Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/IlkM8wotL-1OsrIB2ghqBA_aWN4.roa
File: IlkM8wotL-1OsrIB2ghqBA_aWN4.roa (raw, json)
Hash identifier: 4bLjQRtadpJVwVbHbUT3aT7z/eZ+2ItMpJi1Zd0/OLM=
Subject key identifier: 22:59:0C:F3:0A:2D:2F:ED:4E:B2:B2:01:DA:08:6A:04:0F:DA:58:DE
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 018E1A19C90C3831374DF87235941C398F06
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/IlkM8wotL-1OsrIB2ghqBA_aWN4.roa
Signing time: Thu 07 Mar 2024 18:08:01 +0000
ROA not before: Thu 07 Mar 2024 18:08:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44901
IP address blocks: 46.253.0.0/24 maxlen: 24
46.253.1.0/24 maxlen: 24
46.253.2.0/24 maxlen: 24
46.253.3.0/24 maxlen: 24
46.253.4.0/24 maxlen: 24
46.253.5.0/24 maxlen: 24
91.132.60.0/24 maxlen: 24
91.132.62.0/24 maxlen: 24
91.132.63.0/24 maxlen: 24
93.94.140.0/24 maxlen: 24
95.169.202.0/24 maxlen: 24
95.169.203.0/24 maxlen: 24
185.243.213.0/24 maxlen: 24
2a09:be80::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 09 Mar 2024 22:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:19:c9:0c:38:31:37:4d:f8:72:35:94:1c:39:8f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Mar 7 18:08:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22590cf30a2d2fed4eb2b201da086a040fda58de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:33:4e:14:34:1b:7c:49:87:2e:63:f3:f5:f0:
05:7b:1b:26:88:52:97:9b:59:40:19:aa:dc:7e:70:
9d:3b:95:17:cd:64:e1:0e:19:f7:56:e0:6d:c6:70:
be:df:c4:55:49:ca:28:f0:d4:56:4a:5c:87:f4:80:
bf:61:43:5f:70:66:26:01:23:1e:62:f2:53:84:ac:
cc:b5:45:6a:e2:6f:46:91:85:ad:89:0c:85:75:ba:
46:0d:c3:15:b7:90:7c:92:14:1b:01:12:08:bb:6d:
5f:1b:1d:82:2d:2c:34:cd:3c:77:17:40:63:21:be:
53:3b:fb:b9:87:8a:e6:f1:04:63:fb:37:9a:67:b9:
03:40:e9:c1:67:60:65:8f:76:6d:9b:77:71:c6:43:
49:eb:c7:a8:a5:12:f0:1c:d9:8a:31:49:97:08:13:
0f:09:c2:15:08:a9:94:c5:5d:fa:ce:fe:c3:5e:09:
e7:4e:69:fa:0f:60:24:98:07:c5:02:be:be:76:b4:
10:c0:8b:ce:ce:81:3a:e3:ec:e6:a7:10:73:92:5b:
97:4f:8c:a9:c9:08:6b:67:c3:06:ea:ed:ed:ce:19:
7f:9c:ae:7f:08:b8:45:8b:1a:92:3e:97:c2:96:fd:
3c:11:ec:cc:d0:18:c5:77:46:ca:ec:f8:2a:69:9c:
e7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:59:0C:F3:0A:2D:2F:ED:4E:B2:B2:01:DA:08:6A:04:0F:DA:58:DE
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/IlkM8wotL-1OsrIB2ghqBA_aWN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.0.0-46.253.5.255
