Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/dCptx7wFdpIpyIocvJi721iPXBI.roa
File: dCptx7wFdpIpyIocvJi721iPXBI.roa (raw, json)
Hash identifier: cD+0ZPT0MucsPlj5JoixyZ21oi5bV1sr/qoXU4tzXWI=
Subject key identifier: 74:2A:6D:C7:BC:05:76:92:29:C8:8A:1C:BC:98:BB:DB:58:8F:5C:12
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0193E84E85A85E3B093F70F20B06FEEE59BC
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/dCptx7wFdpIpyIocvJi721iPXBI.roa
Signing time: Sat 21 Dec 2024 08:21:20 +0000
ROA not before: Sat 21 Dec 2024 08:21:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 46.20.105.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e8:4e:85:a8:5e:3b:09:3f:70:f2:0b:06:fe:ee:59:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 21 08:21:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=742a6dc7bc05769229c88a1cbc98bbdb588f5c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:01:1a:d6:46:ba:44:b9:e5:1c:b5:25:bf:66:
96:bb:4b:7d:2f:e9:83:d1:e9:3b:00:3e:4f:44:de:
dc:be:db:39:15:02:fd:dd:31:ec:ec:5b:2f:a0:70:
ea:89:88:87:e4:69:b2:de:d0:d6:e0:eb:cf:ef:64:
36:ba:c5:ed:c2:95:06:91:12:77:20:85:c7:19:96:
09:a2:5a:9b:38:04:74:2d:a6:0b:54:d1:d3:48:48:
61:a2:92:cd:11:88:5c:8a:32:e5:13:24:d3:aa:5b:
37:bb:4d:8b:ca:d0:78:b7:37:36:92:74:4f:98:ce:
ae:3b:e9:2c:49:26:dc:5b:a4:90:dc:47:5b:4d:a1:
be:aa:55:e5:b0:39:58:58:ba:4f:ed:0c:a5:fa:86:
e2:04:da:ab:84:3b:2f:5f:cb:8c:99:6b:a8:69:dc:
68:4a:2a:57:0b:86:1f:94:4d:4d:82:ef:4e:28:ff:
22:5d:dd:57:2f:45:92:b7:a2:ad:d8:e1:c6:03:f1:
9d:2d:1e:c8:a1:db:a4:c5:37:8b:f5:76:15:eb:0b:
85:9a:c1:b9:89:a6:97:93:e7:dd:fb:ee:c2:da:64:
54:14:c6:66:a6:2f:13:45:5a:1b:02:d1:a3:ce:0f:
35:b9:59:32:4d:ce:90:df:6f:ae:77:bd:01:50:49:
e1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:2A:6D:C7:BC:05:76:92:29:C8:8A:1C:BC:98:BB:DB:58:8F:5C:12
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/dCptx7wFdpIpyIocvJi721iPXBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.105.0/24
46.20.111.0/24
Signature Algorithm: sha256WithRSAEncryption
67:32:31:b0:69:f5:45:8e:f7:62:e2:ba:df:b4:18:f9:fe:58:
1e:e2:ad:b7:fd:ed:a3:1c:58:3c:15:f7:92:81:e3:4f:ee:60:
d2:fd:cd:a8:63:84:0d:db:bc:1b:86:6b:58:b0:b8:1a:9c:2d:
94:f2:3b:cd:0c:8a:38:15:69:cc:12:c2:18:be:80:b1:14:0a:
a8:0f:42:e4:21:89:76:08:86:b9:ce:c2:46:30:e6:df:20:53:
e3:92:40:43:f1:e5:50:a0:06:59:e8:6a:87:46:9b:3d:62:34:
f5:44:f5:1e:9f:e8:f8:25:78:54:bf:95:72:23:12:00:2f:b3:
cf:e7:d6:3e:cd:67:a4:8d:fc:dd:34:c0:76:95:15:2c:96:55:
b0:1a:74:ee:47:63:87:5b:a7:82:74:77:17:54:da:5f:46:2b:
93:bc:82:d2:3b:9d:03:2e:d6:75:ea:29:58:54:31:ad:a8:1e:
c2:de:e7:e4:92:79:ad:f8:2f:8f:a7:cf:90:40:47:6a:ae:23:
5e:b4:9e:f0:af:7b:83:49:bb:bb:bf:aa:97:3e:e2:c8:a9:c1:
29:1f:35:39:84:8f:e8:f4:60:29:79:d5:1d:c0:76:d3:cb:11:
e7:13:f7:5b:27:bc:1a:a9:1c:88:39:19:97:55:b1:3e:e5:07:
f3:16:7a:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPoToWoXjsJP3DyCwb+7lm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQxMjIxMDgyMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDJhNmRjN2JjMDU3NjkyMjljODhhMWNiYzk4YmJkYjU4OGY1YzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwEa1ka6RLnlHLUlv2aWu0t9L+mD
0ek7AD5PRN7cvts5FQL93THs7FsvoHDqiYiH5Gmy3tDW4OvP72Q2usXtwpUGkRJ3
IIXHGZYJolqbOAR0LaYLVNHTSEhhopLNEYhcijLlEyTTqls3u02LytB4tzc2knRP
mM6uO+ksSSbcW6SQ3EdbTaG+qlXlsDlYWLpP7Qyl+obiBNqrhDsvX8uMmWuoadxo
SipXC4YflE1Ngu9OKP8iXd1XL0WSt6Kt2OHGA/GdLR7IodukxTeL9XYV6wuFmsG5
iaaXk+fd++7C2mRUFMZmpi8TRVobAtGjzg81uVkyTc6Q32+ud70BUEnhqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHQqbce8BXaSKciKHLyYu9tYj1wSMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvZENwdHg3d0ZkcElweUlvY3ZKaTcyMWlQWEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALhRpAwQA
LhRvMA0GCSqGSIb3DQEBCwUAA4IBAQBnMjGwafVFjvdi4rrftBj5/lge4q23/e2j
HFg8FfeSgeNP7mDS/c2oY4QN27wbhmtYsLganC2U8jvNDIo4FWnMEsIYvoCxFAqo
D0LkIYl2CIa5zsJGMObfIFPjkkBD8eVQoAZZ6GqHRps9YjT1RPUen+j4JXhUv5Vy
IxIAL7PP59Y+zWekjfzdNMB2lRUsllWwGnTuR2OHW6eCdHcXVNpfRiuTvILSO50D
LtZ16ilYVDGtqB7C3ufkknmt+C+Pp8+QQEdqriNetJ7wr3uDSbu7v6qXPuLIqcEp
HzU5hI/o9GApedUdwHbTyxHnE/dbJ7waqRyIORmXVbE+5QfzFnol
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:41 2025 by rpki-client