Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/M98UogSL28N08safIcehiyXVQs4.roa
File: M98UogSL28N08safIcehiyXVQs4.roa (raw, json)
Hash identifier: R5hlh7DJcuTDMzIdu68y+6Wbb/zhTqQDbOzS1jJmIgw=
Subject key identifier: 33:DF:14:A2:04:8B:DB:C3:74:F2:C6:9F:21:C7:A1:8B:25:D5:42:CE
Certificate issuer: /CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Certificate serial: 019048EBD9D92237826C134B5C3785F6D220
Authority key identifier: 46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/M98UogSL28N08safIcehiyXVQs4.roa
Signing time: Mon 24 Jun 2024 06:25:34 +0000
ROA not before: Mon 24 Jun 2024 06:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203995
IP address blocks: 46.46.192.0/18 maxlen: 20
46.230.128.0/19 maxlen: 20
91.149.0.0/19 maxlen: 19
91.149.48.0/20 maxlen: 20
93.179.0.0/19 maxlen: 20
178.72.32.0/19 maxlen: 19
185.83.164.0/22 maxlen: 22
2a05:9cc0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:48:eb:d9:d9:22:37:82:6c:13:4b:5c:37:85:f6:d2:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Validity
Not Before: Jun 24 06:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33df14a2048bdbc374f2c69f21c7a18b25d542ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:93:f6:41:12:f8:80:92:fd:84:86:b8:71:f1:
33:3c:22:56:b7:55:4a:6e:17:de:01:a5:8b:bb:95:
33:0b:51:21:ad:d0:ed:77:55:51:22:fc:20:cd:05:
6c:da:1a:39:9e:15:d5:b1:48:27:54:02:cc:a5:3d:
09:11:6f:1a:0c:a4:7d:57:1e:d4:fb:e8:72:49:9b:
ae:f8:1e:b5:25:a8:85:8f:63:83:cf:c1:a4:4b:07:
d0:3c:56:7d:a7:30:44:58:e9:b7:76:f6:59:a5:6b:
a2:fb:7c:16:d3:ac:ff:c8:97:7d:5e:8d:ec:04:e8:
b4:83:84:63:04:12:1f:84:c3:2b:b7:1b:c3:14:fd:
b3:46:bf:1a:23:10:83:1e:44:ef:a9:f9:f5:f4:cc:
2b:19:76:ce:aa:bc:e2:4e:69:b1:5e:30:4c:90:67:
57:3d:a7:26:51:bf:a7:88:c8:a1:c3:f5:7e:2e:0c:
bf:42:85:d3:9f:8d:5c:33:a0:30:c7:a1:4d:66:f1:
36:26:e3:b0:42:1a:ab:4a:5e:99:c6:6c:6e:e0:96:
61:0d:fb:df:cb:fd:11:79:84:0b:5e:7b:68:ac:25:
ec:7f:a9:0f:fe:be:38:28:c4:4c:f6:ff:f8:17:18:
71:14:56:9f:d1:38:27:bc:0d:f0:11:5f:fe:30:5b:
2c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DF:14:A2:04:8B:DB:C3:74:F2:C6:9F:21:C7:A1:8B:25:D5:42:CE
X509v3 Authority Key Identifier:
keyid:46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/M98UogSL28N08safIcehiyXVQs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.46.192.0/18
46.230.128.0/19
91.149.0.0/19
91.149.48.0/20
93.179.0.0/19
178.72.32.0/19
185.83.164.0/22
IPv6:
2a05:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
