Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Xy68efYT43YYyTG5n_ivqvrGZTg.roa
File: Xy68efYT43YYyTG5n_ivqvrGZTg.roa (raw, json)
Hash identifier: Feqyk8g0EJPf9oZVmbGuss7ki+zO20zwdPj2Q1yNkuI=
Subject key identifier: 5F:2E:BC:79:F6:13:E3:76:18:C9:31:B9:9F:F8:AF:AA:FA:C6:65:38
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018F8E1494DB3D6E325FE20F0A2E6C2A227A
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Xy68efYT43YYyTG5n_ivqvrGZTg.roa
Signing time: Sat 18 May 2024 23:41:04 +0000
ROA not before: Sat 18 May 2024 23:41:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51847
IP address blocks: 46.20.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8e:14:94:db:3d:6e:32:5f:e2:0f:0a:2e:6c:2a:22:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: May 18 23:41:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f2ebc79f613e37618c931b99ff8afaafac66538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9f:9b:db:1e:d0:a0:f9:78:41:01:18:51:bf:
29:4d:07:8e:97:eb:a4:e2:a7:4e:8d:65:ea:d2:d9:
12:c4:28:19:60:77:0a:f1:9b:d5:9f:3d:a6:47:84:
33:33:db:8c:67:b0:7c:44:ca:e7:8b:34:3d:08:70:
45:f3:c3:02:5c:18:7f:5b:02:c4:3d:ea:a8:d8:62:
5c:6c:38:2f:df:bd:a5:a6:93:79:ab:48:e2:6b:6c:
32:46:8c:46:b8:77:a9:8a:7e:d0:ad:b9:b9:bd:81:
d7:3e:c2:de:97:90:8e:e6:b4:04:ba:81:1c:67:f9:
e5:97:aa:00:df:1f:c6:d2:c6:57:37:db:c7:bf:b6:
7e:8c:52:3d:55:00:ed:63:d7:f4:1d:81:7e:26:5a:
f3:7c:50:67:ad:b6:a4:43:ae:52:6a:03:af:09:2f:
79:d4:62:73:ef:e7:fd:37:1c:ca:a0:3f:bd:9f:bf:
99:ae:44:65:ce:47:79:3d:b3:14:61:54:1c:cb:04:
53:61:ba:d2:2a:34:ec:84:87:13:bd:22:4d:b3:5b:
98:f8:d5:66:eb:7a:a3:58:ef:81:6d:2b:fe:e1:69:
57:8c:f5:f4:eb:4a:0a:e6:11:c1:00:92:94:b1:c6:
2f:73:5e:30:92:be:88:b9:39:1a:97:4b:dc:04:11:
df:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2E:BC:79:F6:13:E3:76:18:C9:31:B9:9F:F8:AF:AA:FA:C6:65:38
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Xy68efYT43YYyTG5n_ivqvrGZTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.109.0/24
Signature Algorithm: sha256WithRSAEncryption
43:76:e9:8f:7b:40:fd:5e:4a:d6:3d:3f:2c:38:28:d5:01:d6:
40:ee:69:f4:a2:f2:cf:6e:c9:11:48:6c:78:27:e9:14:04:38:
27:de:46:39:af:18:5a:82:df:fd:54:b8:65:80:6f:d2:30:d6:
5c:d9:1f:f1:74:d4:7c:bb:c0:fa:a8:da:93:56:a8:45:26:76:
c3:93:85:87:c0:b1:4d:63:6e:47:5a:55:96:bd:3b:f5:6c:cc:
3d:59:59:ef:10:aa:65:89:5b:37:32:b5:ed:1c:9b:a0:a4:80:
a7:9d:bc:8d:be:bb:f5:86:5e:ef:f1:0a:87:19:79:57:46:15:
36:2b:6e:dd:54:4d:96:1b:7c:12:b1:dc:c5:45:a9:04:5b:e7:
d7:98:1f:29:d1:5c:94:ee:e2:ad:76:c3:2d:7d:56:2c:9a:43:
5f:f5:b1:75:63:57:ef:65:78:55:7a:0f:c5:f5:74:64:05:a4:
7c:a0:e7:b5:a7:af:60:6b:55:32:eb:d1:d6:58:0c:fe:f8:a9:
c3:12:39:77:b5:16:f6:fc:1a:39:2c:34:f2:25:8f:60:c4:64:
4e:f6:9f:02:fc:8d:33:41:d7:4d:76:69:d0:d0:e0:df:57:20:
f0:d9:29:5c:51:2d:c0:47:89:6f:e1:6a:83:54:2c:d1:76:e8:
08:c1:cf:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+OFJTbPW4yX+IPCi5sKiJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwNTE4MjM0MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjJlYmM3OWY2MTNlMzc2MThjOTMxYjk5ZmY4YWZhYWZhYzY2NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4J+b2x7QoPl4QQEYUb8pTQeOl+uk
4qdOjWXq0tkSxCgZYHcK8ZvVnz2mR4QzM9uMZ7B8RMrnizQ9CHBF88MCXBh/WwLE
Peqo2GJcbDgv372lppN5q0jia2wyRoxGuHepin7Qrbm5vYHXPsLel5CO5rQEuoEc
Z/nll6oA3x/G0sZXN9vHv7Z+jFI9VQDtY9f0HYF+JlrzfFBnrbakQ65SagOvCS95
1GJz7+f9NxzKoD+9n7+ZrkRlzkd5PbMUYVQcywRTYbrSKjTshIcTvSJNs1uY+NVm
63qjWO+BbSv+4WlXjPX060oK5hHBAJKUscYvc14wkr6IuTkal0vcBBHf3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8uvHn2E+N2GMkxuZ/4r6r6xmU4MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvWHk2OGVmWVQ0M1lZeVRHNW5faXZxdnJHWlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRtMA0G
CSqGSIb3DQEBCwUAA4IBAQBDdumPe0D9XkrWPT8sOCjVAdZA7mn0ovLPbskRSGx4
J+kUBDgn3kY5rxhagt/9VLhlgG/SMNZc2R/xdNR8u8D6qNqTVqhFJnbDk4WHwLFN
Y25HWlWWvTv1bMw9WVnvEKpliVs3MrXtHJugpICnnbyNvrv1hl7v8QqHGXlXRhU2
K27dVE2WG3wSsdzFRakEW+fXmB8p0VyU7uKtdsMtfVYsmkNf9bF1Y1fvZXhVeg/F
9XRkBaR8oOe1p69ga1Uy69HWWAz++KnDEjl3tRb2/Bo5LDTyJY9gxGRO9p8C/I0z
QddNdmnQ0ODfVyDw2SlcUS3AR4lv4WqDVCzRdugIwc9F
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:07 2025 by rpki-client