Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/KXehrdAQYydrJHXEgwyuw9RT6og.roa
File: KXehrdAQYydrJHXEgwyuw9RT6og.roa (raw, json)
Hash identifier: MP2seEH4vgIrOsP7q68TikJJtjdAOYoOBxyQvGjWGTg=
Subject key identifier: 29:77:A1:AD:D0:10:63:27:6B:24:75:C4:83:0C:AE:C3:D4:53:EA:88
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 018E2547DC6E2295B081513EA6B1AD426A14
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/KXehrdAQYydrJHXEgwyuw9RT6og.roa
Signing time: Sat 09 Mar 2024 22:14:10 +0000
ROA not before: Sat 09 Mar 2024 22:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44901
IP address blocks: 46.253.0.0/24 maxlen: 24
46.253.1.0/24 maxlen: 24
46.253.2.0/24 maxlen: 24
46.253.3.0/24 maxlen: 24
46.253.4.0/24 maxlen: 24
46.253.5.0/24 maxlen: 24
91.132.60.0/24 maxlen: 24
91.132.62.0/24 maxlen: 24
91.132.63.0/24 maxlen: 24
93.94.140.0/24 maxlen: 24
95.169.202.0/24 maxlen: 24
95.169.203.0/24 maxlen: 24
185.1.156.0/24 maxlen: 24
185.243.213.0/24 maxlen: 24
2a09:be80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 May 2024 13:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:25:47:dc:6e:22:95:b0:81:51:3e:a6:b1:ad:42:6a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Mar 9 22:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2977a1add01063276b2475c4830caec3d453ea88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:28:c3:60:a9:b0:4e:1e:b0:74:56:0b:38:40:
8f:7a:48:e8:14:18:0e:57:94:d8:02:6a:15:86:92:
52:e8:1a:3a:08:37:f1:47:d9:56:1a:d3:fb:0a:4f:
9b:e3:20:7d:4d:f5:f5:1d:a2:30:1b:0d:35:13:1c:
b3:e4:2a:89:52:da:87:24:cb:8a:76:7a:5f:73:db:
3d:2e:e5:f2:be:4e:a2:12:e6:68:45:d9:d9:17:1f:
1b:db:62:a5:ce:31:3d:4a:69:29:d1:15:ec:fe:0a:
a3:25:f2:08:a6:6d:bc:aa:47:f0:a4:96:53:20:86:
32:62:ac:f9:11:f2:c1:a3:69:6f:5d:75:a1:55:a9:
79:e6:f2:12:06:d3:ea:b7:95:c1:5c:9d:20:d8:93:
c0:dd:a3:ce:f5:40:b2:58:fb:92:db:4d:b4:db:58:
d2:07:e5:2e:65:83:e5:22:2b:3d:ef:bc:58:af:c6:
9c:ec:a4:73:c7:69:c2:1f:08:ed:4e:6d:be:e0:7d:
43:28:9d:28:6b:e1:6b:4f:ba:b8:fb:51:a2:98:5f:
a5:38:cc:13:df:dd:2b:95:3a:69:a2:56:1f:5a:1f:
e0:69:68:ea:aa:87:87:a0:e7:b9:19:e2:f7:e5:7e:
92:6f:06:eb:7a:0f:43:d6:56:c5:77:7b:f9:65:67:
56:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:77:A1:AD:D0:10:63:27:6B:24:75:C4:83:0C:AE:C3:D4:53:EA:88
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/KXehrdAQYydrJHXEgwyuw9RT6og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.0.0-46.253.5.255
