Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/2d985C3GQzAVtwevUwGyrDjR6So.roa
File: 2d985C3GQzAVtwevUwGyrDjR6So.roa (raw, json)
Hash identifier: LXSmB/CbE2dSKr04J6WbUpedgHKTBiUJcFs+i5HHYSY=
Subject key identifier: D9:DF:7C:E4:2D:C6:43:30:15:B7:07:AF:53:01:B2:AC:38:D1:E9:2A
Certificate issuer: /CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Certificate serial: 018F04C5E2F9E5B9CD85EB9BDAC43A68BDAB
Authority key identifier: E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/2d985C3GQzAVtwevUwGyrDjR6So.roa
Signing time: Mon 22 Apr 2024 07:47:08 +0000
ROA not before: Mon 22 Apr 2024 07:47:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48045
IP address blocks: 46.46.64.0/18 maxlen: 18
94.240.128.0/19 maxlen: 24
94.240.128.0/22 maxlen: 22
94.240.132.0/22 maxlen: 22
2a09:65c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Apr 2024 20:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:04:c5:e2:f9:e5:b9:cd:85:eb:9b:da:c4:3a:68:bd:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Validity
Not Before: Apr 22 07:47:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9df7ce42dc6433015b707af5301b2ac38d1e92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2d:16:09:55:a3:de:cd:d2:4f:1c:23:97:c0:
99:42:23:d9:dc:2b:d6:96:f9:4d:20:31:26:3d:c7:
64:6e:07:91:66:39:66:ab:39:ef:01:9d:06:a0:2d:
fe:38:aa:b7:d0:bf:24:26:8c:93:5d:b6:46:25:71:
95:ba:58:42:25:d0:83:25:2f:9f:b1:b5:5a:72:f4:
df:9f:62:0c:f6:95:11:ce:5d:51:ed:35:82:69:12:
80:8f:04:26:6e:7d:3c:28:25:27:9f:1a:04:96:04:
70:ad:09:ad:c7:24:eb:a3:33:81:75:80:89:ff:2c:
74:ff:bb:bd:75:fb:a7:75:ff:58:8f:21:dd:26:e3:
24:66:2e:a4:e8:c8:f3:5f:6d:8d:40:86:f6:08:b3:
85:29:ac:90:92:f2:6c:4a:aa:e9:e0:b7:43:96:8a:
2f:17:b0:4d:e1:20:50:3c:02:ae:7c:1a:77:b6:45:
fe:de:aa:89:e2:83:3b:88:1a:f9:70:c7:c8:73:0d:
ef:cf:d5:83:33:58:6d:1e:a6:69:b4:f4:79:47:26:
12:b0:1e:f0:8e:a0:0a:14:48:2b:c0:63:29:ca:55:
17:50:f0:71:5a:65:14:fb:b3:81:2c:96:73:be:6c:
72:0b:fa:45:5f:bf:9f:37:b3:0f:68:7b:ae:f3:df:
fa:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DF:7C:E4:2D:C6:43:30:15:B7:07:AF:53:01:B2:AC:38:D1:E9:2A
X509v3 Authority Key Identifier:
keyid:E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/2d985C3GQzAVtwevUwGyrDjR6So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/5YJfvufEOimDjqvk_IfXlDScDIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.46.64.0/18
94.240.128.0/19
IPv6:
2a09:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
18:c5:c3:b1:24:dd:02:7c:5a:0e:e4:02:38:e3:c1:7d:da:9c:
4a:ae:f3:11:0b:73:75:8b:8a:53:41:be:15:c8:3f:35:b1:7d:
2a:af:df:55:84:11:92:01:87:c6:c3:5e:20:a1:42:59:42:c0:
5d:61:c3:8e:35:ac:ce:db:97:c9:02:0e:53:eb:26:d7:57:85:
90:b9:3a:a5:9b:df:7b:2b:92:1d:60:b6:7e:e9:ca:65:ed:d1:
26:de:dc:0b:a3:87:da:0f:63:ab:85:46:79:37:b2:fd:64:8c:
1c:f8:8a:71:d0:3f:d5:31:72:a5:f4:4a:75:10:de:d0:45:a9:
9e:0c:49:1d:5b:d8:18:ce:93:19:b6:ac:37:02:33:18:df:1d:
6b:b9:27:f4:36:cd:98:65:4d:b1:c1:9b:d4:9a:a2:98:41:05:
d7:e9:06:95:36:f5:09:d3:6b:0a:66:61:a9:9c:7b:71:58:db:
68:db:bf:68:0a:aa:94:93:bf:46:d7:1e:5a:b1:1f:19:91:7d:
f0:64:f0:68:96:ac:c5:e4:ef:1f:91:03:7a:ef:bd:61:95:4b:
c7:58:c0:f6:5c:01:02:a2:22:55:7f:9a:35:41:7e:35:5e:67:
c1:6e:a0:bf:a5:9e:e7:37:90:b4:2b:f0:a5:df:de:b6:93:2e:
d6:9b:cc:ea
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY8ExeL55bnNheub2sQ6aL2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODI1ZmJlZTdjNDNhMjk4MzhlYWJlNGZjODdkNzk0MzQ5
YzBjODAwHhcNMjQwNDIyMDc0NzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWRmN2NlNDJkYzY0MzMwMTViNzA3YWY1MzAxYjJhYzM4ZDFlOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi0WCVWj3s3STxwjl8CZQiPZ3CvW
lvlNIDEmPcdkbgeRZjlmqznvAZ0GoC3+OKq30L8kJoyTXbZGJXGVulhCJdCDJS+f
sbVacvTfn2IM9pURzl1R7TWCaRKAjwQmbn08KCUnnxoElgRwrQmtxyTrozOBdYCJ
/yx0/7u9dfundf9YjyHdJuMkZi6k6MjzX22NQIb2CLOFKayQkvJsSqrp4LdDloov
F7BN4SBQPAKufBp3tkX+3qqJ4oM7iBr5cMfIcw3vz9WDM1htHqZptPR5RyYSsB7w
jqAKFEgrwGMpylUXUPBxWmUU+7OBLJZzvmxyC/pFX7+fN7MPaHuu89/6UQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNnffOQtxkMwFbcHr1MBsqw40ekqMB8GA1UdIwQY
MBaAFOWCX77nxDopg46r5PyH15Q0nAyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2Qt
MDQxYWIzMDJjMmY5LzEvMmQ5ODVDM0dRekFWdHdldlV3R3lyRGpSNlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2QtMDQxYWIzMDJjMmY5
LzEvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGLi5AAwQF
XvCAMA0EAgACMAcDBQAqCWXAMA0GCSqGSIb3DQEBCwUAA4IBAQAYxcOxJN0CfFoO
5AI448F92pxKrvMRC3N1i4pTQb4VyD81sX0qr99VhBGSAYfGw14goUJZQsBdYcOO
NazO25fJAg5T6ybXV4WQuTqlm997K5IdYLZ+6cpl7dEm3twLo4faD2OrhUZ5N7L9
ZIwc+Ipx0D/VMXKl9Ep1EN7QRameDEkdW9gYzpMZtqw3AjMY3x1ruSf0Ns2YZU2x
wZvUmqKYQQXX6QaVNvUJ02sKZmGpnHtxWNto279oCqqUk79G1x5asR8ZkX3wZPBo
lqzF5O8fkQN6771hlUvHWMD2XAECoiJVf5o1QX41XmfBbqC/pZ7nN5C0K/Cl3962
ky7Wm8zq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:58 2025 by rpki-client