Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Try5h53XtQq2aXYrQIiiSSOkf9w.roa
File: Try5h53XtQq2aXYrQIiiSSOkf9w.roa (raw, json)
Hash identifier: pOYXGbQYiGvZvmaZHyuqjzQlZFLIr3thkt7YKczSuZQ=
Subject key identifier: 4E:BC:B9:87:9D:D7:B5:0A:B6:69:76:2B:40:88:A2:49:23:A4:7F:DC
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018D40BA5DA279CBB5F0FF9BE6ABD7F64B84
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Try5h53XtQq2aXYrQIiiSSOkf9w.roa
Signing time: Thu 25 Jan 2024 13:06:11 +0000
ROA not before: Thu 25 Jan 2024 13:06:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147287
IP address blocks: 46.20.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 19:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:ba:5d:a2:79:cb:b5:f0:ff:9b:e6:ab:d7:f6:4b:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 25 13:06:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ebcb9879dd7b50ab669762b4088a24923a47fdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f0:be:5e:11:1d:a7:e8:da:2e:e6:f0:78:8b:
28:73:8b:07:03:60:6d:0f:4b:d1:75:47:fa:fd:fb:
c0:81:03:18:0a:6d:0d:56:52:a8:e9:17:39:20:1d:
37:77:e9:c1:26:94:57:67:21:0b:af:0c:44:16:4d:
13:7b:ae:6f:7c:26:c5:ff:ac:8b:b4:32:f7:27:64:
8b:de:d6:1b:14:61:fe:51:91:50:d2:52:59:fa:d5:
ab:8a:66:5b:7d:be:56:7c:e0:99:b6:46:8f:c0:39:
18:b2:a2:10:f1:98:c3:0d:2d:80:79:d7:c7:14:46:
32:73:c8:8b:59:02:d9:36:5b:09:c4:c2:67:58:ee:
20:5a:48:0e:8b:86:37:7d:a9:8a:e9:f7:75:df:46:
65:d5:c7:b1:13:e9:2d:a1:4e:ac:6c:5b:f5:40:28:
c6:62:38:c1:3b:17:74:d4:ca:7b:12:ea:40:06:53:
df:ed:4b:d8:e7:6f:3d:3b:bc:22:5d:32:eb:f9:fb:
a3:bf:d2:84:27:b4:16:8b:26:41:80:a5:c9:95:5a:
87:cd:7a:92:87:6e:99:de:79:09:b2:10:5d:33:b2:
e0:30:bc:01:fa:7a:76:1c:60:6a:a2:30:7c:7b:7c:
2b:d6:66:66:bf:18:2b:20:69:e3:62:0b:32:e4:6a:
c9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:BC:B9:87:9D:D7:B5:0A:B6:69:76:2B:40:88:A2:49:23:A4:7F:DC
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Try5h53XtQq2aXYrQIiiSSOkf9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.106.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:58:47:58:2d:3d:5d:f1:96:0a:41:a9:7f:14:b6:06:16:18:
7d:20:91:7c:d6:44:73:8c:0f:65:d1:d4:84:98:a9:47:db:88:
b4:04:40:e2:a4:c8:3d:cb:21:95:38:eb:ea:b4:1e:f3:6d:37:
aa:0d:a8:73:d9:53:66:fe:84:fc:13:20:0e:e6:da:25:6f:08:
8a:b1:18:53:09:cb:55:c5:23:92:1a:e9:94:10:56:b3:02:b7:
45:54:9a:be:60:93:44:e6:fc:5c:5d:21:50:87:45:a1:00:be:
1b:fd:71:e8:f3:94:9a:eb:f7:53:c8:4e:63:40:69:64:ad:69:
60:3d:dc:f9:65:b0:d4:78:63:d1:cc:ca:f6:83:b7:46:80:a0:
8b:7e:13:75:d2:38:69:c7:b3:d2:2a:df:c6:75:35:2a:12:83:
a3:6d:09:86:96:40:3c:03:5e:c0:68:64:75:58:0d:a4:f3:29:
44:1a:2d:6d:33:95:0c:07:72:04:4f:9d:46:d0:79:5b:5c:27:
71:18:a6:76:e8:48:e5:f1:7c:e9:90:1a:eb:c4:fa:18:90:d8:
57:42:b9:06:34:0d:db:a8:85:92:c1:f1:b7:59:eb:b3:5b:c1:
d4:fb:49:b5:7b:7d:9c:8c:d8:a1:1d:17:80:29:c7:9d:99:b5:
a0:b6:0f:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1Aul2iecu18P+b5qvX9kuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTI1MTMwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWJjYjk4NzlkZDdiNTBhYjY2OTc2MmI0MDg4YTI0OTIzYTQ3ZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovC+XhEdp+jaLubweIsoc4sHA2Bt
D0vRdUf6/fvAgQMYCm0NVlKo6Rc5IB03d+nBJpRXZyELrwxEFk0Te65vfCbF/6yL
tDL3J2SL3tYbFGH+UZFQ0lJZ+tWrimZbfb5WfOCZtkaPwDkYsqIQ8ZjDDS2AedfH
FEYyc8iLWQLZNlsJxMJnWO4gWkgOi4Y3famK6fd130Zl1cexE+ktoU6sbFv1QCjG
YjjBOxd01Mp7EupABlPf7UvY5289O7wiXTLr+fujv9KEJ7QWiyZBgKXJlVqHzXqS
h26Z3nkJshBdM7LgMLwB+np2HGBqojB8e3wr1mZmvxgrIGnjYgsy5GrJCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE68uYed17UKtml2K0CIokkjpH/cMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvVHJ5NWg1M1h0UXEyYVhZclFJaWlTU09rZjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRqMA0G
CSqGSIb3DQEBCwUAA4IBAQBsWEdYLT1d8ZYKQal/FLYGFhh9IJF81kRzjA9l0dSE
mKlH24i0BEDipMg9yyGVOOvqtB7zbTeqDahz2VNm/oT8EyAO5tolbwiKsRhTCctV
xSOSGumUEFazArdFVJq+YJNE5vxcXSFQh0WhAL4b/XHo85Sa6/dTyE5jQGlkrWlg
Pdz5ZbDUeGPRzMr2g7dGgKCLfhN10jhpx7PSKt/GdTUqEoOjbQmGlkA8A17AaGR1
WA2k8ylEGi1tM5UMB3IET51G0HlbXCdxGKZ26Ejl8XzpkBrrxPoYkNhXQrkGNA3b
qIWSwfG3WeuzW8HU+0m1e32cjNihHReAKcedmbWgtg9O
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:51 2025 by rpki-client