Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/npLs3aS9TQwmbcH-dARtG3wMcQU.roa
File: npLs3aS9TQwmbcH-dARtG3wMcQU.roa (raw, json)
Hash identifier: eg8SQm6iZ4TXvIS9IDLNE+Qbk61l+Kq4OCExBoxHkRs=
Subject key identifier: 9E:92:EC:DD:A4:BD:4D:0C:26:6D:C1:FE:74:04:6D:1B:7C:0C:71:05
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018CC9BC6C3D997225B2EBD35DAFBA63844B
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/npLs3aS9TQwmbcH-dARtG3wMcQU.roa
Signing time: Tue 02 Jan 2024 10:33:38 +0000
ROA not before: Tue 02 Jan 2024 10:33:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 46.20.111.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Apr 2024 07:28:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:6c:3d:99:72:25:b2:eb:d3:5d:af:ba:63:84:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 2 10:33:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e92ecdda4bd4d0c266dc1fe74046d1b7c0c7105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:28:74:e9:94:80:63:91:81:37:a5:8e:bf:14:
39:1d:1b:88:2b:69:61:1e:96:1c:78:4a:70:99:a5:
60:57:3b:e5:e0:12:4c:96:e5:c4:0b:62:50:fc:f6:
3f:d7:3d:ec:a4:39:2a:22:35:36:30:f2:cf:32:63:
a9:34:f2:a4:45:20:2b:66:3d:19:36:84:b5:7e:f0:
23:98:85:64:52:05:7c:b2:3e:91:92:72:d4:55:fc:
03:f6:68:ad:b4:30:54:bf:2d:27:fa:ce:0e:30:f6:
87:50:22:b9:0a:21:06:94:31:9f:4e:82:42:ce:15:
75:f7:f6:a7:3d:39:10:54:91:6e:cb:60:f8:1a:5a:
71:31:4b:9e:f2:ac:c3:a0:d2:2b:5b:b0:08:0f:ca:
6a:58:fc:2e:1d:2a:e1:45:3f:30:31:b2:d3:e9:cd:
31:93:24:61:de:e9:3e:00:e0:d2:45:4d:62:99:49:
4a:74:5a:82:ef:7c:30:b6:ce:0b:84:04:13:9e:d2:
f1:a0:cd:3b:c6:14:48:a0:fa:1f:f2:a8:13:f2:c0:
4f:0e:66:e3:be:5b:7e:46:d0:f3:a4:89:1e:67:eb:
69:21:eb:80:14:c3:21:a8:68:05:cd:d6:e6:6c:94:
0e:20:ab:3f:d3:a6:dc:84:cc:02:1c:14:b4:30:f9:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:92:EC:DD:A4:BD:4D:0C:26:6D:C1:FE:74:04:6D:1B:7C:0C:71:05
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/npLs3aS9TQwmbcH-dARtG3wMcQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.105.0/24
46.20.111.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:15:09:1c:01:b0:b7:50:70:51:5d:29:b1:80:59:c3:66:2a:
70:87:77:7f:86:ab:44:f9:1a:b1:7c:11:b3:c4:02:22:37:31:
a6:55:26:36:6e:1d:87:a2:5a:f5:8e:c4:bb:8b:82:70:68:47:
58:6e:37:7a:b5:79:e8:72:51:3f:88:0d:7b:6e:4f:76:3c:10:
e3:2a:90:10:cb:b7:97:ae:89:62:49:64:cb:41:8c:53:a0:d0:
12:4f:19:f4:4c:70:11:9e:f2:e6:c1:9a:d8:aa:20:22:8e:b2:
da:17:ff:92:fb:b3:83:64:f9:1c:c8:10:36:db:45:dd:2d:34:
67:53:8c:f5:3c:25:e6:9e:6f:a8:36:58:6d:fc:f1:a4:d5:6d:
9c:41:bf:62:3c:bb:02:fa:32:df:f0:d4:66:dd:7a:6b:a2:3a:
53:ee:e9:c5:23:cf:1d:48:15:8a:dc:1d:d3:13:3a:59:72:d5:
f8:29:54:93:9e:b0:86:8f:48:b7:51:6f:f3:1c:dc:31:b5:e0:
67:de:ae:8a:89:9a:ad:c0:3d:40:24:f4:f0:11:8c:08:87:e4:
49:2e:45:0c:78:d0:15:2e:42:04:76:17:bb:d0:8e:23:4b:18:
97:7e:06:31:34:02:8a:ce:75:0c:5a:45:68:e3:00:1f:4c:bd:
12:86:92:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvGw9mXIlsuvTXa+6Y4RLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTAyMTAzMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTkyZWNkZGE0YmQ0ZDBjMjY2ZGMxZmU3NDA0NmQxYjdjMGM3MTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyh06ZSAY5GBN6WOvxQ5HRuIK2lh
HpYceEpwmaVgVzvl4BJMluXEC2JQ/PY/1z3spDkqIjU2MPLPMmOpNPKkRSArZj0Z
NoS1fvAjmIVkUgV8sj6RknLUVfwD9mittDBUvy0n+s4OMPaHUCK5CiEGlDGfToJC
zhV19/anPTkQVJFuy2D4GlpxMUue8qzDoNIrW7AID8pqWPwuHSrhRT8wMbLT6c0x
kyRh3uk+AODSRU1imUlKdFqC73wwts4LhAQTntLxoM07xhRIoPof8qgT8sBPDmbj
vlt+RtDzpIkeZ+tpIeuAFMMhqGgFzdbmbJQOIKs/06bchMwCHBS0MPlR+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ6S7N2kvU0MJm3B/nQEbRt8DHEFMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvbnBMczNhUzlUUXdtYmNILWRBUnRHM3dNY1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALhRhAwQA
LhRpAwQALhRvMA0GCSqGSIb3DQEBCwUAA4IBAQBbFQkcAbC3UHBRXSmxgFnDZipw
h3d/hqtE+RqxfBGzxAIiNzGmVSY2bh2Holr1jsS7i4JwaEdYbjd6tXnoclE/iA17
bk92PBDjKpAQy7eXroliSWTLQYxToNASTxn0THARnvLmwZrYqiAijrLaF/+S+7OD
ZPkcyBA220XdLTRnU4z1PCXmnm+oNlht/PGk1W2cQb9iPLsC+jLf8NRm3XprojpT
7unFI88dSBWK3B3TEzpZctX4KVSTnrCGj0i3UW/zHNwxteBn3q6KiZqtwD1AJPTw
EYwIh+RJLkUMeNAVLkIEdhe70I4jSxiXfgYxNAKKznUMWkVo4wAfTL0ShpI2
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:52 2025 by rpki-client