Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/bO-phVZ1q_bTp_NJgdNMbuwUVo8.roa
File: bO-phVZ1q_bTp_NJgdNMbuwUVo8.roa (raw, json)
Hash identifier: a8/9V2MAkU00Kkjy1Sys4QC2vQwiXsEHf/+XJmGoY0E=
Subject key identifier: 6C:EF:A9:85:56:75:AB:F6:D3:A7:F3:49:81:D3:4C:6E:EC:14:56:8F
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018CC9BC6C8A37DADE3FB9A1454A0FBE03EA
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/bO-phVZ1q_bTp_NJgdNMbuwUVo8.roa
Signing time: Tue 02 Jan 2024 10:33:38 +0000
ROA not before: Tue 02 Jan 2024 10:33:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147293
IP address blocks: 46.20.109.0/24 maxlen: 24
46.20.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 12:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:6c:8a:37:da:de:3f:b9:a1:45:4a:0f:be:03:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 2 10:33:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cefa9855675abf6d3a7f34981d34c6eec14568f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2e:1d:58:86:99:c6:28:60:89:0d:f2:04:25:
a5:ab:44:06:6a:0e:f8:95:a4:86:46:ba:e1:49:1b:
00:2a:58:dc:fa:94:6c:91:d1:1a:d9:4b:a3:92:06:
2c:f4:8c:b8:40:88:d5:2d:7e:8c:7b:93:8f:51:3b:
4c:2d:35:dc:1f:41:c5:48:c0:9c:fb:49:16:33:a3:
25:7e:ba:95:23:8b:34:97:bb:94:ea:d1:82:af:8a:
d9:2c:ed:0c:2a:9b:e5:5c:11:b2:19:34:54:7a:c5:
56:72:cd:f4:ab:e7:32:99:fc:dc:f3:e0:bc:cb:b1:
06:e7:69:c1:b5:37:fe:67:9b:25:62:f9:b4:33:04:
aa:83:06:04:17:c0:70:71:6f:db:3b:1c:10:58:f7:
e4:5a:79:ec:46:d7:da:5a:37:01:1d:a1:77:26:6a:
46:e1:2f:9a:ac:45:6e:9a:50:99:58:e0:23:85:db:
f5:40:dd:8c:a3:fe:2c:68:79:c1:65:ca:c8:1e:b5:
1a:24:db:ab:44:71:b6:50:02:a7:cd:e9:28:33:8f:
27:26:40:90:ca:af:2b:f4:89:0a:b9:7f:b6:b6:b7:
b9:ad:84:b8:29:67:0d:50:30:1d:66:f2:f4:4a:72:
f5:ec:3f:1f:55:84:e9:06:f8:d1:97:16:da:3f:c2:
db:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:EF:A9:85:56:75:AB:F6:D3:A7:F3:49:81:D3:4C:6E:EC:14:56:8F
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/bO-phVZ1q_bTp_NJgdNMbuwUVo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.99.0/24
46.20.109.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:34:d0:12:91:1d:65:0f:ea:cf:95:90:ed:c7:2f:48:a8:d9:
9f:7d:27:a7:8e:8a:c8:a2:4b:84:82:94:8d:54:35:28:61:b7:
19:46:18:3b:48:c3:58:78:35:fe:26:b5:82:54:46:e3:1d:9f:
fe:21:2b:1e:df:04:0b:ad:dd:4a:44:90:af:d6:53:7f:35:3a:
19:ae:48:57:5a:5d:86:f6:28:c2:69:51:a6:8a:3a:ab:6c:3f:
b9:05:e1:45:0f:53:3c:d2:16:0e:75:b0:c5:2f:90:08:7b:3e:
62:d5:41:b0:66:93:d3:e2:08:16:2d:76:63:03:c8:1b:c6:98:
d8:2d:c0:80:6e:9b:b7:ec:16:af:3e:65:d0:93:84:49:c6:29:
a2:e9:f2:53:39:b0:9e:66:b1:82:cc:1c:2e:f5:7c:80:a3:44:
66:06:32:a2:69:c0:c8:f0:11:15:15:a4:9d:07:3e:8a:f4:a2:
09:c0:5a:c3:7a:1b:7f:1e:64:1f:db:3e:92:71:f9:13:6c:b7:
ad:3e:86:9b:c4:e2:19:c3:42:ad:b1:a9:5b:35:a4:61:38:96:
21:a3:95:95:0e:ac:13:9c:99:51:c1:34:60:ac:0e:63:9b:70:
74:9a:61:ee:55:a5:08:70:20:87:0a:a4:97:48:eb:ea:53:cf:
9f:0a:d8:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvGyKN9reP7mhRUoPvgPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTAyMTAzMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2VmYTk4NTU2NzVhYmY2ZDNhN2YzNDk4MWQzNGM2ZWVjMTQ1NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli4dWIaZxihgiQ3yBCWlq0QGag74
laSGRrrhSRsAKljc+pRskdEa2UujkgYs9Iy4QIjVLX6Me5OPUTtMLTXcH0HFSMCc
+0kWM6MlfrqVI4s0l7uU6tGCr4rZLO0MKpvlXBGyGTRUesVWcs30q+cymfzc8+C8
y7EG52nBtTf+Z5slYvm0MwSqgwYEF8BwcW/bOxwQWPfkWnnsRtfaWjcBHaF3JmpG
4S+arEVumlCZWOAjhdv1QN2Mo/4saHnBZcrIHrUaJNurRHG2UAKnzekoM48nJkCQ
yq8r9IkKuX+2tre5rYS4KWcNUDAdZvL0SnL17D8fVYTpBvjRlxbaP8LbXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGzvqYVWdav206fzSYHTTG7sFFaPMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvYk8tcGhWWjFxX2JUcF9OSmdkTk1idXdVVm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALhRjAwQA
LhRtMA0GCSqGSIb3DQEBCwUAA4IBAQAaNNASkR1lD+rPlZDtxy9IqNmffSenjorI
okuEgpSNVDUoYbcZRhg7SMNYeDX+JrWCVEbjHZ/+ISse3wQLrd1KRJCv1lN/NToZ
rkhXWl2G9ijCaVGmijqrbD+5BeFFD1M80hYOdbDFL5AIez5i1UGwZpPT4ggWLXZj
A8gbxpjYLcCAbpu37BavPmXQk4RJximi6fJTObCeZrGCzBwu9XyAo0RmBjKiacDI
8BEVFaSdBz6K9KIJwFrDeht/HmQf2z6ScfkTbLetPoabxOIZw0KtsalbNaRhOJYh
o5WVDqwTnJlRwTRgrA5jm3B0mmHuVaUIcCCHCqSXSOvqU8+fCtig
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:23:38 2025 by rpki-client