Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/7l43xrgWxXKB_PKkKjjvpFn93zw.roa
File: 7l43xrgWxXKB_PKkKjjvpFn93zw.roa (raw, json)
Hash identifier: FF3FDrmRsxIkB8KLSzq9xwAVkfQPpJNzAwlgx73DyxE=
Subject key identifier: EE:5E:37:C6:B8:16:C5:72:81:FC:F2:A4:2A:38:EF:A4:59:FD:DF:3C
Certificate issuer: /CN=48f47a31172fb549c696132880c6824fb0777b55
Certificate serial: 018CC94E6B8CC3E57D9B911E4FDEE4FE43D9
Authority key identifier: 48:F4:7A:31:17:2F:B5:49:C6:96:13:28:80:C6:82:4F:B0:77:7B:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SPR6MRcvtUnGlhMogMaCT7B3e1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/7l43xrgWxXKB_PKkKjjvpFn93zw.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209983
IP address blocks: 46.31.48.0/21 maxlen: 24
2a02:23ea::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6b:8c:c3:e5:7d:9b:91:1e:4f:de:e4:fe:43:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48f47a31172fb549c696132880c6824fb0777b55
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee5e37c6b816c57281fcf2a42a38efa459fddf3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1b:69:4e:fb:4d:7d:1a:18:86:47:cc:cc:57:
95:86:3b:c2:4e:d4:d9:bb:ee:6e:95:ce:7b:06:95:
f8:e0:67:06:c9:cc:34:3f:78:6c:27:1c:a8:80:de:
81:11:8f:27:fb:29:0e:85:33:56:ac:5a:2d:62:d5:
46:ad:ea:2b:7d:c6:d3:23:a7:f5:09:01:c4:69:ec:
70:1a:52:e9:d1:4e:4c:52:61:3b:83:43:0e:1d:2a:
cd:ef:4d:d4:8a:41:b6:39:11:87:c3:a3:d2:20:84:
f9:f7:b0:6c:7a:45:b4:54:67:58:40:47:5a:46:dd:
a8:e3:74:f4:b5:64:f3:c8:e8:93:c7:81:18:ae:37:
92:19:12:83:ae:09:d9:52:a7:e3:43:b7:19:c6:ee:
0d:2b:62:7e:89:bc:6f:a8:ca:3d:74:0b:e3:85:60:
2d:29:39:bf:8f:6f:7c:5d:fd:84:0e:5c:14:75:10:
49:69:e4:bd:21:95:9e:12:8e:81:09:ca:00:8a:1a:
c4:34:a8:9f:40:1e:fc:24:71:cf:af:ef:f7:17:61:
f8:1a:76:cc:aa:38:c0:1a:59:ae:45:91:bc:08:09:
00:1a:ab:35:b4:97:0f:0b:91:c2:f2:0b:7a:e0:80:
a3:32:11:0a:03:47:93:5d:64:83:21:6e:72:01:79:
a6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:5E:37:C6:B8:16:C5:72:81:FC:F2:A4:2A:38:EF:A4:59:FD:DF:3C
X509v3 Authority Key Identifier:
keyid:48:F4:7A:31:17:2F:B5:49:C6:96:13:28:80:C6:82:4F:B0:77:7B:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SPR6MRcvtUnGlhMogMaCT7B3e1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/7l43xrgWxXKB_PKkKjjvpFn93zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/SPR6MRcvtUnGlhMogMaCT7B3e1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.48.0/21
IPv6:
2a02:23ea::/32
Signature Algorithm: sha256WithRSAEncryption