57:a9:23:c3:5f:35:69:b3:27:41:9d:fb:ce:70:c5:ea:52:5e:
8d:1a:4e:49:0d:19:bd:ac:4c:dc:76:1a:b8:a5:e9:21:57:96:
db:dc:eb:cb:3d:b6:d7:39:6c:ad:2f:e2:44:81:6c:09:df:49:
9e:cf:4d:9a:50:96:0b:bc:15:cc:62:6b:0f:9d:3f:f1:6c:61:
f3:b3:86:94:7b:81:fa:ab:09:eb:df:1a:2b:4b:69:15:31:34:
05:ae:5a:b3:eb:bc:77:16:17:13:a3:05:51:58:e9:2a:ed:84:
af:e2:35:c7:43:7a:64:8b:32:73:c9:43:74:23:47:22:49:b3:
b6:9e:42:07:57:84:28:23:f4:eb:2a:24:92:17:ce:f1:fd:51:
54:8e:1d:b4:02:f0:79:1d:e4:7a:4d:d6:73:d8:8b:0d:c8:1f:
e2:6c:2d:f7:04:b4:1b:e1:c1:9e:61:b0:08:82:2f:74:68:c3:
4e:a1:e8:9d:c4:e4:d5:e3:8d:c1:f1:f4:8d:4e:41:d6:d3:3f:
fe:8e:7f:ce:10:13:02:f4:9f:5f:36:6e:3d:c5:6a:4c:68:41:
a1:e5:53:b3:6f:73:37:18:13:9e:45:7e:03:e9:32:cb:2f:7a:
16:25:94:8c:df:db:fd:67:78:47:3f:e9:5f:03:df:07:50:36:
0f:5d:2a:ad
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZBI69nZIjeCbBNLXDeF9tIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmI4MjE1YjIyNjZkYTNjMGY2Y2E1NWNjN2JhODAwZTlh
ZGUyYTIwHhcNMjQwNjI0MDYyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RmMTRhMjA0OGJkYmMzNzRmMmM2OWYyMWM3YTE4YjI1ZDU0MmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZP2QRL4gJL9hIa4cfEzPCJWt1VK
bhfeAaWLu5UzC1EhrdDtd1VRIvwgzQVs2ho5nhXVsUgnVALMpT0JEW8aDKR9Vx7U
++hySZuu+B61JaiFj2ODz8GkSwfQPFZ9pzBEWOm3dvZZpWui+3wW06z/yJd9Xo3s
BOi0g4RjBBIfhMMrtxvDFP2zRr8aIxCDHkTvqfn19MwrGXbOqrziTmmxXjBMkGdX
PacmUb+niMihw/V+Lgy/QoXTn41cM6Awx6FNZvE2JuOwQhqrSl6Zxmxu4JZhDfvf
y/0ReYQLXntorCXsf6kP/r44KMRM9v/4FxhxFFaf0TgnvA3wEV/+MFss+QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDPfFKIEi9vDdPLGnyHHoYsl1ULOMB8GA1UdIwQY
MBaAFEa7ghWyJm2jwPbKVcx7qADpreKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMt
N2E1NGRiNTllYzJkLzEvTTk4VW9nU0wyOE4wOHNhZkljZWhpeVhWUXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMtN2E1NGRiNTllYzJk
LzEvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQGLi7AAwQF
LuaAAwQFW5UAAwQEW5UwAwQFXbMAAwQFskggAwQCuVOkMA0EAgACMAcDBQMqBZzA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXqSPDXzVpsydBnfvOcMXqUl6NGk5JDRm9rEzc
dhq4pekhV5bb3OvLPbbXOWytL+JEgWwJ30mez02aUJYLvBXMYmsPnT/xbGHzs4aU
e4H6qwnr3xorS2kVMTQFrlqz67x3FhcTowVRWOkq7YSv4jXHQ3pkizJzyUN0I0ci
SbO2nkIHV4QoI/TrKiSSF87x/VFUjh20AvB5HeR6TdZz2IsNyB/ibC33BLQb4cGe
YbAIgi90aMNOoeidxOTV443B8fSNTkHW0z/+jn/OEBMC9J9fNm49xWpMaEGh5VOz
b3M3GBOeRX4D6TLLL3oWJZSM39v9Z3hHP+lfA98HUDYPXSqt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:34 2025 by rpki-client