Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/oZyUUhrnzPPgDoPWlhQ6725QYyk.roa
File: oZyUUhrnzPPgDoPWlhQ6725QYyk.roa (raw, json)
Hash identifier: Ygo51xqZyjhJxY3F0z2C8zJpP76lkQ1JJFvIp6NIPOk=
Subject key identifier: A1:9C:94:52:1A:E7:CC:F3:E0:0E:83:D6:96:14:3A:EF:6E:50:63:29
Certificate issuer: /CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Certificate serial: 018F1A99A221529973B798307E46D242954D
Authority key identifier: E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/oZyUUhrnzPPgDoPWlhQ6725QYyk.roa
Signing time: Fri 26 Apr 2024 13:30:27 +0000
ROA not before: Fri 26 Apr 2024 13:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48045
IP address blocks: 46.46.64.0/18 maxlen: 18
94.240.128.0/22 maxlen: 22
2a09:65c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Aug 2024 08:35:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1a:99:a2:21:52:99:73:b7:98:30:7e:46:d2:42:95:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Validity
Not Before: Apr 26 13:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a19c94521ae7ccf3e00e83d696143aef6e506329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1c:66:45:47:6b:b8:8e:10:2f:51:d3:83:40:
b5:1f:04:97:e9:f0:d9:f3:d2:41:e4:83:a3:80:16:
c4:83:ba:c0:61:35:a2:fd:a3:68:af:65:23:ee:c7:
e2:06:d8:7d:a5:bb:3f:7f:22:9d:28:a8:af:65:07:
6b:0a:6e:c4:23:11:3c:fe:91:ea:c5:6f:d2:8d:fe:
01:cc:e7:87:66:03:be:98:de:38:c8:bb:36:6c:81:
2b:09:a1:1b:29:19:d5:f0:df:5e:23:ee:bf:de:68:
88:34:da:33:77:81:04:8f:93:7b:a6:9f:4a:26:2c:
b2:77:66:9b:c2:99:93:c4:a0:95:92:57:97:26:2d:
9c:42:04:39:d6:f8:96:0d:06:a1:59:85:5f:5d:ba:
9b:ed:72:5c:d7:56:33:17:cc:c7:a3:ad:ac:1a:6a:
61:9a:2f:f9:98:ff:83:81:cf:7f:6e:75:b8:5c:f7:
27:fc:32:51:aa:30:f4:8d:08:03:50:56:a3:8c:e8:
86:7e:23:35:b2:5f:0d:61:f2:74:bd:0e:3f:e5:b1:
29:75:65:1d:48:8f:ea:12:59:3d:1c:79:73:d0:f2:
3f:28:38:fe:54:87:48:85:3a:ab:e4:1f:0f:b3:b6:
a0:4c:84:be:06:5c:85:88:33:d6:1c:24:b6:b4:78:
33:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9C:94:52:1A:E7:CC:F3:E0:0E:83:D6:96:14:3A:EF:6E:50:63:29
X509v3 Authority Key Identifier:
keyid:E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/oZyUUhrnzPPgDoPWlhQ6725QYyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/5YJfvufEOimDjqvk_IfXlDScDIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.46.64.0/18
94.240.128.0/22
IPv6:
2a09:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:21:54:35:4c:bf:a6:ce:83:0a:66:93:da:43:99:09:df:a9:
05:b8:fd:64:5b:1f:e8:64:da:f7:bd:2a:b5:3b:d9:98:0e:ab:
b3:a3:43:4d:29:ad:ac:6e:9d:36:66:ec:c5:37:45:11:42:fe:
5f:d8:b3:bd:c1:c4:6c:61:79:80:e4:9c:75:f3:15:9c:bc:d8:
5e:50:5f:27:b6:a5:27:c8:13:27:83:35:9d:be:85:7e:4f:22:
d4:5c:d8:3d:69:ad:2b:cf:20:19:b7:22:87:1b:a6:21:d2:14:
2e:b8:d1:7a:05:17:14:0e:4f:78:f6:1a:d4:ba:be:93:eb:b5:
4d:96:74:48:9c:fd:4d:88:1d:ea:69:ff:d8:d4:80:67:8e:f7:
0b:41:98:a4:01:c3:0e:e8:64:f8:59:5d:b9:46:8a:06:ef:47:
7a:53:c0:2a:f2:58:03:bd:94:44:5e:54:8f:0d:de:e4:c5:72:
05:b6:b9:d3:21:1f:90:86:8e:cc:b6:07:2c:ad:44:a2:8c:a4:
d3:c4:50:f3:58:fc:41:8a:86:7d:1b:a6:92:b5:73:fd:74:b5:
f4:d1:47:a9:6c:8b:49:65:4d:a1:20:9a:b0:85:4f:18:a3:1b:
4f:4b:a7:55:fe:e4:cd:b0:d9:54:1d:df:88:7d:08:c0:d0:5b:
f6:f1:bc:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY8amaIhUplzt5gwfkbSQpVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODI1ZmJlZTdjNDNhMjk4MzhlYWJlNGZjODdkNzk0MzQ5
YzBjODAwHhcNMjQwNDI2MTMzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTljOTQ1MjFhZTdjY2YzZTAwZTgzZDY5NjE0M2FlZjZlNTA2MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxxmRUdruI4QL1HTg0C1HwSX6fDZ
89JB5IOjgBbEg7rAYTWi/aNor2Uj7sfiBth9pbs/fyKdKKivZQdrCm7EIxE8/pHq
xW/Sjf4BzOeHZgO+mN44yLs2bIErCaEbKRnV8N9eI+6/3miINNozd4EEj5N7pp9K
Jiyyd2abwpmTxKCVkleXJi2cQgQ51viWDQahWYVfXbqb7XJc11YzF8zHo62sGmph
mi/5mP+Dgc9/bnW4XPcn/DJRqjD0jQgDUFajjOiGfiM1sl8NYfJ0vQ4/5bEpdWUd
SI/qElk9HHlz0PI/KDj+VIdIhTqr5B8Ps7agTIS+BlyFiDPWHCS2tHgzCwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKGclFIa58zz4A6D1pYUOu9uUGMpMB8GA1UdIwQY
MBaAFOWCX77nxDopg46r5PyH15Q0nAyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2Qt
MDQxYWIzMDJjMmY5LzEvb1p5VVVocm56UFBnRG9QV2xoUTY3MjVRWXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2QtMDQxYWIzMDJjMmY5
LzEvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGLi5AAwQC
XvCAMA0EAgACMAcDBQAqCWXAMA0GCSqGSIb3DQEBCwUAA4IBAQB+IVQ1TL+mzoMK
ZpPaQ5kJ36kFuP1kWx/oZNr3vSq1O9mYDquzo0NNKa2sbp02ZuzFN0URQv5f2LO9
wcRsYXmA5Jx18xWcvNheUF8ntqUnyBMngzWdvoV+TyLUXNg9aa0rzyAZtyKHG6Yh
0hQuuNF6BRcUDk949hrUur6T67VNlnRInP1NiB3qaf/Y1IBnjvcLQZikAcMO6GT4
WV25RooG70d6U8Aq8lgDvZREXlSPDd7kxXIFtrnTIR+Qho7MtgcsrUSijKTTxFDz
WPxBioZ9G6aStXP9dLX00UepbItJZU2hIJqwhU8YoxtPS6dV/uTNsNlUHd+IfQjA
0Fv28bwi
-----END CERTIFICATE-----
Generated at Tue Aug 6 09:54:07 2024 by rpki-client on console-fra.rpki-client.org