31:07:65:5d:bd:c5:8b:e4:39:a3:e5:3e:6f:30:3f:76:a8:39:
b1:6a:b4:c6:82:bf:ae:03:f6:dd:2d:35:07:0b:28:a2:d2:c4:
22:de:5c:2b:82:a5:6f:9d:04:36:9b:95:3f:34:c5:bd:05:1e:
82:85:69:a9:e1:ff:fa:4a:f5:96:f0:77:3b:40:75:1d:2c:1b:
38:79:8f:f3:09:f7:09:05:e2:60:8c:d7:94:60:67:03:0c:16:
29:04:84:0c:01:85:3b:64:15:ae:39:1b:40:66:fc:cf:10:41:
6e:af:36:a2:30:a5:bf:a8:61:d2:e9:b5:e3:d9:81:16:03:6c:
94:d8:43:68:9d:f9:46:ca:18:62:b0:82:22:ba:ae:21:ba:d8:
4f:d9:40:ac:f1:c9:d9:94:48:f8:88:48:5b:1d:c6:28:48:61:
6d:bb:50:2f:b9:d4:ba:67:63:04:50:fa:1f:aa:53:7a:bd:84:
61:ab:0f:13:4f:b3:db:9a:fd:eb:7d:0c:98:7c:5f:b8:fd:a3:
8f:24:7f:b2:e8:84:ad:9f:05:8e:c7:2f:43:91:82:7a:ae:c9:
74:00:0b:1c:bc:5e:5d:80:aa:fa:c6:74:15:2f:5c:d2:b3:c0:
55:e7:7a:72:8f:bd:67:81:c2:31:78:57:d2:8d:bd:6e:a3:c5:
b0:40:8e:1a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTmuMw+V9m5EeT97k/kPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZjQ3YTMxMTcyZmI1NDljNjk2MTMyODgwYzY4MjRmYjA3
NzdiNTUwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTVlMzdjNmI4MTZjNTcyODFmY2YyYTQyYTM4ZWZhNDU5ZmRkZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRtpTvtNfRoYhkfMzFeVhjvCTtTZ
u+5ulc57BpX44GcGycw0P3hsJxyogN6BEY8n+ykOhTNWrFotYtVGreorfcbTI6f1
CQHEaexwGlLp0U5MUmE7g0MOHSrN703UikG2ORGHw6PSIIT597BsekW0VGdYQEda
Rt2o43T0tWTzyOiTx4EYrjeSGRKDrgnZUqfjQ7cZxu4NK2J+ibxvqMo9dAvjhWAt
KTm/j298Xf2EDlwUdRBJaeS9IZWeEo6BCcoAihrENKifQB78JHHPr+/3F2H4GnbM
qjjAGlmuRZG8CAkAGqs1tJcPC5HC8gt64ICjMhEKA0eTXWSDIW5yAXmmtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO5eN8a4FsVygfzypCo476RZ/d88MB8GA1UdIwQY
MBaAFEj0ejEXL7VJxpYTKIDGgk+wd3tVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1BSNk1SY3Z0VW5HbGhNb2dNYUNUN0IzZTFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTA2MzgtOGE5OS00MDYzLTkzYTAt
NmU5OTM4OTcyNzA4LzEvN2w0M3hyZ1d4WEtCX1BLa0tqanZwRm45M3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTA2MzgtOGE5OS00MDYzLTkzYTAtNmU5OTM4OTcyNzA4
LzEvU1BSNk1SY3Z0VW5HbGhNb2dNYUNUN0IzZTFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLh8wMA0E
AgACMAcDBQAqAiPqMA0GCSqGSIb3DQEBCwUAA4IBAQAxB2VdvcWL5Dmj5T5vMD92
qDmxarTGgr+uA/bdLTUHCyii0sQi3lwrgqVvnQQ2m5U/NMW9BR6ChWmp4f/6SvWW
8Hc7QHUdLBs4eY/zCfcJBeJgjNeUYGcDDBYpBIQMAYU7ZBWuORtAZvzPEEFurzai
MKW/qGHS6bXj2YEWA2yU2ENonflGyhhisIIiuq4huthP2UCs8cnZlEj4iEhbHcYo
SGFtu1AvudS6Z2MEUPofqlN6vYRhqw8TT7Pbmv3rfQyYfF+4/aOPJH+y6IStnwWO
xy9DkYJ6rsl0AAscvF5dgKr6xnQVL1zSs8BV53pyj71ngcIxeFfSjb1uo8WwQI4a
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:11:46 2025 by rpki-client