQeFLn
LEsUm1hNFh/CJh8tak+QFN9tFqf5aTuP1UFHQXBsaFAL7VIXL45e3f8ERqX0qY7B
vOiLFFK5pV9mckWp5RvaiIpzMpXYpCwYl8F5Idu+bd0ursKvSMT3N3BpgKu3Nx1c
oTdobtrTjHxSWhhoCjnNRvPacwrXxRZVG63DnxyMSVASU3cmPL65S5VXXj95IYZZ
95ScBQ/x/2uguUQXY3KhdGxhaxO0+gxqQaui0S+eAt+FvFlLz9zB/0gzsw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:48 2025 by rpki-client