Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/rxYwDMR-LGxX1nGVtPcshXiF0-c.roa
File: rxYwDMR-LGxX1nGVtPcshXiF0-c.roa (raw, json)
Hash identifier: 977GjtOVmG02UMUxMkgHwGQ8L3eGt+TBWZfdw7W8FF8=
Subject key identifier: AF:16:30:0C:C4:7E:2C:6C:57:D6:71:95:B4:F7:2C:85:78:85:D3:E7
Certificate issuer: /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial: 0191037D8A7F5389D7B8EEA1779CD98393C0
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/rxYwDMR-LGxX1nGVtPcshXiF0-c.roa
Signing time: Tue 30 Jul 2024 11:54:04 +0000
ROA not before: Tue 30 Jul 2024 11:54:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51788
IP address blocks: 46.148.32.0/24 maxlen: 24
46.148.33.0/24 maxlen: 24
46.148.34.0/24 maxlen: 24
46.148.37.0/24 maxlen: 24
46.148.40.0/24 maxlen: 24
46.148.41.0/24 maxlen: 24
46.148.42.0/24 maxlen: 24
46.148.46.0/24 maxlen: 24
46.148.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:7d:8a:7f:53:89:d7:b8:ee:a1:77:9c:d9:83:93:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Validity
Not Before: Jul 30 11:54:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af16300cc47e2c6c57d67195b4f72c857885d3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5c:44:84:f8:04:ad:6b:a8:a8:fc:42:df:59:
93:62:82:90:ec:8b:10:d4:33:c6:46:89:c7:fd:bc:
b5:6d:0f:95:83:7d:4f:fa:00:da:0e:e4:42:d0:92:
d3:37:bf:ee:3d:9c:89:76:59:9a:6e:92:c7:8b:11:
c2:17:21:7c:59:e0:bc:cb:01:df:43:13:81:ae:47:
7e:53:6b:20:b7:eb:a2:66:f2:06:84:b6:66:c8:2e:
0e:52:66:66:da:24:80:56:8c:5d:fe:5c:7c:b3:e6:
cf:79:81:51:26:aa:67:f9:c4:42:23:cf:d2:45:05:
a6:96:13:04:7d:df:64:35:6d:d6:40:ae:84:75:e0:
73:39:f5:df:b9:f8:38:b1:66:8f:18:aa:04:5f:b8:
55:74:9e:15:b1:56:43:28:47:9d:65:5f:52:ce:fc:
1e:2e:b4:20:27:1c:77:a9:18:f8:75:eb:d4:99:ef:
60:73:3b:d2:70:33:e6:bf:1e:fc:27:5f:f6:fa:50:
c5:7f:b5:1a:57:c9:61:24:86:9a:69:cb:1b:a1:c4:
70:c7:34:ae:db:03:25:0d:8c:08:7e:d9:27:6b:6e:
c0:09:11:9c:b3:d6:54:21:eb:f9:bc:06:07:58:07:
a6:a8:18:cb:17:07:78:6b:18:24:2e:57:c3:27:66:
26:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:16:30:0C:C4:7E:2C:6C:57:D6:71:95:B4:F7:2C:85:78:85:D3:E7
X509v3 Authority Key Identifier:
keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/rxYwDMR-LGxX1nGVtPcshXiF0-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.32.0-46.148.34.255
46.148.37.0/24
46.148.40.0-46.148.42.255
46.148.46.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:c0:e0:61:c4:76:7a:b8:22:1f:5f:83:4c:16:61:13:ee:8d:
66:89:b6:3d:2d:ca:1f:f5:84:06:0f:1a:2e:82:05:a6:db:d1:
56:3c:13:a2:f8:05:03:0d:0e:4c:f8:7d:e2:6f:7e:b4:68:bb:
3c:12:4d:54:7a:2f:45:f3:74:d6:2d:66:dd:c9:f1:32:1d:24:
e0:0b:d7:4e:e2:4c:8a:76:2e:21:77:e9:b5:4f:d2:3f:85:70:
a2:95:ec:a5:9a:c5:e9:0a:29:f0:28:0f:6d:0a:83:58:46:7f:
a7:5e:8c:aa:69:72:14:1a:fc:5b:57:c5:6a:45:ea:92:e6:70:
36:0c:60:11:3f:48:53:60:8b:22:f2:8a:69:bb:1c:1b:8f:e4:
8c:36:8d:1d:c2:a2:a0:38:29:85:bd:4c:f8:2b:ea:d8:b4:07:
45:7e:e3:06:9e:76:05:be:9a:cb:e0:18:2c:7a:5d:fe:9d:e8:
8b:46:2c:58:fe:4e:28:76:23:9d:f9:47:06:e5:88:0f:a6:3e:
c0:c4:03:45:28:50:8a:a8:ec:8a:da:26:0e:63:71:8c:d6:df:
90:8e:13:fe:bf:cf:47:e9:a2:21:57:6c:7a:4c:7b:07:73:d7:
7d:76:3e:e6:66:68:cd:11:12:20:91:a7:e3:5f:82:2e:4f:1b:
7d:fa:f0:f3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZEDfYp/U4nXuO6hd5zZg5PAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjQwNzMwMTE1NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjE2MzAwY2M0N2UyYzZjNTdkNjcxOTViNGY3MmM4NTc4ODVkM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1xEhPgErWuoqPxC31mTYoKQ7IsQ
1DPGRonH/by1bQ+Vg31P+gDaDuRC0JLTN7/uPZyJdlmabpLHixHCFyF8WeC8ywHf
QxOBrkd+U2sgt+uiZvIGhLZmyC4OUmZm2iSAVoxd/lx8s+bPeYFRJqpn+cRCI8/S
RQWmlhMEfd9kNW3WQK6EdeBzOfXfufg4sWaPGKoEX7hVdJ4VsVZDKEedZV9Szvwe
LrQgJxx3qRj4devUme9gczvScDPmvx78J1/2+lDFf7UaV8lhJIaaacsbocRwxzSu
2wMlDYwIftkna27ACRGcs9ZUIev5vAYHWAemqBjLFwd4axgkLlfDJ2YmjQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFK8WMAzEfixsV9ZxlbT3LIV4hdPnMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvcnhZd0RNUi1MR3hYMW5HVnRQY3NoWGlGMC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAUulCAD
BAAulCIDBAAulCUwDAMEAy6UKAMEAC6UKgMEAS6ULjANBgkqhkiG9w0BAQsFAAOC
AQEAK8DgYcR2ergiH1+DTBZhE+6NZom2PS3KH/WEBg8aLoIFptvRVjwTovgFAw0O
TPh94m9+tGi7PBJNVHovRfN01i1m3cnxMh0k4AvXTuJMinYuIXfptU/SP4VwopXs
pZrF6Qop8CgPbQqDWEZ/p16MqmlyFBr8W1fFakXqkuZwNgxgET9IU2CLIvKKabsc
G4/kjDaNHcKioDgphb1M+Cvq2LQHRX7jBp52Bb6ay+AYLHpd/p3oi0YsWP5OKHYj
nflHBuWID6Y+wMQDRShQiqjsitomDmNxjNbfkI4T/r/PR+miIVdsekx7B3PXfXY+
5mZozRESIJGn41+CLk8bffrw8w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:57:36 2025 by rpki-client