Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/ShtKSpMzm2Oyfr-ejigP5O4Qt0c.roa
File: ShtKSpMzm2Oyfr-ejigP5O4Qt0c.roa (raw, json)
Hash identifier: BKjL0VyLnUtkiBewAbpaCMtD3t0lt0ptGBljb+bcBVc=
Subject key identifier: 4A:1B:4A:4A:93:33:9B:63:B2:7E:BF:9E:8E:28:0F:E4:EE:10:B7:47
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018CC9BC6A948A24274AA89B26114FFCD324
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/ShtKSpMzm2Oyfr-ejigP5O4Qt0c.roa
Signing time: Tue 02 Jan 2024 10:33:37 +0000
ROA not before: Tue 02 Jan 2024 10:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 46.20.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 09:10:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:6a:94:8a:24:27:4a:a8:9b:26:11:4f:fc:d3:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 2 10:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a1b4a4a93339b63b27ebf9e8e280fe4ee10b747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:aa:9c:2a:f7:e4:f5:c7:33:aa:8a:61:8a:29:
40:02:f8:1f:47:f2:59:2c:97:fe:dd:74:84:c6:c4:
26:a9:89:74:de:a5:4f:bf:82:b3:74:83:c2:04:f2:
67:ec:3d:3e:33:8f:45:56:2c:2a:da:69:5c:7e:7f:
ab:40:99:57:ee:f8:6b:41:9a:d3:d4:8b:e3:e7:55:
54:ca:22:75:8b:f0:9b:a5:d5:94:bf:fd:52:b3:42:
48:39:e7:e4:3c:72:c5:64:b1:9b:34:b7:bd:4a:71:
14:49:b9:b0:6b:55:f1:7a:c8:49:ad:5f:99:f6:cf:
bc:cb:9c:96:f1:2f:4d:95:74:c2:99:55:15:a6:e3:
77:aa:e0:94:a8:39:7f:50:7e:e6:51:31:c1:42:21:
27:24:3e:0e:9e:51:0e:23:fb:08:f6:56:26:6c:c3:
15:ad:57:af:d1:68:d2:61:8d:08:dc:c0:e3:42:31:
f8:2f:a5:94:af:3a:40:57:0c:7e:15:b1:f9:7c:93:
ea:1e:7e:6f:82:4a:2e:28:06:8c:8c:29:5d:c1:77:
a1:64:c5:8a:fe:b2:ce:cd:a3:08:40:c9:10:ee:99:
80:0b:ed:e8:5e:21:e5:a7:03:12:c3:49:78:6d:ef:
24:e9:9b:14:36:29:14:fb:10:28:96:48:4f:21:df:
06:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1B:4A:4A:93:33:9B:63:B2:7E:BF:9E:8E:28:0F:E4:EE:10:B7:47
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/ShtKSpMzm2Oyfr-ejigP5O4Qt0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.101.0/24
Signature Algorithm: sha256WithRSAEncryption
71:6b:28:13:cb:49:76:64:d2:17:d4:bc:ab:17:4c:36:2d:fb:
9f:d7:b1:01:42:12:a5:23:fb:12:8f:f2:d5:5e:ca:b4:30:fe:
3e:b2:e6:1a:ec:69:48:f1:c7:89:00:5b:ad:b5:de:f5:78:49:
b6:3e:5c:85:40:43:18:7f:7e:cc:88:3f:1d:0e:6e:de:57:4f:
43:8a:f2:5f:4c:d0:25:b6:47:cf:58:e5:09:d3:55:e4:70:5c:
26:fe:5a:f2:82:72:38:41:c7:78:37:55:2c:5f:f5:ad:5a:ec:
00:24:63:a4:e6:f8:f4:7a:fc:09:d2:4a:1d:3f:7e:ae:a3:f1:
6a:e1:ed:cc:96:ec:d5:72:a5:d3:62:f9:17:9d:00:64:c6:60:
c0:db:ff:7b:59:99:26:0b:9d:36:30:7e:21:c5:29:07:55:ed:
45:38:ad:86:43:0d:fe:f2:b3:14:77:3c:41:1f:dd:d7:19:44:
c9:65:6e:5c:d7:98:8e:65:3f:18:b1:ad:90:c2:91:c2:a9:c3:
d9:63:61:d6:22:0d:de:72:80:fc:fd:da:98:84:0e:53:08:c2:
ae:5e:ff:76:e5:43:19:e6:40:3b:a0:62:36:8b:23:1f:ce:7b:
14:a2:2c:c7:ce:33:fe:69:57:7c:80:8d:bb:57:a8:24:5b:4a:
df:31:04:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvGqUiiQnSqibJhFP/NMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTAyMTAzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFiNGE0YTkzMzM5YjYzYjI3ZWJmOWU4ZTI4MGZlNGVlMTBiNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKqcKvfk9cczqophiilAAvgfR/JZ
LJf+3XSExsQmqYl03qVPv4KzdIPCBPJn7D0+M49FViwq2mlcfn+rQJlX7vhrQZrT
1Ivj51VUyiJ1i/CbpdWUv/1Ss0JIOefkPHLFZLGbNLe9SnEUSbmwa1XxeshJrV+Z
9s+8y5yW8S9NlXTCmVUVpuN3quCUqDl/UH7mUTHBQiEnJD4OnlEOI/sI9lYmbMMV
rVev0WjSYY0I3MDjQjH4L6WUrzpAVwx+FbH5fJPqHn5vgkouKAaMjCldwXehZMWK
/rLOzaMIQMkQ7pmAC+3oXiHlpwMSw0l4be8k6ZsUNikU+xAolkhPId8GkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEobSkqTM5tjsn6/no4oD+TuELdHMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvU2h0S1NwTXptMk95ZnItZWppZ1A1TzRRdDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRlMA0G
CSqGSIb3DQEBCwUAA4IBAQBxaygTy0l2ZNIX1LyrF0w2Lfuf17EBQhKlI/sSj/LV
Xsq0MP4+suYa7GlI8ceJAFuttd71eEm2PlyFQEMYf37MiD8dDm7eV09DivJfTNAl
tkfPWOUJ01XkcFwm/lrygnI4Qcd4N1UsX/WtWuwAJGOk5vj0evwJ0kodP36uo/Fq
4e3MluzVcqXTYvkXnQBkxmDA2/97WZkmC502MH4hxSkHVe1FOK2GQw3+8rMUdzxB
H93XGUTJZW5c15iOZT8Ysa2QwpHCqcPZY2HWIg3ecoD8/dqYhA5TCMKuXv925UMZ
5kA7oGI2iyMfznsUoizHzjP+aVd8gI27V6gkW0rfMQQR
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:01 2025 by rpki-client