91.132.60.0/24
91.132.62.0/23
93.94.140.0/24
95.169.202.0/23
185.1.156.0/24
185.243.213.0/24
IPv6:
2a09:be80::/32
Signature Algorithm: sha256WithRSAEncryption
07:66:86:37:10:2b:83:91:4e:87:70:c5:52:25:42:35:27:a5:
6d:e7:89:86:7a:e9:3b:7c:1b:fe:03:3c:2b:9f:ee:05:fe:fd:
e3:30:ed:35:40:f1:cb:62:25:83:7d:cf:ca:e1:43:c1:4e:34:
21:ff:39:ae:c2:da:63:d6:15:69:25:e4:a5:09:e4:7d:77:4a:
a8:ec:9e:4d:ad:d2:7f:c3:ff:8e:7b:be:fa:3b:bd:a6:ed:da:
c9:4d:36:c9:7c:b4:ba:41:41:7d:6e:88:d5:b3:da:d5:ff:e2:
c8:85:5c:d9:aa:4c:50:18:d7:3e:b5:e1:69:13:5c:c7:d0:8a:
43:86:db:7d:e7:33:77:21:ab:5f:5b:0c:55:3a:96:82:3f:d8:
af:8b:ea:a4:c5:dc:74:f2:dc:8c:3f:96:63:cd:e3:74:c7:89:
0b:73:0c:fb:b9:f4:fc:5a:e7:71:16:46:f9:ca:17:ff:61:34:
0a:e6:d6:13:ee:bb:35:be:ea:4e:25:b9:b0:d8:29:e7:35:eb:
18:07:14:e7:22:4e:d0:1c:c8:b9:2c:53:17:f0:87:b3:b7:ab:
85:41:9e:dc:8b:6e:05:d7:cb:6f:2d:5c:a6:f8:9b:6d:76:b3:
10:cb:b5:02:88:d5:01:56:f1:28:58:95:c0:e7:24:8d:91:22:
84:81:c7:b0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY4lR9xuIpWwgVE+prGtQmoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjQwMzA5MjIxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTc3YTFhZGQwMTA2MzI3NmIyNDc1YzQ4MzBjYWVjM2Q0NTNlYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyjDYKmwTh6wdFYLOECPekjoFBgO
V5TYAmoVhpJS6Bo6CDfxR9lWGtP7Ck+b4yB9TfX1HaIwGw01Exyz5CqJUtqHJMuK
dnpfc9s9LuXyvk6iEuZoRdnZFx8b22KlzjE9Smkp0RXs/gqjJfIIpm28qkfwpJZT
IIYyYqz5EfLBo2lvXXWhVal55vISBtPqt5XBXJ0g2JPA3aPO9UCyWPuS202021jS
B+UuZYPlIis977xYr8ac7KRzx2nCHwjtTm2+4H1DKJ0oa+FrT7q4+1GimF+lOMwT
390rlTppolYfWh/gaWjqqoeHoOe5GeL35X6Sbwbreg9D1lbFd3v5ZWdWrwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCl3oa3QEGMnayR1xIMMrsPUU+qIMB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvS1hlaHJkQVFZeWRySkhYRWd3eXV3OVJUNm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxMAsDAwAu/QME
AS79BAMEAFuEPAMEAVuEPgMEAF1ejAMEAV+pygMEALkBnAMEALnz1TANBAIAAjAH
AwUAKgm+gDANBgkqhkiG9w0BAQsFAAOCAQEAB2aGNxArg5FOh3DFUiVCNSelbeeJ
hnrpO3wb/gM8K5/uBf794zDtNUDxy2Ilg33PyuFDwU40If85rsLaY9YVaSXkpQnk
fXdKqOyeTa3Sf8P/jnu++ju9pu3ayU02yXy0ukFBfW6I1bPa1f/iyIVc2apMUBjX
PrXhaRNcx9CKQ4bbfeczdyGrX1sMVTqWgj/Yr4vqpMXcdPLcjD+WY83jdMeJC3MM
+7n0/FrncRZG+coX/2E0CubWE+67Nb7qTiW5sNgp5zXrGAcU5yJO0BzIuSxTF/CH
s7erhUGe3ItuBdfLby1cpvibbXazEMu1AojVAVbxKFiVwOckjZEihIHHsA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:59:01 2025 by rpki-client