Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/4ee19c-9462-4390-a42d-7eff8f1e91cd/1/keW8OmSuWA4Fq4ou9pECVKeOTWk.roa
File: keW8OmSuWA4Fq4ou9pECVKeOTWk.roa (raw, json)
Hash identifier: mTAFIAxexXYphostW9RGO1WylWb+WwClFFSi/0Mc0zE=
Subject key identifier: 91:E5:BC:3A:64:AE:58:0E:05:AB:8A:2E:F6:91:02:54:A7:8E:4D:69
Certificate issuer: /CN=c104cd7df84c319d19af35b1104f173eba2c6dbd
Certificate serial: 019126C0A485FA6029EAD0FB0AF22B1B0FEE
Authority key identifier: C1:04:CD:7D:F8:4C:31:9D:19:AF:35:B1:10:4F:17:3E:BA:2C:6D:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQTNffhMMZ0ZrzWxEE8XProsbb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/4ee19c-9462-4390-a42d-7eff8f1e91cd/1/keW8OmSuWA4Fq4ou9pECVKeOTWk.roa
Signing time: Tue 06 Aug 2024 08:14:04 +0000
ROA not before: Tue 06 Aug 2024 08:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205368
IP address blocks: 46.182.172.0/23 maxlen: 23
46.182.172.0/24 maxlen: 24
46.182.173.0/24 maxlen: 24
46.182.174.0/24 maxlen: 24
185.215.52.0/22 maxlen: 22
185.215.52.0/24 maxlen: 24
185.215.54.0/24 maxlen: 24
185.215.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:26:c0:a4:85:fa:60:29:ea:d0:fb:0a:f2:2b:1b:0f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c104cd7df84c319d19af35b1104f173eba2c6dbd
Validity
Not Before: Aug 6 08:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91e5bc3a64ae580e05ab8a2ef6910254a78e4d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:be:36:dd:84:20:ee:c9:70:b1:15:6f:29:bb:
e3:c3:eb:d3:69:1c:6b:0c:e2:00:e0:37:95:6e:d8:
7b:1c:1e:33:ee:ba:18:29:c6:3f:62:1e:84:d6:99:
29:82:55:09:44:1d:16:47:d3:c7:9a:6e:80:c5:1a:
2a:bf:71:a0:66:68:d9:b1:82:0f:85:19:e3:81:9b:
9d:4b:ff:8c:60:98:21:2f:4a:c2:94:5f:48:47:c0:
37:51:63:87:5d:43:79:57:fc:e7:13:18:91:cd:51:
ef:47:f1:c9:2d:db:30:20:a0:c3:a8:27:44:79:8f:
bd:20:74:36:af:e3:dd:83:be:01:0c:d4:ea:77:62:
b7:02:39:fe:c1:a0:ea:2a:38:bf:7d:72:6c:3d:72:
a8:48:d1:f7:ea:ee:9e:ed:5b:35:ae:54:54:f9:2c:
cb:1e:ee:71:d1:04:81:e0:06:50:7f:f5:ee:61:2f:
f4:96:84:a0:b4:82:9a:76:1e:e8:39:62:0c:6b:de:
2f:95:ce:0f:06:5b:c1:75:fa:c2:f6:89:bb:81:00:
f4:01:4d:24:2f:5d:46:58:fe:af:78:74:02:62:eb:
88:b2:60:41:4b:15:77:68:bf:69:89:b5:d8:dc:bf:
d1:48:12:e7:fe:28:b8:77:96:ca:29:ea:aa:c1:5b:
cb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E5:BC:3A:64:AE:58:0E:05:AB:8A:2E:F6:91:02:54:A7:8E:4D:69
X509v3 Authority Key Identifier:
keyid:C1:04:CD:7D:F8:4C:31:9D:19:AF:35:B1:10:4F:17:3E:BA:2C:6D:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQTNffhMMZ0ZrzWxEE8XProsbb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/4ee19c-9462-4390-a42d-7eff8f1e91cd/1/keW8OmSuWA4Fq4ou9pECVKeOTWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/4ee19c-9462-4390-a42d-7eff8f1e91cd/1/wQTNffhMMZ0ZrzWxEE8XProsbb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.172.0-46.182.174.255