91.132.60.0/24
91.132.62.0/23
93.94.140.0/24
95.169.202.0/23
185.243.213.0/24
IPv6:
2a09:be80::/32
Signature Algorithm: sha256WithRSAEncryption
72:3a:7e:bd:c0:df:6e:80:c1:9e:a1:3a:07:01:92:6c:35:11:
f9:f1:82:bd:c3:5d:bf:ba:d6:29:a1:1d:fa:7a:14:0c:20:e3:
6a:59:cf:ae:97:96:ab:1f:ea:8f:19:7e:64:ba:52:99:c5:7c:
ec:05:fa:01:0f:7c:6d:32:bd:85:03:27:02:3c:98:ae:86:1b:
26:f9:e7:98:fa:3b:82:39:48:1d:2a:fd:6f:31:e7:4d:a9:8d:
74:0a:39:7c:96:28:54:27:c4:e8:de:c5:8b:70:ab:9d:0b:be:
d6:5f:19:c8:0b:bd:f5:dd:d0:4f:49:e7:1e:4f:a8:62:da:84:
5c:5d:17:a0:ce:c9:26:a3:1f:3c:2c:e4:cd:c8:37:0c:98:ba:
b0:60:c3:30:aa:1a:84:3f:a2:d6:63:04:ae:bf:72:16:b7:42:
7f:71:94:88:0a:1b:c4:9f:5f:bd:d0:a1:24:b2:f8:c3:06:84:
39:a7:9f:b2:7f:05:97:fc:90:46:ac:c9:08:d6:47:d6:ea:bc:
4b:28:5a:2c:f2:d1:78:a9:9a:ed:6c:73:e2:75:38:36:a7:39:
df:dc:75:85:b3:7c:0a:89:e3:e4:2b:6a:be:df:d0:27:33:13:
0a:27:5c:c1:f6:a5:b8:ab:1e:74:0e:dc:d4:f1:c5:6e:f1:69:
27:a8:62:3b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY4aGckMODE3TfhyNZQcOY8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjQwMzA3MTgwODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjU5MGNmMzBhMmQyZmVkNGViMmIyMDFkYTA4NmEwNDBmZGE1OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzNOFDQbfEmHLmPz9fAFexsmiFKX
m1lAGarcfnCdO5UXzWThDhn3VuBtxnC+38RVScoo8NRWSlyH9IC/YUNfcGYmASMe
YvJThKzMtUVq4m9GkYWtiQyFdbpGDcMVt5B8khQbARIIu21fGx2CLSw0zTx3F0Bj
Ib5TO/u5h4rm8QRj+zeaZ7kDQOnBZ2Blj3Ztm3dxxkNJ68eopRLwHNmKMUmXCBMP
CcIVCKmUxV36zv7DXgnnTmn6D2AkmAfFAr6+drQQwIvOzoE64+zmpxBzkluXT4yp
yQhrZ8MG6u3tzhl/nK5/CLhFixqSPpfClv08EezM0BjFd0bK7PgqaZznMQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFCJZDPMKLS/tTrKyAdoIagQP2ljeMB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvSWxrTTh3b3RMLTFPc3JJQjJnaHFCQV9hV040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAxBAIAATArMAsDAwAu/QME
AS79BAMEAFuEPAMEAVuEPgMEAF1ejAMEAV+pygMEALnz1TANBAIAAjAHAwUAKgm+
gDANBgkqhkiG9w0BAQsFAAOCAQEAcjp+vcDfboDBnqE6BwGSbDUR+fGCvcNdv7rW
KaEd+noUDCDjalnPrpeWqx/qjxl+ZLpSmcV87AX6AQ98bTK9hQMnAjyYroYbJvnn
mPo7gjlIHSr9bzHnTamNdAo5fJYoVCfE6N7Fi3CrnQu+1l8ZyAu99d3QT0nnHk+o
YtqEXF0XoM7JJqMfPCzkzcg3DJi6sGDDMKoahD+i1mMErr9yFrdCf3GUiAobxJ9f
vdChJLL4wwaEOaefsn8Fl/yQRqzJCNZH1uq8SyhaLPLReKma7Wxz4nU4Nqc539x1
hbN8Conj5Ctqvt/QJzMTCidcwfaluKsedA7c1PHFbvFpJ6hiOw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:03 2025 by rpki-client