185.215.52.0/22
Signature Algorithm: sha256WithRSAEncryption
79:97:66:4a:7d:73:5b:f2:b7:bf:43:45:8e:d6:be:6e:8b:2a:
9e:3f:72:ea:0f:85:6d:ab:a5:a8:f5:91:a1:6f:f7:ec:d5:cb:
5b:b6:fa:e7:96:81:76:25:83:1d:9d:1f:66:ba:ea:6e:24:3f:
4e:30:90:80:fb:bd:05:a8:65:7c:af:24:15:df:23:77:7f:b1:
f4:cf:c1:e3:55:ef:16:66:e0:10:c5:49:85:e5:66:45:ce:b1:
52:6e:b6:b3:dc:e1:49:38:e9:a9:73:48:c2:0d:de:6b:ce:99:
6a:13:93:ca:1a:18:fe:b9:f1:a9:49:3c:a4:2a:f9:f8:f4:3b:
3d:0f:81:64:8d:b8:3b:7c:1a:20:49:1e:30:01:01:f2:60:0b:
96:41:74:2e:be:6a:d6:17:bf:2f:a5:a7:f8:b9:42:64:c1:02:
76:29:2f:06:9c:45:5b:ff:17:cd:05:8c:e1:3e:95:11:d9:a0:
0b:a6:c1:81:22:1b:82:af:e8:42:b3:5c:cc:06:cc:a3:2c:67:
90:65:2b:36:e4:65:fb:02:4f:07:93:19:9b:78:ac:ea:09:1d:
ca:65:c6:c8:28:39:81:ba:f7:3f:fa:83:1f:3f:30:90:24:87:
06:f4:15:e9:2b:5f:f4:ef:7c:4d:c4:3e:ca:17:58:d6:81:2f:
e0:bb:91:88
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZEmwKSF+mAp6tD7CvIrGw/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDRjZDdkZjg0YzMxOWQxOWFmMzViMTEwNGYxNzNlYmEy
YzZkYmQwHhcNMjQwODA2MDgxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU1YmMzYTY0YWU1ODBlMDVhYjhhMmVmNjkxMDI1NGE3OGU0ZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL423YQg7slwsRVvKbvjw+vTaRxr
DOIA4DeVbth7HB4z7roYKcY/Yh6E1pkpglUJRB0WR9PHmm6AxRoqv3GgZmjZsYIP
hRnjgZudS/+MYJghL0rClF9IR8A3UWOHXUN5V/znExiRzVHvR/HJLdswIKDDqCdE
eY+9IHQ2r+Pdg74BDNTqd2K3Ajn+waDqKji/fXJsPXKoSNH36u6e7Vs1rlRU+SzL
Hu5x0QSB4AZQf/XuYS/0loSgtIKadh7oOWIMa94vlc4PBlvBdfrC9om7gQD0AU0k
L11GWP6veHQCYuuIsmBBSxV3aL9pibXY3L/RSBLn/ii4d5bKKeqqwVvLsQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJHlvDpkrlgOBauKLvaRAlSnjk1pMB8GA1UdIwQY
MBaAFMEEzX34TDGdGa81sRBPFz66LG29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FUTmZmaE1NWjBacnpXeEVFOFhQcm9zYmIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC80ZWUxOWMtOTQ2Mi00MzkwLWE0MmQt
N2VmZjhmMWU5MWNkLzEva2VXOE9tU3VXQTRGcTRvdTlwRUNWS2VPVFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC80ZWUxOWMtOTQ2Mi00MzkwLWE0MmQtN2VmZjhmMWU5MWNk
LzEvd1FUTmZmaE1NWjBacnpXeEVFOFhQcm9zYmIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAIutqwD
BAAutq4DBAK51zQwDQYJKoZIhvcNAQELBQADggEBAHmXZkp9c1vyt79DRY7Wvm6L
Kp4/cuoPhW2rpaj1kaFv9+zVy1u2+ueWgXYlgx2dH2a66m4kP04wkID7vQWoZXyv
JBXfI3d/sfTPweNV7xZm4BDFSYXlZkXOsVJutrPc4Uk46alzSMIN3mvOmWoTk8oa
GP658alJPKQq+fj0Oz0PgWSNuDt8GiBJHjABAfJgC5ZBdC6+atYXvy+lp/i5QmTB
AnYpLwacRVv/F80FjOE+lRHZoAumwYEiG4Kv6EKzXMwGzKMsZ5BlKzbkZfsCTweT
GZt4rOoJHcplxsgoOYG69z/6gx8/MJAkhwb0FekrX/TvfE3EPsoXWNaBL+C7kYg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:00 2025 by rpki-client